Providing Users With Suitable Services of Information Security Engineering Cloud Based on ISO/IEC 15408

被引：0

作者：

Xu, Liqing ^{[1
]}

Wang, Bo ^{[1
]}

Zhang, Ning ^{[1
]}

Goto, Yuichi ^{[1
]}

Cheng, Jingde ^{[1
]}

机构：

[1] Saitama Univ, Dept Informat & Comp Sci, Saitama 3388570, Japan

来源：

PROCEEDINGS OF 2013 IEEE 4TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND SERVICE SCIENCE (ICSESS) | 2012年

关键词：

ISEC; Suitable Services; Cloud; ISO/IEC; 15408;

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Information security engineering cloud (ISEC) should provide a wide range of services for its users to ensure the whole security of their target information/software systems. ISO/IEC 15408, as one of the most important international standards, plays an important role to ensure whole security of target information/software systems, and therefore, has been adopted as the core standard in ISEC. There are various services provided by ISEC based on ISO/IEC 15408. As a result, it is difficult for the users to find suitable services. However, there is no analysis about how to support users to find suitable services according to their roles and tasks. This paper identifies, classifies, and combines all services of ISEC based on ISO/IEC 15408. According to our analysis results and using supporting tools we are developing, ISEC based on ISO/IEC 15408 can provide efficient and satisfactory services to its users.

引用

页码：321 / 325

页数：5

共 50 条

[41] Information Security and the Application of Cloud Services by State Bodies
Tereshchenko, Ludmila
[J]. PRAVO-ZHURNAL VYSSHEI SHKOLY EKONOMIKI, 2014, (01): : 129 - 139
[42] Implementing information security best practices on software lifecycle processes: The ISO/IEC 15504 Security Extension
Mesquida, Antoni Lluis
Mas, Antonia
[J]. COMPUTERS & SECURITY, 2015, 48 : 19 - 34
[43] Managing critical information infrastructure security compliance: A standard based approach using ISO/IEC 17799 and 27001
Jayawickrama, Wipul
[J]. On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops, Pt 1, Proceedings, 2006, 4277 : 565 - 574
[44] A Security Evaluation and Certification Management Database Based on ISO/IEC Standards
Chen, Huilin
Bao, Da
Gao, Hongbiao
Cheng, Jingde
[J]. PROCEEDINGS OF 2016 12TH INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE AND SECURITY (CIS), 2016, : 249 - 253
[45] The ISO/IEC 27001 information security management standard: literature review and theory-based research agenda
Culot, Giovanna
Nassimbeni, Guido
Podrecca, Matteo
Sartor, Marco
[J]. TQM JOURNAL, 2021, 33 (07): : 76 - 105
[46] Digital forensic readiness in operational cloud leveraging ISO/IEC 27043 guidelines on security monitoring
Makura, Sheunesu
Venter, H. S.
Kebande, Victor R.
Karie, Nickson M.
Ikuesan, Richard A.
Alawadi, Sadi
[J]. SECURITY AND PRIVACY, 2021, 4 (03)
[47] Providing Grid Services Based on Virtualization and Cloud Technologies
Lopez Cacheiro, Javier
Fernandez, Carlos
Freire, Esteban
Diaz, Sergio
Simon, Alvaro
[J]. EURO-PAR 2009 PARALLEL PROCESSING WORKSHOPS, 2010, 6043 : 444 - 453
[48] An Approach to Map COBIT Processes to ISO/IEC 27001 Information Security Management Controls
Sheikhpour, Razieh
Modiri, Nasser
[J]. INTERNATIONAL JOURNAL OF SECURITY AND ITS APPLICATIONS, 2012, 6 (02): : 13 - 28
[49] Information technology services management: a value-added applied model based on ITIL and ISO/IEC 20000
Bauset-Carbonell, Maria-Carmen
Rodenes-Adam, Manuel
[J]. PROFESIONAL DE LA INFORMACION, 2013, 22 (01): : 54 - 61
[50] Perceived information security of internal users in Indian IT services industry
Mukundan, N. R.
Sai, L. Prakash
[J]. INFORMATION TECHNOLOGY & MANAGEMENT, 2014, 15 (01): : 1 - 8

← 1 2 3 4 5 →