Abstract
Many organizations have introduced an Information Security Management System (ISMS) to improve their security information management. Contemporary management of information security involves various approaches, ranging from technology to organizational issues. According to international standard ISO/IEC 27001:2005, this paper presents an attempt to apply agent-based modeling to establish an information security management framework where machine learning technologies are incorporated. Within the framework, five types of agents are modeled in details. To foster the practical use of the framework in this paper, some critical issues are discussed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
CSI Computer Crime & Security Survey (2008), http://gocsi.com/sites/default/files/uploads/CSIsurvey2008.pdf
Yildirima, E.Y., Akalpa, G., Aytacb, S., Bayram, N.: Factors influencing information security management in SME: a case study. International Journal of Information Management 31, 360–365 (2011)
ISO/IEC-27001:2005. Information technology – security techniques –information security management systems – requirements
Humphreys, E.: Information security management standards: Compliance, governance and risk management. Information Security Technical Report 13, 247–255 (2008)
Govindu, R., Chinnam, R.B.: MASCF: A generic process centered methodological framework for analysis and design of multi-agent supply chain systems. Computers & Industrial Engineering 53, 584–609 (2007)
Zaki, M., Sobh, T.S.: A cooperative agent-based model for active security systems. Journal of Network and Computer Applications 27, 201–220 (2004)
Kuo, M.H.: An intelligent agent-based collaborative information security framework. Expert Systems with Applications 32, 585–598 (2007)
Kim, H.K., Im, K.H., Park, S.C.: DSS for computer security incident response applying CBR and collaborative response. Expert Systems with Applications 37, 852–870 (2010)
ISMS risk management. ISO/IEC 27005 (2008)
Saleh, M.S., Alfantookh, A.: A new comprehensive framework for enterprise information security risk management. Applied Computing and Informatics 9, 107–118 (2011)
Goldman, C.V., Rosenschein, J.S.: Mutually Supervised Learning in Multiagent Systems. In: Weiss, G., Sen, S. (eds.) IJCAI-WS 1995. LNCS, vol. 1042, pp. 85–96. Springer, Heidelberg (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jiang, C., Zhang, B., Yu, Y., Zhang, X. (2012). An Intelligent Agent-Based Framework for Information Security Management. In: Zhang, T. (eds) Instrumentation, Measurement, Circuits and Systems. Advances in Intelligent and Soft Computing, vol 127. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27334-6_95
Download citation
DOI: https://doi.org/10.1007/978-3-642-27334-6_95
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27333-9
Online ISBN: 978-3-642-27334-6
eBook Packages: EngineeringEngineering (R0)