SciELO - Scientific Electronic Library Online

 número32KE-SER: Un sistema basado en el conocimiento y la experiencia para dar soporte a arquitectos de software en aspectos de seguridad índice de autoresíndice de assuntospesquisa de artigos
Home Pagelista alfabética de periódicos  

Serviços Personalizados




Links relacionados

  • Não possue artigos similaresSimilares em SciELO


RISTI - Revista Ibérica de Sistemas e Tecnologias de Informação

versão impressa ISSN 1646-9895


DIEGUEZ, Mauricio  e  CARES, Carlos. Comparing Two Quantitative Approaches to Select Information Security Controls. RISTI [online]. 2019, n.32, pp.113-128. ISSN 1646-9895.

Provide systematic processes and tools to make a decision about security investments under a scenario of budget constraints, is of paramount importance to assure that such decisions are soundly made. We present a answer set programming (ASP) approach to solve this problem. Our proposal is then compared against a traditional linear programming (LP) operational research technique. We illustrate the modeling phase and computational performance of both solutions. The model based on ASP presents resolution times of the exponential type as the number of controls over which it must be decided increases. On the other hand, the model based on LP does not present important variations in its problem resolution times. However, the problem is easier to model in ASP. Then, this proposal has advantages for modeling and solving specific problems in which a rapid response is required and which do not require many controls.

Palavras-chave : Answer set programming; linear programming; optimization; information security controls; information security management systems.

        · resumo em Espanhol     · texto em Espanhol     · Espanhol ( pdf )


Creative Commons License Todo o conteúdo deste periódico, exceto onde está identificado, está licenciado sob uma Licença Creative Commons