Enterprise Architecture-Based Risk and Security Modelling and Analysis

被引：6

作者：

Jonkers, Henk ^{[1
]}

Quartel, Dick A. C. ^{[1
]}

机构：

[1] BiZZdesign, POB 321, NL-7500 AN Enschede, Netherlands

来源：

GRAPHICAL MODELS FOR SECURITY, GRAMSEC 2016 | 2016年 / 9987卷

关键词：

Enterprise architecture; Archimate; Risk and security modelling; Risk analysis;

D O I：

10.1007/978-3-319-46263-9_6

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

The growing complexity of organizations and the increasing number of sophisticated cyber attacks asks for a systematic and integral approach to Enterprise Risk and Security Management (ERSM). As enterprise architecture offers the necessary integral perspective, including the business and IT aspects as well as the business motivation, it seems natural to integrate risk and security aspects in the enterprise architecture. In this paper we show how the ArchiMate standard for enterprise architecture modelling can be used to support risk and security modelling and analysis throughout the ERSM cycle, covering both risk assessment and security deployment.

引用

页码：94 / 101

页数：8

共 50 条

[41] e-Business Reference Modelling Framework for SMEs: An Enterprise Architecture based Approach [J].

Mascate, Magido ;

Vasconcelos, Andre .

PROCEEDINGS OF THE 22ND INTERNATIONAL CONFERENCE ON ENTERPRISE INFORMATION SYSTEMS (ICEIS), VOL 2, 2020, :693-700

[42] An integrated research for architecture-based energy management in sustainable airports [J].

Uysal, Murat Pasa ;

Sogut, M. Ziya .

ENERGY, 2017, 140 :1387-1397

[43] An Ontological Matching Approach for Enterprise Architecture Model Analysis [J].

Bakhshandeh, Marzieh ;

Pesquita, Catia ;

Borbinha, Jose .

BUSINESS INFORMATION SYSTEMS (BIS 2016), 2016, 255 :315-326

[44] Enterprise Architecture Model Analysis Using Description Logics [J].

Antunes, Goncalo ;

Caetano, Artur ;

Borbinha, Jose .

2014 IEEE 18TH INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING CONFERENCE WORKSHOPS AND DEMONSTRATIONS (EDOCW), 2014, :237-244

[45] Information risk and security modelling [J].

Zivic, P .

Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005, 2005, 5812 :142-150

[46] Business Security Architecture: Weaving Information Security into Your Organization's Enterprise Architecture through SABSA (R) [J].

Burkett, Jason S. .

INFORMATION SECURITY JOURNAL, 2012, 21 (01) :47-54

[47] Obtaining secure business process models from an enterprise architecture considering security requirements [J].

San Martin, Luis ;

Rodriguez, Alfonso ;

Caro, Angelica ;

Velasquez, Ignacio .

BUSINESS PROCESS MANAGEMENT JOURNAL, 2022, 28 (01) :150-177

[48] Enterprise Architecture Complexity Component Based on Archimate Language [J].

Lakhrouit, Jihane ;

Baina, Karim .

ADVANCES IN UBIQUITOUS NETWORKING, 2016, 366 :535-546

[49] A two-phase quantitative methodology for enterprise information security risk analysis [J].

Bhattacharjee, Jaya ;

Sengupta, Anirban ;

Mazumdar, Chandan ;

Barik, Mridul Sankar .

COMPUTER SYSTEMS SCIENCE AND ENGINEERING, 2014, 29 (01) :5-17

[50] Multi-Criteria and Model-Based Analysis for Project Selection An Integration of Capability-Based Planning, Project Portfolio Management and Enterprise Architecture [J].

Aldea, Adina ;

Iacob, Maria-Eugenia ;

Daneva, Maya ;

Masyhur, Latifah Helmy .

2019 IEEE 23RD INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING WORKSHOP (EDOCW 2019), 2019, :128-135

← 1 2 3 4 5 →