Advanced Approach to Information Security Management System Model for Industrial Control System
Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS)....
Main Authors: | , |
---|---|
Format: | Article |
Language: | English |
Published: |
Hindawi Limited
2014-01-01
|
Series: | The Scientific World Journal |
Online Access: | http://dx.doi.org/10.1155/2014/348305 |
id |
doaj-09a93e739b8147a19732a67c9b3073de |
---|---|
record_format |
Article |
spelling |
doaj-09a93e739b8147a19732a67c9b3073de2020-11-25T01:33:16ZengHindawi LimitedThe Scientific World Journal2356-61401537-744X2014-01-01201410.1155/2014/348305348305Advanced Approach to Information Security Management System Model for Industrial Control SystemSanghyun Park0Kyungho Lee1Center for Information Security Technologies (CIST), Korea University, Seoul 136-713, Republic of KoreaCenter for Information Security Technologies (CIST), Korea University, Seoul 136-713, Republic of KoreaOrganizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.http://dx.doi.org/10.1155/2014/348305 |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Sanghyun Park Kyungho Lee |
spellingShingle |
Sanghyun Park Kyungho Lee Advanced Approach to Information Security Management System Model for Industrial Control System The Scientific World Journal |
author_facet |
Sanghyun Park Kyungho Lee |
author_sort |
Sanghyun Park |
title |
Advanced Approach to Information Security Management System Model for Industrial Control System |
title_short |
Advanced Approach to Information Security Management System Model for Industrial Control System |
title_full |
Advanced Approach to Information Security Management System Model for Industrial Control System |
title_fullStr |
Advanced Approach to Information Security Management System Model for Industrial Control System |
title_full_unstemmed |
Advanced Approach to Information Security Management System Model for Industrial Control System |
title_sort |
advanced approach to information security management system model for industrial control system |
publisher |
Hindawi Limited |
series |
The Scientific World Journal |
issn |
2356-6140 1537-744X |
publishDate |
2014-01-01 |
description |
Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS. |
url |
http://dx.doi.org/10.1155/2014/348305 |
work_keys_str_mv |
AT sanghyunpark advancedapproachtoinformationsecuritymanagementsystemmodelforindustrialcontrolsystem AT kyungholee advancedapproachtoinformationsecuritymanagementsystemmodelforindustrialcontrolsystem |
_version_ |
1725078436146315264 |