An ideal secure information system is not only to keep enough security strength of all components of a target system, but also to ensure all tasks in software life cycle process are done appropriately. Under the consideration, information security engineering environments that integrate various tools to support the tasks are proposed. On the other hand, it is difficult to define generally accepted security strength and its evaluation criteria. ISO information security standards, which regulate various information security related contents are expected, can be used as criteria for the purpose, and should be provided as databases to be used from the tools. However, because standards are always changed and their contents are different from each others, it is difficult to design and manage the databases. This paper proposes a systematic management for information security engineering environments that ensure safety in software life cycle based on the standards. © 2011 Springer-Verlag.
CITATION STYLE
Hakim Suhaimi, A. I., Manji, T., Goto, Y., & Cheng, J. (2011). A systematic management method of ISO information security standards for information security engineering environments. In Communications in Computer and Information Science (Vol. 251 CCIS, pp. 370–384). https://doi.org/10.1007/978-3-642-25327-0_32
Mendeley helps you to discover research relevant for your work.