A Business Goal Driven Approach for Understanding and Specifying Information Security Requirements

Details A Business Goal Driven Approach for Understanding and Specifying Information Security Requirements A Business Goal Driven Approach for Understanding and Specifying Information Security Requirements

2006-03-31

arxiv.org/abs/cs/0603129v1

Computer Science

Cryptography and Security

Scientific paper

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is not achievable and the limited resources available should be directed to satisfy the most important ones. We propose to link explicitly security requirements with the organization's business vision, i.e. to provide business rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements. A conceptual framework is presented, where the relationships between business vision, critical impact factors and valuable assets (together with their security requirements) are shown.

Affiliated with

Also associated with

No associations

Rating

A Business Goal Driven Approach for Understanding and Specifying Information Security Requirements does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with A Business Goal Driven Approach for Understanding and Specifying Information Security Requirements, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and A Business Goal Driven Approach for Understanding and Specifying Information Security Requirements will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-332328