Improving Assurance of Information Security Rol

  • Michael D. Barwise


Changing business expectations of information infrastructures have imposed new demands on security architectures. Established technocenthc perimeter-oriented security architectures are yielding ground to business-driven deperimeterised architectures that assume extensive information and resource sharing and global virtualisation. These changes provide the opportunity to take a new approach to security architecture specification, based at its highest level not on costing of reactive countermeasures to current technical threats, but on priontising the allocation of resources to robustly and proactively protect business information assets against business-oriented exposures. This permits tighter specification of both requirements and budgeting with a concomitant improvement in Rol, but depends on a new approach to management described here.


Business Process Information Security Enterprise Architecture Security Architecture Business Structure 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [Zach99]
    Zachman, JA: A Framework for Information Systems Architecture. In: IBM Systems Journal, IBM, 1999, p. 454–470.Google Scholar
  2. [KaST99]
    Kahneman, D Slovic, P Tversky, A: Judgement under Uncertainty: Heuristics and Biases. Cambridge University Press, 1999, p. 422–444.Google Scholar
  3. [MoHe9O]
    Morgan, MG and Henrion M: Uncertainty. Cambridge University Press, 1990, p. 56–60.Google Scholar
  4. [Gord94]
    Gordon, TJ: The Delphi Method. Futures Group AC/UNU Millennium Project, 1994.Google Scholar

Copyright information

© Friedr. Vieweg & Sohn Verlag | GWV-Fachverlage GmbH, Wiesbaden 2006

Authors and Affiliations

  • Michael D. Barwise
    • 1
  1. 1.Integrated InfoSecHertfordshireUK

Personalised recommendations