Specifying information security needs for the delivery of high quality security services

被引：0

作者：

Su, Xiaomeng ^{[1
]}

Bolzoni, Damiano ^{[2
]}

van Eck, Pascal ^{[2
]}

机构：

[1] Telenor R&I, N-7004 Trondheim, Norway

[2] Univ Twente, NL-7500 AE Enschede, Netherlands

来源：

INFORMATION TECHNOLOGY MANAGEMENT FROM A BUSINESS PERSPECTIVE | 2007年

关键词：

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. We propose to explicitly link security requirements with the organization's business vision, i.e. to provide business rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements. Furthermore we discuss how to integrate the aforementioned solution concepts into a service level management process for security services, which is an important step in IT Governance.

引用

页码：112 / +

页数：2

共 50 条

[1] A STUDY ON INFORMATION SECURITY IMPACT ON THE DELIVERY OF IT MANAGED SERVICES
Ionescu, Razvan Cristian
Olaru, Marieta
Lampe, Georg Sven
Fogoros, Teodora Elena
[J]. 2020 BASIQ INTERNATIONAL CONFERENCE: NEW TRENDS IN SUSTAINABLE BUSINESS AND CONSUMPTION, 2020, : 958 - 965
[2] INFORMATION NEEDS OF SECURITY ANALYSTS
CHANDRA, G
[J]. JOURNAL OF ACCOUNTANCY, 1975, 140 (06): : 65 - 70
[3] Is information security under control? Investigating quality in information security management
Baker, Wade H.
Wallace, Linda
[J]. IEEE SECURITY & PRIVACY, 2007, 5 (01) : 36 - 44
[4] Information Security for Web and SQL Services
Iacob, Nicoleta Magdalena
[J]. PROCEEDINGS OF THE 9TH INTERNATIONAL CONFERENCE ON VIRTUAL LEARNING, 2014, : 408 - 412
[5] Information Security and Privacy of Patient-Centered Health IT Services: What needs to be done?
Dehling, Tobias
Sunyaev, Ali
[J]. 2014 47TH HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS), 2014, : 2984 - 2993
[6] The folk art of information security needs an upgrade
Parker, DB
[J]. COMMUNICATIONS OF THE ACM, 2004, 47 (08) : 11 - 12
[7] Specifying security in a composite system
Kabasele-Tenday, JM
[J]. INFORMATION SECURITY, 1998, 1396 : 246 - 255
[8] Afghanistan needs security to rebuild its health services
Richards, T
Little, R
[J]. BRITISH MEDICAL JOURNAL, 2002, 324 (7333): : 318 - 318
[9] An inclusive information society needs a global approach of information security
Ghernaouti-Helie, Solange
[J]. 2009 INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY (ARES), VOLS 1 AND 2, 2009, : 658 - 662
[10] Overview of Enterprise Information Needs in Information Security Risk Assessment
Korman, Matus
Ekstedt, Mathias
Sommestad, Teodor
Hallberg, Jonas
Bengtsson, Johan
[J]. PROCEEDINGS OF THE 2014 IEEE 18TH INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING CONFERENCE (EDOC 2014), 2014, : 42 - 51

← 1 2 3 4 5 →