Welcome to the InfoSci Platform
Reference Hub14
A Possibility Theory Framework for Security Evaluation in National Infrastructure Protection

A Possibility Theory Framework for Security Evaluation in National Infrastructure Protection

Richard L. Baskerville, Victor Portougal
Copyright: © 2003 |Volume: 14 |Issue: 2 |Pages: 13
ISSN: 1063-8016|EISSN: 1533-8010|ISSN: 1063-8016|EISBN13: 9781615200627|EISSN: 1533-8010|DOI: 10.4018/jdm.2003040101
Cite Article Cite Article

MLA

Baskerville, Richard L., and Victor Portougal. "A Possibility Theory Framework for Security Evaluation in National Infrastructure Protection." JDM vol.14, no.2 2003: pp.1-13. http://doi.org/10.4018/jdm.2003040101

APA

Baskerville, R. L. & Portougal, V. (2003). A Possibility Theory Framework for Security Evaluation in National Infrastructure Protection. Journal of Database Management (JDM), 14(2), 1-13. http://doi.org/10.4018/jdm.2003040101

Chicago

Baskerville, Richard L., and Victor Portougal. "A Possibility Theory Framework for Security Evaluation in National Infrastructure Protection," Journal of Database Management (JDM) 14, no.2: 1-13. http://doi.org/10.4018/jdm.2003040101

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

Simple probability theory is not a good basis for security in the case of high-stakes information resources where these resources are subject to attacks upon national infrastructure or to battle space illumination. Probability theory induces us to believe that one cannot totally rule out all probabilities of an intrusion. An alternative theoretical base is possibility theory. While persistent, well-supported, and highly professional intrusion attacks will have a higher probability of success, operating instead against the possibility of intrusion places defenders in a theoretical framework more suitable for high-stakes protection. The purpose of this paper is to introduce an alternative quantitative approach to information security evaluation that is suitable for information resources that are potential targets of intensive professional attacks. This approach operates from the recognition that information resource security is only an opinion of officials responsible for security.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.