Advertisement

Approach and framework

  • Wolfgang BehnsenEmail author
  • Eberhard von FaberEmail author
Chapter
  • 435 Downloads
Part of the Edition <kes> book series (EDKES)

Abstract

This chapter is an approach to ESARIS. In Sect. 3.1 the term ESARIS is defined in detail and shown in relation to other structures. The reasons and the background are provided in order to understand the necessity for an ICT Service Provider to develop and maintain such an architecture and to better appreciate its purpose and value. Section 3.2 analyzes the situation whereby there are many departments and different business in large enterprises and they all appear to depend on all the others. Here, there are at least two perspectives, referred to as corporate security management and product security management. Taking into consideration these different perspectives on information security provides more clarity, differentiates between responsibilities for security and thereby strengthens the scope of ESARIS. The latter is continued in Sect. 3.3 through a description of frameworks for ESARIS, i.e. organizations or systems relating to the architecture and which are required for it. The so-called Enablement Framework primarily refers to the corporate security perspective and provides the ICT Service Provider with the ability to achieve information security. The so-called Enforcement Framework primarily refers to the product security perspective and provides practical security measures for protecting the ICT services. Section 3.4 introduces the ESARIS Industrialization Concept with an explanation as to how requirements from different sources are treated, structured and used and how standardized elements are combined in order to create tailored ICT services and to meet various security requirements. Section 3.5 leads on to the next chapter by outlining the ESARIS Dimensions and Work Areas.

Keywords

Information Security Security Requirement Security Service Security Measure Security Management 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer Fachmedien Wiesbaden 2012

Authors and Affiliations

  1. 1., Security Management ProductionT-Systems International GmbHMünchenGermany
  2. 2., Security Consulting and EngineeringT-Systems GEI GmbHBonnGermany

Personalised recommendations