Extension of ISO/IEC27001 to Mobile Devices Security Management

被引：1

作者：

Zhu, Xiaobo ^{[1
]}

Zhu, Yunqian ^{[1
]}

机构：

[1] Natl Comp Network Emergency Response Tech Team, Coordinat Ctr China, Beijing, Peoples R China

来源：

CYBER SECURITY, CNCERT 2018 | 2019年 / 970卷

关键词：

Mobile security; Information security; ISO/IEC; 27001; ISMS;

D O I：

10.1007/978-981-13-6621-5_3

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Mobile security is more and more important with the fast growth of mobile devices, and people are becoming more dependent on mobile devices in their daily life. Malicious samples in mobile devices are growing in double times each year from 2011 to 2017 in China. ISO/IEC 27000 family of standards helps organizations keep information assets secure, such as financial information, intellectual property, employee details or information entrusted to you by third parties. ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS). However, ISO/IEC 27001 is not quite adaptable for mobile devices, because these developing mobile information devices lead to new challenges and security risks. This paper analyzes mobile devices security issues, and gives the drawback for 27001 in mobile security. Finally, this paper gives a consideration to these issues under ISO/IEC 27001 information security management system framework.

引用

页码：27 / 35

页数：9

共 50 条

[1] Information Security Risk Management: Handbook for ISO/IEC 27001
Lomas, Elizabeth
[J]. RECORDS MANAGEMENT JOURNAL, 2011, 21 (03) : 239 - +
[2] From ISO/IEC27001:2013 and ISO/IEC27002:2013 to GDPR compliance controls
Diamantopoulou, Vasiliki
Tsohou, Aggeliki
Karyda, Maria
[J]. INFORMATION AND COMPUTER SECURITY, 2020, 28 (04) : 645 - 662
[3] 基于ISO/IEC27001标准的高校信息安全治理
何济玲
陈仕品
程吉麟
艾贤明
[J]. 现代教育技术, 2016, 26 (09) : 60 - 65
[4] ISO/IEC27001信息安全管理体系标准浅析
罗思
[J]. 中国标准化, 2007, (04) : 21 - 21
[5] COMPARATIVE STUDY REGARDING INTERNATIONAL STANDARDS ON INFORMATION SECURITY MANAGEMENT SYSTEMS IN ORGANIZATIONS: ISO/IEC 27001:2013 vs ISO/IEC 27001:2005
Tiganoaia, Bogdan
[J]. GLOBALIZATION AND INTERCULTURAL DIALOGUE: MULTIDISCIPLINARY PERSPECTIVES - ECONOMY AND MANAGEMENT, 2014, : 102 - 109
[6] Information Security Management Systems - A Maturity Model Based on ISO/IEC 27001
Proenca, Diogo
Borbinha, Jose
[J]. BUSINESS INFORMATION SYSTEMS (BIS 2018), 2018, 320 : 102 - 114
[7] NEW STANDARD ISO/IEC 27001:2013 OF INFORMATION SECURITY MANAGEMENT SYSTEM
Drastich, Martin
[J]. KNOWLEDGE FOR MARKET USE 2014: MEDIA AND COMMUNICATION IN THE 21ST CENTURY, 2014, : 387 - 393
[8] AUTOMATION OF AN INFORMATION SECURITY MANAGEMENT SYSTEM BASED ON THE ISO/IEC 27001 STANDARD
de la Rosa Martin, Tonyse
[J]. REVISTA UNIVERSIDAD Y SOCIEDAD, 2021, 13 (05): : 495 - 506
[9] An Approach to Map COBIT Processes to ISO/IEC 27001 Information Security Management Controls
Sheikhpour, Razieh
Modiri, Nasser
[J]. INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2012, 6 (02): : 13 - 28
[10] A Model of an Information Security Management System Based on NTC-ISO/IEC 27001 Standard
Fonseca-Herrera, Omar A.
Rojas, Alix E.
Florez, Hector
[J]. IAENG International Journal of Computer Science, 2021, 48 (02) : 1 - 10

← 1 2 3 4 5 →