淡江大學機構典藏:Item 987654321/60004
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 62797/95867 (66%)
造访人次 : 3741998      在线人数 : 537
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
  • 进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/60004


    题名: 資訊安全評估準則層級結構之研究
    其它题名: A Study of Hierarchical Structure of Information Security Valuation Criteria
    作者: 洪國興;季延平;趙榮耀
    贡献者: 淡江大學資訊工程學系
    关键词: 資訊安全(Information Security);整合系統理論(Integrated System Theory);資訊安全評估(Information Security Valuation);評估準則(Valuation Criteria);層級結構(Hierarchical Structure)
    日期: 2003-10
    上传时间: 2011-10-05 22:34:37 (UTC+8)
    摘要: 各種調查或研究均顯示,資訊安全事故的發生比例與其所造成的財務損失均不斷上升。美國911事件、台灣納莉颱風的水災、財金公司的舞弊案等,均顯示隨著資訊科技的快速發展,資訊系統使用者的範圍不斷擴大,組織對資訊系統依賴程度的提高,資訊安全因而日愈重要。但組織資訊安全如何評估?應考慮那些評估準則?尚乏實証研究。本研究以資訊安全管理「整合系統理論」(Integrated System Theory)為基礎,經由因素分析、名目群組技術(Nominal Group Technique)的程序,匯集專家意見,建構「資訊安全評估準則層級結構」,共有9 個評估構面,37 項評估準則,可作為組織規劃資訊安全策略之參考,亦可作為繼續發展「資訊安全多準則評估模式」(Information Security Multiple Criteria Valuation Model)的基礎,實為資訊安全管理實証研究的重要里程碑。
    Most results of various investigations and studies have shown that the percentage of information security accidents occurred and the financial losses caused are increasing continuously. September 11 attacks in the U.S.A., floods of Nari typhoon and malfeasant cases of Financial Information Service Co., Ltd. in Taiwan all indicate that information security has being more important day by day as a result of fast development of information technology, increasing range of users and dependence of an organization on information system. How to evaluate information security of an organization and what valuation criteria should be considered still lack of empirical studies. On the basis of “Integrated System Theory” of information security management, the study applies factor analysis and nominal group technique and collects opinions from experts to construct “Hierarchical Structure of Information Security Valuation Criteria”, which totally includes 9 valuation dimensions and 37 valuation criteria. The result may not only be a reference for the organization to make information security policies but also the foundation to further develop “Information Security Multiple Criteria Valuation Model”. It is obviously a key milestone of empirical studies of information security management.
    關聯: 圖書館學與資訊科學 29(2),頁22-44
    显示于类别:[資訊工程學系暨研究所] 期刊論文

    文件中的档案:

    档案 大小格式浏览次数
    index.html0KbHTML226检视/开启

    在機構典藏中所有的数据项都受到原著作权保护.

    TAIR相关文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回馈