Mapping information security standard ISO 27002 to an ontological structure. (14th November 2016)
- Record Type:
- Journal Article
- Title:
- Mapping information security standard ISO 27002 to an ontological structure. (14th November 2016)
- Main Title:
- Mapping information security standard ISO 27002 to an ontological structure
- Authors:
- Fenz, Stefan
Plieschnegger, Stefanie
Hobel, Heidi - Abstract:
- Abstract : Purpose: The purpose of this paper is to increase the degree of automation within information security compliance projects by introducing a formal representation of the ISO 27002 standard. As information is becoming more valuable and the current businesses face frequent attacks on their infrastructure, enterprises need support at protecting their information-based assets. Design/methodology/approach: Information security standards and guidelines provide baseline knowledge for protecting corporate assets. However, the efforts to check whether the implemented measures of an organization adhere to the proposed standards and guidelines are still significantly high. Findings: This paper shows how the process of compliance checking can be supported by using machine-readable ISO 27002 control descriptions in combination with a formal representation of the organization's assets. Originality/value: The authors created a formal representation of the ISO 27002 standard and showed how a security ontology can be used to increase the efficiency of the compliance checking process.
- Is Part Of:
- Information and computer security. Volume 24:Number 5(2016)
- Journal:
- Information and computer security
- Issue:
- Volume 24:Number 5(2016)
- Issue Display:
- Volume 24, Issue 5 (2016)
- Year:
- 2016
- Volume:
- 24
- Issue:
- 5
- Issue Sort Value:
- 2016-0024-0005-0000
- Page Start:
- 452
- Page End:
- 473
- Publication Date:
- 2016-11-14
- Subjects:
- Standards -- Risk management -- Security
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-07-2015-0030 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 987.xml