Alireza Shameli-Sendi, Masoume Jabbarifar, Michel Dagenais and Mehdi Shajari
Article (2012)
Open Acess document in PolyPublie and at official publisher |
|
Open Access to the full text of this document Published Version Terms of Use: Creative Commons Attribution Download (750kB) |
Abstract
Iterative and incremental mechanisms are not usually considered in existing approaches for information security management System (ISMS). In this paper, we propose SUP (security unified process) as a unified process to implement a successful and highquality ISMS. A disciplined approach can be provided by SUP to assign tasks and responsibilities within an organization. The SUP architecture comprises static and dynamic dimensions; the static dimension, or disciplines, includes business modeling, assets, security policy, implementation, configuration and change management, and project management. The dynamic dimension, or phases, contains inception, analysis and design, construction, and monitoring. Risk assessment is a major part of the ISMS process. In SUP, we present a risk assessment model, which uses a fuzzy expert system to assess risks in organization. Since, the classification of assets is an important aspect of risk management and ensures that effective protection occurs, a Security Cube is proposed to identify organization assets as an asset classification model. The proposed model leads us to have an offline system health monitoring tool that is really a critical need in any organization.
Subjects: | 2700 Information technology > 2700 Information technology |
---|---|
Department: | Department of Computer Engineering and Software Engineering |
Funders: | CRSNG/NSERC, Defense Research and Development Canada (DRDC), Ericsson Software Research |
PolyPublie URL: | https://publications.polymtl.ca/3644/ |
Journal Title: | Journal of Computer Networks and Communications (vol. 2012) |
Publisher: | Hindawi |
DOI: | 10.1155/2012/151205 |
Official URL: | https://doi.org/10.1155/2012/151205 |
Date Deposited: | 30 Apr 2019 12:43 |
Last Modified: | 25 Sep 2024 17:54 |
Cite in APA 7: | Shameli-Sendi, A., Jabbarifar, M., Dagenais, M., & Shajari, M. (2012). System health monitoring using a novel method : security unified process. Journal of Computer Networks and Communications, 2012, 1-20. https://doi.org/10.1155/2012/151205 |
---|---|
Statistics
Total downloads
Downloads per month in the last year
Origin of downloads
Dimensions