307,805 Hits in 7.1 sec

Security Policy Management Process within Six Sigma Framework

Vijay Anand, Jafar Saniie, Erdal Oruklu
2012 Journal of Information Security  
This paper presents a management process for creating adaptive, real-time security policies within the Six Sigma 6σ framework.  ...  The security policy creation and management process proposed in this paper is based on the Six Sigma model and presents a method to adapt security goals and risk management of a computing service.  ...  Causality Framework for Security Policy Management For a Six Sigma implementation, there is a need to establish a causal analysis [7] which is true for other process improvement methodologies.  ... 
doi:10.4236/jis.2012.31006 fatcat:oodnnkvxffapjocpoh5w5pcxom

Managing heterogeneous network environments using an extensible policy framework

Lawrence Teo, Gail-Joon Ahn
2007 Proceedings of the 2nd ACM symposium on Information, computer and communications security - ASIACCS '07  
Throughout this paper, we focus on the design and architecture of Chameleosx and demonstrate how our policy framework helps organizations implement security policies in changing, diversityrich environments  ...  Security policy management is critical to meet organizational needs and reduce potential risks because almost every organization depends on computer networks and the Internet for their daily operations  ...  Acknowledgements This work was supported, in part, by funds provided by National Science Foundation (NSF-IIS-0242393) and Department of Energy Early Career Principal Investigator Award (DE-FG02-03ER25565  ... 
doi:10.1145/1229285.1229328 dblp:conf/ccs/TeoA07 fatcat:q32m3akygjb4xdi7yu2heig26m

A Comparative Analysis of e-government security frameworks Social-Technical Security Aspect

Rabia Ihmouda, Najwa Hayaati Mohd Alwi
In this regard, the paper investigates and analyzes six e-government security frameworks to assessing the security weaknesses of these frameworks from socio-technical security aspects.  ...  Security has become one of the crucial factors and primary challenges for achieving an advanced stage of e-government.  ...  This step is to conduct a comparison of key concepts between different studies so as to synthesize a comprehensive and integrated account. the investigated and analyzed each framework for the level of  ... 
doi:10.24297/ijmit.v9i3.662 fatcat:lr6yoy5spjbjpllkpe66xynmum

Usable Privacy and Security in Personal Health Records [chapter]

Inma Carrión, Jose L. Fernández-Alemán, Ambrosio Toval
2011 Lecture Notes in Computer Science  
Nevertheless, some improvements could be made to current PHR privacy policies to enhance the management of other users' data, the notification of changes to the privacy policy to users and the audit of  ...  Any privacy and security mechanism must be acceptable from a usability perspective. This paper presents a study of the privacy policies of 22 free web-based PHRs.  ...  This work has been partially financed by the Spanish Ministry of Science and Technology, project PANGEA, TIN2009-13718-C02-02.  ... 
doi:10.1007/978-3-642-23768-3_3 fatcat:fb5qz5yeajbnbpdoc2fv3cpw2i

Security Engine Management Of Router Based On Security Policy

Su Hyung Jo, Ki Young Kim, Sang Ho Lee
2007 Zenodo  
This paper explains the security policy and designs the structure of security engine management framework.  ...  Security management has changed from the management of security equipments and useful interface to manager.  ...  Network security management has changed from a simple monitoring to a high performance network security management framework which operates intrusion detection, analysis, and response of attacks through  ... 
doi:10.5281/zenodo.1080445 fatcat:3ptylfsyhnhihggymhs4smxmrm

Multi-Domain Security Management Framework and Its Performance Evaluation for Protecting BcN Infrastructure
BcN 인프라 보호를 위한 다중 도메인 보안 관리 프레임워크와 성능평가

Jung-Sook Jang, Yong-Hee Jeon, Jong-Soo Jang
2005 The KIPS Transactions PartC  
In this paper, we present a multi-domain security management framework which may be used for a global intrusion detection at multiple domains of BcN and describe its characteristics.  ...  BcN(Broadband convergence Network) is being deployed in order to support a variety of network applications, with enhanced capabilities of QoS(Quality of Service) provisioning and security, and IPv6.  ...  Proposed security management framework Overview As a policy-based system, the proposed system establishes law or rules which control the dispersion of important information and resources in a certain  ... 
doi:10.3745/kipstc.2005.12c.6.817 fatcat:2gmi4jnwtrd3bao5r7whnaodgm

Devs Modeling Of Network Vulnerability

Hee Suk Seo, Tae Kyung Kim
2007 Zenodo  
As network components grow larger and more diverse, and as securing them on a host-by-host basis grow more difficult, more sites are turning to a network security model.  ...  We concentrate on controlling network access to various hosts and the services they offer, rather than on securing them one by one with a network security model.  ...  Policy-based framework supports the automatic and flexible environment for changing the network situation.  ... 
doi:10.5281/zenodo.1333284 fatcat:swcwm4ylibachevl4hf3qg7h5i

A framework for the management of information security [chapter]

Jussipekka Leiwo, Yuliang Zheng
1998 Lecture Notes in Computer Science  
There is a need to study upper level issues and to provide with organizational mechanisms to identify security enforcement mechanisms and specify policies that coordinate these mechanisms.  ...  This paper summarizes one such framework and identi es major components and critical success factors of the approach. Corresponding author  ...  Conclusions and areas for further research A framework has beenproposed for the development of comprehensive information security in organizations, that is to support management of information security  ... 
doi:10.1007/bfb0030424 fatcat:4satcsd3pbfzflvac6p6jos5aa

A High-level Authorization Framework for Software-Defined Networks

Daniel Rosendo, Judith Kelner, Patricia Takako Endo
2018 Brazilian Symposium on Computer Networks and Distributed Systems  
This work presents HACFlow, a novel, autonomic, and policy-based framework for access control management in OpenFlow networks.  ...  Managing security policies involve dealing with many access control rules, conflicting policies, rule priorities, right delegation, dynamics of the network, etc.  ...  (2) We propose a framework for the definition of high-level and human-readable policies, trying to simplify the management of access control policies and minimize misconfigurations. (3) We propose a novel  ... 
doi:10.5753/sbrc_estendido.2018.14177 dblp:conf/sbrc/RosendoKE18 fatcat:y4wr4yawqnfwziwtc6g2wm5lx4

Demo: On-the-fly generation of unikernels for software-defined security in cloud infrastructures

Maxime Compastie, Remi Badonnel, Olivier Festor, Ruan He
2018 NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium  
We present a framework for integrating security mechanisms into unikernel virtual machines, and align them to a given security policy, through the on-the-fly unikernel VM generation.  ...  The programmability of security mechanisms through software-defined security permits the outsourcing of security management to a dedicated plan.  ...  Thus, the framework takes benefits of these unikernel properties to enable a on-the-fly image generation and VM reinstantiation, following a security policy change. IV.  ... 
doi:10.1109/noms.2018.8406131 dblp:conf/noms/CompastieBFH18 fatcat:hs7hqaalsngppdzpdijxwprq3m

Role-based trust management security policy analysis and correction environment (RT-SPACE)

Mark Reith, Jianwei Niu, William H. Winsborough
2008 Companion of the 13th international conference on Software engineering - ICSE Companion '08  
RT is a role-based trust management framework well suited for use in systems that must protect the interests of multiple stakeholders in a decentralized environment.  ...  This paper presents RT-SPACE, a tool suite for authoring, verifying, and correcting RT access control policies.  ...  INTRODUCTION When access control policies are subject to change, analyzing them for security properties such as safety (e.g. access to the database is limited to employees) and liveness (e.g. managers  ... 
doi:10.1145/1370175.1370192 dblp:conf/icse/ReithNW08 fatcat:cwobxdcev5elpok4c5w3tx7awq

Modeling and verification of ATM security policies with SecBPMN

Mattia Salnitri, Paolo Giorgini
2014 2014 International Conference on High Performance Computing & Simulation (HPCS)  
It is used to model the interaction design and security policies of a STS and it supports their verification through a querying engine.  ...  In our previous work, we have proposed SecBPMN, a framework to support the design of secure STSs.  ...  If security policies are satisfied a new change is waited. Otherwise, the business process or the security policies are changed and, again, all security policies are verified.  ... 
doi:10.1109/hpcsim.2014.6903740 dblp:conf/hpcs/SalnitriG14 fatcat:jvbe2cojqbfnbd2wtesqn36biu


A Zaied
2012 Egyptian Journal for Engineering Sciences and Technology  
Evaluating information systems security is a process which involves identifying; gathering; and analyzing security functionality and assurance level against certain standards.  ...  The results show that the framework is helpful for decision makers to decide the priorities and courses of actions should be taken to improve the organization security maturity level.  ...  , implement, maintain, and manage information security, and includes procedures for measuring the security level of an organization and deriving the maturity of it by analyzing the measured data.  ... 
doi:10.21608/eijest.2012.96725 fatcat:vhrikok7sjhzlkw67bciqckbpi

Engineering Trust Management into Software Models

Mark Reith, Jianwei Niu, William H. Winsborough
2007 International Workshop on Modeling in Software Engineering (MISE'07: ICSE Workshop 2007)  
Our previous work focused on modeling the dynamic changes of a trust management policy for the purpose of verifying security properties using model checking.  ...  We are working toward integrating both the trust management policy and the mechanisms that enforce that policy for the purpose of verifying security properties.  ...  A Layered Framework for Modeling Software & Security Policies We propose a framework for describing software that utilizes trust management technology such as RT.  ... 
doi:10.1109/mise.2007.5 dblp:conf/icse/ReithNW07 fatcat:i5giijqpufafhp4l5otnuh3wai

Analysis and Development of Information Security Framework for Distributed E-Procurement System

Sugianto Sugianto
2019 Proceeding of the Electrical Engineering Computer Science and Informatics  
This paper proposes an information security framework for distributed E-Procurement system in Indonesia. E-Procurement in Indonesia has been implemented since 2008, and has provided many benefits.  ...  We compare and analyze the LPSE and ISO 27001 Standards to develop framework. The results show there are some gaps between LPSE Standard and ISO 27001.  ...  6 A.12.1.2 Change management A.12.2.1 Controls against malware Std 7 A.12.1.3 Capacity management Std 8 A.7.1 Prior to employment A.7.2 During employment A.7.3 Termination and change of  ... 
doi:10.11591/eecsi.v6.1989 fatcat:xy4z3dvukfbqrdvfo4y5nbrggy
« Previous Showing results 1 — 15 out of 307,805 results