Annotated Bibliography On Information Security Policies Essay.

The topic for research is Information Security Policies.

Sections of these policies include

Internet Acceptable Usage Policy eMail Acceptable Use Policy

Malicious Software Protection Policy Network Security Policy

Physical and Environmental Security Policy Information Security Awareness Policy

Data Classi cation Policy

Select one of these sections to research and nd 4 relevant papers which assist someone devel-oping a policy.

Compose an annotated bibliography of research papers that relate to the issue so your an-notated bibliography will help you (and others) to have a good resource to evaluate and think about the relevance and quality of material on the topic.

Research Papers

Hashizume, K., Rosado, D.G., Fernández-Medina, E. and Fernandez, E.B., 2013. An analysis of security issues for cloud computing. Journal of internet services and applications, 4(1), p.5.

The article is chosen from the Journal of Internet Services and Applications. The article discusses about the topic based on Cloud Computing. The environment of cloud computing have provided a cost-effective, flexible and a proper form of delivery platform for the different business and IT organizations. With the great forms of inventions and latest developments, there have also been some form of additional forms of risk that have been added within the platform.

Hashizume et al. (2013) have discussed about the systematic forms of reviews based on the security issues within the cloud computing environment. Based on the proper form of surveying of the article, the authors have formulated a question based on the most recent forms of vulnerabilities that have been recorded within the areas of Cloud Computing. This kind of question would be in relation with the aim of the works of research. The works of research based on the areas of cloud computing would deal with Cloud systems. They also discuss about the different kinds of vulnerabilities within the systems and also help in defining the best form of recommendations and the practices within the cloud platform.

The authors have also discussed about the different forms of results that have been derived within the areas of research based on the article. Based on the derived conclusions from the research, the authors have thus also discussed about the different forms of countermeasures that could be applied for the security of information within the physical environment of the cloud platforms. The web services have also led to different forms of challenges that could also be addressable. The authors have also discussed about the report from the different surveys based on the vulnerabilities and threats. They have also discussed about the complex architecture that would composed of different technologies.

Linkov, I., Eisenberg, D.A., Plourde, K., Seager, T.P., Allen, J. and Kott, A., 2013. Resilience metrics for cyber systems. Environment Systems and Decisions, 33(4), pp.471-476.

This paper discusses about the security of information within the environment of cyberspace and cyber systems. In the recent times, there has been a growing importance of the use of cyber security within various developing nations. Linkov et al. (2013) have discussed about the growing importance of cyber security that has expanded in the recent years. The reach of this technology have crossed the boundaries of the traditional methods of information security. They have thus included the protection of the resources of information. The paper also discusses about the different roles of various persons within a particular organisation based on the resilience against attacks in the cyber systems.

Hashizume et al. (2013) - Security Issues for Cloud Computing

In this particular research paper, the authors have discussed that the factors of human dependence within the security processes would play a major role. In the article, the authors have discussed about the resilience matrix framework, which defines the current works of resilience within cyber systems. These are thus considered to be the most vital form of standards based on the security of information within computers. The research on the paper discusses about the different forms of recent publications that are able to deal with the security of the cyberspace. The authors have also discussed about the various forms of scenarios related to cyber security such as cyber bullying, digital media, home automation and cyber terrorism.  

The authors also discuss the different metrics based on cyber systems. With the help of research on the paper, the authors have thus argued about the growing complexity of cyber systems and cyber threats that would require the integration of the process of risk management. The authors have thus provided vast definitions on the subject and have thus described various policies based on protection of information within the environment.

Yang, Y.P.O., Shieh, H.M. and Tzeng, G.H., 2013. A VIKOR technique based on DEMATEL and ANP for information security risk control assessment. Information Sciences, 232, pp.482-500.

In this article, Yang, Shieh and Tzeng (2013) have discussed that the organizations and companies have relied on the computer networks to a much extent. With the extent of the huge form of usage, the management of the security within the devices have grown to a much extent. In order to meet with the security concerns, the enterprises should be efficient enough for safeguarding the private information.

The authors have discussed about a kind of a hybrid model, which is known as the Multiple Criteria Decision-making (MCDM) model that combines the Decision-making Trail and Evaluation Laboratory (DEMATEL), VIKOR and Analytic Network Process (ANP) techniques for solving the different kinds of problems based on the criteria of confliction.

The authors have thus discussed that the different government organizations should adjust the management policy of information security for the purpose of meeting the level of information security, which would be meant for the intended users. These organizations should keep a regular check on the controls over the information security over the organisation. The authors have thus discussed that however as there have been a large number of regular form of controls over the security of information, hence they should be able to maintain the controls of security of the organisation and should also ensure the safety of the makers of the decisions within the organisation.

Linkov et al. (2013) - Resilience Metrics for Cyber Systems

This research paper is thus chosen for gaining knowledge over the different forms of evaluation and controls over the areas of prioritization. The proper form of evaluation would be helpful for the IT managers for improving the gaps within the areas of control and perform optimization. The utilisation of the methods would also be helpful for diagnosis over the problems within the areas of information security within the concerning organisation.

Yu, T., Sekar, V., Seshan, S., Agarwal, Y. and Xu, C., 2015, November. Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the internet-of-things. In Proceedings of the 14th ACM Workshop on Hot Topics in Networks (p. 5). ACM.

This article describes the world of Internet of Things (IoT). The world of IoT has shifted to a much more advanced platform with a lot of devices to get connected to the platform. The authors have discussed about the different kinds of policies that have affected the world of IoT and the connected devices within the framework. The IoT based devices are able to interact with each other and have the permissibility to put an impact on the physical world. The authors have thus discussed about the various kinds of tests that were performed within the IoT connected devices. The results gained were thus able to depict that the security of interconnection within the devices would be much more dynamic and complex. This has been described as the reason based within the computational and physical elements.

The authors have also discussed about the coupling of IoT devices with the help of physical environment that would lead to implicit form of dependencies. Unlike the traditional form of IoT connected devices. The dependencies based cross-devices connections would be very much common. Yu et al. (2015) have described about the different abstractions based on existing policies. They have also described as the firewall rules or the IoT protocol management. There is also a brief representation of Finite State Machine (FSM) policy abstraction. They would be able to capture the environmental, cross-device and within the contexts of security.

Based on the discussion from the research article, it could be concluded that with the huge forms of reforms within the sector of IoT and connected devices, the traditional approaches should adopt several secure methods. The paper discusses about the discussion on the different forms of challenges based on the based on the capturing of data within the IoT framework.

References

Hashizume, K., Rosado, D.G., Fernández-Medina, E. and Fernandez, E.B., 2013. An analysis of security issues for cloud computing. Journal of internet services and applications, 4(1), p.5.

https://link.springer.com/article/10.1186/1869-0238-4-5

Linkov, I., Eisenberg, D.A., Plourde, K., Seager, T.P., Allen, J. and Kott, A., 2013. Resilience metrics for cyber systems. Environment Systems and Decisions, 33(4), pp.471-476.

https://s3.amazonaws.com/academia.edu.documents/40031296/Resilience_metrics_for_cyber_systems20151115-3624-xb1dlf.pdf?AWSAccessKeyId=AKIAIWOWYYGZ2Y53UL3A&Expires=1539675283&Signature=JNeXYvBCzFwwWYbOd2jmsYqIP8g%3D&response-content-disposition=inline%3B%20filename%3DResilience_metrics_for_cyber_systems.pdf

Yang, Y.P.O., Shieh, H.M. and Tzeng, G.H., 2013. A VIKOR technique based on DEMATEL and ANP for information security risk control assessment. Information Sciences, 232, pp.482-500.

https://www.sciencedirect.com/science/article/pii/S0020025511004695

Yu, T., Sekar, V., Seshan, S., Agarwal, Y. and Xu, C., 2015, November. Handling a trillion (unfixable) flaws on a billion devices: Rethinking network security for the internet-of-things. In Proceedings of the 14th ACM Workshop on Hot Topics in Networks (p. 5). ACM.

https://dl.acm.org/citation.cfm?id=2834095