Specifying Information Security Needs for the Delivery of High Quality Security Services


Share/Save/Bookmark

Su, Xiaomeng and Bolzoni, Damiano and Eck, Pascal van (2007) Specifying Information Security Needs for the Delivery of High Quality Security Services. In: 2nd IEEE/IFIP International Workshop on Business-Driven IT Management, BDIM '07, 21-23 May 2007, Munich, Germany (pp. pp. 112-113).

open access
[img]
Preview
PDF
2MB
Abstract:In this paper we present an approach for specifying and prioritizing information security requirements in organizations. We propose to explicitly link security requirements with the organizations' business vision, i.e. to provide business rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements. Furthermore we discuss how to integrate the aforementioned solution concepts into a service level management process for security services, which is an important step in IT Governance.
Item Type:Conference or Workshop Item
Copyright:© 2007 IEEE
Faculty:
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:http://purl.utwente.nl/publications/74393
Official URL:http://dx.doi.org/10.1109/BDIM.2007.375022
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page