Study notes
Note 1
Note 2
Related resource: on perimeter security: http://www.ehow.com/about_6862556_primary-purpose-perimeter-security.html
[Quote: " A perimeter is the boundary that separates your assets from the outside world. The purpose of perimeter security is to deter, detect, delay and deny unauthorized access to the assets within the perimeter by persons bent on theft, vandalism, diversion, sabotage and other criminal acts."]
Note 3:
- ISO 17799: http://www.iso.org/iso/catalogue_detail?csnumber=39612
- An example of an engineering based approach: Automated Secure System Development (ASSDM): http://books.google.com.hk/books/about/Automated_Secure_Systems_Development_Met.html?id=TidFHAAACAAJ&redir_esc=y
Note 4:
Note 5
Related resource:
- Workflow patterns are used to model business processes: http://www.workflowpatterns.com/
- Security analysis and design: https://www.owasp.org/index.php/Perform_security_analysis_of_system_requirements_and_design_(threat_modeling)
Readings:
- Thomson, K.L., Solms, R.v. and Technikon, P.E. (2006) "Towards an Information Security Competence Model" Computer Fraud & Security, May, pp. 11-15
- Zuccato, A. (2007) "Holistic security management applied in electronic commerce" Computers & Security 26, pp. 256-265
- Axelrod, W. (2006) "Cybersecurity and the Critical Infrastructure: Look Beyong the Perimeter", Information Systems Control Journal Vol. 3, pp. 24-28
No comments:
Post a Comment