企业信息安全体系结构及相关领域研究
|
摘要
文章在对信息安全体系结构进行分析的基础上,对一种分层和面向服务的智能企业信息安全体系结构进行了研究,有助于构建一个模型来系统和智能地对企业信息安全活动进行管理,并与整体信息管理活动相结合。文章还着重对其中的相关领域(例如,信息安全中最关键的属性以及信息安全管理等方面)进行了研究,并探讨了采用ISO/IEC 27001标准的信息安全和风险控制服务。
Based on the analysis of information security architecture, this paper introduces a layered and service-oriented intelligent enterprise information security architecture; helping to build a model to manage the enterprise information security activities systematically and intelligently, and incorporate with the overall information management activities. Meanwhile, this paper emphasizes the researches on the relevant areas(e.g. the most critical attribute in information security, information security management and so on),and discusses information security and risk control services based on ISO/IEC 27001 standard.
Based on the analysis of information security architecture, this paper introduces a layered and service-oriented intelligent enterprise information security architecture; helping to build a model to manage the enterprise information security activities systematically and intelligently, and incorporate with the overall information management activities. Meanwhile, this paper emphasizes the researches on the relevant areas(e.g. the most critical attribute in information security, information security management and so on),and discusses information security and risk control services based on ISO/IEC 27001 standard.
引文
[1]Jan Killmeyer.Information Security Architecture-An Integrated Apporach to Security in the Organization(Second Edition)[M].Auerbach Publications.
[2]Jianguang Sun,Yan Chen.Intelligent Enterprise Information Security Architecture based on Service Oriented Architecture[J].International Seminar on Future Information Technology and Management Engineering,2008.
[3]Georg Dister.ISO/IEC 2700,27001 and 27002 for Information Security Management[J].Journal of Information Security,2013,4:92-100.
[4]Aizhan Pernebekovna Pernebekova,Beisenkulov Ayazbi ahbergenovich.Information Security and the Theory of Unfaithful Information[J].Journal of Information Security,2015,6:265-272.
[5]Suhail Qadir,S.M.K.Quadri.Information Availability:An Insight into the Most Important Attribute of Information Security[J].Journal of Information Security,2016,7:185-194.
[6]宋艳梅.计算机网络信息安全和应对策略研究[J].电脑知识与技术,2017,3.
[7]徐勇.计算机网络的信息安全体系结构探析[J].网络安全技术与应用,2013,10.
[8]刘万国,周秀霞,霍明月.基于ISO/IEC 27001:2013的高校图书馆信息安全管理体系构建研究[J].现代情报,2017,4.
[9]李祺.计算机网络的信息安全体系结构研究[J].电脑知识与技术,2015,12.
[10]陈瑜.企业信息安全风险管理的框架研究[J].价值工程,2017.
[11]陈晓飞.企业信息安全管理体系建设[J].信息与电脑,2017,3.
[12]陈婧,赵国星,刘阳.计算机网络的信息安全体系结构[J].信息与电脑,2013,7.
[2]Jianguang Sun,Yan Chen.Intelligent Enterprise Information Security Architecture based on Service Oriented Architecture[J].International Seminar on Future Information Technology and Management Engineering,2008.
[3]Georg Dister.ISO/IEC 2700,27001 and 27002 for Information Security Management[J].Journal of Information Security,2013,4:92-100.
[4]Aizhan Pernebekovna Pernebekova,Beisenkulov Ayazbi ahbergenovich.Information Security and the Theory of Unfaithful Information[J].Journal of Information Security,2015,6:265-272.
[5]Suhail Qadir,S.M.K.Quadri.Information Availability:An Insight into the Most Important Attribute of Information Security[J].Journal of Information Security,2016,7:185-194.
[6]宋艳梅.计算机网络信息安全和应对策略研究[J].电脑知识与技术,2017,3.
[7]徐勇.计算机网络的信息安全体系结构探析[J].网络安全技术与应用,2013,10.
[8]刘万国,周秀霞,霍明月.基于ISO/IEC 27001:2013的高校图书馆信息安全管理体系构建研究[J].现代情报,2017,4.
[9]李祺.计算机网络的信息安全体系结构研究[J].电脑知识与技术,2015,12.
[10]陈瑜.企业信息安全风险管理的框架研究[J].价值工程,2017.
[11]陈晓飞.企业信息安全管理体系建设[J].信息与电脑,2017,3.
[12]陈婧,赵国星,刘阳.计算机网络的信息安全体系结构[J].信息与电脑,2013,7.