Managing IT Security Relationships within Enterprise Control Frameworks
نویسنده
چکیده
Security is a subprocess that affects all processes within an organization structure. The control frameworks of CobiT and ITIL provide a mapping of organizational roles from the capital interest at the highest level, through to the implementation level in an enterprise system. Both control frameworks provide varying capability for control at different levels in an organization and leave the problem of making control functional to the managerial layer. In this chapter the security process is mapped from two control frameworks at the strategic layer and the issue of effective management tactics discussed from the theoretical structures within the problem area. No attempt is made to transgress theory into practice.
منابع مشابه
Enterprise Models as Drivers for IT Security Management at Runtime
This paper describes how enterprise models can be made suitable for monitoring and controlling IT security at runtime. A holistic modeling method is proposed that extends enterprise models with runtime information, turning them into dashboards for managing security incidents and risks, and supporting decision making at runtime. The requirements of such a modeling method are defined and an exist...
متن کاملProposed methodology to enhance C4I systems security on architectural level
Command control, communication, computer and intelligence (C4I) systems are the back bone complex information and communication systems for modern information warfare (IW). Managing security in C4I systems is a challenge due to complexity and criticality of these systems. This paper elaborates design methodology to incorporate security in the C4I systems in systematic and consistent way instead...
متن کاملSimplifying Enterprise Wide Authorization Management Through Distribution of Concerns and Responsibilities
Authentication lets a system know who you are, while authorization controls your resources access rights and what operations you are allow to perform. Resources have owners to whom the resources belong to. The owner knows best who is allowed to access her resources at any one time. Distribution of concerns and responsibilities can be effectively used for efficient management of enterprise wide ...
متن کاملTrust Management and Security Access Controls in High Payload System Architecture
Enterprise services are commonly deployed on Internet facing applications and Mobile Apps. There is a need to have an Infrastructure and Application Framework to protect the information flow web layer and mobile apps. Trust management is being recognized in the industry along with Federated Single Sign on to cater the need of data protection at rest and in transits. Web layer need to be very li...
متن کاملA survey on CIO concerns-do enterprise architecture frameworks support them?
The challenge of IT management is today considerable. In industry, the organizational role of the Chief Information Officer (CIO) has been promoted as the owner of these challenges. In spite of a general acceptance of the problems associated with the responsibilities of the CIO, very little academic research has been conducted on the issues and constraints of this role. In order to address thes...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2015