Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Addressing Dynamic Issues in Information Security Management
KTH, Skolan för informations- och kommunikationsteknik (ICT), Elektroniksystem.
Department of Computer and System Sciences, Stockholm University, Sweden.
Department of Computer and System Sciences, Stockholm University, Sweden.
KTH, Skolan för informations- och kommunikationsteknik (ICT), Elektroniksystem.ORCID-id: 0000-0003-0565-9376
2011 (engelsk)Inngår i: Information Management & Computer Security, ISSN 0968-5227, Vol. 19, nr 1, 5-24 s.Artikkel i tidsskrift (Fagfellevurdert) Published
Abstract [en]

Purpose – The paper addresses three main problems resulting from uncertainty in information securitymanagement: i) dynamically changing security requirements of an organization ii) externalities caused by a securitysystem and iii) obsolete evaluation of security concerns.

Design/methodology/approach – In order to address these critical concerns, a framework based on optionsreasoning borrowed from corporate finance is proposed and adapted to evaluation of security architecture anddecision-making for handling these issues at organizational level. The adaptation as a methodology is demonstrated by a large case study validating its efficacy.

Findings – The paper shows through three examples that it is possible to have a coherent methodology, buildingon options theory to deal with uncertainty issues in information security at an organizational level.

Practical implications – To validate the efficacy of the methodology proposed in this paper, it was applied tothe SHS (Spridnings- och Hämtningssystem: Dissemination and Retrieval System) system. The paper introduces themethodology, presents its application to the SHS system in detail and compares it to the current practice.

Originality/value – This research is relevant to information security management in organizations, particularlyissues on changing requirements and evaluation in uncertain circumstances created by progress in technology.

sted, utgiver, år, opplag, sider
UK: Emerald Group Publishing Limited , 2011. Vol. 19, nr 1, 5-24 s.
Emneord [en]
Dynamic Security Requirement Management, IT Security Externalities, Re-evaluation of IT Products
HSV kategori
Identifikatorer
URN: urn:nbn:se:kth:diva-19429Scopus ID: 2-s2.0-79955624015OAI: oai:DiVA.org:kth-19429DiVA: diva2:337617
Merknad
Updated from submitted to published. QC 20120323Tilgjengelig fra: 2010-08-08 Laget: 2010-08-08 Sist oppdatert: 2012-03-23bibliografisk kontrollert

Open Access i DiVA

Fulltekst mangler

Scopus

Personposter BETA

Hemani, Ahmed

Søk i DiVA

Av forfatter/redaktør
Abbas, HaiderHemani, Ahmed
Av organisasjonen
I samme tidsskrift
Information Management & Computer Security

Søk utenfor DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric

urn-nbn
Totalt: 393 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf