企业架构管理和安全风险管理的概念集成

2013 17th IEEE International Enterprise Distributed Object Computing Conference Workshops Pub Date : 2013-09-09 DOI:10.1109/EDOCW.2013.19

Eric Grandry, C. Feltus, E. Dubois

{"title":"企业架构管理和安全风险管理的概念集成","authors":"Eric Grandry, C. Feltus, E. Dubois","doi":"10.1109/EDOCW.2013.19","DOIUrl":null,"url":null,"abstract":"Enterprise Architecture Management (EAM) is considered to provide the mechanism for, amongst others, governing enterprise transformations required by changes in the environment. In this paper, we focus on changes that result from the analysis of information security risks and of their impacts on the services delivered by an enterprise. We present how the concepts of an information system security risks management domain can be mapped into the ArchiMate enterprise architecture modeling language. We illustrate the application of the proposed approach through the handling of a lab case.","PeriodicalId":376599,"journal":{"name":"2013 17th IEEE International Enterprise Distributed Object Computing Conference Workshops","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"49","resultStr":"{\"title\":\"Conceptual Integration of Enterprise Architecture Management and Security Risk Management\",\"authors\":\"Eric Grandry, C. Feltus, E. Dubois\",\"doi\":\"10.1109/EDOCW.2013.19\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Enterprise Architecture Management (EAM) is considered to provide the mechanism for, amongst others, governing enterprise transformations required by changes in the environment. In this paper, we focus on changes that result from the analysis of information security risks and of their impacts on the services delivered by an enterprise. We present how the concepts of an information system security risks management domain can be mapped into the ArchiMate enterprise architecture modeling language. We illustrate the application of the proposed approach through the handling of a lab case.\",\"PeriodicalId\":376599,\"journal\":{\"name\":\"2013 17th IEEE International Enterprise Distributed Object Computing Conference Workshops\",\"volume\":\"23 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-09-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"49\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 17th IEEE International Enterprise Distributed Object Computing Conference Workshops\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EDOCW.2013.19\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 17th IEEE International Enterprise Distributed Object Computing Conference Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EDOCW.2013.19","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 49

摘要

企业架构管理(Enterprise Architecture Management, EAM)被认为提供了一种机制，除其他外，用于管理环境变更所需的企业转换。在本文中，我们将重点关注信息安全风险及其对企业交付的服务的影响的分析所导致的变化。我们介绍了如何将信息系统安全风险管理领域的概念映射到ArchiMate企业架构建模语言中。我们通过处理一个实验室案例来说明所提出的方法的应用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Conceptual Integration of Enterprise Architecture Management and Security Risk Management

Enterprise Architecture Management (EAM) is considered to provide the mechanism for, amongst others, governing enterprise transformations required by changes in the environment. In this paper, we focus on changes that result from the analysis of information security risks and of their impacts on the services delivered by an enterprise. We present how the concepts of an information system security risks management domain can be mapped into the ArchiMate enterprise architecture modeling language. We illustrate the application of the proposed approach through the handling of a lab case.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2013 17th IEEE International Enterprise Distributed Object Computing Conference Workshops

自引率

0.00%

发文量