Coherence in control of information security: coins

• Autorzy: Monfelt Y.
• Języki publikacji: EN

Abstrakty

EN

The message is a norm-related and experience based policy guidance about control of authorization and authenticity in communications for sustainability in life cycle system's ubiquitous principal - agent relation's dependable behavior with respect to reliability, maintainability and maintenance concerning confidentiality; i.e., confidence or secrecy, integrity and availability. The performance is fed back through monitoring, account and audit of fault caused incidents, errors and rule failure consequent effect events. Knowledge management, for entities' evaluated requisite variety width in cognition of situation event contexts, is the primary condition for authorization of the system entities' right to access role adequate assets; i.e., adapted and accredited communication architecture applications.

Słowa kluczowe

EN

principal; agent; cognition; authorization; authenticity; monitoring; account; audit; dependability

PL

kontrola; bezpieczeństwo informacji; autoryzacja; autentyczność; monitoring; audyt; niezawodność

• Wydawca: Production Engineering Committee of the Polish Academy of Sciences ; Polish Association for Production Management
• Czasopismo: Management and Production Engineering Review
• Rocznik: 2011
• Tom: Vol. 2, No. 4
• Strony: 33--49
• Opis fizyczny: Bibliogr. 31 poz., rys., tab.

Twórcy

autor

Monfelt Y.

• Stockholm University (SU), Department of Computer and Systems Sciences (DSV), Forum 100, SE-164 40 Kista, Sweden, phone: +46 8 16 20 00,

Bibliografia

• [1] Lawson H.B., A Journey Through the Systems Landscape, College Publications, London, UK, 2010, ISBN 978-1-84890-010-3, 2010.
• [2] Van Gigch, John P. (1978), Applied systems theory. Harper & Row Publishers, 1978 (1974), ISBN 0-06-046776-2.
• [3] Yngström L. et al., COINS report # 1; Modeling the Communication of Information Security Issues, DSV report series No 09-008B, Stockholms universitet, Sweden, 2009a. Yngström L. et al., COINS report # 1 Enclosures; Modeling the Communication of Information Security Issues, DSV report series No 09-008B, Stockholms universitet, Sweden, 2009b. https://secprj.dsv.su.se/coins/documents.html ACS: July/25/11.
• [4] Monfelt Y., Information mechanism adaptation to social communication, IASIS, Volume XI, Las Vegas, Nevada: Oct. 6-9: 138-144, 2010. http://iacis.org/iis/2010 iis/Table%20of%20Contents%20No2 files/138-144_LV2010 1492.pdf ACS: Mar/30/11.
• [5] Technology and industrial management innovation (TIIM 2011) conference 28-30.6.2011 in Oulu, Finland. http://tuta.oulu.fi/Proceedings%20of%20TIIM2011%20Conference%20vol2.pdf/view ACS:Aug./31/11
• [6] Swedish Civil Contingencies Agency (MSB), Strategy for information security in Sweden 2010-2015, Publ. nr MSB243 March 2011 ISBN 978-91-7383-126-0.https://www.msb.se/Upload/English/Civil contingencies/Information%20security/Strategy%20for%20information%20security%20in%20Sweden.pdf ACS: July/25/11.
• [7] International Standards Office (2005), ISO/IEC 27001:2005, Information technology - Security techniques - Information security management systems - Requirements, Geneva: ISO. Annex A. http://en.wikipedia.org/wiki/ISO/IEC 27001 ACS: Mar/30/11.
• [8] Swedish National Audit Office (SNAO, 2007), Government control of information security work within the public administration, security work within the public administration. http://www.riksrevisionen.se/PageFiles/14103/Annual%20report%202007.pdf, pp. 22-24, ACS: Sep/25/11. Regeringens styrning av information-ssäkerhetsarbetet i den statliga förvaltningen, RiR 2007:10. http://www.riksrevisionen.se/templib/pages/Open-Document_556.aspx?documentid=6730 ACS: Mar/30/11.
• [9] Odelstad J., Many-Sorted Implicative Conceptual Systems, DSV Report series No. 08-012, ISSN 1101-8526, ISRN SU-KTH/DSV/R-08/12-SE, ISBN 978-91-7415-141-1 (2008). http://kth.divaportal.org/smash/searchlist.jsf?searchId=1 ACS: Mar/30/11.
• [10] Van Renssen A.S.H.P., Gellish Modeling Method, Part 6, Knowledge and Product Modeling, Edition 5, May 2008. http://sourceforge.net/projects/gellish/files/Gellish%20Documentation/Gellish%20User%20Guides%20%20Oct2008/Gellish Modeling Method part 6 Creation of Facility and Product Models Jul2008.zip/download ACS: Mar/30/11. Gellish A Generic Extensible Ontological Language - Design and Application of a Universal Data Structure, 2005. http://repository.tudelft.nl/view/ir/uuid%3Ade26-132b-6f03-41b9-b882-c74b7e34a07d/ ACS: Mar/30/11.
• [11] Yadin A., Implementation of Bloom’s Taxonomy on Systems Analysis, ICIER2007, Montreal Workshops, 2007. http://www.sig-ed.org/ICIER2007/proceedings/implementation of.pdf ACS: Mar/30/11.
• [12] SIS, SIS HB 550: Terminologi f¨or information-ssäkerhet, Swedish Standards Institute, SIS Förlag AB. 118 80 Stockholm, 2003. http://www.sis.se ACS: Mar/30/11.
• [13] More A., Statistical Data Mining Tutorials, Tutorial Slides, School of Computer Science, Carnegie Mellon University, 2003. www.cs.cmu.edu/~awmawm@cs.cmu.edu, 2001, 2003. http://www.autonlab.org/tutorials/index.html ACS: Mar/30/11.
• [14] Monfelt Y., Sofie Pilemalm, Jonas Hallberg, Louise Yngstr¨om, The 14 layered framework for including social and organisational aspects in security management, Industrial Management and Computer Security, Vol. 19, issue 2 - Current Issue Published: 2011. http://www.emeraldinsight.com/journals.htm?issn-=0968-5227&volume=19&issue ACS: July/25/11.
• [15] ITU-X.200, Information technology - Open Systems Interconnection - Basic Reference Model: The basic model, International telecommunication union (ITU-T), Geneva, Switzerland, recommendation X.200 (07/94), 1994. http://www.itu.int/rec/T-REC-X.200-199407-I/en ACS: Mar/30/11.
• [16] ITU-X.800, Security architecture for Open Systems Interconnection for CCITT applications, International telecommunication union (ITU-T), Geneva, Switzerland, recommendation X.800 (03/91), 1991. http://www.itu.int/rec/T-REC-X.800-199103-IACS: Mar/30/11.
• [17] Falkenberg E.D., Hesse W., Lindgreen P., Nilsson B.E. Nilsson, Han Oei J.L., Rolland C., Stamper R.K., Van Assche F.J.M., Verrijn-Stuart A.A., Voss K., A framework of information system concepts: The FRISCO Report, Leiden, The Netherlands: International Federation for Information Processing, IFIP., 1998 (1994), pp. 2, 69. http://www.mathematik.uni-marburg.de/~hesse/papers/fri-full.pdf ACS: Mar/30/11.
• [18] Avizienis A., Laprie J-C., and Randell B., Fundamental Concepts of Dependability, Research Report No 1145, LAAS-CNRS, April 2001. http://www.cert.org/research/isw/isw2000/papers/56.pdf ACS: Mar/30/11.
• [19] ITU-E.800, Telephone Network and ISDN Quality of Service, Network Management and Traffic Engineering, Terms and Definitions Related to Quality of Service and Network Performance Including Dependability, International telecommunication union (ITU-T), Geneva, Switzerland, recommendation E.800 (08/94), 1995. http://www.itu.int/rec/T-REC-E.800-199408-S/enFirefoxHTML%5CShell%5COpen%5CCommand ACS: Mar/30/11.
• [20] Shannon C.E., A Mathematical Theory of Communication, The Bell Technical Journal, Vol. 27, pp. 379-423, 623–656, July, October 1948, p. 1. http://cm.bell-labs.com/cm/ms/what/shannonday/shannon1948.pdf ACS: Mar/30/11.
• [21] Booth D., Haas H., McCabe F., Newcomer E., Champion I.M., Ferris Ch., and Orchard D., W3Org, Web Services Architecture, 2004. http://www.w3.org/TR/ws-arch/ACS:Mar/30/11.
• [22] Sjoqvist E., Electronic Mail and its Possible Negative Aspects in Organizational Contexts, Department of Computer and Systems Sciences Stockholm University/Royal Institute of Technology, Forum 100, S-164 40 KISTA. DSV Report series No. 08-005, ISBN 978-91-7155-578-6, ISSN 1101-8526, ISRN SU-KTH/DSV/R-08/5-SE: p. 165, 2008, Fig. 8. http://www.hgo.se/~evas/080514- EVA-S-Avhandling.pdf ACS: Mar/30/11.
• [23] Coase R.H., The Nature of the Firm, Economica, New Series, Vol. 4, No. 16. (Nov., 1937), pp. 386-405. Stable URL: http://links.jstor.org/sici?sici=0013-0427%281937-11%292%3A4%3A16%3C386%3ATNOTF%3E2.0. CO%3B2-B ACS: Sep/1/11.
• [24] IEA (2007), Mind the Gap, Quantifying Principal - Agent Problems in Energy Efficiency, International Energy Agency (IEA). Head of Communication and Information Office, 9 rue de la F´ed´eration, 75739 Paris Cedex 15, France. c OECD/IEA, 2007 (Theory, Ch. 1-3). http://www.iea.org/textbase/nppdf/free/2007/mind the gap.pdf ACS: Apr/8/11.
• [25] Flensburg P., Kurti A., Social Informatics in the Future, University West, Sweden, 2007. http://www.itu.dk/∼elisberg/Includes/Papers/7/7-5.pdf ACS: Oct/30/11.
• [26] United Nation, UN (1948), United Nation, UN (1948), Universal Declaration of Human Rights, URL: http://www.un.org/events/humanrights/udhr60/hrphotos/declaration%20 eng.pdf ACS: Mar/30/11.
• [27] Van de Poel I., Goldberg D.E., (Co-Chairs, 2007), Industrial & Enterprise Abstracts of the Workshop Philosophy & Engineering 2007 organised at Delft University of Technology, October 29-31, 2007. ISBN/EAN: 978-90-5638-183-7. http://philengtech.org/wp-content/uploads/2007/10/wpe2007abstracts.pdf ACS: Mar/30/11.
• [28] Hallberg J., Lundholm K., Information security metrics based on organizational models, FOI Swedish Defense Research Agency Information Systems P.O. Box 1165 SE-581 11 Linkoping, FOI-R-2823-SE ISSN 1650-1942, 2009. http://www2.foi.se/rapp/foir2823.pdf ACS: Mar/30/11.
• [29] Interviews Spring 2010; unpublished.
• [30] Russell B., History of the Western Philosophy, Routledge 1946, 1961, 2000, ISBN 0-415-22854-9, 2000, p. 181; pp. 481f.
• [31] CCRA (2005), ISO/IEC 15408:2005, The Common Criteria Recognition Arrangement (CCRA) members. Common Criteria for Information Technology Security Evaluation (CC). http://www.commoncriteriaportal.org/ACS: Oct/15/11.