PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
December 2009

Writing security policies using a taxonomy-based approach

Today's policy artifact landscape has become much more complex given the regulations they must complement and support. Additionally, the complexity of information systems and technology has increased with the advent of the geo-distributed architecture of cloud computing which requires a global perspective for policy development. Policies are a system of authoritative artifacts deployed to protect an organization's information assets. Specifically, authoritative artifacts are documents against which an organization executes and operates. Our intent is to provide information security professionals with methods and techniques to drive an aggregate method of policy design and move away from the more individualistic method that has been approached. Aggregation results in policy artifacts that are consumable, extensible and easily sustainable. We will examine how a taxonomy-based approach is used to design policy artifacts. Removed is the unwieldy structure-driven policy architecture that results in redundant, unnecessary and hard to ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue