PFIRES: A policy framework for information security

被引:58
作者
Rees, J [1 ]
Bandyopadhyay, S
Spafford, EH
机构
[1] Purdue Univ, Krannert Grad Sch Management, W Lafayette, IN 47907 USA
[2] Univ Florida, Warrington Coll Business Adm, Gainesville, FL 32611 USA
来源
COMMUNICATIONS OF THE ACM | 2003年 / 46卷 / 07期
关键词
D O I
10.1145/792704.792706
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
The advantages of Policy Framework for Interpreting Risk in E-Business Security (PFIRES) for security strategy and policy for software applications are discussed. PFIRES is detailed enough to ensure that an organization does not overlook anything while addressing a security issue. The framework is also dynamic to ensure the speed and execution required to adapt rapidly to changing business scenarios. PFIRES facilitates effective communication between senior management and technical security management to realize immediate benefits.
引用
收藏
页码:101 / 106
页数:6
相关论文
共 8 条
  • [1] [Anonymous], 1995, INTRO COMPUTER SECUR
  • [2] [Anonymous], MODERN SYSTEMS ANAL
  • [3] BASKERVILLE R, 1993, ACM COMPUTING SURVEY, V25
  • [4] *GARTN INC, 2001, FT145524 GARTN INC
  • [5] LICHTENSTEIN S, 1997, P 30 HAW INT C SYST
  • [6] Porter M., 1980, CORPORATE STRATEGY, DOI DOI 10.1016/j.jclepro.2007.05.002
  • [7] VERNON R, Q J EC, V80
  • [8] WOOD CC, 1995, COMPUTERS SECURITY, V14
1