Return to search

Fitting an information security architecture to an enterprise architecture

M.Phil. (Computer Science) / Despite the efforts at international and national level, security continues to pose challenging problems. Firstly, attacks on information systems are increasingly motivated by profit rather than by the desire to create disruption for its own sake. Data are illegally mined, increasingly without the user’s knowledge, while the number of variants (and the rate of evolution) of malicious software (malware) is increasing rapidly. Spam is a good example of this evolution. It is becoming a vehicle for viruses and fraudulent and criminal activities, such as spyware, phishing and other forms of malware. Its widespread distribution increasingly relies on botnets, i.e. compromised servers and PCs used as relays without the knowledge of their owners. The increasing deployment of mobile devices (including 3G mobile phones, portable videogames, etc.) and mobile-based network services will pose new challenges, as IP-based services develop rapidly. These could eventually prove to be a more common route for attacks than personal computers since the latter already deploy a significant level of security. Indeed, all new forms of communication platforms and information systems inevitably provide new windows of opportunity for malicious attacks. In order to successfully tackle the problems described above, a strategic approach to information security is required, rather than the implementation of ad hoc solutions and controls. The strategic approach requires the development of an Information Security Architecture. To be effective, an Information Security Architecture that is developed must be aligned with the organisation’s Enterprise Architecture and must be able to incorporate security into each domain of the Enterprise Architecture. This mini dissertation evaluates two current Information Security Architecture models and frameworks to find an Information Security Architecture that aligns with Eskom’s Enterprise Architecture.

Identiferoai:union.ndltd.org:netd.ac.za/oai:union.ndltd.org:uj/uj:8373
Date19 May 2009
Source SetsSouth African National ETD Portal
Detected LanguageEnglish
TypeThesis

Page generated in 0.0015 seconds