Skip to main content
SpringerLink
Log in

A Web-Enabled Enterprise Security Management Framework Based on a Unified Model of Enterprise Information System Security

  • Conference paper
Book cover Information Systems Security (ICISS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3803))

Included in the following conference series:

Abstract

This paper presents an ongoing research project that is a sequel to an earlier work on the Development of Enterprise Information Security Management (EISM) Tool Suite for different stages like Requirement and Risk Analysis, Policy Development, Infrastructure Advisory Generation, and Testing of the Security Engineering Life Cycle. The present project attempts to develop a set of web-based information security management services using web-service technologies. The study also aims at developing a unified formal model of Enterprise Information System Security and suitable metrics for its measurement.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Roy, et al.: ESRML: A Markup Language for Enterprise Security Requirement Specification. In: Proceedings of IEEE INDICON 2004, held at IIT, Kharagpur, December 20-22 (2004)

    Google Scholar 

  2. Mazumdar, et al.: Final Technical Report for Project Development of Validated Security Processes and Methodologies for Web-Based Enterprises (2003)

    Google Scholar 

  3. Sengupta, A., Mukhopadhyay, A., Mallick, A.S.: Preliminary Technical Report on the Development of Web-enabled Enterprise Security Management Framework based on a Unified Formal Model of Enterprise Information System Security, Technical Report, Project WebSecurity-II (CDC-JU) (June 2004)

    Google Scholar 

  4. Bell, D., La Padula, L.: Secure Computer Systems: Mathematical Foundations and Model. MITRE Report MTR 2574, vol. 2 (November 1973)

    Google Scholar 

  5. Biba, K.J.: Integrity Considerations for Secure Computer Systems. MTR-3153, MITRE Corporation, Bedford, MA (June 1975)

    Google Scholar 

  6. Clark, D., Wilson, D.: A Comparison of Commercial and Military Security Policies. In: Proceedings IEEE Symposium Security and Privacy, pp. 184–194. IEEE Comp Soc Press, Los Alamitos (1987)

    Google Scholar 

  7. Sandhu, R.S.: Lattice-based Access Control Models. IEEE Computer, 9–19 (November 1993)

    Google Scholar 

  8. Sandhu, R., et al.: Role-based Access Control Models. IEEE Computer (February 1996)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Centre for Distributed Computing, Jadavpur University, Kolkata, 700032, India

    Anirban Sengupta, Koel Ray, Aveek Guha Roy, Dipankar Aich & Chandan Mazumdar

  2. Webel Technologies, Kolkata, 700091, India

    Aniruddha Mukhopadhyay

  3. Bengal Engineering And Science University, Shibpur, Howrah, 711103, India

    Mridul Sankar Barik

Authors
  1. Anirban Sengupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aniruddha Mukhopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Koel Ray
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Aveek Guha Roy
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Dipankar Aich
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Mridul Sankar Barik
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Chandan Mazumdar
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, VA 22030, Fairfax, USA

    Sushil Jajodia

  2. Jadavpur University, 7000032, Kolkata, India

    Chandan Mazumdar

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sengupta, A. et al. (2005). A Web-Enabled Enterprise Security Management Framework Based on a Unified Model of Enterprise Information System Security. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2005. Lecture Notes in Computer Science, vol 3803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11593980_26

Download citation

  • DOI: https://doi.org/10.1007/11593980_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30706-8

  • Online ISBN: 978-3-540-32422-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation