Enterprise security architecture in business convergence environments

Sangkyun Kim, Choon Seong Leem

Research output: Contribution to journalArticle

7 Citations (Scopus)

Abstract

Purpose - To provide the strategic model of approach which helps enterprise executives to solve the managerial problems of planning, implementation and operation about information security in business convergence environments. Design/methodology/approach - A risk analysis method and baseline controls of BS7799 were used to generate security patterns of business convergence. With the analysis of existing enterprise architecture (EA) methods, the framework of the enterprise security architecture was designed. Findings - The adaptive framework, including the security patterns with quantitative factors, enterprise security architecture with 18 dimensions, and reference models in business convergence environments, is provided. Research limitations/implications - Information assets and baseline controls should be subdivided to provide more detailed risk factors and weight factors of each business convergence strategy. Case studies should be performed continuously to consolidate contents of best practices. Practical implications - With the enterprise security architecture provided in this paper, an enterprise that tries to create a value-added business model using convergence model can adapt itself to mitigate security risks and reduce potential losses. Originality/value - This paper outlined the business risks in convergence environments with risk analysis and baseline controls. It is aguably the first attempt to adapt the EA approach for enterprise executives to solve the security problems of business convergence.

Original languageEnglish
Pages (from-to)919-936
Number of pages18
JournalIndustrial Management and Data Systems
Volume105
Issue number7
DOIs
Publication statusPublished - 2005 Sep 29

Fingerprint

Industry
Risk analysis
Security of data
Planning
Enterprise architecture
Factors

All Science Journal Classification (ASJC) codes

  • Management Information Systems
  • Industrial relations
  • Computer Science Applications
  • Strategy and Management
  • Industrial and Manufacturing Engineering

Cite this

@article{755f3ab2ee9b4912b4c85e473bc06a01,
title = "Enterprise security architecture in business convergence environments",
abstract = "Purpose - To provide the strategic model of approach which helps enterprise executives to solve the managerial problems of planning, implementation and operation about information security in business convergence environments. Design/methodology/approach - A risk analysis method and baseline controls of BS7799 were used to generate security patterns of business convergence. With the analysis of existing enterprise architecture (EA) methods, the framework of the enterprise security architecture was designed. Findings - The adaptive framework, including the security patterns with quantitative factors, enterprise security architecture with 18 dimensions, and reference models in business convergence environments, is provided. Research limitations/implications - Information assets and baseline controls should be subdivided to provide more detailed risk factors and weight factors of each business convergence strategy. Case studies should be performed continuously to consolidate contents of best practices. Practical implications - With the enterprise security architecture provided in this paper, an enterprise that tries to create a value-added business model using convergence model can adapt itself to mitigate security risks and reduce potential losses. Originality/value - This paper outlined the business risks in convergence environments with risk analysis and baseline controls. It is aguably the first attempt to adapt the EA approach for enterprise executives to solve the security problems of business convergence.",
author = "Sangkyun Kim and Leem, {Choon Seong}",
year = "2005",
month = "9",
day = "29",
doi = "10.1108/02635570510616111",
language = "English",
volume = "105",
pages = "919--936",
journal = "Industrial Management and Data Systems",
issn = "0263-5577",
publisher = "Emerald Group Publishing Ltd.",
number = "7",

}

Enterprise security architecture in business convergence environments. / Kim, Sangkyun; Leem, Choon Seong.

In: Industrial Management and Data Systems, Vol. 105, No. 7, 29.09.2005, p. 919-936.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Enterprise security architecture in business convergence environments

AU - Kim, Sangkyun

AU - Leem, Choon Seong

PY - 2005/9/29

Y1 - 2005/9/29

N2 - Purpose - To provide the strategic model of approach which helps enterprise executives to solve the managerial problems of planning, implementation and operation about information security in business convergence environments. Design/methodology/approach - A risk analysis method and baseline controls of BS7799 were used to generate security patterns of business convergence. With the analysis of existing enterprise architecture (EA) methods, the framework of the enterprise security architecture was designed. Findings - The adaptive framework, including the security patterns with quantitative factors, enterprise security architecture with 18 dimensions, and reference models in business convergence environments, is provided. Research limitations/implications - Information assets and baseline controls should be subdivided to provide more detailed risk factors and weight factors of each business convergence strategy. Case studies should be performed continuously to consolidate contents of best practices. Practical implications - With the enterprise security architecture provided in this paper, an enterprise that tries to create a value-added business model using convergence model can adapt itself to mitigate security risks and reduce potential losses. Originality/value - This paper outlined the business risks in convergence environments with risk analysis and baseline controls. It is aguably the first attempt to adapt the EA approach for enterprise executives to solve the security problems of business convergence.

AB - Purpose - To provide the strategic model of approach which helps enterprise executives to solve the managerial problems of planning, implementation and operation about information security in business convergence environments. Design/methodology/approach - A risk analysis method and baseline controls of BS7799 were used to generate security patterns of business convergence. With the analysis of existing enterprise architecture (EA) methods, the framework of the enterprise security architecture was designed. Findings - The adaptive framework, including the security patterns with quantitative factors, enterprise security architecture with 18 dimensions, and reference models in business convergence environments, is provided. Research limitations/implications - Information assets and baseline controls should be subdivided to provide more detailed risk factors and weight factors of each business convergence strategy. Case studies should be performed continuously to consolidate contents of best practices. Practical implications - With the enterprise security architecture provided in this paper, an enterprise that tries to create a value-added business model using convergence model can adapt itself to mitigate security risks and reduce potential losses. Originality/value - This paper outlined the business risks in convergence environments with risk analysis and baseline controls. It is aguably the first attempt to adapt the EA approach for enterprise executives to solve the security problems of business convergence.

UR - http://www.scopus.com/inward/record.url?scp=25144474491&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=25144474491&partnerID=8YFLogxK

U2 - 10.1108/02635570510616111

DO - 10.1108/02635570510616111

M3 - Article

VL - 105

SP - 919

EP - 936

JO - Industrial Management and Data Systems

JF - Industrial Management and Data Systems

SN - 0263-5577

IS - 7

ER -