Strengthening information technology security through the failure modes and effects analysis approach View Full Text


Ontology type: schema:ScholarlyArticle     


Article Info

DATE

2018-12

AUTHORS

Arben Asllani, Alireza Lari, Nasim Lari

ABSTRACT

Proper protection of information systems is a major quality issue of organizational risk management. Risk management is a process whereby risk factors are identified and then virtually eliminated. Failure modes and effects analysis (FMEA) is a risk management methodology for identifying system’s failure modes with their effects and causes. FMEA identifies potential weaknesses in the system. This approach allows companies to correct areas identified through the process before the system fails. In this paper, we identify several critical failure factors that may jeopardize the security of information systems. In doing this, we systematically identify, analyze, and document the possible failure modes and the possible effects of each failure on the system. The proposed cybersecurity FMEA (C-FMEA) process results in a detailed description of how failures influence the system’s performance and how they can be avoided. The applicability of the proposed C-FMEA is illustrated with an example from a regional airport. More... »

PAGES

5

References to SciGraph publications

  • 2015-03. Security quality model: an extension of Dromey’s model in SOFTWARE QUALITY JOURNAL
  • 2015-12. The age of quality innovation in INTERNATIONAL JOURNAL OF QUALITY INNOVATION
  • Identifiers

    URI

    http://scigraph.springernature.com/pub.10.1186/s40887-018-0025-1

    DOI

    http://dx.doi.org/10.1186/s40887-018-0025-1

    DIMENSIONS

    https://app.dimensions.ai/details/publication/pub.1107476548


    Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
    Incoming Citations Browse incoming citations for this publication using opencitations.net

    JSON-LD is the canonical representation for SciGraph data.

    TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

    [
      {
        "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
        "about": [
          {
            "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/1502", 
            "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
            "name": "Banking, Finance and Investment", 
            "type": "DefinedTerm"
          }, 
          {
            "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/15", 
            "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
            "name": "Commerce, Management, Tourism and Services", 
            "type": "DefinedTerm"
          }
        ], 
        "author": [
          {
            "affiliation": {
              "alternateName": "University of Tennessee at Chattanooga", 
              "id": "https://www.grid.ac/institutes/grid.267303.3", 
              "name": [
                "Rollins College of Business, University of Tennessee at Chattanooga, 615 McCallie Ave., 37403, Chattanooga, TN, USA"
              ], 
              "type": "Organization"
            }, 
            "familyName": "Asllani", 
            "givenName": "Arben", 
            "id": "sg:person.015553254265.23", 
            "sameAs": [
              "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015553254265.23"
            ], 
            "type": "Person"
          }, 
          {
            "affiliation": {
              "alternateName": "Wake Forest University", 
              "id": "https://www.grid.ac/institutes/grid.241167.7", 
              "name": [
                "School of Business, Wake Forest University, P.O. Box 7285, 27109, Winston-Salem, NC, USA"
              ], 
              "type": "Organization"
            }, 
            "familyName": "Lari", 
            "givenName": "Alireza", 
            "id": "sg:person.013204571013.93", 
            "sameAs": [
              "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013204571013.93"
            ], 
            "type": "Person"
          }, 
          {
            "affiliation": {
              "alternateName": "IBM (United States)", 
              "id": "https://www.grid.ac/institutes/grid.410484.d", 
              "name": [
                "IBM, 600 14th Street NW #300, 20005, Washington, DC, USA"
              ], 
              "type": "Organization"
            }, 
            "familyName": "Lari", 
            "givenName": "Nasim", 
            "type": "Person"
          }
        ], 
        "citation": [
          {
            "id": "sg:pub.10.1007/s11219-013-9223-1", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1000564519", 
              "https://doi.org/10.1007/s11219-013-9223-1"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1016/j.ijinfomgt.2008.01.009", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1010728991"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1136/qshc.2003.007914", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1020806077"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1136/qshc.2003.007914", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1020806077"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1016/0951-8320(88)90109-3", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1020887042"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1016/0951-8320(88)90109-3", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1020887042"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1108/02656710810908106", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1031324000"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1016/s0956-7135(02)00029-4", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1034172039"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1002/spe.1039", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1034519356"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1016/j.ijinfomgt.2014.07.005", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1034566037"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1016/s1070-3241(02)28025-6", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1042256707"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1186/s40887-015-0002-x", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1044165590", 
              "https://doi.org/10.1186/s40887-015-0002-x"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1186/s40887-015-0002-x", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1044165590", 
              "https://doi.org/10.1186/s40887-015-0002-x"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1136/qshc.2003.007443", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1044791783"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1136/qshc.2003.007443", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1044791783"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1016/j.eswa.2013.10.058", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1047649287"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1109/32.345830", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1061153916"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1109/6.29336", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1061195815"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.1287/mnsc.9.3.458", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1064722599"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "https://doi.org/10.5539/ibr.v4n3p254", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1072949405"
            ], 
            "type": "CreativeWork"
          }
        ], 
        "datePublished": "2018-12", 
        "datePublishedReg": "2018-12-01", 
        "description": "Proper protection of information systems is a major quality issue of organizational risk management. Risk management is a process whereby risk factors are identified and then virtually eliminated. Failure modes and effects analysis (FMEA) is a risk management methodology for identifying system\u2019s failure modes with their effects and causes. FMEA identifies potential weaknesses in the system. This approach allows companies to correct areas identified through the process before the system fails. In this paper, we identify several critical failure factors that may jeopardize the security of information systems. In doing this, we systematically identify, analyze, and document the possible failure modes and the possible effects of each failure on the system. The proposed cybersecurity FMEA (C-FMEA) process results in a detailed description of how failures influence the system\u2019s performance and how they can be avoided. The applicability of the proposed C-FMEA is illustrated with an example from a regional airport.", 
        "genre": "research_article", 
        "id": "sg:pub.10.1186/s40887-018-0025-1", 
        "inLanguage": [
          "en"
        ], 
        "isAccessibleForFree": false, 
        "isPartOf": [
          {
            "id": "sg:journal.1136001", 
            "issn": [
              "2363-7021"
            ], 
            "name": "International Journal of Quality Innovation", 
            "type": "Periodical"
          }, 
          {
            "issueNumber": "1", 
            "type": "PublicationIssue"
          }, 
          {
            "type": "PublicationVolume", 
            "volumeNumber": "4"
          }
        ], 
        "name": "Strengthening information technology security through the failure modes and effects analysis approach", 
        "pagination": "5", 
        "productId": [
          {
            "name": "readcube_id", 
            "type": "PropertyValue", 
            "value": [
              "214ac3945deac2dd3067d225f7babe2f5ec262ed3583c25f99026106106cb35d"
            ]
          }, 
          {
            "name": "doi", 
            "type": "PropertyValue", 
            "value": [
              "10.1186/s40887-018-0025-1"
            ]
          }, 
          {
            "name": "dimensions_id", 
            "type": "PropertyValue", 
            "value": [
              "pub.1107476548"
            ]
          }
        ], 
        "sameAs": [
          "https://doi.org/10.1186/s40887-018-0025-1", 
          "https://app.dimensions.ai/details/publication/pub.1107476548"
        ], 
        "sdDataset": "articles", 
        "sdDatePublished": "2019-04-11T02:32", 
        "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
        "sdPublisher": {
          "name": "Springer Nature - SN SciGraph project", 
          "type": "Organization"
        }, 
        "sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000001_0000000264/records_8700_00000605.jsonl", 
        "type": "ScholarlyArticle", 
        "url": "https://link.springer.com/10.1186%2Fs40887-018-0025-1"
      }
    ]
     

    Download the RDF metadata as:  json-ld nt turtle xml License info

    HOW TO GET THIS DATA PROGRAMMATICALLY:

    JSON-LD is a popular format for linked data which is fully compatible with JSON.

    curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1186/s40887-018-0025-1'

    N-Triples is a line-based linked data format ideal for batch operations.

    curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1186/s40887-018-0025-1'

    Turtle is a human-readable linked data format.

    curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1186/s40887-018-0025-1'

    RDF/XML is a standard XML format for linked data.

    curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1186/s40887-018-0025-1'


     

    This table displays all metadata directly associated to this object as RDF triples.

    129 TRIPLES      21 PREDICATES      43 URIs      19 LITERALS      7 BLANK NODES

    Subject Predicate Object
    1 sg:pub.10.1186/s40887-018-0025-1 schema:about anzsrc-for:15
    2 anzsrc-for:1502
    3 schema:author Nfa10cb00602e4d12bc53a178161cdaf3
    4 schema:citation sg:pub.10.1007/s11219-013-9223-1
    5 sg:pub.10.1186/s40887-015-0002-x
    6 https://doi.org/10.1002/spe.1039
    7 https://doi.org/10.1016/0951-8320(88)90109-3
    8 https://doi.org/10.1016/j.eswa.2013.10.058
    9 https://doi.org/10.1016/j.ijinfomgt.2008.01.009
    10 https://doi.org/10.1016/j.ijinfomgt.2014.07.005
    11 https://doi.org/10.1016/s0956-7135(02)00029-4
    12 https://doi.org/10.1016/s1070-3241(02)28025-6
    13 https://doi.org/10.1108/02656710810908106
    14 https://doi.org/10.1109/32.345830
    15 https://doi.org/10.1109/6.29336
    16 https://doi.org/10.1136/qshc.2003.007443
    17 https://doi.org/10.1136/qshc.2003.007914
    18 https://doi.org/10.1287/mnsc.9.3.458
    19 https://doi.org/10.5539/ibr.v4n3p254
    20 schema:datePublished 2018-12
    21 schema:datePublishedReg 2018-12-01
    22 schema:description Proper protection of information systems is a major quality issue of organizational risk management. Risk management is a process whereby risk factors are identified and then virtually eliminated. Failure modes and effects analysis (FMEA) is a risk management methodology for identifying system’s failure modes with their effects and causes. FMEA identifies potential weaknesses in the system. This approach allows companies to correct areas identified through the process before the system fails. In this paper, we identify several critical failure factors that may jeopardize the security of information systems. In doing this, we systematically identify, analyze, and document the possible failure modes and the possible effects of each failure on the system. The proposed cybersecurity FMEA (C-FMEA) process results in a detailed description of how failures influence the system’s performance and how they can be avoided. The applicability of the proposed C-FMEA is illustrated with an example from a regional airport.
    23 schema:genre research_article
    24 schema:inLanguage en
    25 schema:isAccessibleForFree false
    26 schema:isPartOf N26871c779d314252bd674a1775243569
    27 N5390fe173bb8419ab34841b6a6e7473c
    28 sg:journal.1136001
    29 schema:name Strengthening information technology security through the failure modes and effects analysis approach
    30 schema:pagination 5
    31 schema:productId N004ed5c54c694ac98359c96b0f5f4373
    32 N2cce125d18d14bd799793bada738db19
    33 N88fddf962d0b4606a356266711556303
    34 schema:sameAs https://app.dimensions.ai/details/publication/pub.1107476548
    35 https://doi.org/10.1186/s40887-018-0025-1
    36 schema:sdDatePublished 2019-04-11T02:32
    37 schema:sdLicense https://scigraph.springernature.com/explorer/license/
    38 schema:sdPublisher N5f195847fb6c4bd9ab23b2208844eaa7
    39 schema:url https://link.springer.com/10.1186%2Fs40887-018-0025-1
    40 sgo:license sg:explorer/license/
    41 sgo:sdDataset articles
    42 rdf:type schema:ScholarlyArticle
    43 N004ed5c54c694ac98359c96b0f5f4373 schema:name readcube_id
    44 schema:value 214ac3945deac2dd3067d225f7babe2f5ec262ed3583c25f99026106106cb35d
    45 rdf:type schema:PropertyValue
    46 N26871c779d314252bd674a1775243569 schema:volumeNumber 4
    47 rdf:type schema:PublicationVolume
    48 N2cce125d18d14bd799793bada738db19 schema:name doi
    49 schema:value 10.1186/s40887-018-0025-1
    50 rdf:type schema:PropertyValue
    51 N4fa175a8e3f9421ba0b6e0590cc70fd5 rdf:first sg:person.013204571013.93
    52 rdf:rest Nfaf9d4ac07c240cbb0b81d1841bc8dc1
    53 N5390fe173bb8419ab34841b6a6e7473c schema:issueNumber 1
    54 rdf:type schema:PublicationIssue
    55 N5f195847fb6c4bd9ab23b2208844eaa7 schema:name Springer Nature - SN SciGraph project
    56 rdf:type schema:Organization
    57 N88fddf962d0b4606a356266711556303 schema:name dimensions_id
    58 schema:value pub.1107476548
    59 rdf:type schema:PropertyValue
    60 Nfa10cb00602e4d12bc53a178161cdaf3 rdf:first sg:person.015553254265.23
    61 rdf:rest N4fa175a8e3f9421ba0b6e0590cc70fd5
    62 Nfaf9d4ac07c240cbb0b81d1841bc8dc1 rdf:first Nfe72f06384064ae0be67731245255391
    63 rdf:rest rdf:nil
    64 Nfe72f06384064ae0be67731245255391 schema:affiliation https://www.grid.ac/institutes/grid.410484.d
    65 schema:familyName Lari
    66 schema:givenName Nasim
    67 rdf:type schema:Person
    68 anzsrc-for:15 schema:inDefinedTermSet anzsrc-for:
    69 schema:name Commerce, Management, Tourism and Services
    70 rdf:type schema:DefinedTerm
    71 anzsrc-for:1502 schema:inDefinedTermSet anzsrc-for:
    72 schema:name Banking, Finance and Investment
    73 rdf:type schema:DefinedTerm
    74 sg:journal.1136001 schema:issn 2363-7021
    75 schema:name International Journal of Quality Innovation
    76 rdf:type schema:Periodical
    77 sg:person.013204571013.93 schema:affiliation https://www.grid.ac/institutes/grid.241167.7
    78 schema:familyName Lari
    79 schema:givenName Alireza
    80 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013204571013.93
    81 rdf:type schema:Person
    82 sg:person.015553254265.23 schema:affiliation https://www.grid.ac/institutes/grid.267303.3
    83 schema:familyName Asllani
    84 schema:givenName Arben
    85 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015553254265.23
    86 rdf:type schema:Person
    87 sg:pub.10.1007/s11219-013-9223-1 schema:sameAs https://app.dimensions.ai/details/publication/pub.1000564519
    88 https://doi.org/10.1007/s11219-013-9223-1
    89 rdf:type schema:CreativeWork
    90 sg:pub.10.1186/s40887-015-0002-x schema:sameAs https://app.dimensions.ai/details/publication/pub.1044165590
    91 https://doi.org/10.1186/s40887-015-0002-x
    92 rdf:type schema:CreativeWork
    93 https://doi.org/10.1002/spe.1039 schema:sameAs https://app.dimensions.ai/details/publication/pub.1034519356
    94 rdf:type schema:CreativeWork
    95 https://doi.org/10.1016/0951-8320(88)90109-3 schema:sameAs https://app.dimensions.ai/details/publication/pub.1020887042
    96 rdf:type schema:CreativeWork
    97 https://doi.org/10.1016/j.eswa.2013.10.058 schema:sameAs https://app.dimensions.ai/details/publication/pub.1047649287
    98 rdf:type schema:CreativeWork
    99 https://doi.org/10.1016/j.ijinfomgt.2008.01.009 schema:sameAs https://app.dimensions.ai/details/publication/pub.1010728991
    100 rdf:type schema:CreativeWork
    101 https://doi.org/10.1016/j.ijinfomgt.2014.07.005 schema:sameAs https://app.dimensions.ai/details/publication/pub.1034566037
    102 rdf:type schema:CreativeWork
    103 https://doi.org/10.1016/s0956-7135(02)00029-4 schema:sameAs https://app.dimensions.ai/details/publication/pub.1034172039
    104 rdf:type schema:CreativeWork
    105 https://doi.org/10.1016/s1070-3241(02)28025-6 schema:sameAs https://app.dimensions.ai/details/publication/pub.1042256707
    106 rdf:type schema:CreativeWork
    107 https://doi.org/10.1108/02656710810908106 schema:sameAs https://app.dimensions.ai/details/publication/pub.1031324000
    108 rdf:type schema:CreativeWork
    109 https://doi.org/10.1109/32.345830 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061153916
    110 rdf:type schema:CreativeWork
    111 https://doi.org/10.1109/6.29336 schema:sameAs https://app.dimensions.ai/details/publication/pub.1061195815
    112 rdf:type schema:CreativeWork
    113 https://doi.org/10.1136/qshc.2003.007443 schema:sameAs https://app.dimensions.ai/details/publication/pub.1044791783
    114 rdf:type schema:CreativeWork
    115 https://doi.org/10.1136/qshc.2003.007914 schema:sameAs https://app.dimensions.ai/details/publication/pub.1020806077
    116 rdf:type schema:CreativeWork
    117 https://doi.org/10.1287/mnsc.9.3.458 schema:sameAs https://app.dimensions.ai/details/publication/pub.1064722599
    118 rdf:type schema:CreativeWork
    119 https://doi.org/10.5539/ibr.v4n3p254 schema:sameAs https://app.dimensions.ai/details/publication/pub.1072949405
    120 rdf:type schema:CreativeWork
    121 https://www.grid.ac/institutes/grid.241167.7 schema:alternateName Wake Forest University
    122 schema:name School of Business, Wake Forest University, P.O. Box 7285, 27109, Winston-Salem, NC, USA
    123 rdf:type schema:Organization
    124 https://www.grid.ac/institutes/grid.267303.3 schema:alternateName University of Tennessee at Chattanooga
    125 schema:name Rollins College of Business, University of Tennessee at Chattanooga, 615 McCallie Ave., 37403, Chattanooga, TN, USA
    126 rdf:type schema:Organization
    127 https://www.grid.ac/institutes/grid.410484.d schema:alternateName IBM (United States)
    128 schema:name IBM, 600 14th Street NW #300, 20005, Washington, DC, USA
    129 rdf:type schema:Organization
     




    Preview window. Press ESC to close (or click here)


    ...