試論利用ea建模加強機構信息安全風險管理-資料下載頁
2025-06-24 22:09本頁面
【正文】 2004.[5] Minoli D. Enterprise Architecture A to Z: Frameworks,Business Process Modeling, SOA, and InfrastructureTechnology [M]. Auerbach Publications, 1 edition, 2008.[6] NIST Special Publications 80018, Guide for DevelopingSecurity Plans for Information Technology Systems[Z]. 2006.[7] NIST Special Publications 80030, Risk Management Guidefor Information Technology Systems [Z]. January 2004.[8] NIST FIPS199, Standards for Security Categorization ofFederal Information and Information Systems [Z]. December2003.[9] Bodin L D, Gordon L A, Loeb M P. Information security andrisk management [J].Communications of the ACM,2008,51(4): 64 68.[10] Bodin L D, Gordon L A, Loeb M P. Evaluating informationsecurity investments using the analytic hierarchy process [J].Communication of the ACM,2005,48(2): 79 83.[11] Chang S E, Ho C B. Organizational factors to theeffectiveness of implementing information securitymanagement [J].Industrial Management amp。 Data Systems,2006,106(3): 345 361.[12] InnerhoferOberperfler F, Breu R. Using an enterprisearchitecture for IT risk management [C]//Proceedings of theISSA 2006 Conference. 2006.[13] Breu R, InnerhoferOberperfler F. Quantitative assessmentof enterprise security system [C]//Proceedings of the 2008Third International Conference on Availability, Reliabilityand Security. 2008.[14] Breu R, InnerhoferOberperfler F. Modelbased securityanalysis of health care networks [C]//eHealth2008—MedicalInformatics Meets eHealth. 2008.[15] Baker W H, Rees L P, Tippett P S. Necessary measures:metricdriven information security risk assessment anddecision making [J].Communications of the ACM,2007,50(10): 101 106.[16] Shah H, El Kourdi M. Framework for EA [J].Windows ITPro Magazine,2007(7): 36 41.[17] Whitman M E, Mattord H J. Management of InformationSecurity [M]. Thomson Learning, 2004.15 / 15
環(huán)評公示相關推薦
鄂ICP備17016276號-1