<  Back to the Polytechnique Montréal portal

System health monitoring using a novel method : security unified process

Alireza Shameli-Sendi, Masoume Jabbarifar, Michel R. Dagenais and Mehdi Shajari

Article (2012)

[img]
Preview
Published Version
Terms of Use: Creative Commons Attribution.
Download (3MB)
Cite this document: Shameli-Sendi, A., Jabbarifar, M., Dagenais, M. R. & Shajari, M. (2012). System health monitoring using a novel method : security unified process. Journal of Computer Networks and Communications, 2012, p. 1-20. doi:10.1155/2012/151205
Show abstract Hide abstract

Abstract

Iterative and incremental mechanisms are not usually considered in existing approaches for information security management System (ISMS). In this paper, we propose SUP (security unified process) as a unified process to implement a successful and highquality ISMS. A disciplined approach can be provided by SUP to assign tasks and responsibilities within an organization. The SUP architecture comprises static and dynamic dimensions; the static dimension, or disciplines, includes business modeling, assets, security policy, implementation, configuration and change management, and project management. The dynamic dimension, or phases, contains inception, analysis and design, construction, and monitoring. Risk assessment is a major part of the ISMS process. In SUP, we present a risk assessment model, which uses a fuzzy expert system to assess risks in organization. Since, the classification of assets is an important aspect of risk management and ensures that effective protection occurs, a Security Cube is proposed to identify organization assets as an asset classification model. The proposed model leads us to have an offline system health monitoring tool that is really a critical need in any organization.

Open Access document in PolyPublie
Subjects: 2700 Technologie de l'information > 2700 Technologie de l'information
Department: Département de génie informatique et génie logiciel
Research Center: Non applicable
Funders: CRSNG/NSERC, Defense Research and Development Canada (DRDC), Ericsson Software Research
Date Deposited: 30 Apr 2019 12:43
Last Modified: 01 May 2019 01:20
PolyPublie URL: https://publications.polymtl.ca/3644/
Document issued by the official publisher
Journal Title: Journal of Computer Networks and Communications (vol. 2012)
Publisher: Hindawi
Official URL: https://doi.org/10.1155/2012/151205

Statistics

Total downloads

Downloads per month in the last year

Origin of downloads

Dimensions

Repository Staff Only