To read this content please select one of the options below:

Formalizing information security requirements

Mariana Gerber (Port Elizabeth Technikon, Port Elizabeth, South Africa)

Rossouw von Solms (Port Elizabeth Technikon, Port Elizabeth, South Africa)

Paul Overbeek ((Visitor) Port Elizabeth Technikon, Port Elizabeth, South Africa)

Information Management & Computer Security

ISSN: 0968-5227

Article publication date: 1 March 2001

Downloads

5173

Abstract

Risk analysis, concentrating on assets, threats and vulnerabilities, used to play a major role in helping to identify the most effective set of security controls to protect information technology resources. To successfully protect information, the security controls must not only protect the infrastructure, but also instill and enforce certain security properties in the information resources. To accomplish this, a more modern top‐down approach is called for today, where security requirements driven by business needs dictate the level of protection required.

Keywords

Citation

Gerber, M., von Solms, R. and Overbeek, P. (2001), "Formalizing information security requirements", Information Management & Computer Security, Vol. 9 No. 1, pp. 32-37. https://doi.org/10.1108/09685220110366768

Publisher

:

MCB UP Ltd

To read this content please select one of the options below:

Please note you do not have access to teaching notes

Formalizing information security requirements

Abstract

Keywords

Citation

Publisher

Related articles

Something didn’t work…

All feedback is valuable

Platform update page

Questions & More Information

To read this content please select one of the options below:

Please note you do not have access to teaching notes

Abstract

Keywords

Citation

Publisher

Related articles

We’re listening — tell us what you think

Something didn’t work…

All feedback is valuable

Join us on our journey

Platform update page

Questions & More Information