A Collaborative System Offering Security Management Services for SMEs/mEs

Ntouskas, Theodoros; Papanikas, Dimitrios; Polemi, Nineta

doi:10.1007/978-3-642-33448-1_30

Theodoros Ntouskas¹⁸,
Dimitrios Papanikas¹⁸ &
Nineta Polemi¹⁸

Part of the book series: Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering ((LNICST,volume 99))

Included in the following conference series:

1279 Accesses
3 Citations

Abstract

Although small, medium and micro enterprises (SMEs, mEs) play a decisive role in the European digital economy, they have been identified as one of the weakest links in information security. Identifying these security weaknesses and needs we parameterize our open collaborative environment STORM in order to offer a cost-efficient tool to the SMEs and mEs for self-managing their security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Reynolds, D., Rabey, K., Polemi, N.: Analysing mes needs and expectations in the area of information security. ENISA report (2008), http://www.enisa.europa.eu/act/sr/reports/micro-enterprises/files/wg-micro-report
Ntouskas, T., Pentafronimos, G., Papastergiou, S.: STORM - Collaborative Security Management Environment. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 320–335. Springer, Heidelberg (2011)
Chapter Google Scholar
Ntouskas, T., Polemi, N.: STORM-RM: A collaborative and multicriteria risk management methodology. Int. J. Multicriteria Decision Making 2(2), 159–177 (2012)
Article Google Scholar
COBIT4.1: It governance control framework. IT Governance Institute (2007), http://www.isaca.org
Clinch, J.: Itil v3 and information security, ogc white paper (May 2009), http://www.best-managementpractice.com
ISO/IEC:17799: Information technology - security techniques - code of practice for information security management (2005), http://www.iso.org
ISO/IEC:27001: Information technology - security techniques - information security management systems - requirements (2005), http://www.iso.org
ISO/IEC:27002: Information technology - security techniques - code of practice for information security management (2005), http://www.iso.org
NIST SP800-53: Recommended Security Controls for Federal Information Systems and Organization. NIST Special Publication 800-53, http://csrc.nist.gov/publications/PubsSPs.html
ISO17799: Toolkit, http://www.iso17799-made-easy.com/
NetSPoC: Network Security Policy Compiler, http://netspoc.berlios.de/
Agarwwal, A., Bellucci, D., Coronel, A., DiPaola, S., Fedon, G., Goodman, A., Heinrich, C., Horvath, K., Ingrosso, G., Liverani, R.S., Kuza, A., Luptak, P., Mavituna, F., Mella, M., Meucci, M., Morana, M., Parata, A., Su, C., Sureddy, H.S., Roxberry, M., Stock, A.: Owasp testing guide v3.0 (2008), http://www.mare-system.de/whitepaper
Stock, A.V.D., Lowery, D., Rook, D., Cruz, D., Keary, E., Williams, J., Chapman, J., Morana, M.M., Prego, P.: Owasp code review guide v1.1 (2008), https://www.owasp.org
NIST SP800-42: Guideline on Network Security Testing - Recommendations of the National Institute of Standards and Technology. NIST, http://www.iwar.org.uk/comsec/resources/netsec-testing/sp800-42.pdf
NIST SP800-115: Technical guide to information security testing and assessment. NIST, http://csrc.nist.gov/publications/nistpubs/800-115/SP800-115.pdf
Orrey, K., Lawson, L.J.: Penetration testing framework(ptf) v0.21, http://www.vulnerabilityassessment.co.uk
Backtrack, http://www.backtrack-linux.org/
Net Tools 5.0, http://www.mabsoft.com/nettools.htm
Samurai Web Testing Framework, http://samurai.inguardians.com/
Saaty, T.L.: Decision making with the analytic hierarchy process. Int. J. Service Sciences 1, 83–98 (2008)
Article MathSciNet Google Scholar
S-PORT: S-port project, http://s-port.unipi.gr/

Download references

Author information

Authors and Affiliations

Department of Informatics, University of Piraeus, Karaoli & Dimitriou 80, 185 34, Piraeus, Greece
Theodoros Ntouskas, Dimitrios Papanikas & Nineta Polemi

Authors

Theodoros Ntouskas
View author publications
You can also search for this author in PubMed Google Scholar
Dimitrios Papanikas
View author publications
You can also search for this author in PubMed Google Scholar
Nineta Polemi
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Applied Informatics, University of East London , 156 Egnatio Street, 54006, Thessaloniki, Greece
Christos K. Georgiadis
School of Architecture & Engineering, University of East London, Docklands Campus 4-6, University Way, E16 2RD, London, UK
Hamid Jahankhani
School of Architecture Computing & Engineering, University of East London, Docklands Campus 4-6 University Way, E16 2RD, London, UK
Elias Pimenidis , Rabih Bashroush & Ameer Al-Nemrat , &

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Ntouskas, T., Papanikas, D., Polemi, N. (2012). A Collaborative System Offering Security Management Services for SMEs/mEs. In: Georgiadis, C.K., Jahankhani, H., Pimenidis, E., Bashroush, R., Al-Nemrat, A. (eds) Global Security, Safety and Sustainability & e-Democracy. e-Democracy ICGS3 2011 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 99. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33448-1_30

Download citation

DOI: https://doi.org/10.1007/978-3-642-33448-1_30
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33447-4
Online ISBN: 978-3-642-33448-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics