✦ LIBER ✦

A model for deriving information security control attribute profiles

✍ Scribed by Helen van der Haar; Rossouw von Solms

Publisher: Elsevier Science
Year: 2003
Tongue: English
Weight: 607 KB
Volume: 22
Category: Article
ISSN: 0167-4048
DOI: 10.1016/s0167-4048(03)00311-0

No coin nor oath required. For personal study only.

✦ Synopsis

How does an organization ensure that all information security loopholes are covered? This paper describes a possible solution in terms of an Information Security Control Attribute Profile for an organization. This profile will dictate attributes that should accompany each and every information security control in an organization, thus minimizing the likelihood of malfunctioning controls.
It is up to the organization to investigate the best way of implementing information security for itself. This is usually done by the implementation of information security controls in the organization. The paper does not suggest which controls to implement, as the literature provides standardized methods for choosing from lists of controls. Rather, the paper suggests which attributes should support every control in an organization.

The organization will be able to derive a set of attributes that should accompany every information security control. The process that should be followed, in order to derive the optimal set of control attributes, is described in a model and presented in this paper. The derived set of control attributes will be called the Information Security Control Attribute

Profile for the organization.

📜 SIMILAR VOLUMES

Homeland security and information contro

Homeland security and information control: A model of asymmetric information flows

✍ Terrence A. Maxwell 📂 Article 📅 2005 🏛 Wiley (John Wiley & Sons) 🌐 English ⚖ 739 KB

## Abstract In response to international terrorism, the United States government has actively sought to reorganize information flows to and from individuals, the media, and other nations. These government actions lead to information asymmetry, with certain realms becoming relatively ‘information po

A new model for information security pol

A new model for information security policies

✍ Kenneth R. Lindup 📂 Article 📅 1995 🏛 Elsevier Science 🌐 English ⚖ 498 KB

Model for a homeostatic control system d

Model for a homeostatic control system deriving from a hamiltonian

✍ Warren H. Woolley 📂 Article 📅 1970 🏛 Elsevier Science 🌐 English ⚖ 411 KB

A method for modeling and quantifying th

A method for modeling and quantifying the security attributes of intrusion tolerant systems

✍ Bharat B. Madan; Katerina Goševa-Popstojanova; Kalyanaraman Vaidyanathan; Kishor 📂 Article 📅 2004 🏛 Elsevier Science 🌐 English ⚖ 587 KB

Complex software and network based information server systems may exhibit failures. Quite often, such failures may not be accidental. Instead some failures may be caused by deliberate security intrusions with the intent ranging from simple mischief, theft of confidential information to loss of cruci

Control and Game-Theoretical Treatment o

Control and Game-Theoretical Treatment of a Cost-Security Model for Disarmament

✍ M. Jathe; W. Krabs; J. Scheffran 📂 Article 📅 1997 🏛 John Wiley and Sons 🌐 English ⚖ 484 KB

In this paper a time-discrete dynamic model for the process of disarmament is investigated. The state variables of the system are costs and security values. We assume that the costs can be controlled, and we aim at reducing the costs to zero and achieving non-negative security values after a finite

Modelling velocity profiles in inclined

Modelling velocity profiles in inclined multiphase flow to provide a priori information for flow imaging

✍ G.P. Lucas 📂 Article 📅 1995 🏛 Elsevier Science 🌐 English ⚖ 573 KB