**6. Conclusion**

A high level of confidence is needed in trusted information systems. There is a current void in active risk management research. Active risk management for building trusted information systems requires the following activities:


Challenges in Building Trusted Information Systems 109

Ferrari, E. & Thuraisingham, B. (2006). Guest Editorial: Special Issue on Privacy Preserving Data Management. *THE VLDB Journal*, Vol. 15, No, 4, (2006), pp. 291-292. Haimes, Y.Y. (2006). On the Définition of Vulnerabilities in Measuring Risks to

Hasan, R. ; Sion, R. & Winslett, M. (2009). Preventing History Forgery with Secure

Khanmohammadi, K. & Houmb, S.H. (2010). Business Process-based Information Security

Moreau, L. ; Groth, P. ; Miles, S. ; Vazquez-Salceda, J. ; Ibbotson, J. ; Jiang, S. ; Munroe, S. ;

Musman, S. ; Tanner, M. ; Temin, A. ; Elsaesser, E. & Loren, L. (2011). Computing the Impact

from http://www.acq.osd.mil/se/docs/SA-Guidebook-v1-Oct2008.pdf Poore, R. S. (1999). Anonymity, Privacy and Trust. *Information Systems Security*, Vol. 8, No. 3,

Rhoades, D. & Hastings, D. (2004). The Case for Evolving Systems Engineering as a Field

Tse, Y.K. & Tan, K.H. (2011). Managing Product Quality Risk in a Multi-Tier Global Supply

Waterman, S. (2006). Analysis: DNI debates privacy rule changes, *UPI Security & Terrorism*,

Industry/2006/08/21/Analysis-DNI-debates-privacy-rule-changes/UPI-

Welch, L. D. (2011). Cyberspace – The Fifth Operational Domain. *IDA Research Notes*.

from http://www.tlainc.com/articlsi11.htm.

(Fall 1999), pp. 16-20, ISSN 1065898X.

http://esd.mit.edu/symposium/pdfs/papers/rhodes.pdf

March 2004. Available from

139-158, ISSN 0020-7543.

(Summer 2011), pp. 2-7.

47741156196154/

02724332.

00010782.

ISSN 1553-3077.

Infrastructures. *Risk Analysis*, Vol. 26, No. 2, (April 2006), pp. 293-296, ISSN

Provenance. *ACM Transactions on Storage*, Vol. 5, No. 4, (December 2009), pp. 12-55,

Risk Assessment, *Proceedings of 2010 Fourth International Conference on Network and System Security*, pp. 199-206, ISBN 978-0-7695-4159-4, Melbourne, VIC, Australia. Kliem, R. (2004). Managing the Risks of Offshoring IT Development Projects, *Information Systems Management*, Vol. 21, No. 3, (Summer 2004), pp. 22-27, ISSN 10580530. Laeequddin, M. ; Sahay, B.S. & Sahay, V. (2008). Capturing the Concept of Trust Right in

Supply Chain Partner's Relationship – A Conceptual Framework, In : *Journal of Knowledge Management Practice*, Vol. 11, Special Issue 1, (January 2010), Available

Rana, O. ; Schreiber, A. ; Tan, V. & Varga, L. (2008). The Provenance of Electronic Data. *Communications of the ACM*, Vol. 51, No. 4, (April 2008), pp. 52-58, ISSN

of Cyber Attacks on Complex Missions, *Proceedings of 2011 IEEE International Systems Conference*, ISBN 978-1-4244-9493-4, Montreal, QC, Canada, April 2011. National Defense Industrial Association (NDIA) System Assurance Committee. (2008).

*Engineering for System Assurance*, (Version 1.0), October 2008, Available

within Engineering Systems. *MIT Engineering Systems Symposium*, Cambridge, MA

Chain, *International Journal of Production Research*, Vol. 49, No. 1, (January 2011), pp.

21 August 2006, Available from http://www.upi.com/Business\_News/Security-

to maintain that security throughout the interactions among machinery components of the human-machine information system.

A research agenda in active risk management should include the following areas:


These areas of research are motivated by the effects of globalization and the tempo and pace of ICT advancement and application to complex information systems. The pervasive dependence and increasing strength of dependence requires correct systems behavior. An engineering systems approach to the problem and issues provides the holistic view to bring all the pieces together to understand the interactions and any emergent behavior of the information system as a whole.

## **7. References**


Evolving the insider threat paradigm where the machine is the insider (both products

Assuring information integrity and confidentiality throughout the life-cycle from idea

 Enhancing testing and evaluation techniques for vulnerability detection of supply chain exploitation opportunities in the products and in the processes that produce and

 Furthering systems security engineering to provide an understanding of the tools and techniques that discover and lead to effective and affordable countermeasures and

 Developing the knowledge, inventing the technologies, and producing the innovations that recognize the differences between privacy and security while enabling the individual and organization to manage the risks of highly variable thresholds of trust and integrity of information employed and applied in human-machine information

These areas of research are motivated by the effects of globalization and the tempo and pace of ICT advancement and application to complex information systems. The pervasive dependence and increasing strength of dependence requires correct systems behavior. An engineering systems approach to the problem and issues provides the holistic view to bring all the pieces together to understand the interactions and any emergent behavior of the

Bolgar, C. (2010). Boosting Protection : Strategies for Reducing Risk and Staying Ahead of

Chan, S. & Larsen, G.N. (2010). A Framework for Supplier-Supply Chain Risk Management :

Chuvakin, A. (2003). Methods to Thwart Insider Attacks : Products, Techniques, and

Clem, J. F. ; Robbins, K. D. ; Parks, R. C. ; Mateski, M. E. & Page, K. J. (2007). *Red Teaming* 

Federal Enterprise Architecture Program Management Office (2006). The Federal Enterprise

Architecture Security and Privacy Profile, Version 2.0, 1 June 2006.

1-4244-6047-2, Waltham, MA, November 2010.

*Quick Reference Sheet*. (25 April 2007).

Your Competitor, In : *The Wall Street Journal Supply Chain Risk Insights*, 17.10.2011, Available from http://www.supplychainriskinsights.com/archive/scri-protection

Tradespace Factors to Achieve Risk Reduction – Return on Investment, *Proceedings of 2010 IEEE International Conference on Technologies for Homeland Security*, ISBN 978-

Policies, *Data Security Management*, Vol. 26, No. 1, (Feb/Mar 2003), pp. 1-11, ISSN

A research agenda in active risk management should include the following areas:

Improving supplier and supply item provenance and supply chain visibility;

the human-machine information system.

and processes);

support them;

mitigations; and

information system as a whole.

10967907.

systems.

**7. References** 

to retirement from inventory;

to maintain that security throughout the interactions among machinery components of


http://esd.mit.edu/symposium/pdfs/papers/rhodes.pdf


**6**

**Construction of Effective Database** 

In the Information Technology Communication Society, the information system in any organization is always exposed to various kinds of risks, and they should prepare countermeasures against possible risks to protect their assets and secure their activities' continuity. For that purpose, several types of information risk evaluation and management systems, such as ISO/IEC 27002, MEHARIT, MAGERIT, SP800-30, OCTAVESM, etc., are proposed by institutions all over the world. Although each system has its own policy and characteristic, on the final stage after the risk evaluation was done and some serious risks were clarified, the system usually goes on the process of choosing effective and available

In our prior works, we proposed a method to choose a set of effective elements from a given database of properly valued mitigation controls and we also proposed a method of clustering these controls related to the threat path of OCTAVE's risk profile worksheet.

However we have not yet constructed any feasible database system for practical use, now the effort is in progress. For that sake, it is necessary to investigate several existent systems

1. Overview and investigation of existent information risk management systems and their

2. Brief explanation of useful tools for the proposed total system of risk management, such as fuzzy outranking, fuzzy inference mechanism, modified structural modelling

3. Review of our proposed method for choosing effective set of mitigation controls from a

**1. Introduction** 

mitigation controls against each of risks.

The content of the chapter is as follows:

method, and c-mean clustering.

well-defined database of controls

mitigation controls

5. Discussion and conclusion

of mitigation controls, and to compare and analyse them.

4. Details of the process constructing database systems

 **System for Information** 

 **Risk Mitigation** 

 *Daito Bunka University,* 

*Faculty of Business Administration,* 

 *Takashimadaira Itabashi-ku, Tokyo,* 

Kiyoshi Nagata

 *Japan* 

Zuo, Y. & Hu, W. (2009). Trust-Based Information Risk Management in a Supply Chain Network, *International Journal of Information Systems and Supply Chain Management*, Vol. 2, No. 3, (July – September 2009), pp. 19-34, ISSN 1935-5726.
