Using the Bell Labs security framework to enhance the ISO 17799/27001 information security management system
The global information technology (IT) industry recognizes the need for standards to improve the quality and consistency of security for IT products and services. As such, the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27000 series is focusing...
Saved in:
Published in | Bell Labs technical journal Vol. 12; no. 3; pp. 39 - 54 |
---|---|
Main Authors | , , , , |
Format | Journal Article |
Language | English |
Published |
Hoboken
IEEE
01.09.2007
Wiley Subscription Services, Inc., A Wiley Company |
Online Access | Get full text |
Cover
Loading…
Summary: | The global information technology (IT) industry recognizes the need for standards to improve the quality and consistency of security for IT products and services. As such, the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27000 series is focusing on the requirements, security controls, and implementation guidance for an organization's information security management system (ISMS). This guidance establishes general principles that can be used in various industries and government; however, standardized techniques are also needed to identify, implement, and operate security controls as part of the ISMS life cycle. The Bell Labs Security Framework identifies both the minimal and differentiating security controls by decomposing an IT product or service into a layered hierarchy of equipment and facilities groupings and examining the types of activities that occur at each layer in a standardized manner. Furthermore, the Bell Labs Security Framework security dimensions provide the necessary mechanisms to implement and operate the selected controls. The Bell Labs Security Framework enhances the ISO/IEC 27000 series by providing a comprehensive end-to-end approach to implementing IT security. © 2007 Alcatel-Lucent. |
---|---|
Bibliography: | istex:403F3837EC451052B8F0EBD49FAD024FE7C0FE2A ArticleID:BLTJ20248 ark:/67375/WNG-JT33CCTF-9 ObjectType-Article-2 SourceType-Scholarly Journals-1 ObjectType-Feature-1 content type line 23 |
ISSN: | 1089-7089 1538-7305 |
DOI: | 10.1002/bltj.20248 |