Authors:
Erik Neitzel
and
Andreas Witt
Affiliation:
Otto-von-Guericke University and University of Applied Sciences Brandenburg, Germany
Keyword(s):
Security, Privacy, Federated Business Processes, Social Networks, Information Security (IS), Information Security Management Systems (ISMS).
Related
Ontology
Subjects/Areas/Topics:
Access Control
;
Agents
;
Artificial Intelligence
;
Cloud Computing
;
Data Engineering
;
Databases and Data Security
;
Information and Systems Security
;
Internet Technology
;
Privacy Policies
;
Security and Privacy Policies
;
Web Information Systems and Technologies
Abstract:
While comparing the progress of our two research projects of developing an information security management system (ISMS) for federated business process landscapes and the enhancement of security of social networks, we discovered a fundamental view congruency concerning the way information security can be handled. This paper deals with a conceptual framework which uses the ISO 27001 and the German BSI IT-Grundschutz Framework as a base for determining a methodology for a process based point of view towards information security management for both federated business processes within business applications and personal data usage processes within social networks. The proposed layers are (1) process layer, (2) application layer, (3) network layer, (4) IT systems layer and (5) infrastructure layer.