EEMCS

Home > Publications
Home University of Twente
Education
Research
Prospective Students
Jobs
Publications
Intranet (internal)
 
 Nederlands
 Contact
 Search
 Organisation

EEMCS EPrints Service


7989 Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services
Home Policy Brochure Browse Search User Area Contact Help

Su, X. and Bolzoni, D. and van Eck, P.A.T. (2006) Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services. Technical Report TR-CTIT-06-73, Centre for Telematics and Information Technology University of Twente, Enschede. ISSN 1381-3625

This is the latest version of this eprint.

Full text available as:

PDF

180 Kb
Open Access


Exported to Metis

Abstract

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is
not achievable and the limited resources available should be directed to satisfy the most important ones. We propose to explicitly link security requirements with the organization’s business vision, i.e. to provide business
rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements.
Furthermore we discuss how to integrate the aforementioned solution concepts into a service level management process for security services, which is an important step in IT Governance. We validate our approach by way of a focus group session.

Item Type:Internal Report (Technical Report)
Research Group:EWI-IS: Information Systems, EWI-DIES: Distributed and Embedded Security
Research Program:CTIT-ISTRICE: Integrated Security and Privacy in a Networked World
Research Project:PROSECCO: Next Generation Protection and Security of Content, IPID: Integrated Policy-based Intrusion Detection
ID Code:7989
Deposited On:06 December 2006
More Information:statisticsmetis

Available Versions of this Item

  • Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services (deposited 06 December 2006)
    [Currently Displayed]

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item