Extension of ISO/IEC27001 to Mobile Devices Security Management

被引：1

作者：

Zhu, Xiaobo ^{[1
]}

Zhu, Yunqian ^{[1
]}

机构：

[1] Natl Comp Network Emergency Response Tech Team, Coordinat Ctr China, Beijing, Peoples R China

来源：

CYBER SECURITY, CNCERT 2018 | 2019年 / 970卷

关键词：

Mobile security; Information security; ISO/IEC; 27001; ISMS;

D O I：

10.1007/978-981-13-6621-5_3

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Mobile security is more and more important with the fast growth of mobile devices, and people are becoming more dependent on mobile devices in their daily life. Malicious samples in mobile devices are growing in double times each year from 2011 to 2017 in China. ISO/IEC 27000 family of standards helps organizations keep information assets secure, such as financial information, intellectual property, employee details or information entrusted to you by third parties. ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS). However, ISO/IEC 27001 is not quite adaptable for mobile devices, because these developing mobile information devices lead to new challenges and security risks. This paper analyzes mobile devices security issues, and gives the drawback for 27001 in mobile security. Finally, this paper gives a consideration to these issues under ISO/IEC 27001 information security management system framework.

引用

页码：27 / 35

页数：9

共 50 条

[41] POSSIBILITIES OF ISO 9001: 2015 QMS AND ISO/IEC 27001:2013 ISMS INTEGRATION
Britvic, Josip
Merkas, Zvonko
Tenjeri, Tihomir
[J]. INTERDISCIPLINARY MANAGEMENT RESEARCH XVII (IMR 2021), 2021, : 585 - 600
[42] INTEGRATION OF THE GDPR REQUIREMENTS INTO THE REQUIREMENTS OF THE SR EN ISO/IEC 27001:2018 STANDARD, INTEGRATION SECURITY MANAGEMENT SYSTEM IN A SOFTWARE DEVELOPMENT COMPANY
Gaspar, Mirabela Luciana
Popescu, Sorin Gabriel
[J]. ACTA TECHNICA NAPOCENSIS SERIES-APPLIED MATHEMATICS MECHANICS AND ENGINEERING, 2018, 61 (03): : 85 - 96
[43] Information security objectives and the output legitimacy of ISO/IEC 27001: stakeholders’ perspective on expectations in private organizations in Sweden
Yasmin Kamil
Sofia Lund
M Sirajul Islam
[J]. Information Systems and e-Business Management, 2023, 21 : 699 - 722
[44] Managing critical information infrastructure security compliance: A standard based approach using ISO/IEC 17799 and 27001
Jayawickrama, Wipul
[J]. On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops, Pt 1, Proceedings, 2006, 4277 : 565 - 574
[45] THEORETICAL AND PRACTICAL CONSIDERATIONS REGARDING THE INFORMATION SECURITY MANAGEMENT SYSTEM WITHIN ORGANIZATIONS IN CONCORDANCE WITH THE NEW INTERNATIONAL STANDARD ISO/IEC 27001:2013
Tiganoaia, Bogdan
[J]. GLOBALIZATION AND INTERCULTURAL DIALOGUE: MULTIDISCIPLINARY PERSPECTIVES - ECONOMY AND MANAGEMENT, 2014, : 62 - 68
[46] Information security objectives and the output legitimacy of ISO/IEC 27001: stakeholders' perspective on expectations in private organizations in Sweden
Kamil, Yasmin
Lund, Sofia
Islam, M. Sirajul
[J]. INFORMATION SYSTEMS AND E-BUSINESS MANAGEMENT, 2023, 21 (03) : 699 - 722
[47] Using the bell labs security framework to enhance the ISO 17799/27001 information security management system
Mcgee, Andrew R.
Bastry, Frank A.
Chandrashekhar, Uma
Vasireddy, S. Rao
Flynn, Lori A.
[J]. BELL LABS TECHNICAL JOURNAL, 2007, 12 (03) : 39 - 54
[48] Compliance with Saudi NCA-ECC based on ISO/IEC 27001
Alsahafi, Tahani
Halboob, Waleed
Almuhtadi, Jalal
[J]. TEHNICKI VJESNIK-TECHNICAL GAZETTE, 2022, 29 (06): : 2090 - 2097
[49] Goal- Based Establishment of an Information Security Management System Compliant to ISO 27001
Beckers, Kristian
[J]. SOFSEM 2014: THEORY AND PRACTICE OF COMPUTER SCIENCE, 2014, 8327 : 102 - 113
[50] Model Driven Information Security Management - Evaluating and Applying the Meta Model of ISO 27001
Milicevic, Danijel
Goeken, Matthias
[J]. AMCIS 2011 PROCEEDINGS, 2011,

← 1 2 3 4 5 →