Object-Oriented Situational Approach to Enterprise Information Security Management

2021 ◽  
pp. 591-600
Author(s):  
I. Zemtsov ◽  
L. Astakhova
Keyword(s):  
Information Security ◽  
Security Management ◽  
Object Oriented ◽  
Enterprise Information ◽  
Information Security Management

Research on Enterprise Information Security of the ERP System

2013 ◽  
Vol 380-384 ◽  
pp. 2539-2543
Author(s):  
Cheng Wang
Keyword(s):  
Information Security ◽  
Management System ◽  
Security Management ◽  
Enterprise Information ◽  
Information Security Management ◽  
Erp System ◽  
Manufacturing Enterprises ◽  
Information Security Management System ◽  
Article Analysis ◽  
Countermeasures And Suggestions

With the wide application of ERP system in manufacturing enterprises in China, Issues of enterprise information security are becoming increasingly influential. On the basis of elaborating information security and information risk, this article analysis systematically the enterprise information security management system, and explore the key information security problems in ERP environment, and proposed the corresponding countermeasures and suggestions.

scholarly journals Enterprise Information Security Management Based on Context-Aware RBAC and Communication Monitoring Technology

2013 ◽  
Vol 2013 ◽  
pp. 1-11 ◽  
Author(s):  
Mei-Yu Wu ◽  
Ming-Hsien Yu
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Information Leakage ◽  
Security Management ◽  
Vital Role ◽  
Management Approach ◽  
Context Aware ◽  
Enterprise Information ◽  
Information Security Management ◽  
Monitoring Technology

Information technology has an enormous influence in many enterprises. Computers have not only become important devices that people rely on in their daily lives and work, but have also become essential tools for enterprises. More and more enterprises have shifted their focus to how to prevent outer forces from invading and stealing from networks. However, many enterprises have disregarded the significance of internal leaking, which also plays a vital role in information management. This research proposes an information security management approach that is based on context-aware role-based access control (RBAC) and communication monitoring technology, in order to achieve enterprise information security management. In this work, it is suggested that an enterprise may, first, use an organizational chart to list job roles and corresponding permissions. RBAC is a model that focuses on different work tasks and duties. Subsequently, the enterprise may define a security policy to enforce the context-aware RBAC model. Finally, the enterprise may use communication monitoring technology in order to implement information security management. The main contribution of this work is the potential it provides to both reduce information security incidents, such as internal information leakage, and allow for effective cost control of information systems.

Research on Security Management Plan for Enterprise Information Systems

2013 ◽  
Vol 380-384 ◽  
pp. 2560-2563
Author(s):  
Ru Xin Gou ◽  
Ting Jie Lu
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Network Science ◽  
Security Management ◽  
Management Plan ◽  
Enterprise Management ◽  
Enterprise Information ◽  
Information Security Management ◽  
Enterprise Information Systems ◽  
Risk Assesment

With the development of computer and network science, enterprises have built lots of information systems for enterprise management, the security management of the information systems if becoming more and more important for most of the enterprises.In this study of information security management plan,enterprises can implement a set of controls based on the controls checklists obtained from risk assesment to achieve information security.

ENTERPRISE INFORMATION SECURITY AND ORGANIZATIONAL MEASURES OF ITS

2019 ◽  
Vol 4 (4) ◽  
pp. 209-215
Author(s):  
Iryna MARKINA ◽  
Yuriy GARICHEV
Keyword(s):  
Information Security ◽  
Organizational Support ◽  
Security Management ◽  
Research Direction ◽  
Economic Security ◽  
Scientific Validity ◽  
Enterprise Information ◽  
Information Security Management ◽  
Single View ◽  
Concept Of Information

Organization of an effective system of economic security is an important aspect of business growth in modern management conditions. Due to the large role of information resources, the reality of threats, the information security problems of enterprises and organizations in Ukraine are relevant. Without protection of the enterprise information environment, it is impossible to ensure its economic security. The heads of enterprises in the field of economics and business do not have special literature on information security. Questions of concepts, characteristics, and components of information security are not fully understood. Scientific provisions for managing information security of enterprises have not been developed. The purpose of the study is the theoretical justification of the organizational support of the enterprise information security. The author has proposed measures to optimize information security management. In the scientific literature there is no single view on the concept of “information security”. The author carried out a theoretical analysis of this concept. The concept of “information security” is the security state of data processing and storage systems. This is to ensure the confidentiality, accessibility and integrity of information. These are measures aimed at ensuring the security of information from: unauthorized access, use, publication, destruction, alteration, viewing, verification of recordings or destruction. We have studied the research direction on the concept content of “information security”. Information security management must adhere to the principles of information security. We offer the following principles: legality; planning; complexity; continuity; interaction of subjects of ensuring information security; improvement; scientific validity; technical implementation; the control; warning. The main measures for managing information security of enterprises and organizations are summarized. Keywords: threats, protection of information, measures, information security, principles, management.

Sign in / Sign up

Export Citation Format

Share Document