Skip to main content
main-content
Top

Hint

Swipe to navigate through the chapters of this book

2013 | OriginalPaper | Chapter

A security Taxonomy that facilitates Protecting an industrial ICT Production and how it really provides Transparency

Authors: Eberhard von Faber, Wolfgang Behnsen

Published in: ISSE 2013 Securing Electronic Business Processes

Publisher: Springer Fachmedien Wiesbaden

share
SHARE

Abstract

The Enterprise Security Architecture for Reliable ICT Services (ESARIS) is a reference architecture for protecting ICT services [EvFWB12]. User organizations are enabled to compare offerings and assess risks. ICT service providers receive a comprehensive template for implementing and maintaining all security measures, including those relating to service management. The architecture also introduces a Security Taxonomy on Level 4 of its hierarchy of security standards. This taxonomy is explained in this paper. The structure or organization model assigns security measures to production areas. It considers state-of-the-art service management processes (ITIL) and integrates ICT security management and IT service management. The taxonomy supports division of labor and assignment of responsibility within a large-scale ICT production. The taxonomy is compatible with all types of ICT services and service models since it allows easy identification and selection of the relevant security documentation. The taxonomy is modular and derived from specific criteria. The latter result from challenges in day-to-day business and consider interests and requirements both from user organizations and from ICT service providers.

To get access to this content you need the following product:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 69.000 Bücher
  • über 500 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Testen Sie jetzt 15 Tage kostenlos.

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 50.000 Bücher
  • über 380 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




Testen Sie jetzt 15 Tage kostenlos.

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 58.000 Bücher
  • über 300 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Testen Sie jetzt 15 Tage kostenlos.

Footnotes
1
ICT: Information and Communication Technology
 
Literature
[ISO27001]
go back to reference ISO/IEC 27001 - Information technology - Security techniques - Information security management systems - Requirements ISO/IEC 27001 - Information technology - Security techniques - Information security management systems - Requirements
[ISO27002]
go back to reference ISO/IEC 27002 - Information technology - Security techniques - Code of practice for information security management ISO/IEC 27002 - Information technology - Security techniques - Code of practice for information security management
[BSI-GS]
go back to reference IT-Grundschutz Catalogues; German Federal Office for Information Security (BSI); www.bsi. bund.de IT-Grundschutz Catalogues; German Federal Office for Information Security (BSI); www.bsi. bund.de
[EvFWB13]
go back to reference Eberhard von Faber and Wolfgang Behnsen: Secure ICT Service Provisioning for Cloud, Mobile and Beyond, A Workable Architectural Approach to Equilibrate Buyers and Providers; Springer Vieweg, 2013, ISBN-978-3-658-00068-4 Eberhard von Faber and Wolfgang Behnsen: Secure ICT Service Provisioning for Cloud, Mobile and Beyond, A Workable Architectural Approach to Equilibrate Buyers and Providers; Springer Vieweg, 2013, ISBN-978-3-658-00068-4
[EvFWB12]
go back to reference Eberhard von Faber and Wolfgang Behnsen: A Systematic Holistic Approach for Providers to Deliver Secure ICT Services; in: H. Reimer, N. Pohlmann, W. Schneider (Editors): ISSE 2012 - Securing Electronic Business Processes, Springer Vieweg (2012), ISBN: 978-3-658-00332-6, p. 80 - 88 Eberhard von Faber and Wolfgang Behnsen: A Systematic Holistic Approach for Providers to Deliver Secure ICT Services; in: H. Reimer, N. Pohlmann, W. Schneider (Editors): ISSE 2012 - Securing Electronic Business Processes, Springer Vieweg (2012), ISBN: 978-3-658-00332-6, p. 80 - 88
Metadata
Title
A security Taxonomy that facilitates Protecting an industrial ICT Production and how it really provides Transparency
Authors
Eberhard von Faber
Wolfgang Behnsen
Copyright Year
2013
Publisher
Springer Fachmedien Wiesbaden
DOI
https://doi.org/10.1007/978-3-658-03371-2_8

Premium Partner