Fiche du document
27 novembre 2019
- handle: 10670/1.4uv9v8
- hal: hal-03231354
- doi: 10.1007/978-3-030-35151-9_15
Ce document est lié à :
info:eu-repo/semantics/altIdentifier/doi/10.1007/978-3-030-35151-9_15
http://creativecommons.org/licenses/by/ , info:eu-repo/semantics/OpenAccess
Sujets proches
Assessment Western architecture (Western countries) Building design Construction Buildings--Design and construction Architecture, Western (Western countries)Citer ce document
Tanja Pavleska et al., « Cybersecurity Evaluation of Enterprise Architectures: The e-SENS Case », HAL-SHS : sciences de l'information, de la communication et des bibliothèques, ID : 10.1007/978-3-030-35151-9_15
Métriques
Partage / Export
Résumé
Technology management through enterprise architectures has already become a widespread practice across large enterprises. Modeling and evaluating the cybersecurity aspect of it, however, has just begun to get the needed attention. This paper presents a cybersecurity evaluation methodology developed for the reference architecture of the e-SENS project and derives a generic framework for cybersecurity evaluation of an enterprise architecture. The evaluation addresses both the high-level design artefacts (the reference architecture) and operational solutions. Therefore, both a conceptual and an empirical framework are developed as part of the methodology. The former extends a goal-based security model with a threat-view incorporating standardized guidelines on security measures, whereas the latter captures and systematizes implemented project-specific security practices. The resulting methodology effectively supports the evaluation and is easy to grasp by non-technical people. Moreover, it is lendable to formalization, supporting a semi-automatic process of solution architecture design.