The Study of Administrative Requirements of the Organizational Information Security Architecture, In the Defense Organizations

Document Type : Research Article

Authors

Abstract

The organizational information security architecture, is a comprehensive security solution which is used for orientation and alignment of the processes, structures, and organizational security mechanisms and supporting the career goals, as a complement for organizational architecture. Due to the importance of security issues in the defense organizations, the common mechanisms of organizational information security architecture, does not necessarily serve the needs of these organizations. The aim of this study was to evaluate administrative requirements of organizational information security architecture in defense organizations in the Islamic Republic of Iran. In this study ,using a conceptual model, the administrative requirements of organizational information security architecture in
defense organizations were investigated, and the structural equation modeling method was used to evaluate this model and prioritize the components and indicators. This study is an applied research in which the descriptive research method was used. After analyzing the results, the operational priorities of organizational information security architecture in defense organizations were extracted. The necessity for the adaptation of existing frameworks, necessary attention to the objectives, policies, visions and strategic plans while developing a security framework, getting feedback while implementing security frameworks, and achieving a common language among executive experts, politicians and senior managers, are the other results presented in this study.

Keywords

References

  1. تمتاجی، مصطفی، مهدی نقیان فشارکی و غلامحسین طباطبایی (1394). الگوی طبقه بندی دارایی های اطلاعاتی سازمانی ومتدولوژی معماری امنیت آن. پژوهشنامه پردازش ومدیریت اطلاعات. ۱، ۲۴۱–۲۶۴.
  2. خیامی، سید رئوف .(1388). ارزیابی و تحلیل معمار سازمانی. رساله دکترا، دانشگاه شیراز.
  3. شریعتی، مرضیه .(1389). معماری امنیت اطلاعات سازمانی. پایان‌نامه کارشناسی ارشد، دانشگاه شهید بهشتی، تهران.
  4. صمدی اوانسر، عسگر .(1384). مقدمهای بر معماری سازمانی (ویژه مدیران). تهران: دبیرخانه شورای عالی اطلاع‌رسانی.
  5. کارخانه، هانیه و افشین لامعی .(1393). تدوین معماری بومی امنیت سازمانی بر اساس نیازمندیهای لایههای معماری سازمانی. هشتمین اجلاس فرماندهی و کنترل، تهران: انجمن فرماندهی و واپایش (کنترل) ایران، 418-425.
  6. مرآتی، احسان .(1391). تدوین روش توسعه چارچوبهای معماری سازمانهای دفاعی. فصلنامه سیاست دفاعی، شماره 79 زمستان 1391، 33-60.
  7. نادری، علیرضا، هادی فقیه و رمضان میر عباسی (1391). معماری سازمانی زمینهساز استقرار و توسعه معماری اطلاعات در دستگاههای دفاعی و اجرایی کشور، فصلنامه سیاست دفاعی شماره 79، زمستان 1391، 61-96.

 

  1. Rachamadugu, V. & Anderson, J. A. (2008, July). Managing Security and Privacy Integration Across Enterprise Business Process and Infrastructure. In Services Computing, 2008. SCC'08. IEEE International Conference on (Vol. 2, pp. 351-358). IEEE.
  2. GOA. (2007). HOMELAND SECURITY. DHS Enterprise Architecture. United States Government Accountability Office.
  3. Sun, J. & Chen, Y. (2008, November). Intelligent Enterprise Information Security Architecture Based on Service Oriented Architecture. In Future Information Technology and Management Engineering, 2008. FITME'08. International Seminar on (pp. 196-200). IEEE.
  4. Kasarkod، J. (2011). Integration of SABSA Security Architecture Approaches with TOGAF ADM. White Paper.
  5. Kreizman, G. & Robertson, B. (2006). Incorporating Security into the Enterprise Architecture Process. Gartner, Inc.
  6. OISSG. (2006). Information Systems Security Assessment Framework. ISSAF.
  7. Rouhani, B. D. Mahrin, M. N. R. Nikpay, F. Ahmad, R. B. & Nikfard, P. (2015). A systematic literature Review on Enterprise Architecture Implementation Methodologies. Information and Software Technology, 62, 1-20.
  8. Scholtz، T. (2006). Structure and Content of an Enterprise Information Security Architecture. Gartner Inc.
  9. Scott، J. (2012). The Sabsa Model Excerpted from the Sabsa،An Analysis of the sabsa Framework. SABSA website.
  10. Shariati, M. Bahmani, F. & Shams, F. (2011). Enterprise Information Security, a Review of Architectures and Frameworks from interoperability perspective. Procedia Computer Science, 3, 537-543.
  11. Sherwood، J و A Clark. (2009). Enterprise Security Architecture-A Business Driven Approach. CRC Press، by Taylor & Francis Group.

 

 

 

Files

Share

How to cite

Statistics