About this book
In this book a reference architecture is introduced enhancing the security of the services offered in the information and communication technology (ICT) market. Customers will be able to compare offerings and to assess risks associated with using third-party ICT services including cloud computing and mobile services. Service providers are provided with a comprehensive blueprint for security implementation and maintenance covering service portfolio management, bid phases and realization projects as well as the service delivery management. The architecture is thoroughly modular and hierarchical. It contains a security taxonomy that organizes all aspects of modern industrialized ICT production. The book also describes a wealth of security measures derived from real-world challenges in ICT production and service management.
Security, assurance and the division of labor – Framework, Industrialization concept – Work areas, Collaboration model, Hierarchy of security standards, Usage model – Security taxonomy: Derivation, Map, Content, Specification concept – Production security in practice: Evidence and customer relation, Service management, ICT service access, IT service production, Certification and risk management - Customer fulfillment model, Compliance attainment model – Rollout process
IT managers and architects of user organizations and ICT service providers, Security managers, Portfolio and process managers, Consultants and auditors, Employees in IT functions being concerned with security, anyone interested in industrialized ICT production
About the Authors
Eberhard von Faber has more than 20 years industrial experience in information security. His workspace at T-Systems is Security Strategy and Executive Consulting. He is also a professor at Brandenburg University of Applied Science.
Wolfgang Behnsen is Senior Security Manager at T-Systems. He worked in several roles in information security management. He holds several recognized security certificates and is member of diverse associations.