Design criteria to classified information systems numerically

Abstract

Constant changes in the structure of the organization and the working processes have forces security staff to reclassify and re-evaluate information and information systems too often. In this paper we present one solution to make it possible to use the previous data as much as possible and recalculate the evaluation results automatically. The solution is based on piercing the processes into parts of the block diagram and then analyzing the classification of the each block. This procedure is continued from top to down until there is no remarkable processes left. After the top-down phase has been reached its end a second phase is started from bottom to top. In this phase the reliability of each block is analyzed and the results of one level is combined. This result is then passed to the upper level and this procedure may continue until the top is reached. In every level it is possible to have iterative loops if the requirements are not met. It is usually easier to add parallel processes for assurance than improve the reliability of the single component. © 2002 Kluwer Academic / Plenum Publishers, New York.