| Download ( PDF | 224kB) |
Towards a Risk Management Perspective on AAIs
Schläger, Christian and Nowey, Thomas (2006) Towards a Risk Management Perspective on AAIs. In: Fischer-Hübner, Simone and Furnell, Steven and Lambrinoudakis, Costas, (eds.) Trust and Privacy in Digital Business: Session 2: Security and Risk Management. TrustBus 2006, Krakau, Polen, 04.-08.September 2006. Lecture Notes in Computer Science, 4083. Springer, Heidelberg, pp. 41-50. ISBN 978-3-540-37750-4.Date of publication of this fulltext: 05 Aug 2009 13:23
Book section
Abstract
Authentication and Authorisation Infrastructures (AAIs) support service providers on the internet to outsource security services. Motivations for their usage stem from software engineering and economics. For the latter an assessment of inherent risks is needed. In this work the authors deduct an appropriate, formalistic risk assessment method for AAIs and analyse outsource able security services ...
Authentication and Authorisation Infrastructures (AAIs) support service providers on the internet to outsource security services. Motivations for their usage stem from software engineering and economics. For the latter an assessment of inherent risks is needed. In this work the authors deduct an appropriate, formalistic risk assessment method for AAIs and analyse outsource able security services in comparison to traditional – non AAI involved – service providing. To achieve the assessment of risks various methods for risk management have been analysed and finally a suitable qualitative method has been chosen. As AAIs differ in their potential to cover security services, combinations of these services are compared. The given risk assessment method enables providers to decide on a special infrastructure for their purpose and lets users of AAIs determine if given advantages surpass the immanent risks. This work also enables service providers to estimate costs for such an infrastructure and calculate potential savings.
Alternative links to fulltext
Involved Institutions
Details
| Item type | Book section | ||||
| ISBN | 978-3-540-37750-4 | ||||
| Title of Book: | Trust and Privacy in Digital Business: Session 2: Security and Risk Management. TrustBus 2006, Krakau, Polen, 04.-08.September 2006 | ||||
|---|---|---|---|---|---|
| Publisher: | Springer | ||||
| Place of Publication: | Heidelberg | ||||
| Other Series: | Lecture Notes in Computer Science | ||||
| Volume: | 4083 | ||||
| Page Range: | pp. 41-50 | ||||
| Date | 2006 | ||||
| Institutions | Business, Economics and Information Systems > Institut für Wirtschaftsinformatik > Alumni or Retired Professors > Lehrstuhl für Wirtschaftsinformatik IV - Management der Informationssicherheit (Prof. Dr.-Ing. Hannes Federrath) Business, Economics and Information Systems > Institut für Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) Informatics and Data Science > Department Information Systems > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul) | ||||
| Identification Number |
| ||||
| Keywords | Security in general (overviews/surveys) | ||||
| Dewey Decimal Classification | 300 Social sciences > 330 Economics | ||||
| Status | Published | ||||
| Refereed | Yes, this version has been refereed | ||||
| Created at the University of Regensburg | Yes | ||||
| URN of the UB Regensburg | urn:nbn:de:bvb:355-epub-4261 | ||||
| Item ID | 426 |
Export bibliographical data
Owner only: item control page
Download Statistics
Download Statistics