Abstract
Risk and Information System Control Framework in business includes the methods and processes to manage risks and seize opportunities which involve identifying particular risk events relevant to the objectives, assessing them in terms of likelihood and magnitude of impact, determining a response strategy, and monitoring progress. In order to provide better support for the backtracking, traceability, irreversibility, and credible requirements of risk registration table data in the framework, this paper proposes a blockchain-based risk and information system control framework. A risk association tree is designed for combining summarized risk item ledgers with risk assessment ledgers and risk response ledgers based on the Merkle Tree. Three proposed smart contracts are used in risk identification, risk assessment, risk response and mitigation, and risk and control monitoring and reporting processes. We implement a prototype for this framework.
Original language | English |
---|---|
Title of host publication | Proceedings - IEEE 16th International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 114-120 |
Number of pages | 7 |
ISBN (Electronic) | 9781538675182 |
DOIs | |
Publication status | Published - 29 Oct 2018 |
Externally published | Yes |
Event | 16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018 - Athens, Greece Duration: 12 Aug 2018 → 15 Aug 2018 |
Publication series
Name | Proceedings - IEEE 16th International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018 |
---|
Conference
Conference | 16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018 |
---|---|
Country/Territory | Greece |
City | Athens |
Period | 12/08/18 → 15/08/18 |
Bibliographical note
Funding Information:VI. ACKNOWLEDGEMENT This work is partially funded by the Fujian Fumin Foundation and partially supported by the National Natural Science Foundation of China under Grant No. 61672170 and the Science and Technology Planning Project of Guangdong Province under Grant No. 2017A050501035.
Publisher Copyright:
© 2018 IEEE.
Keywords
- Blockchain
- Risk and information system control framework
- Risk association tree
- Smart contract