A study on information security management system evaluation - assets, threat and vulnerability
نویسندگان
چکیده
The security of information system is like a chain. Its strength is affected by the weakest knot. Since we can achieve 100% Information Security Management System (ISMS) security, we must cautiously fulfill the certification and accreditation of information security. In this paper, we analyzed, studied the evaluation knowledge and skills required for auditing the certification procedures for the three aspects of ISMS—asset, threat, and vulnerability. D 2004 Elsevier B.V. All rights reserved.
منابع مشابه
The Framework for Information Security Risk Network Management based on Bayesian Belief Decision Support System for Threat on the Campus
The security network management system is for providing clear guidelines on risk evaluation and assessment for enterprise networks. The risk evaluation is based on the relationships among the most critical assets, and threats that are likely to those assets and their vulnerability impacts. Threat and risk assessment are conducted for identifying the safeguards to be adapted in order to maintain...
متن کاملAnalysis of spatial vulnerability of threatened strategic urban centers from the point of view of passive defense (case study: Bojnurd city)
Background and objective: Safety and security against threats is one of the most basic principles in order to achieve the desired standards of urban comfort, and attention to the passive defense of cities against external threats has always been considered since the beginning of the formation of cities. Therefore, the purpose of this study is to provide management strategies to reduce the exist...
متن کاملTAME: A Threat Assessment Model for the METEORE System
The wide development of the mobile Internet technology is creating the opportunity for companies to utilise Electronic Payment Systems for the delivery of services. Due to that, organisations have been forced to allocate considerable resources for protecting their information assets. Unfortunately the opportunity still exists for systems to be exploited with catastrophic results. Modern securit...
متن کاملUnderstanding and Developing a Threat Assessment Model
The wide development of the mobile Internet technology is creating the opportunity for companies to extensively utilise computer systems for the delivery of services. New business models, which rely on electronic payment systems, are emerging and each one is creating a vulnerability to the Critical National Information Infrastructure (CNII). The opportunity for deploying offensive information w...
متن کاململزومات امنیتی پیادهسازی IMS SIP سرور امن
IMS (IP Multimedia Subsystem) network is considered as an NGN (Next Generation Network) core networks by ETSI. Decomposition of IMS core network has resulted in a rapid increase of control and signaling message that makes security a required capability for IMS commercialization. The control messages are transmitted using SIP (Session Initiation Protocol) which is an application layer protocol. ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Computer Standards & Interfaces
دوره 26 شماره
صفحات -
تاریخ انتشار 2004