Abstract
The Enterprise Security Architecture for Reliable ICT Services (ESARIS) that is described in this book is built for an ICT Service Provider that delivers ICT services to user organizations. ESARIS is intended to facilitate the exchange of information between the two parties and serve as a means of balancing security issues or the treatment thereof, respectively. This chapter explains the reasons for the ongoing trend to buy ICT services instead of producing them (Sect. 2.1). It outlines the trade-off between diverging concerns of security or assurance on the one hand and the economies of scale on the other (Sect. 2.2). There are different definitions and understandings of “security” and factors that affect security and risk. The meanings or aspects that are most important in our context will be discussed briefly (Sect. 2.3). Third-party ICT services seem to feature an unfavorable proportion of security and risk. This is to be solved by adding security measures and by providing assurance (Sect. 2.4). User organizations can outsource ICT services to providers but they keep the associated risks for their business. Some general aspects that are to be considered by user organizations are summarized and briefly discussed (Sect. 2.5). This Chap. 2 is not specific to ESARIS; instead it provides an introduction to the context for which ESARIS is built. This introduction focuses to some extent on cloud computing, the emerging ICT service provisioning and deployment model that has the potential to cause a tectonic shift in ICT production and the relation between the provider and the user organization.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Corresponding authors
Rights and permissions
Copyright information
© 2012 Springer Fachmedien Wiesbaden
About this chapter
Cite this chapter
Behnsen, W., von Faber, E. (2012). Security, assurance and the division of labor. In: Secure ICT Service Provisioning for Cloud, Mobile and Beyond. Edition <kes>. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-00069-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-658-00069-1_2
Published:
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-00068-4
Online ISBN: 978-3-658-00069-1
eBook Packages: Computer ScienceComputer Science (R0)