DocumentCode :
2927478
Title :
Specifying Information Security Needs for the Delivery of High Quality Security Services
Author :
Su, Xiaomeng ; Bolzoni, Damiano ; Van Eck, Pascal
Author_Institution :
Telenor R&I, Trondheim
fYear :
2007
fDate :
21-21 May 2007
Firstpage :
112
Lastpage :
113
Abstract :
In this paper we present an approach for specifying and prioritizing information security requirements in organizations. We propose to explicitly link security requirements with the organizations´ business vision, i.e. to provide business rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements. Furthermore we discuss how to integrate the aforementioned solution concepts into a service level management process for security services, which is an important step in IT Governance.
Keywords :
organisational aspects; security of data; IT Governance; information security requirements; organization business vision; service level management; Computational Intelligence Society; Context-aware services; Information security; Instruments; Intersymbol interference; Joining processes; Resource management; Tellurium;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Business-Driven IT Management, 2007. BDIM '07. 2nd IEEE/IFIP International Workshop on
Conference_Location :
Munich
Print_ISBN :
1-4244-1295-1
Type :
conf
DOI :
10.1109/BDIM.2007.375022
Filename :
4261111
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2927478
بازگشت