Author
Listed:
- Jacky Akoka
(CEDRIC - ISID - CEDRIC. Ingénierie des Systèmes d'Information et de Décision - CEDRIC - Centre d'études et de recherche en informatique et communications - ENSIIE - Ecole Nationale Supérieure d'Informatique pour l'Industrie et l'Entreprise - CNAM - Conservatoire National des Arts et Métiers [CNAM] - HESAM - HESAM Université - Communauté d'universités et d'établissements Hautes écoles Sorbonne Arts et métiers université, IMT-BS - DSI - Département Systèmes d'Information - TEM - Télécom Ecole de Management - IMT - Institut Mines-Télécom [Paris] - IMT-BS - Institut Mines-Télécom Business School - IMT - Institut Mines-Télécom [Paris])
- Nabil Laoufi
(EMP - École Militaire Polytechnique [Alger] - MESRS - Ministère de l'Enseignement Supérieur et de la Recherche Scientifique [Algérie] - Ministère de la Défense Nationale [Algérie])
- Nadira Lammari
(CEDRIC - ISID - CEDRIC. Ingénierie des Systèmes d'Information et de Décision - CEDRIC - Centre d'études et de recherche en informatique et communications - ENSIIE - Ecole Nationale Supérieure d'Informatique pour l'Industrie et l'Entreprise - CNAM - Conservatoire National des Arts et Métiers [CNAM] - HESAM - HESAM Université - Communauté d'universités et d'établissements Hautes écoles Sorbonne Arts et métiers université)
Abstract
Companies are increasingly confronted with the problems caused by their reliance on information systems. They are thus forced to implement a process of security requirements derivation starting from risks analysis. This process requires a thorough analysis of the organizational context. The purpose of this article is to propose a security meta model enriched by an ontology of the context. To this end, we propose (i) the development of a context ontology based on the ISO / IEC 27000: 2018 security standard,(ii) an approach to enrich the security meta model with context ontology. This enrichment is carried out in two phases. The first is related to the identification and extraction of elements of the context of the enterprise. The second concerns the determination of the security criteria of the assets of the organization to be protected and (iii) the application to a real case which also serves as a first step in the validation of our approach.
Suggested Citation
Jacky Akoka & Nabil Laoufi & Nadira Lammari, 2018.
"Méta modèle de la sécurité des systèmes d'information : enrichissement par le contexte,"
Post-Print
hal-02283829, HAL.
Handle:
RePEc:hal:journl:hal-02283829
Note: View the original document on HAL open archive server: https://hal.science/hal-02283829
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:hal:journl:hal-02283829. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: CCSD (email available below). General contact details of provider: https://hal.archives-ouvertes.fr/ .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/p/hal/journl/hal-02283829.html
