{"title":"在管理系统中实施数字it安全度量的方法","authors":"I. Livshitz, P. Lontsikh, S. Eliseev","doi":"10.23919/FRUCT.2017.8071318","DOIUrl":null,"url":null,"abstract":"The relevance of the publication is called by the attention to the problem of formation of reliable measurement results (estimates) of the IT-Security management systems' (ISMS) effectiveness. Decision-makers must operate reliable results of carrying out the measurements of ISMS based on objective quantitative metrics of IT-Security. Known methods for evaluation of the safety systems are presented excluding the PDCA cycle requirements and apart from the general requirements directly to the ISMS. The study of the applicable standards (ISO, NIST, and GOST) and the current practice allowed us to propose an approach to the explanation of a technique of formation of IT-Security metrics, that numerically let us to assess the effectiveness of the ISMS. The results can find a practical application in the independent efficiency evaluation of the ISMS.","PeriodicalId":114353,"journal":{"name":"2017 20th Conference of Open Innovations Association (FRUCT)","volume":"91 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"The method of implementation of the numerical IT-Security metrics in management systems\",\"authors\":\"I. Livshitz, P. Lontsikh, S. Eliseev\",\"doi\":\"10.23919/FRUCT.2017.8071318\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The relevance of the publication is called by the attention to the problem of formation of reliable measurement results (estimates) of the IT-Security management systems' (ISMS) effectiveness. Decision-makers must operate reliable results of carrying out the measurements of ISMS based on objective quantitative metrics of IT-Security. Known methods for evaluation of the safety systems are presented excluding the PDCA cycle requirements and apart from the general requirements directly to the ISMS. The study of the applicable standards (ISO, NIST, and GOST) and the current practice allowed us to propose an approach to the explanation of a technique of formation of IT-Security metrics, that numerically let us to assess the effectiveness of the ISMS. The results can find a practical application in the independent efficiency evaluation of the ISMS.\",\"PeriodicalId\":114353,\"journal\":{\"name\":\"2017 20th Conference of Open Innovations Association (FRUCT)\",\"volume\":\"91 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 20th Conference of Open Innovations Association (FRUCT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.23919/FRUCT.2017.8071318\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 20th Conference of Open Innovations Association (FRUCT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.23919/FRUCT.2017.8071318","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The method of implementation of the numerical IT-Security metrics in management systems
The relevance of the publication is called by the attention to the problem of formation of reliable measurement results (estimates) of the IT-Security management systems' (ISMS) effectiveness. Decision-makers must operate reliable results of carrying out the measurements of ISMS based on objective quantitative metrics of IT-Security. Known methods for evaluation of the safety systems are presented excluding the PDCA cycle requirements and apart from the general requirements directly to the ISMS. The study of the applicable standards (ISO, NIST, and GOST) and the current practice allowed us to propose an approach to the explanation of a technique of formation of IT-Security metrics, that numerically let us to assess the effectiveness of the ISMS. The results can find a practical application in the independent efficiency evaluation of the ISMS.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
