[Zurück]


Vorträge und Posterpräsentationen (mit Tagungsband-Eintrag):

R. Montesino, S. Fenz:
"Automation possibilities in information security management";
Vortrag: European Intelligence and Security Informatics Conference 2011, Athens; 12.09.2011 - 14.09.2011; in: "Proceedings of the European Intelligence and Security Informatics Conference 2011", (2011), ISBN: 978-0-7695-4406-9; S. 259 - 262.



Kurzfassung englisch:
Information security management, as defined in ISO 27001, deals with establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an information security management system. This paper provides an analysis about the automation possibilities in information security management. The analysis takes into account the potential of using (i) security ontologies in risk management, (ii) hard- and software systems for the automatic operation of certain security controls, and (iii) the Security Control Automation Protocol (SCAP) for automatically checking compliance and security configurations. The analysis results support organizations and security managers at identifying systems they can use to achieve greater efficiency in the information security management process.


"Offizielle" elektronische Version der Publikation (entsprechend ihrem Digital Object Identifier - DOI)
http://dx.doi.org/10.1109/EISIC.2011.39


Erstellt aus der Publikationsdatenbank der Technischen Universitšt Wien.