Cyberspace security: How to develop a security strategy

Bel G. Raggad; Sahbi Sidhom

inria-00201212, version 1

Cyberspace security: How to develop a security strategy

Bel G. Raggad ()^a^, 1, Sahbi Sidhom ()^b^, 2

V. International conference Cyberspace 2007 (2007)

Résumé : Despite all visible dividers, the Internet is getting us closer and closer, but with a great price. Our security is the price. The international community is fully aware of the urgent need to secure the cyberspace as you see the multiplication of security standards and national schemes interpreting them beyond borders: ISO 15408, ISO 17799, and ISO 27001. Even though some countries, including the Security Big Six (SB6), are equipped with their security books and may feel relatively safe; this remains a wrong sense of security as long as they share their networks with entities of less security. The standards impose security best practices and system specifications for the development of information security management systems. Partners beyond borders have to be secure as this is only possible if all entities connected to the partnership remain secure. Unfortunately, there is no way to verify the continuous security of partners without periodic security auditing and certification, and members who do not comply should be barred from the partnership. This concept also applies to the cyber space or the electronic society. In order to clean our society from cyber crimes and cyber terrorism we need to impose strict security policies and enforce them in a cooperative manner. The paper discusses a country's effort in the development of a national security strategy given its security economic intelligence position, its security readiness, and its adverse exposure.

a – Pace University
b – Université Nancy II
1 : Seidenberg School of Computer Science and Information Systems (CS & IS) (PU - Seidenberg School of CS & IS)
Pace University
2 : SITE (LORIA)
INRIA – CNRS : UMR7503 – Université Henri Poincaré - Nancy I – Université Nancy II – Institut National Polytechnique de Lorraine (INPL)

Collaboration : Pace University, Pleasantville,NY USA

inria-00201212, version 1
http://hal.inria.fr/inria-00201212
oai:hal.inria.fr:inria-00201212
Contributeur : Sahbi Sidhom <>
Soumis le : Jeudi 27 Décembre 2007, 09:26:18
Dernière modification le : Jeudi 27 Décembre 2007, 12:06:19

Voir la fiche détaillée

Documents associés

PDF :

arXiv : 0712.4215

Exporter

Bibtex EndNote TEI RefWorks

%% inria-00201212, version 1
%% http://hal.inria.fr/inria-00201212
@inproceedings{raggad:inria-00201212,
    hal_id = {inria-00201212},
    url = {http://hal.inria.fr/inria-00201212},
    title = {{Cyberspace security: How to develop a security strategy}},
    author = {Raggad, Bel, G. and Sidhom, Sahbi},
    abstract = {{Despite all visible dividers, the Internet is getting us closer and closer, but with a great price. Our security is the price. The international community is fully aware of the urgent need to secure the cyberspace as you see the multiplication of security standards and national schemes interpreting them beyond borders: ISO 15408, ISO 17799, and ISO 27001. Even though some countries, including the Security Big Six (SB6), are equipped with their security books and may feel relatively safe; this remains a wrong sense of security as long as they share their networks with entities of less security. The standards impose security best practices and system specifications for the development of information security management systems. Partners beyond borders have to be secure as this is only possible if all entities connected to the partnership remain secure. Unfortunately, there is no way to verify the continuous security of partners without periodic security auditing and certification, and members who do not comply should be barred from the partnership. This concept also applies to the cyber space or the electronic society. In order to clean our society from cyber crimes and cyber terrorism we need to impose strict security policies and enforce them in a cooperative manner. The paper discusses a country's effort in the development of a national security strategy given its security economic intelligence position, its security readiness, and its adverse exposure.}},
    keywords = {Security strategy ; security auditing; Security economic intelligence ; Security Big Six (SB6) ; security metric ; cyberspace, information security management ; system specifications ; certification},
    language = {Anglais},
    affiliation = {Seidenberg School of Computer Science and Information Systems (CS \& IS) - PU - Seidenberg School of CS \& IS , SITE - LORIA},
    booktitle = {{V. International conference Cyberspace 2007}},
    publisher = {Cyberspace},
    address = {Brno, Tch{\`e}que, R{\'e}publique},
    organization = {Faculty of Law, Veveri 70, Brno, Czech republic 61180},
    editor = {Cyberspace },
    audience = {internationale },
    collaboration = {Pace University, Pleasantville,NY USA },
    year = {2007},
    pdf = {http://hal.inria.fr/inria-00201212/PDF/Cyberspace\_2007-Raggad\_Sidhom.pdf},
}

%F inria-00201212, version 1
%0 Conference Proceedings
%U http://hal.inria.fr/inria-00201212
%2 INFO:INFO_IR;INFO:INFO_IT;MATH:MATH_IT;INFO:INFO_PF
%T Cyberspace security: How to develop a security strategy
%A Raggad, Bel
%A Sidhom, Sahbi
%+ Seidenberg School of Computer Science and Information Systems (CS & IS) - PU - Seidenberg School of CS & IS , SITE - LORIA
%X Despite all visible dividers, the Internet is getting us closer and closer, but with a great price. Our security is the price. The international community is fully aware of the urgent need to secure the cyberspace as you see the multiplication of security standards and national schemes interpreting them beyond borders: ISO 15408, ISO 17799, and ISO 27001. Even though some countries, including the Security Big Six (SB6), are equipped with their security books and may feel relatively safe; this remains a wrong sense of security as long as they share their networks with entities of less security. The standards impose security best practices and system specifications for the development of information security management systems. Partners beyond borders have to be secure as this is only possible if all entities connected to the partnership remain secure. Unfortunately, there is no way to verify the continuous security of partners without periodic security auditing and certification, and members who do not comply should be barred from the partnership. This concept also applies to the cyber space or the electronic society. In order to clean our society from cyber crimes and cyber terrorism we need to impose strict security policies and enforce them in a cooperative manner. The paper discusses a country's effort in the development of a national security strategy given its security economic intelligence position, its security readiness, and its adverse exposure.
%G Anglais
%8 2007-00-00
%2 internationale
%B V. International conference Cyberspace 2007
%2 Brno
%2 Tchèque, République
%8 2007-11-30
%2 Faculty of Law, Veveri 70, Brno, Czech republic 61180
%E Cyberspace
%I Cyberspace
%K Security strategy ; security auditing; Security economic intelligence ; Security Big Six (SB6) ; security metric ; cyberspace, information security management ; system specifications ; certification
%2 2007-11-01
%Z Pace University, Pleasantville,NY USA