Management of information security for an electric power Utility-on security domains and use of ISO/IEC17799 standard
暂无分享,去创建一个
The issue of information security has become a major concern for the electric power utilities. An increasing amount of money is being spent on the handling of information security. But the issue is delicate. Even though a utility may spend a fortune, it cannot be sure that it is doing the right thing at the right level of expenditures. Therefore, increasing efforts are being put into raising the awareness of information security. Here, the work in Cigre/spl acute/ Joint Working Group D2/B3/C2-01 "Security for Information Systems and Intranets in Electric Power Systems" is presented. The paper focuses on: stressing the importance of handling information security within an electric utility, the dealing with various threats and vulnerabilities, the evolution of Power Utility Information Systems from isolated to fully integrated systems, the concept of using security domains for dealing with information security within an electric utility, and the use of the ISO/IEC 17799 standard.
[1] Thomas Peltier,et al. Information Technology: Code of Practice for Information Security Management , 2001 .
[2] 日本規格協会. 情報セキュリティマネジメントシステム : 仕様及び利用の手引 : 英国規格 : BS7799-2:2002 = Information security management systems : specification with guidance for use : british standards : BS 7799-2:2002 , 2002 .