Title :
Towards managing information security knowledge through metamodelling approach
Author :
Abobakr Baras, Doaa Saleh ; Othman, Siti Hajar ; Ahmad, Mohammad Nazir ; Ithnin, Norafida
Author_Institution :
Dept. of Comput. Sci., Univ. Teknol. Malaysia, Skudai, Malaysia
Abstract :
Security of information systems is becomes a major concern for many organizations nowadays as security risks may have a serious impact on the organization´s information assets. Information Security Management (ISM) describes controls that an organization needs to implement to ensure that it is sensibly managing the risks of loss, misuse, disclosure or damage. Thus, it makes ISM knowledge domain is so complex to both its modeling and sharing. The current ISM models do not provide an apparent structure that can be easily reuse to the current situation without an analysis in -depth and this could lead to a waste of time. It is useful to categories and describes the elements, components or aspects of information security management in a unified conceptual model (metamodel) to facilitate knowledge sharing, reuse, modelling and enhancing the communications amongst ISM users. For this purpose, we proposed the Information Security Management Metamodel (ISMM).
Keywords :
risk management; security of data; ISMM; information security management metamodel; security risks; Information security; Organizations; Software; Standards organizations; Unified modeling language; information security management; knowledge; metamodel; model;
Conference_Titel :
Biometrics and Security Technologies (ISBAST), 2014 International Symposium on
Conference_Location :
Kuala Lumpur
Print_ISBN :
978-1-4799-6443-7
DOI :
10.1109/ISBAST.2014.7013140
