跳到主要內容

臺灣博碩士論文加值系統

(18.97.14.89) 您好!臺灣時間:2024/12/13 06:18
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:施弘彦
研究生(外文):Hung-Yen Shih
論文名稱:台灣某一公司的整合性資訊安全管理之研究
論文名稱(外文):The Study of Integrated Information Security for A Company in Taiwan
指導教授:蘇明俊蘇明俊引用關係
指導教授(外文):Min-Jiun Su
口試委員:吳中書郭平欣洪肇志
口試委員(外文):Chung-Shu WuPing-Sing KuoHung-Chao Chih
口試日期:2013-06-09
學位類別:碩士
校院名稱:國立中興大學
系所名稱:高階經理人碩士在職專班
學門:商業及管理學門
學類:其他商業及管理學類
論文種類:學術論文
論文出版年:2013
畢業學年度:101
語文別:中文
論文頁數:45
中文關鍵詞:整合性的資訊安全企業方格架構身份驗證管理(IAM)資訊通訊技術(ICT)
外文關鍵詞:Enterprise Architecture (EA)Integrating information securityIdentity and Access Management (IAM)Information and Communication Technologies (ICT)
相關次數:
  • 被引用被引用:0
  • 點閱點閱:151
  • 評分評分:
  • 下載下載:3
  • 收藏至我的研究室書目清單書目收藏:0
藉由資訊科技的協助,企業能提供更方便及容易的資訊存取,但在此的同時,延伸出包含隱私權及資訊安全等問題。本研究展示整合性的資訊安全管理藍圖,包含以下四個觀點:系統、平台、基礎建設及安全政策。企業方格架構(Enterprise Architecture,EA)提供了企業在不同階層中如何運用身份驗證管理(IAM)進行整合性及相互協調的資訊通訊技術 (ICT) 系統管理及規劃。本研究係採用深度個案研究,A輪胎製造廠為主要研究對象,以企業方格架構來探討資訊安全架構規劃的整合性藍圖建立。
Nowadays, with the help of technologies, organizations are able to provide easy access to information across its boundaries. Along the road, the questions are merged in the prospective of privacy and information security. The study demonstrated a roadmap for integrating information security management solutions within a business setting approaching from four aspects: system, Platforms, infrastructures and security policies. The application of Enterprise Architecture (EA) is practiced for comprehensive and coordinated planning and management of organizational Information and Communication Technologies (ICT) and the security infrastructure in different levels of the business structure. An in-depth case study within a leading tire manufacture is conducted based on EA framework. Security architecture planning includes Identity and Access Management (IAM) and security policy are structured to deliver an integrated security management roadmap.
第一章 緒論 1
第一節 研究背景與動機. 1
第二節 研究目的. 2
第三節 研究對象與範圍. 3
第四節 研究流程. 3
第二章 文獻探討 5
第一節 企業結構方格之相關研究 5
第二節 確認與擷取管理之相關研究 7
第三節 整合性資訊安全管理之相關研究 7
第三章 研究方法 9
第一節 研究架構 9
第二節 企業結構方格 10
第三節 確認與存取管理 13
第四節 個案研究與深入訪談 14
第四章 個案研究 19
第一節 個案公司之簡介 19
第二節 個案公司之企業結構方格 25
第三節 個案公司之確認與擷取管理 28
第四節 個案公司之整合性資訊安全管理 29
第五章 結論與建議 33
第一節 研究結論 33
第二節 管理意涵 37
第三節 研究建議 38
參考文獻 39
附錄 42
中文部分
黃士銘, 張碩毅, 和蘇耿弘. (2006). 企業導入 BS7799 資訊安全管理系統之關鍵成功因素-以石化產業為例. 資訊管理學報, 13(2), 171-192.

陳萬淇 (1995), 個案研究法, 台北, 華泰文化事業.

葉重新 (2001), 教育研究法, 台北, 心理出版社.

英文部分
Ambler, S. W. (2002), Introduction to the Enterprise Unified Process (EUP), A Ronin International. Inc, White Paper, 26.
Andrews, P. W. (1951), Industrial Analysis in Economics, Oxford Studies in the Price Mechanism, 139-172.
Bernus, P. (1999), Generalised Enterprise Reference Architecture and Methodology, Version 1.6. 3, IFIPIFAC Task Force on Architectures for Enterprise Integration.
Birdwell, J., Horn, R., Icove, D., Wang, T., Yadav, P., and Niezgoda, S. (1999), A Hierarchical Database Design and Search Method for CODIS, Paper Presented at the Tenth International Symposium on Human Identification.
Chalmeta, R., Campos, C., and Grangel, R. (2001), References Architectures for Enterprise Integration, Journal of Systems and Software, 57(3), 175-191.
Ferraiolo, D. F., Kuhn, D. R., and Chandramouli, R. (2003), Role-Based Access Control, Artech House. Inc, Norwood, MA.
Fowler, M. (2003), Patterns of Enterprise Application Architecture: Addison-Wesley Professional.
Group, M. (2002), Enterprise Architecture Desk Reference, META Group Inc.
GROUP, O (2002), The Open Group Architecture Framework TOGAF–Version 8, Enterprise Edition.
Hatala, M., Eap, T. M., and Shah, A. (2005), Federated Security: Lightweight Security Infrastructure for Object Repositories and Web Services, Paper Presented at the Next Generation Web Services Practices, 2005, NWeSP 2005. International Conference on.
HIRVONEN, A. (2005), Enterprise Architecture Planning in Practice, The Perspectives of Information and Communication Technology Service Provider and End-User, 135.
Hirvonen, A. P., Oyj, T., and Pulkkinen, M. (2004), A Practical Approach to EA Planning and Development: the EA Management Grid, Paper Presented at the 7th International Conference on Business Information Systems.
Jayaratna, N. (1994), Understanding and Evaluating Methodologies: NIMSAD, a Systematic Framework: McGraw-Hill, Inc.
Kienzle, D. M., and Elder, M. C. (2002), Final Technical Report: Security Patterns for Web Application Development, DARPA, Washington DC.
Lapkin, A. (2003), The Gartner Enterprise Architecture Framework, Paper Presented at the ITXPO Symposium, Gartner Inc.
Lee, Y.-J. (2005), A Dynamic Virtual Organization Solution for Web-Services Based Grid Middleware, Paper Presented at the Database and Expert Systems Applications, 2005, Proceedings, Sixteenth International Workshop on.
Lowe, G. (1997), A Hierarchy of Authentication Specifications, Paper Presented at the Computer Security Foundations Workshop, 1997, Proceedings., 10th.
Perks, C., and Beveridge, T. (2003), Guide to Enterprise IT Architecture: Springer-Verlag New York Incorporated.
Pulkkinen, M. (2006), Systemic Management of Architectural Decisions in Enterprise Architecture Planning, Four Dimensions and Three Abstraction Levels, Paper Presented at the System Sciences, 2006. HICSS'06, Proceedings of the 39th Annual Hawaii International Conference on.
Pulkkinen, M., and Hirvonen, A. (2005), Ea Planning, Development and Management Process for Agile Enterprise Development, Paper Presented at the System Sciences, 2005. HICSS'05. Proceedings of the 38th Annual Hawaii International Conference on.
Pulkkinen, M., Naumenko, A., and Luostarinen, K. (2007), Managing Information Security in a Business Network of Machinery Maintenance Services Business–Enterprise Architecture as a Coordination Tool, Journal of Systems and Software, 80(10), 1607-1620.
Putman, J. (2001), Architecting with Rm-odp: Prentice Hall PTR.
Rosenfeld, S. A. (1995), Industrial-Strength Strategies, Regional Business Clusters and Public Policy, Washington, DC.
Russell, D., and Gangemi, G. (1991), Computer Security Basics: O'Reilly Media, Inc.
Shaikh, R. A., Rajput, S., Zaidi, S., and Sharif, K. (2005), Comparative Analysis and Design Philosophy of Next Generation Unified Enterprise Application Security, Paper Presented at the Emerging Technologies, 2005, Proceedings of the IEEE Symposium on.
Sowa, J. F., and Zachman, J. A. (1992), Extending and Formalizing the Framework for Information Systems Architecture, IBM systems journal, 31(3), 590-616.
Vermeulen, C., and Von Solms, R. (2002), The Information Security Management Toolbox–Taking the Pain out of Security Management. Information Management and Computer security, 10(3), 119-125.
Weiss, M. (2003), Patterns for Web Applications, Paper Presented at the Proc, PLOP 2003.
Whitman, L., Ramachandran, K., and Ketkar, V. (2001), A Taxonomy of a Living model of the Enterprise, Paper Presented at the Proceedings of the 33nd Conference on Winter Simulation.
Witty, R. (2003). The Identity and Access Management Market Landscape: Gartner Research Note COM-21-4534.
Yin, R. K. (1994), Case Study Research: Design And methods, California: SAGE Publications, Inc.
Zachman, J. A. (1987), A Framework for Information Systems Architecture, IBM systems journal, 26(3), 276-292.
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top