Search: onr:"swepub:oai:DiVA.org:su-67096" >
Addressing Dynamic ...
Addressing Dynamic Issues in Information Security Management
-
- Abbas, Haider (author)
- KTH,Elektroniksystem
-
- Magnusson, Christer (author)
- Stockholms universitet,Institutionen för data- och systemvetenskap,Department of Computer and System Sciences, Stockholm University, Sweden
-
- Yngström, Louise (author)
- Stockholms universitet,Institutionen för data- och systemvetenskap,Department of Computer and System Sciences, Stockholm University, Sweden
-
show more...
-
- Hemani, Ahmed (author)
- KTH,Elektroniksystem
-
show less...
-
(creator_code:org_t)
- UK : Emerald Group Publishing Limited, 2011
- 2011
- English.
-
In: Information Management & Computer Security. - UK : Emerald Group Publishing Limited. - 0968-5227 .- 1758-5805. ; 19:1, s. 5-24
- Related links:
-
https://urn.kb.se/re...
-
show more...
-
https://doi.org/10.1...
-
https://urn.kb.se/re...
-
show less...
Abstract
Subject headings
Close
- Ett ramverk för behandling av osäkerhet inom ledningssystem för informationssäkerhet presenteras. Ramverket baseras på teorier från corporate finance. En fallstudie visar hur ramverket kan appliceras.
- The paper addresses three main problems resulting from uncertainty in information security management: i)dynamically changing security requirements of an organization ii) externalities caused by a security system and iii)obsolete evaluation of security concerns. A framework based on options reasoning borrowed from corporate finance is proposed and adapted to evaluation of security architecture and decision-making for handling these issues at organizational level. The adaptation as methodology is demonstrated by a large case study validating its efficacy.
Subject headings
- NATURVETENSKAP -- Data- och informationsvetenskap -- Systemvetenskap, informationssystem och informatik (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Information Systems (hsv//eng)
- NATURVETENSKAP -- Data- och informationsvetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences (hsv//eng)
Keyword
- Dynamic Security Requirement Management
- IT Security Externalities
- Re-evaluation of IT Products
- ITsäkerhetskrav
- evaluering av ITsäkerhet
- Computer and Systems Sciences
- data- och systemvetenskap
- Information technology
Publication and Content Type
- ref (subject category)
- art (subject category)
Find in a library
To the university's database