Security Documentation

Research output: Chapters, Conference Papers, Creative and Literary WorksRGC 32 - Refereed conference paper (with host publication)peer-review

View graph of relations

Author(s)

Related Research Unit(s)

Detail(s)

Original languageEnglish
Title of host publicationIFIP Advances in Information and Communication Technology
PublisherSpringer New York LLC
Pages127-139
Volume72
ISBN (Print)0792375068, 9780792375067
Publication statusPublished - 2002

Publication series

NameIFIP Advances in Information and Communication Technology
Volume72
ISSN (Print)1868-4238

Conference

TitleIFIP TC11 WG11.1/WG11.2 8th Annual Working Conference on Information Security Management and Small Systems Security
PlaceUnited States
CityLas Vegas, NV
Period27 - 28 September 2001

Abstract

Information Security Management Standards and Code of Practice provide guidance on good practice for security officers. However there is still a significant gap between the security officer's real world environment and the advice provided by information security professionals and consultants. This paper suggests that a uniform approach to security documentation may provide a first step in bridging that gap, and discusses a proposed structure for such documentation. It is clear from this discussion, however, that a first attempt at security documentation reveals a more fundamental problem, the lack of a working security model. Having documented the local security scenario, the security officer requires some means to extract security relevant information, e.g. to advise management on the current state of organizational security and to recommend security priorities. This paper concludes with a discussion on such a security model.

Research Area(s)

  • Countermeasures, Risk analysis, Security documentation, Security model, Security standards

Citation Format(s)

Security Documentation. / Kwok, Lam-For; Fung, Peggy P. K.; Longley, Dennis.
IFIP Advances in Information and Communication Technology. Vol. 72 Springer New York LLC, 2002. p. 127-139 (IFIP Advances in Information and Communication Technology; Vol. 72).

Research output: Chapters, Conference Papers, Creative and Literary WorksRGC 32 - Refereed conference paper (with host publication)peer-review