科技报告详细信息
DBSy in a Commercial Services Context
Monahan, Brian ; Gittler, Frederic ; Horne, William ; Shiu, Simon ; Baldwin, Adrian ; Dalton, Chris I. ; Goldsack, Patrick ; Taylor, Richard ; Tofts, Chris ; Yearworth, Mike
HP Development Company
关键词: DBSy;    domain based security;    information security;    information assurance;    commercial ICT services management;    ITIL;    ITSM;    COBIT;    BS 15000;   
RP-ID  :  HPL-2005-141
学科分类:计算机科学(综合)
美国|英语
来源: HP Labs
PDF
【 摘 要 】

DBSy (Domain Based Security) is a set of notations and techniques developed by QinetiQ specifically for the UK MoD, a large distributed organisation. DBSy provides a way of describing and assessing business- driven information security requirements for network architectures. This focuses upon how the business requires information to be compartmentalised and how that might be achieved by strategic location of network-level security controls. In this paper we consider how DBSy-style modelling may be applied in a more commercial context of ICT (Information Communications Technology) services, defined and managed according to SLAs (Service Level Agreements). Although DBSy was not specifically designed to handle this situation, we discuss how ideas from DBSy can contribute to a broader security requirements and risk analysis approach that encompass the realm of ICT services and their management. We give a model of a commercial example in the style of DBSy and use that to illustrate our observations. 28 Pages

【 预 览 】
附件列表
Files Size Format View
RO201804100001273LZ 1065KB PDF download
  文献评价指标  
  下载次数:10次 浏览次数:40次