Abstract
This chapter is an approach to ESARIS. In Sect. 3.1 the term ESARIS is defined in detail and shown in relation to other structures. The reasons and the background are provided in order to understand the necessity for an ICT Service Provider to develop and maintain such an architecture and to better appreciate its purpose and value. Section 3.2 analyzes the situation whereby there are many departments and different business in large enterprises and they all appear to depend on all the others. Here, there are at least two perspectives, referred to as corporate security management and product security management. Taking into consideration these different perspectives on information security provides more clarity, differentiates between responsibilities for security and thereby strengthens the scope of ESARIS. The latter is continued in Sect. 3.3 through a description of frameworks for ESARIS, i.e. organizations or systems relating to the architecture and which are required for it. The so-called Enablement Framework primarily refers to the corporate security perspective and provides the ICT Service Provider with the ability to achieve information security. The so-called Enforcement Framework primarily refers to the product security perspective and provides practical security measures for protecting the ICT services. Section 3.4 introduces the ESARIS Industrialization Concept with an explanation as to how requirements from different sources are treated, structured and used and how standardized elements are combined in order to create tailored ICT services and to meet various security requirements. Section 3.5 leads on to the next chapter by outlining the ESARIS Dimensions and Work Areas.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Corresponding authors
Rights and permissions
Copyright information
© 2012 Springer Fachmedien Wiesbaden
About this chapter
Cite this chapter
Behnsen, W., von Faber, E. (2012). Approach and framework. In: Secure ICT Service Provisioning for Cloud, Mobile and Beyond. Edition <kes>. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-00069-1_3
Download citation
DOI: https://doi.org/10.1007/978-3-658-00069-1_3
Published:
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-00068-4
Online ISBN: 978-3-658-00069-1
eBook Packages: Computer ScienceComputer Science (R0)