A REFERENCE MODEL FOR ENTERPRISE SECURITY - High Assurance Enterprise Security

David W. Enström; D’Arcy Walsh; Siavosh Hossendoust

doi:10.5220/0002351903550364

A REFERENCE MODEL FOR ENTERPRISE SECURITY - High Assurance Enterprise Security

David W. Enström, D’Arcy Walsh, Siavosh Hossendoust

2007

Abstract

This paper defines an enterprise security model that provides a cohesive structure for the definition and implementation of security services. The complete framework is described, but with a focus on subjects, and protected objects and how access is controlled. Multiple layers of security are defined, building upon the “defence in depth” concept, augmented with “domain” and “zone” concepts and associated protections. The dynamic use of roles is described, a concept that along with user self–service provides a practical approach for the management and use of roles for access control. This model may also be used as a reference architecture for the definition and integration of a set of security services that permit multiple vendor implementations to work together, and to establish the level of compliance of specific systems.

Download

Paper Citation

in Harvard Style

W. Enström D., Walsh D. and Hossendoust S. (2007). A REFERENCE MODEL FOR ENTERPRISE SECURITY - High Assurance Enterprise Security . In Proceedings of the Ninth International Conference on Enterprise Information Systems - Volume 3: ICEIS, ISBN 978-972-8865-90-0, pages 355-364. DOI: 10.5220/0002351903550364

in Bibtex Style

@conference{iceis07,
author={David W. Enström and D’Arcy Walsh and Siavosh Hossendoust},
title={A REFERENCE MODEL FOR ENTERPRISE SECURITY - High Assurance Enterprise Security},
booktitle={Proceedings of the Ninth International Conference on Enterprise Information Systems - Volume 3: ICEIS,},
year={2007},
pages={355-364},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002351903550364},
isbn={978-972-8865-90-0},
}

in EndNote Style

TY - CONF
JO - Proceedings of the Ninth International Conference on Enterprise Information Systems - Volume 3: ICEIS,
TI - A REFERENCE MODEL FOR ENTERPRISE SECURITY - High Assurance Enterprise Security
SN - 978-972-8865-90-0
AU - W. Enström D.
AU - Walsh D.
AU - Hossendoust S.
PY - 2007
SP - 355
EP - 364
DO - 10.5220/0002351903550364