Abstract

Abstract The need to secure information systems and networked infrastructures is now commonplace in most enterprises. The use of novel communication technologies has became a crucial factor that can considerably improve or affect productivity. This is essentially due to the importance of the information transmitted across communication networks and stored in servers. As a consequence, strong ties are being built between security and the enterprise business activity. Risk management, which is the discipline that deals with this aspect, integrates a litany of architectures, techniques, and models that are described in this paper. A global view is proposed to the reader through a presentation of the research activity that has been directed towards this field. Copyright © 2005 John Wiley & Sons, Ltd.