Harmonizer { a Tool for Processing Information Security Requirements in Organizations
نویسندگان
چکیده
Information Security Requirement Harmonizer (shortly, har-monizer) is a software tool that aids information security personnel in organizations to formulate, organize and automatically harmonize various information security requirements from various sources within the development of information security. Various levels of abstraction are represented as the information security development organization is speciied, and various types of information security requirements are associated to various components of the organization and transformed into the next level of abstraction in a manner which aims at reducing internal inconsistencies and therefore improving cost-eeciency and ease of the management of information security. This paper discusses theoretical foundation of harmonizer, as well as implementation and application details of the tool. The software is currently working and is publicly available.
منابع مشابه
A combination of semantic and attribute-based access control model for virtual organizations
A Virtual Organization (VO) consists of some real organizations with common interests, which aims to provide inter organizational associations to reach some common goals by sharing their resources with each other. Providing security mechanisms, and especially a suitable access control mechanism, which enforces the defined security policy is a necessary requirement in VOs. Since VO is a complex ...
متن کاملPROVIDE A MODEL FOR IDENTIFYING AND RANKING THE MANAGERIAL FACTORS AFFECTING INFORMATION SECURITY IN ORGANIZATION BY USING VIKOR METHOD; CASE STUDY: TEHRAN UNIVERSITY OF MEDICAL SCIENCES
<span style="color: #000000; font-family: Tahoma, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: -webkit-left; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !important; float: none; ba...
متن کاملIdentifying and Ranking Technology-Telecommunications Context of Information Security anagement System in E-Government Using Fuzzy AHP Approach
In recent years, many security threats have entered into the organizations’ information and changed the organizational performance resulting in their exorbitant costs. This question is of particular importanceabout government agencies that use information and Internet systems. This issue enabled the top managers of organizations to implement a security system and minimize these costs. Using In...
متن کاملPROVIDE A MODEL FOR IDENTIFYING AND RANKING THE MANAGERIAL FACTORS AFFECTING INFORMATION SECURITY IN ORGANIZATION BY USING VIKOR METHOD; CASE STUDY: TEHRAN UNIVERSITY OF MEDICAL SCIENCES
<span style="color: #000000; font-family: Tahoma, sans-serif; font-size: 13px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: auto; text-align: -webkit-left; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; display: inline !important; float: none; ba...
متن کاملA Lightweight Privacy-preserving Authenticated Key Exchange Scheme for Smart Grid Communications
Smart grid concept is introduced to modify the power grid by utilizing new information and communication technology. Smart grid needs live power consumption monitoring to provide required services and for this issue, bi-directional communication is essential. Security and privacy are the most important requirements that should be provided in the communication. Because of the complex design of s...
متن کامل