A Blockchain-Based Risk and Information System Control Framework

Shenglan Ma, Wang Hao*, Hong-Ning Dai, Shuhan Cheng, Ruihua Yi, Tongsen Wang

*Corresponding author for this work

Research output: Chapter in book/report/conference proceedingConference proceedingpeer-review

17 Citations (Scopus)

Abstract

Risk and Information System Control Framework in business includes the methods and processes to manage risks and seize opportunities which involve identifying particular risk events relevant to the objectives, assessing them in terms of likelihood and magnitude of impact, determining a response strategy, and monitoring progress. In order to provide better support for the backtracking, traceability, irreversibility, and credible requirements of risk registration table data in the framework, this paper proposes a blockchain-based risk and information system control framework. A risk association tree is designed for combining summarized risk item ledgers with risk assessment ledgers and risk response ledgers based on the Merkle Tree. Three proposed smart contracts are used in risk identification, risk assessment, risk response and mitigation, and risk and control monitoring and reporting processes. We implement a prototype for this framework.

Original languageEnglish
Title of host publicationProceedings - IEEE 16th International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018
PublisherIEEE
Pages106-113
Number of pages8
Edition1st
ISBN (Electronic)9781538675182
ISBN (Print)9781538675199
DOIs
Publication statusPublished - 12 Aug 2018
Event16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018 - Athens, Greece
Duration: 12 Aug 201815 Aug 2018
https://ieeexplore.ieee.org/xpl/conhome/8511011/proceeding (Conference proceedings)
https://dblp.org/db/conf/dasc/dasc2018.html (Conference proceedings)

Publication series

NameProceedings - IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE International Conference on Pervasive Intelligence and Computing, IEEE International Conference on Big Data Intelligence and Computing and IEEE Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec

Conference

Conference16th IEEE International Conference on Dependable, Autonomic and Secure Computing, IEEE 16th International Conference on Pervasive Intelligence and Computing, IEEE 4th International Conference on Big Data Intelligence and Computing and IEEE 3rd Cyber Science and Technology Congress, DASC-PICom-DataCom-CyberSciTec 2018
Country/TerritoryGreece
CityAthens
Period12/08/1815/08/18
Internet address

Scopus Subject Areas

  • Computer Networks and Communications
  • Information Systems
  • Artificial Intelligence
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality
  • Control and Optimization

User-Defined Keywords

  • risk and information system control framework
  • blockchain
  • risk association tree
  • smart contract

Fingerprint

Dive into the research topics of 'A Blockchain-Based Risk and Information System Control Framework'. Together they form a unique fingerprint.

Cite this