Beschreibung:
This book introduces a reference architecture that enhances the security of services offered in the information and communication technology (ICT) market. It enables customers to compare offerings and to assess risks when using third-party ICT services including cloud computing and mobile services. Service providers are given a comprehensive blueprint for security implementation and maintenance covering service portfolio management, bid phases and realization projects as well as service delivery management. The architecture is completely modular and hierarchical. It contains a security taxonomy organizing all aspects of modern industrialized ICT production. The book also describes a wealth of security measures derived from real-world challenges in ICT production and service management.
This book introduces a reference architecture that enhances the security of services offered in the information and communication technology (ICT) market. It enables customers to compare offerings and to assess risks when using third-party ICT services including cloud computing and mobile services. Service providers are given a comprehensive blueprint for security implementation and maintenance covering service portfolio management, bid phases and realization projects as well as service delivery management. The architecture is completely modular and hierarchical. It contains a security taxonomy organizing all aspects of modern industrialized ICT production. The book also describes a wealth of security measures derived from real-world challenges in ICT production and service management.
Security, Assurance and the Division of Labor.- Industrialization Concept, Requirements Treatment and Composition of Services.- Work Areas, Collaboration Model and Hierarchy of Security Standards.- Concept of Double Direction Standards.- Security Taxonomy: Criteria, Goals and Result.- Internal Structureand Usage of the ICT Security Standards.- Rollout Process.