Identity based Management: Extending the ISMS for Federation

Steven Woodhouse, Peter White

Research output: Book chapter/Published conference paperConference paperpeer-review

292 Downloads (Pure)

Abstract

Organisations usually have identified valid business requirements to share information and resources with other organisations. To achieve this sharing of information the organisations have to enter into some form of federation which can, and usually does, dramatically change their risk posture. Organisations develop and implement an Information Security Management System as part of good business management or to meet regulatory and certification requirements. This paper examines the implications of an organisation joining a federation and using Identity based Management as part of its normal operations. It investigates the requirements that must be met internally, and externally, in order for an organisation to attempt to create a federation with external organisations. It then proposes a framework for using Identity based Management within a federation.
Original languageEnglish
Title of host publicationOceania CACS
Subtitle of host publicationPractical IT Governance in a Connected World
Place of PublicationUSA/Australia
PublisherISACA
Publication statusPublished - 2007
EventISACA Oceania Computer Audit Control and Security Conference - Auckland NZ, New Zealand
Duration: 09 Sept 200712 Sept 2007

Conference

ConferenceISACA Oceania Computer Audit Control and Security Conference
Country/TerritoryNew Zealand
Period09/09/0712/09/07

Fingerprint

Dive into the research topics of 'Identity based Management: Extending the ISMS for Federation'. Together they form a unique fingerprint.

Cite this