A Reference Model of Information Assurance & Security

Author

Cherdantseva, Yulia ; Hilton, Jeremy

Author_Institution

Sch. of Comput. Sci. & Inf., Cardiff Univ., Cardiff, UK

fYear

2013

fDate

2-6 Sept. 2013

Firstpage

546

Lastpage

555

Abstract

Information Assurance & Security (IAS) is a dynamic domain which changes continuously in response to the evolution of society, business needs and technology. This paper proposes a Reference Model of Information Assurance & Security (RMIAS), which endeavours to address the recent trends in the IAS evolution, namely diversification and deperimetrisation. The model incorporates four dimensions: Information System Security Life Cycle, Information Taxonomy, Security Goals and Security Countermeasures. In addition to the descriptive knowledge, the RMIAS embeds the methodological knowledge. A case study demonstrate show the RMIAS assists with the development and revision of an Information Security Policy Document.

Keywords

information systems; security of data; IAS evolution; deperimetrisation; descriptive knowledge; diversification; dynamic domain; information security policy document; information system security life cycle; information taxonomy; reference model of information assurance & security; security countermeasures; security goals; Availability; Information security; Modeling; Sensitivity; Conceptual Model; Information Assurance; Information Security; Information Security Policy Development; Reference Model;

fLanguage

English

Publisher

ieee

Conference_Titel

Availability, Reliability and Security (ARES), 2013 Eighth International Conference on

Conference_Location

Regensburg

Type

conf

DOI

10.1109/ARES.2013.72

Filename

6657288