Main building blocks
- 434 Downloads
ESARIS spans three dimensions: work areas, roles and collaboration, as well as security standards. Each is described in detail in the following chapter. Section 4.1 explains the three work areas and thereby shows that the architecture considers planning phases up until a customer contract is implemented, operating phases where the ICT service is delivered to the customer, as well as all types of preparations and integration of security measures into technology and related processes. Section 4.2 introduces the ESARIS Collaboration Model and describes the roles and responsibilities in all three work areas and their interaction. Section 4.3 brings in the security issues by defining a Hierarchy of Security Standards and its content. This hierarchy again reflects the two perspectives of security management (corporate and product), where the product security perspective is the one that is elaborated and specified in precise detail within ESARIS. Section 4.4 describes a concept that is fundamental for ESARIS and its use and may ultimately be the reason why this book actually exists: It is essential that the same documentation is used for implementation (provider’s side) and for demonstration of assurance and achievement of requirements (customers’ side).
KeywordsInformation Security Security Requirement Security Measure Work Area Security Manager
Unable to display preview. Download preview PDF.