원문정보
초록
영어
The organization trying to manage information security manually or automatically. The preliminary task is to first understand and identifying the security requirements, which generally includes everything starting from hardware, software and information assets, threats and vulnerabilities associated with them, different network connections and topologies used for transferring information to and from the enterprise.
Security infrastructure advisory is a specified set of entities, both physical as well as software, in order to implement the set of identified controls. It tells an individual/organization the details regarding the security tools and the exact location of security tools, required to mitigate the security risks of the organization. In this phase, the security infrastructure advisories for different assets and platforms are generated. After getting the security infrastructure specification, the organization decides on the particular
infrastructure that it would like to implement.
목차
1. Introduction
1.1 Enterprise Information Security Management (EISM)
2. Previous Work
2.1 A web services based approach to EISM
3. Our Work
3.1 Identification and Classification of Resources, Threats and Vulnerabilities
3.2 Identification of different security tools and their features:
3.3 Concepts of Location Based Advisory:
3.4 Developing Location Based Advisory
3.5 Guideline to Place Those Tools:
3.6 Sequence Diagram for Special Category Tools
3.7 Sequence Diagram for General Category Tools
References