Performance modelling and evaluation of enterprise information security technologies

Wen Zeng; Maciej Koutny; Aad Van Moorsel

doi:10.1109/CIT.2014.18

Performance modelling and evaluation of enterprise information security technologies

Wen Zeng
, Maciej Koutny
, Aad Van Moorsel

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

By providing effective access control mechanisms, enterprise information security technologies have been proven successful in protecting the confidentiality of sensitive information in business organizations. However, such security mechanisms typically reduce the work productivity of the staff, by making them spend time working on non-project related tasks. Therefore, organizations have to invest a signification amount of capital in the information security technologies, and then to continue incurring additional costs. In this study, we investigate the performance of administrators in an information help desk, and the non-productive time (NPT) in an organization, resulting from the implementation of information security technologies. An approximate analytical solution is discussed first, and the loss of staff member productivity is quantified using non-productive time. Stochastic Petri nets are then used to provide simulation results. The presented study can help information security managers to make investment decisions, and to take actions toward reducing the cost of information security technologies, so that a balance is kept between information security expense, resource drain and effectiveness of security technologies.

Original language	English
Title of host publication	Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014
Publisher	Institute of Electrical and Electronics Engineers (IEEE)
Pages	504-511
Number of pages	8
ISBN (Electronic)	9781479962389
DOIs	https://doi.org/10.1109/CIT.2014.18
Publication status	Published - 12 Dec 2014
Event	14th IEEE International Conference on Computer and Information Technology, CIT 2014 - Xi'an, Shaanxi, China Duration: 11 Sept 2014 → 13 Sept 2014

Publication series

Name	Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014

Conference

Conference	14th IEEE International Conference on Computer and Information Technology, CIT 2014
Country/Territory	China
City	Xi'an, Shaanxi
Period	11/09/14 → 13/09/14

Bibliographical note

Publisher Copyright:
© 2014 IEEE.

Keywords

Non-productive Time
Queuing Theory
Security Investment Decision
Stochastic Petri Nets

ASJC Scopus subject areas

General Computer Science

Access to Document

10.1109/CIT.2014.18

Cite this

Zeng, W., Koutny, M., & Van Moorsel, A. (2014). Performance modelling and evaluation of enterprise information security technologies. In Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014 (pp. 504-511). Article 6984703 (Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014). Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/CIT.2014.18

Zeng, Wen ; Koutny, Maciej ; Van Moorsel, Aad. / Performance modelling and evaluation of enterprise information security technologies. Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014. Institute of Electrical and Electronics Engineers (IEEE), 2014. pp. 504-511 (Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014).

@inproceedings{dfd67210856941b08c06ee95853de336,

title = "Performance modelling and evaluation of enterprise information security technologies",

abstract = "By providing effective access control mechanisms, enterprise information security technologies have been proven successful in protecting the confidentiality of sensitive information in business organizations. However, such security mechanisms typically reduce the work productivity of the staff, by making them spend time working on non-project related tasks. Therefore, organizations have to invest a signification amount of capital in the information security technologies, and then to continue incurring additional costs. In this study, we investigate the performance of administrators in an information help desk, and the non-productive time (NPT) in an organization, resulting from the implementation of information security technologies. An approximate analytical solution is discussed first, and the loss of staff member productivity is quantified using non-productive time. Stochastic Petri nets are then used to provide simulation results. The presented study can help information security managers to make investment decisions, and to take actions toward reducing the cost of information security technologies, so that a balance is kept between information security expense, resource drain and effectiveness of security technologies.",

keywords = "Non-productive Time, Queuing Theory, Security Investment Decision, Stochastic Petri Nets",

author = "Wen Zeng and Maciej Koutny and \{Van Moorsel\}, Aad",

note = "Publisher Copyright: {\textcopyright} 2014 IEEE.; 14th IEEE International Conference on Computer and Information Technology, CIT 2014 ; Conference date: 11-09-2014 Through 13-09-2014",

year = "2014",

month = dec,

day = "12",

doi = "10.1109/CIT.2014.18",

language = "English",

series = "Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

pages = "504--511",

booktitle = "Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014",

}

Zeng, W, Koutny, M & Van Moorsel, A 2014, Performance modelling and evaluation of enterprise information security technologies. in Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014., 6984703, Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014, Institute of Electrical and Electronics Engineers (IEEE), pp. 504-511, 14th IEEE International Conference on Computer and Information Technology, CIT 2014, Xi'an, Shaanxi, China, 11/09/14. https://doi.org/10.1109/CIT.2014.18

Performance modelling and evaluation of enterprise information security technologies. / Zeng, Wen; Koutny, Maciej; Van Moorsel, Aad.
Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014. Institute of Electrical and Electronics Engineers (IEEE), 2014. p. 504-511 6984703 (Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Performance modelling and evaluation of enterprise information security technologies

AU - Zeng, Wen

AU - Koutny, Maciej

AU - Van Moorsel, Aad

PY - 2014/12/12

Y1 - 2014/12/12

N2 - By providing effective access control mechanisms, enterprise information security technologies have been proven successful in protecting the confidentiality of sensitive information in business organizations. However, such security mechanisms typically reduce the work productivity of the staff, by making them spend time working on non-project related tasks. Therefore, organizations have to invest a signification amount of capital in the information security technologies, and then to continue incurring additional costs. In this study, we investigate the performance of administrators in an information help desk, and the non-productive time (NPT) in an organization, resulting from the implementation of information security technologies. An approximate analytical solution is discussed first, and the loss of staff member productivity is quantified using non-productive time. Stochastic Petri nets are then used to provide simulation results. The presented study can help information security managers to make investment decisions, and to take actions toward reducing the cost of information security technologies, so that a balance is kept between information security expense, resource drain and effectiveness of security technologies.

AB - By providing effective access control mechanisms, enterprise information security technologies have been proven successful in protecting the confidentiality of sensitive information in business organizations. However, such security mechanisms typically reduce the work productivity of the staff, by making them spend time working on non-project related tasks. Therefore, organizations have to invest a signification amount of capital in the information security technologies, and then to continue incurring additional costs. In this study, we investigate the performance of administrators in an information help desk, and the non-productive time (NPT) in an organization, resulting from the implementation of information security technologies. An approximate analytical solution is discussed first, and the loss of staff member productivity is quantified using non-productive time. Stochastic Petri nets are then used to provide simulation results. The presented study can help information security managers to make investment decisions, and to take actions toward reducing the cost of information security technologies, so that a balance is kept between information security expense, resource drain and effectiveness of security technologies.

KW - Non-productive Time

KW - Queuing Theory

KW - Security Investment Decision

KW - Stochastic Petri Nets

UR - https://www.scopus.com/pages/publications/84921029171

U2 - 10.1109/CIT.2014.18

DO - 10.1109/CIT.2014.18

M3 - Conference contribution

AN - SCOPUS:84921029171

T3 - Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014

SP - 504

EP - 511

BT - Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014

PB - Institute of Electrical and Electronics Engineers (IEEE)

T2 - 14th IEEE International Conference on Computer and Information Technology, CIT 2014

Y2 - 11 September 2014 through 13 September 2014

ER -

Zeng W, Koutny M, Van Moorsel A. Performance modelling and evaluation of enterprise information security technologies. In Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014. Institute of Electrical and Electronics Engineers (IEEE). 2014. p. 504-511. 6984703. (Proceedings - 2014 IEEE International Conference on Computer and Information Technology, CIT 2014). doi: 10.1109/CIT.2014.18

Performance modelling and evaluation of enterprise information security technologies

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this