Cart (Loading....) | Create Account
Close category search window
 

Analysis of Strongly and Weakly Coupled Management Systems in Information Security

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Boehmer, W. ; Tech. Univ. Darmstadt, Darmstadt, Germany

In an effort to enhance enterprise security, three standard management systems have been established as applications of the Deming cycle: the Information Security Management System (ISMS) in accordance with the ISO 27001 standard, the Business Continuity Management System (BCM) in accordance with the BS 25999 standard and the Information Technology Service Management System (ITSM) in accordance with the ISO 20000 standard. These three management systems have been developed to operate independent of one another, but are often used together within a given company. It can be shown that management systems modeled after the Deming cycle behave as bisimulations with dynamic feedback policies and can be expressed formally as control circuits within the Discrete Event Systems (DES) theory. In this article, we present an analytical description of the optimal structure through which the three management systems (ISMS, BCMS, and ITSM) should be linked in a company. We define a coupling parameter and, using an equation for the discrete control loop, show that ISMS and ITSM should ideally be strongly coupled, and ISMS and BCMS should be weakly coupled.

Published in:

Emerging Security Information Systems and Technologies (SECURWARE), 2010 Fourth International Conference on

Date of Conference:

18-25 July 2010

Need Help?


IEEE Advancing Technology for Humanity About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2014 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.