Advanced approach to information security management system model for industrial control system

Sanghyun Park; Kyungho Lee

doi:10.1155/2014/348305

Advanced approach to information security management system model for industrial control system

Sanghyun Park, Kyungho Lee

Graduate School of Information Study

Research output: Contribution to journal › Article › peer-review

9 Citations (Scopus)

Abstract

Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.

Original language	English
Article number	348305
Journal	Scientific World Journal
Volume	2014
DOIs	https://doi.org/10.1155/2014/348305
Publication status	Published - 2014

ASJC Scopus subject areas

Biochemistry, Genetics and Molecular Biology(all)
Environmental Science(all)

Access to Document

10.1155/2014/348305

Fingerprint Dive into the research topics of 'Advanced approach to information security management system model for industrial control system'. Together they form a unique fingerprint.

Cite this

@article{d7846a56ecf84a31aebc1c651c000883,

title = "Advanced approach to information security management system model for industrial control system",

abstract = "Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.",

author = "Sanghyun Park and Kyungho Lee",

year = "2014",

doi = "10.1155/2014/348305",

language = "English",

volume = "2014",

journal = "Scientific World Journal",

issn = "2356-6140",

publisher = "Hindawi Publishing Corporation",

}

TY - JOUR

T1 - Advanced approach to information security management system model for industrial control system

AU - Park, Sanghyun

AU - Lee, Kyungho

PY - 2014

Y1 - 2014

N2 - Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.

AB - Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and must be managed. Companies in many parts of the world protect sensitive information using the international standard known as the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect confidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular flaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because the first priority of industrial control is safety of the system. Therefore, a new information security management system based on confidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS. This paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.

UR - http://www.scopus.com/inward/record.url?scp=84928211583&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84928211583&partnerID=8YFLogxK

U2 - 10.1155/2014/348305

DO - 10.1155/2014/348305

M3 - Article

C2 - 25136659

AN - SCOPUS:84928211583

VL - 2014

JO - Scientific World Journal

JF - Scientific World Journal

SN - 2356-6140

M1 - 348305

ER -