基于ISO 27000和SABSA模型集成的SKK Migas企业安全框架开发

2018 10th International Conference on Information Technology and Electrical Engineering (ICITEE) Pub Date : 2018-07-01 DOI:10.1109/ICITEED.2018.8534747

W. Najib, Sujoko Sumaryono, L. Nugroho, G. D. Putra

{"title":"基于ISO 27000和SABSA模型集成的SKK Migas企业安全框架开发","authors":"W. Najib, Sujoko Sumaryono, L. Nugroho, G. D. Putra","doi":"10.1109/ICITEED.2018.8534747","DOIUrl":null,"url":null,"abstract":"This paper presents the development of Enterprise Security Framework (ESF) for an Indonesian government institution called SKK Migas (Special Task Force for Upstream Oil and Gas Business Activities). The framework developed based on two security standard namely ISO 27000 and SABSA. The development is started by evaluating available information security standard and best practice used in enterprise scale. The next step is analyzing existing security policy and implementation regarding the Information Security Management System (ISMS) in SKK Migas and then perform gap analysis. The main step is the synthesis of security framework which intended to improve information security management in SKK Migas. The resulted security framework covers 14 security domains which will be used to control information security management within the institution.","PeriodicalId":142523,"journal":{"name":"2018 10th International Conference on Information Technology and Electrical Engineering (ICITEE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Development of Enterprise Security Framework in SKK Migas Based on Integration of ISO 27000 and SABSA Model\",\"authors\":\"W. Najib, Sujoko Sumaryono, L. Nugroho, G. D. Putra\",\"doi\":\"10.1109/ICITEED.2018.8534747\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents the development of Enterprise Security Framework (ESF) for an Indonesian government institution called SKK Migas (Special Task Force for Upstream Oil and Gas Business Activities). The framework developed based on two security standard namely ISO 27000 and SABSA. The development is started by evaluating available information security standard and best practice used in enterprise scale. The next step is analyzing existing security policy and implementation regarding the Information Security Management System (ISMS) in SKK Migas and then perform gap analysis. The main step is the synthesis of security framework which intended to improve information security management in SKK Migas. The resulted security framework covers 14 security domains which will be used to control information security management within the institution.\",\"PeriodicalId\":142523,\"journal\":{\"name\":\"2018 10th International Conference on Information Technology and Electrical Engineering (ICITEE)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 10th International Conference on Information Technology and Electrical Engineering (ICITEE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICITEED.2018.8534747\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 10th International Conference on Information Technology and Electrical Engineering (ICITEE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICITEED.2018.8534747","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

本文介绍了印尼政府机构SKK Migas(上游石油和天然气业务活动特别工作组)的企业安全框架(ESF)的开发。该框架是基于两个安全标准即ISO 27000和SABSA开发的。开发首先评估企业规模中使用的可用信息安全标准和最佳实践。下一步是分析SKK Migas关于信息安全管理系统(ISMS)的现有安全策略和实施情况，然后进行差距分析。主要步骤是安全框架的综合，旨在改善SKK Migas的信息安全管理。由此产生的安全框架涵盖14个安全领域，将用于控制机构内的信息安全管理。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Development of Enterprise Security Framework in SKK Migas Based on Integration of ISO 27000 and SABSA Model

This paper presents the development of Enterprise Security Framework (ESF) for an Indonesian government institution called SKK Migas (Special Task Force for Upstream Oil and Gas Business Activities). The framework developed based on two security standard namely ISO 27000 and SABSA. The development is started by evaluating available information security standard and best practice used in enterprise scale. The next step is analyzing existing security policy and implementation regarding the Information Security Management System (ISMS) in SKK Migas and then perform gap analysis. The main step is the synthesis of security framework which intended to improve information security management in SKK Migas. The resulted security framework covers 14 security domains which will be used to control information security management within the institution.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 10th International Conference on Information Technology and Electrical Engineering (ICITEE)

自引率

0.00%

发文量