English  |  正體中文  |  简体中文  |  Items with full text/Total items : 52047/87178 (60%)
Visitors : 8720578      Online Users : 225
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/60004

    Title: 資訊安全評估準則層級結構之研究
    Other Titles: A Study of Hierarchical Structure of Information Security Valuation Criteria
    Authors: 洪國興;季延平;趙榮耀
    Contributors: 淡江大學資訊工程學系
    Keywords: 資訊安全(Information Security);整合系統理論(Integrated System Theory);資訊安全評估(Information Security Valuation);評估準則(Valuation Criteria);層級結構(Hierarchical Structure)
    Date: 2003-10
    Issue Date: 2011-10-05 22:34:37 (UTC+8)
    Abstract: 各種調查或研究均顯示,資訊安全事故的發生比例與其所造成的財務損失均不斷上升。美國911事件、台灣納莉颱風的水災、財金公司的舞弊案等,均顯示隨著資訊科技的快速發展,資訊系統使用者的範圍不斷擴大,組織對資訊系統依賴程度的提高,資訊安全因而日愈重要。但組織資訊安全如何評估?應考慮那些評估準則?尚乏實証研究。本研究以資訊安全管理「整合系統理論」(Integrated System Theory)為基礎,經由因素分析、名目群組技術(Nominal Group Technique)的程序,匯集專家意見,建構「資訊安全評估準則層級結構」,共有9 個評估構面,37 項評估準則,可作為組織規劃資訊安全策略之參考,亦可作為繼續發展「資訊安全多準則評估模式」(Information Security Multiple Criteria Valuation Model)的基礎,實為資訊安全管理實証研究的重要里程碑。
    Most results of various investigations and studies have shown that the percentage of information security accidents occurred and the financial losses caused are increasing continuously. September 11 attacks in the U.S.A., floods of Nari typhoon and malfeasant cases of Financial Information Service Co., Ltd. in Taiwan all indicate that information security has being more important day by day as a result of fast development of information technology, increasing range of users and dependence of an organization on information system. How to evaluate information security of an organization and what valuation criteria should be considered still lack of empirical studies. On the basis of “Integrated System Theory” of information security management, the study applies factor analysis and nominal group technique and collects opinions from experts to construct “Hierarchical Structure of Information Security Valuation Criteria”, which totally includes 9 valuation dimensions and 37 valuation criteria. The result may not only be a reference for the organization to make information security policies but also the foundation to further develop “Information Security Multiple Criteria Valuation Model”. It is obviously a key milestone of empirical studies of information security management.
    Relation: 圖書館學與資訊科學 29(2),頁22-44
    Appears in Collections:[資訊工程學系暨研究所] 期刊論文

    Files in This Item:

    File SizeFormat

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback