Skip to main content
SpringerLink
Log in

A Systematic Management Method of ISO Information Security Standards for Information Security Engineering Environments

  • Conference paper
Informatics Engineering and Information Science (ICIEIS 2011)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 251))

Abstract

An ideal secure information system is not only to keep enough security strength of all components of a target system, but also to ensure all tasks in software life cycle process are done appropriately. Under the consideration, information security engineering environments that integrate various tools to support the tasks are proposed. On the other hand, it is difficult to define generally accepted security strength and its evaluation criteria. ISO information security standards, which regulate various information security related contents are expected, can be used as criteria for the purpose, and should be provided as databases to be used from the tools. However, because standards are always changed and their contents are different from each others, it is difficult to design and manage the databases. This paper proposes a systematic management for information security engineering environments that ensure safety in software life cycle based on the standards.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Advanced Information Systems Engineering Laboratory, Department of Information and Computer Sciences, Saitama University: A Systematic Management Method for ISO Information Security Standards, http://www.aise.ics.saitama-u.ac.jp/isee/

  2. Beyer, K., Cochrane, R., Hvizdos, M., Josifovski, V., Kleewein, J., Lapis, G., Lohman, G., Lyle, R., Nicola, M., Ozcan, F., Pirahesh, H., Seemann, N., Singh, A., Truong, T., Van der Linden, R.C., Vickery, B., Zhang, C., Zhang, G.: DB2 Goes Hybrid: Integrating Native XML and XQuery with Relational Data and SQL. IBM Systems Journal 45, 271–298 (2006)

    Article  Google Scholar 

  3. Chen, W., John, C., Naomi, N., Rakesh, R., Manoj, K.S.: DB2 Express-c: The Developer Handbook for Xml, Php, C/c++, Java, and .net. Vervante (2006)

    Google Scholar 

  4. Chen, W., Sammartino, A., Goutev, D., Hendricks, F., Komi, I., Wei, M., Ahuja, R., Nicola, M.: DB2 9 pureXML Guide. IBM Corp. (2007)

    Google Scholar 

  5. Cheng, J., Goto, Y., Horie, D., Miura, J., Kasahara, T., Iqbal, A.: Development of ISEE: An Information Security Engineering Environment. In: Proceedings of the 7th IEEE International Symposium on Parallel and Distributed Processing with Applications (ISPA 2009), pp. 505–510. IEEE Computer Society Press, Chengdu (2009)

    Chapter  Google Scholar 

  6. Cheng, J., Goto, Y., Morimoto, S., Horie, D.: A Security Engineering Environment Based on ISO/IEC Standards: Providing Standard, Formal, and Consistent Supports for Design, Development, Operation, and Maintenance of Secure Information Systems. In: Proceedings of the 2nd International Conference on Information Security and Assurance (ISA 2008), pp. 350–354. IEEE Computer Society Press, Busan (2008)

    Chapter  Google Scholar 

  7. Horie, D., Kasahara, T., Goto, Y., Cheng, J.: A New Model of Software Life Cycle Processes for Consistent Design, Development, Management, and Maintenance of Secure Information Systems. In: Proceedings of the 8th IEEE/ACIS International Conference on Computer and Information Science (ICIS 2009), pp. 897–902. IEEE Computer Society, Shanghai (2009)

    Chapter  Google Scholar 

  8. Horie, D., Morimoto, S., Azimah, N., Goto, Y., Cheng, J.: ISEDS: An Information Security Engineering Database System Based on ISO Standards. In: Proceedings of the 3rd International Conference on Availability, Reliability and Security (ARES 2008), pp. 1219–1225. IEEE Computer Society, Barcelona (2008)

    Chapter  Google Scholar 

  9. International Organization for Standardization, ISO Standards, http://www.iso.org/iso/home.htm

  10. Iqbal, A., Horie, D., Goto, Y., Cheng, J.: A Database System for Effective Utilization of ISO/IEC 27002. In: Proceedings of the 4th International Conference on Frontier of Computer Science and Technology (FCST 2009), pp. 607–612. IEEE Computer Society, Shanghai (2009)

    Chapter  Google Scholar 

  11. Krause, L.: Information Technology – Security Techniques and Standardization. Journal Standards & Interfaces - Special issue: German National Research 17, 63–67 (1995)

    Article  Google Scholar 

  12. Nicola, M., Kiefer, T.: Generating SQL/XML Query and Update Statements. In: Proceeding of the 18th ACM Conference on Information and Knowledge Management (CIKM 2009), pp. 1187–1196. ACM, New York (2009)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information and Computer Sciences, Saitama University, Saitama, 338-8570, Japan

    Ahmad Iqbal Hakim Suhaimi, Takashi Manji, Yuichi Goto & Jingde Cheng

Authors
  1. Ahmad Iqbal Hakim Suhaimi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Takashi Manji
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yuichi Goto
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jingde Cheng
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Advanced Informatics School (UTM AIS), UTM International Campus, 54100, Kuala Lumpur, Malaysia

    Azizah Abd Manaf , Akram Zeki , Mazdak Zamani  & Suriayati Chuprat , ,  & 

  2. Information Systems Department, King Saud University, Riyadh, Saudi Arabia

    Eyas El-Qawasmeh

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hakim Suhaimi, A.I., Manji, T., Goto, Y., Cheng, J. (2011). A Systematic Management Method of ISO Information Security Standards for Information Security Engineering Environments. In: Abd Manaf, A., Zeki, A., Zamani, M., Chuprat, S., El-Qawasmeh, E. (eds) Informatics Engineering and Information Science. ICIEIS 2011. Communications in Computer and Information Science, vol 251. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25327-0_32

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-25327-0_32

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-25326-3

  • Online ISBN: 978-3-642-25327-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation