Name
Title | ||
|---|---|---|
Managing information security in a business network of machinery maintenance services business - Enterprise architecture as a coordination tool |
Abstract | ||
|---|---|---|
Today, technologies enable easy access to information across organizational boundaries, also to systems of partners in business networks. This raises, however, several complex research questions on privacy, information security and trust. The study reported here provides motivation and a roadmap for approaching integrated security management solutions in a business network of partners with heterogeneous information and communication technologies (ICT): Systems, platforms, infrastructures as well as security policies. Enterprise architecture (EA) is proposed as a means for comprehensive and coordinated planning and management of corporate ICT and the security infrastructure. The EA approach is proposed as a pre-requisite for transparent and secure inter-organizational information exchange and business process support crossing corporate boundaries. This study provides an example of security architecture planning based on EA, which aligns the development of technological solutions with the business goals. The EA approach combines the planning of business and ICT developments. The alignment provides arguments for cohesive identity and access management (IAM) in a business network. A case study with Metso Paper, Inc., the leading manufacturer of paper machinery and related services, exemplifies the EA-based security architecture planning and specification. |
Year | DOI | Venue |
|---|---|---|
2007 | 10.1016/j.jss.2007.01.044 | Journal of Systems and Software |
Keywords | Field | DocType |
enterprise architecture (ea),machinery maintenance services business,information security management,security architecture,coordination tool,information security,ea-based security architecture planning,security infrastructure,integrated security management solution,business goal,identity and access management (iam),security policy,business process support,ea approach,enterprise architecture,business network,information exchange,communication technology,security management,identity and access management,business process | Business system planning,Enterprise architecture,Systems engineering,Computer science,Sherwood Applied Business Security Architecture,Information security,Knowledge management,Information security management,Security information and event management,Enterprise information security architecture,Business architecture | Journal |
Volume | Issue | ISSN |
80 | 10 | The Journal of Systems & Software |
Citations | PageRank | References |
23 | 0.76 | 14 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Mirja Pulkkinen | 1 | 103 | 8.07 |
| Anton Naumenko | 2 | 44 | 4.37 |
| Kari Luostarinen | 3 | 29 | 3.22 |