Abstract
Although small, medium and micro enterprises (SMEs, mEs) play a decisive role in the European digital economy, they have been identified as one of the weakest links in information security. Identifying these security weaknesses and needs we parameterize our open collaborative environment STORM in order to offer a cost-efficient tool to the SMEs and mEs for self-managing their security.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Reynolds, D., Rabey, K., Polemi, N.: Analysing mes needs and expectations in the area of information security. ENISA report (2008), http://www.enisa.europa.eu/act/sr/reports/micro-enterprises/files/wg-micro-report
Ntouskas, T., Pentafronimos, G., Papastergiou, S.: STORM - Collaborative Security Management Environment. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 320–335. Springer, Heidelberg (2011)
Ntouskas, T., Polemi, N.: STORM-RM: A collaborative and multicriteria risk management methodology. Int. J. Multicriteria Decision Making 2(2), 159–177 (2012)
COBIT4.1: It governance control framework. IT Governance Institute (2007), http://www.isaca.org
Clinch, J.: Itil v3 and information security, ogc white paper (May 2009), http://www.best-managementpractice.com
ISO/IEC:17799: Information technology - security techniques - code of practice for information security management (2005), http://www.iso.org
ISO/IEC:27001: Information technology - security techniques - information security management systems - requirements (2005), http://www.iso.org
ISO/IEC:27002: Information technology - security techniques - code of practice for information security management (2005), http://www.iso.org
NIST SP800-53: Recommended Security Controls for Federal Information Systems and Organization. NIST Special Publication 800-53, http://csrc.nist.gov/publications/PubsSPs.html
ISO17799: Toolkit, http://www.iso17799-made-easy.com/
NetSPoC: Network Security Policy Compiler, http://netspoc.berlios.de/
Agarwwal, A., Bellucci, D., Coronel, A., DiPaola, S., Fedon, G., Goodman, A., Heinrich, C., Horvath, K., Ingrosso, G., Liverani, R.S., Kuza, A., Luptak, P., Mavituna, F., Mella, M., Meucci, M., Morana, M., Parata, A., Su, C., Sureddy, H.S., Roxberry, M., Stock, A.: Owasp testing guide v3.0 (2008), http://www.mare-system.de/whitepaper
Stock, A.V.D., Lowery, D., Rook, D., Cruz, D., Keary, E., Williams, J., Chapman, J., Morana, M.M., Prego, P.: Owasp code review guide v1.1 (2008), https://www.owasp.org
NIST SP800-42: Guideline on Network Security Testing - Recommendations of the National Institute of Standards and Technology. NIST, http://www.iwar.org.uk/comsec/resources/netsec-testing/sp800-42.pdf
NIST SP800-115: Technical guide to information security testing and assessment. NIST, http://csrc.nist.gov/publications/nistpubs/800-115/SP800-115.pdf
Orrey, K., Lawson, L.J.: Penetration testing framework(ptf) v0.21, http://www.vulnerabilityassessment.co.uk
Backtrack, http://www.backtrack-linux.org/
Net Tools 5.0, http://www.mabsoft.com/nettools.htm
Samurai Web Testing Framework, http://samurai.inguardians.com/
Saaty, T.L.: Decision making with the analytic hierarchy process. Int. J. Service Sciences 1, 83–98 (2008)
S-PORT: S-port project, http://s-port.unipi.gr/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Ntouskas, T., Papanikas, D., Polemi, N. (2012). A Collaborative System Offering Security Management Services for SMEs/mEs. In: Georgiadis, C.K., Jahankhani, H., Pimenidis, E., Bashroush, R., Al-Nemrat, A. (eds) Global Security, Safety and Sustainability & e-Democracy. e-Democracy ICGS3 2011 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 99. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33448-1_30
Download citation
DOI: https://doi.org/10.1007/978-3-642-33448-1_30
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33447-4
Online ISBN: 978-3-642-33448-1
eBook Packages: Computer ScienceComputer Science (R0)