Advanced security management system for critical infrastructures

IISA 2014 - 5th International Conference on Information, Intelligence, Systems and Applications

Volumn , Issue , 2014, Pages 291-297

  Karantjias, Athanasios ^a   Polemi, Nineta ^b   Papastergiou, Spyridon ^b  

^a Singularlogic Anonymi Etaireia Pliroforiakon Systimaton Kai Efarmogon Pliroforikis   (Greece)

^b UNIVERSITY OF PIRAEUS   (Greece)

Author keywords

collaboration; critical infrastructure; privacy; risk assessment; security management

Indexed keywords

C (PROGRAMMING LANGUAGE); DATA PRIVACY; ECONOMICS; INDUSTRIAL MANAGEMENT; PUBLIC WORKS; RISK ASSESSMENT;

COLLABORATION; COLLABORATIVE SECURITIES; DIGITAL ENVIRONMENT; ECONOMIC ACTIVITIES; ICT INFRASTRUCTURES; INFORMATION INFRASTRUCTURES; SECURITY MANAGEMENT; SECURITY MANAGEMENT SYSTEMS;

CRITICAL INFRASTRUCTURES;

EID: 84906738301     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IISA.2014.6878837     Document Type: Conference Paper

References (27)

1. Polemi, N.: Security Management of the ports' information systems. ENISA Personal study. Available at http://www.enisa.europa.eu (accessed August 2012).
2. Reynolds, D., Rabey, K, Polemi, N.: Analysing mes needs and expectations in the area of information security. ENlSA report (2008), available at http://www.enisa.europa.eu/act/sr/reports/microenterprises/files/ wg-micro-report.
3. Ntouskas, T., Papanikas, D. and Polemi, N. (2012) 'Trusted collaborative services for the IT security management of SMEs/mEs", In: J. Electronic Security and Digital Forensics, Vol. 4, Nos. 2/3, pp. 124-137.
4. Ntouskas, T., Papanikas, D., Polemi N, "A collaborative system offering security management services for SMEs/mEs", in Proc. of the 7th IEEE International Conference in Global Security, Safety and Sustainabilit (ICGS3-2011), R. Bashroush, et al. (Eds.), LNlCST 99, Springer, pp. 220-228, 2012
5. COUNCIL DIRECTIVE 20081114/EC of 8 December 2008 on the identification and designation of European critical infrastructures and the assessment of the need to improve their protection, available at http://eurlex.europa.eu/ LexUriServ/LexUriServ.do?uri=OJ:L:2008:34S:007S:0082:EN:PDF
6. North American Reliability Corporation (NERC), available at http://www.nerc.com.
7. Luiijf E., Burger H., Klaver M., "Critical Infrastructure Protection in The Netherlands: A Quick-scan", Galiker U., Pedersen P., Petersen K. (Eds.), in Proc. of EI C AR Conference, 2003 (accessed May 2010)
8. Ministry of the Interior and Kingdom Relations, National risk assessment method guide 2008. National Security Programme, Netherlands, June 2008, Available at http://www.minbzk.nJ/lbzk2006uk!subjects/publicsafety/ publicationslllS6471 national risk!, (Accessed May 2010)
9. ISO/IEe. Infonnation technology - Security techniques - Specification for an Information Security Management System, ISO/IEC 27001, 2013.
10. ISO/IEe. Information technology - Security techniques - Code of practice for information security management, ISOIIEC 27002, 2005.
11. ISO/IEC: I7799: Information technology - security techniques - code of practice for information security management (2005), http://www.iso.org
12. DIRECTIVE 2010/6SIEU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 20 October 2010 on reporting formalities for ships arriving in and/or departing from ports of the Member States and repealing Directive 2002/6/Ee. Available at http://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:20I0:283:000I:00IO:EN: PDF
13. National Institute for Standards and Technology, Risk management guide for information technology systems, NlST Special Publication 800-30, USA, July 2002.
14. OCTAVE Method Implementation Guide Version 2.0, Carnegie Mellon University, June 2001. Available at http://www.cert.org/octave/(accessed December 2010).
15. [IS] Alberts, Christopher & Dorofee, Audrey. Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCT A VE) Method Implementation Guide, v2.0. Software Engineering Institute, Carnegie Mellon University, 2001. http://www.cert.orgloctave/.
16. Insight Consulting, CRAMM User Guide, Issue 5.1, United Kingdom, 2005.
17. National Institute for Standards and Technology, Risk management guide for information technology systems, NlST Special Publication 800-30, USA, July 2002.
18. OCTAVE Method Implementation Guide Version 2.0, Carnegie Mellon University, June 2001. Available at http://www.cert.orgloctave/(accessed December 2010).
19. Alberts, Christopher & Dorofee, Audrey. Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCT A VE) Method Implementation Guide, v2.0. Software Engineering Institute, Carnegie Mellon University, 2001. http://www.cert.orgloctave/.
20. Insight Consulting, CRAMM User Guide, Issue 5.1, United Kingdom, 2005.
21. US Department of Homeland Security, National Infrastructure Protection. Plan (2009), http://www.dhs. gov Ixprevprot/programsled ito rial-0827. sh tm.
22. Yusta J. M., Correa G. J., Lacal-Anintegui R., "Methodologies and applications for critical infrastructure protection: State-of-the-art", ESLSEVIER, Energy Policy, Vol. 39, No. 10., pp. 6100-6119, October 2011.
23. A. Karantjias, S. Papastergiou, N. Polemi, "Design Principles of a Secure Federated elm-Government Framework", International Journal of Electronic Governance (IJEG), Special Issue on "Users and uses of electronic governance", Vol. 2, No 4, 2009
24. A. Karantjias, N. Polemi, T. Stamati, D. Martakos, "A user-centric & federated Single-Sign-In lAM system for SOA elm-frameworks", International Journal of Electronic Government (UEG), Special Issue on "Usability and Privacy Issues in Electronic and Mobile Government", 2009
25. [2S] A. Karantjias, T. Stamati, N. Polemi, D. Martakos, "A synchronous, open, user-centric, federated Identity and Access Management System (OpenIdAM) ", Electronic Joumal on E-Commerce Tools and Applications (eJETA), 2009
26. Collaborative Cyber/Physical Security Management System (CYSM) Project (2013), Available at: http://www.cvsm.eu
27. Multi Order Dependency approaches for Managing Cascading effects in Ports' Global Supply Chain and their integration in Risk Assessment frameworks (Medusa), (2014), Grant Agreement HOME/2013/CIPS/AE/400000S093