文章基本信息

标题：System Health Monitoring Using a Novel Method: Security Unified Process
本地全文：下载
作者：Alireza Shameli-Sendi ; Masoume Jabbarifar ; Michel Dagenais 等
期刊名称：Journal of Computer Networks and Communications
印刷版ISSN：2090-7141
电子版ISSN：2090-715X
出版年度：2012
卷号：2012
DOI：10.1155/2012/151205
出版社：Hindawi Publishing Corporation
摘要：Iterative and incremental mechanisms are not usually considered in existing approaches for information security management System (ISMS). In this paper, we propose SUP (security unified process) as a unified process to implement a successful and high-quality ISMS. A disciplined approach can be provided by SUP to assign tasks and responsibilities within an organization. The SUP architecture comprises static and dynamic dimensions; the static dimension, or disciplines, includes business modeling, assets, security policy, implementation, configuration and change management, and project management. The dynamic dimension, or phases, contains inception, analysis and design, construction, and monitoring. Risk assessment is a major part of the ISMS process. In SUP, we present a risk assessment model, which uses a fuzzy expert system to assess risks in organization. Since, the classification of assets is an important aspect of risk management and ensures that effective protection occurs, a Security Cube is proposed to identify organization assets as an asset classification model. The proposed model leads us to have an offline system health monitoring tool that is really a critical need in any organization.