Idea: a reference platform for systematic information security management tool support - Swinburne Research Bank : Open Access Repository

My Folder (0)

Add to My Folder

Permanent link: http://hdl.handle.net/1959.3/156530

Download PDF (Accepted manuscript) (Adobe Acrobat PDF, 617 KB)

Title: Idea: a reference platform for systematic information security management tool support
Author(s): Mueller, Ingo; Han, Jun; Schneider, Jean-Guy; Versteeg, Steven
Abstract: The ISO 27001 standard specifies an information security management system (ISMS) as a means to implement security best practices for IT systems. Organisations that implement an ISMS typically experience various challenges such as enforcing a common vocabulary, limiting human errors and integrating existing management tools and security mechanisms. However, ISO 27001 does not provide guidance on these issues because tool support is beyond its scope, leaving organisations to start 'from scratch' with manual and usually paper document-driven approaches. We propose a novel reference platform for security management that provides the foundation for systematic and automated ISMS tool support. Our platform consists of a unified information model, an enterprise-level repository and an extensible application and integration platform that aid practitioners in tackling the aforementioned challenges. This paper motivates and outlines the key elements of our approach and presents a first proof-of-concept prototype implementation.
Publication Type: Conference paper
Research Centre: Swinburne University of Technology. Faculty of Information and Communication Technologies. Centre for Computing and Engineering Software Systems
Source: Lecture notes in computer science: proceedings of the 3rd International Symposium on Engineering Secure Software and Systems (ESSoS 2011), Madrid, Spain, 09-10 February 2011 / Ulfar Erlingsson, Roel Wieringa and Nicole Zannone (eds.), Vol. 6542, pp. 256-263
Publication Year: 2011
Keyword(s): Information security management system; ISO 27001; ISMS; Security management; Standards; Tool support
Publisher: Springer
Publisher URL: http://dx.doi.org/10.1007/978-3-642-19125-1_20
Copyright: Copyright © Springer-Verlag Berlin Heidelberg 2011. The accepted manuscript of the paper is reproduced here in accordance with the copyright policy of the publisher. The definitive version of the publication is available at www.springer.com.
ISBN: 9783642191244
ISSN: 0302-9743 (series ISSN)
Full Text
Peer Reviewed