THE PATTERNS FOR INFORMATION SYSTEM SECURITY

Diego Abbo, Lily Sun

Abstract

The territory of IS is continuously improving its capacities, new architectures grow at a brisk pace and qualitatively the functional processes are deepening the degree of interaction inherent in the services provided. In the logical and/or physical territory of application, security management wisely faces the inherent problems in the domains of prevention, emergency and forensic investigation. If the visionary plans are good the security breakages will be going to be within the “residual risk profiles” of a congruous preventive risk analysis, and any further business development will match costs of security safeguards with the detrimental economical consequences of security breakages. In that perspective the IS security should have a larger field of application than the traditional security vision in the sense that the mere responsibility of a security domain should not only consider the immediate self interest of the owner of the asset. The IS security should consider the horizontal and hierarchical integrations and interoperability with all the correlated security systems or all the security needed systems, with an intrinsic capacity of evaluation any possible future model. The most efficient security should results the one that can individuate all the possible variables that constitute the basic for the patterns.

References

  1. Bidgoli, H., 2006. Internet basics, Handbook of Information Security Vol. I, Hossein Bidgoli Editor in Chief, John Wiley and Sons Inc., New Jersey.
  2. E-Government Act of 2002. Title II, Federal Information Security Management ACT (FISMA), Pub. L. No. 107- 347 (2002). Retrieved from http:// thomas.loc.gov/bss/d107/d107/laws.html.
  3. ISO/IEC 27001, 2005. Information technology - Security techniques - Information security management systems - Requirements Milant 1st edition.
  4. ISO/IEC GUIDE 73, 2002. Risk management - vocabulary - guidelines for use in standards Geneva 1st edition.
  5. RSSG - Report of a Royal Society Study Group, 1992. Risk analysis perception management, The Royal Society - London.
  6. Whitman, E.M., Mattord, J.H., 2008. Management of Information Security, Thomson Course Technology, Canada, 2nd edition.
Download


Paper Citation


in Harvard Style

Abbo D. and Sun L. (2009). THE PATTERNS FOR INFORMATION SYSTEM SECURITY . In Proceedings of the 11th International Conference on Enterprise Information Systems - Volume 3: ICEIS, ISBN 978-989-8111-86-9, pages 342-346. DOI: 10.5220/0001953003420346


in Bibtex Style

@conference{iceis09,
author={Diego Abbo and Lily Sun},
title={THE PATTERNS FOR INFORMATION SYSTEM SECURITY},
booktitle={Proceedings of the 11th International Conference on Enterprise Information Systems - Volume 3: ICEIS,},
year={2009},
pages={342-346},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001953003420346},
isbn={978-989-8111-86-9},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Enterprise Information Systems - Volume 3: ICEIS,
TI - THE PATTERNS FOR INFORMATION SYSTEM SECURITY
SN - 978-989-8111-86-9
AU - Abbo D.
AU - Sun L.
PY - 2009
SP - 342
EP - 346
DO - 10.5220/0001953003420346