Search Swinburne Research Bank
This object has not yet been indexed by the background indexing service.
Please use this identifier to cite or link to this item: http://hdl.handle.net/1959.3/156530
|Download PDF (Accepted manuscript) (Adobe Acrobat PDF, -1 bytes)|
- Idea: a reference platform for systematic information security management tool support
- Mueller, Ingo; Han, Jun; Schneider, Jean-Guy; Versteeg, Steven
- The ISO 27001 standard specifies an information security management system (ISMS) as a means to implement security best practices for IT systems. Organisations that implement an ISMS typically experience various challenges such as enforcing a common vocabulary, limiting human errors and integrating existing management tools and security mechanisms. However, ISO 27001 does not provide guidance on these issues because tool support is beyond its scope, leaving organisations to start 'from scratch' with manual and usually paper document-driven approaches. We propose a novel reference platform for security management that provides the foundation for systematic and automated ISMS tool support. Our platform consists of a unified information model, an enterprise-level repository and an extensible application and integration platform that aid practitioners in tackling the aforementioned challenges. This paper motivates and outlines the key elements of our approach and presents a first proof-of-concept prototype implementation.
- Publication type
- Conference paper
- Research centre
- Swinburne University of Technology. Faculty of Information and Communication Technologies. Centre for Computing and Engineering Software Systems
- Lecture notes in computer science: proceedings of the 3rd International Symposium on Engineering Secure Software and Systems (ESSoS 2011), Madrid, Spain, 09-10 February 2011 / Ulfar Erlingsson, Roel Wieringa and Nicole Zannone (eds.), Vol. 6542, pp. 256-263
- Publication year
- Publisher URL
- Copyright © Springer-Verlag Berlin Heidelberg 2011. The accepted manuscript of the paper is reproduced here in accordance with the copyright policy of the publisher. The definitive version of the publication is available at www.springer.com.