Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CORR
2006
Springer
2006
Springer
A Business Goal Driven Approach for Understanding and Specifying Information Security Requirements
Abstract. In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is not achievable and the limited resources available should be directed to satisfy the most important ones. We propose to link explicitly security requirements with the organization's business vision, i.e. to provide business rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements. A conceptual framework is presented, where the relationships between business vision, critical impact factors and valuable assets (together with their security requirements) are shown. Evaluating these relationships make it possible to define a plan for prioritizing security requirements based on how important the security requirement is for fulfilling an organization's business vision.
Real-time TrafficBusiness Vision | CORR 2006 | Education | Information Security Requirements | Security Requirement |
Related Content
| Added | 11 Dec 2010 |
| Updated | 11 Dec 2010 |
| Type | Journal |
| Year | 2006 |
| Where | CORR |
| Authors | Xiaomeng Su, Damiano Bolzoni, Pascal van Eck |
Comments (0)
Researcher Info
|
