Search results for "Enterprise information security architecture"
showing 7 items of 7 documents
Mutual entity authentication for LTE
2011
In this paper we outline the Authentication and Key Agreement protocol (EPS-AKA) found in Long-Term Evolution (LTE) systems. This architecture is the 3GPP version of a 4G access security architecture. The LTE security architecture is a mature evolved architecture, with both strengths and weaknesses. In this paper we propose an amendment to the EPS-AKA protocol to make it a full mutual (online) entity authentication protocol. We also analyze the proposal, highlighting both the improvements and the drawbacks of the new AKA protocol.
How “African” Is the African Peace and Security Architecture? Conceptual and Practical Constraints of Regional Security Cooperation in Africa
2012
ABSTRACT With the creation of the African Peace and Security Architecture in 2004, African states were aiming to assume the primary responsibility for peace and security on the continent and establish a structure to assemble the necessary financial and military means. However, despite the constant evocation of “African ownership,” it is non-African actors that call the tune and can define and drive African security. Based on a detailed juxtaposition of rhetoric and empirical evidence, this paper argues that significant conceptual and practical problems constrain the “Africanization” of African security and that it appears increasingly unlikely that the continent's states will be able to ach…
Constrained Role Mining
2013
Role Based Access Control (RBAC) is a very popular access control model, for long time investigated and widely deployed in the security architecture of different enterprises. To implement RBAC, roles have to be firstly identified within the considered organization. Usually the process of (automatically) defining the roles in a bottom up way, starting from the permissions assigned to each user, is called {\it role mining}. In literature, the role mining problem has been formally analyzed and several techniques have been proposed in order to obtain a set of valid roles. Recently, the problem of defining different kind of constraints on the number and the size of the roles included in the resu…
Challenges of Government Enterprise Architecture Work – Stakeholders’ Views
2008
At present, a vast transformation within government systems is executed towards electronic government. In some countries, this change is initiated as enterprise architecture work. This paper introduces results from an empirical study on different stakeholders' views on enterprise architecture development within Finnish state government. The data is gathered from 21 interviews accomplished during spring 2007 among participants of the Interoperability Programme of Finnish state administration. The interviewees represent different sectors and levels of Finnish government and IT companies. On the basis of qualitative data analysis we discuss challenges of enterprise architecture work in the con…
Managing information security in a business network of machinery maintenance services business – Enterprise architecture as a coordination tool
2007
Today, technologies enable easy access to information across organizational boundaries, also to systems of partners in business networks. This raises, however, several complex research questions on privacy, information security and trust. The study reported here provides motivation and a roadmap for approaching integrated security management solutions in a business network of partners with heterogeneous information and communication technologies (ICT): Systems, platforms, infrastructures as well as security policies. Enterprise architecture (EA) is proposed as a means for comprehensive and coordinated planning and management of corporate ICT and the security infrastructure. The EA approach …
Systemic Management of Architectural Decisions in Enterprise Architecture Planning. Four Dimensions and Three Abstraction Levels
2006
This paper presents a process model for the management of architectural decisions in enterprise architecture planning. First, decisions are made at the enterprise level, with strategic business considerations on the enterprise information, systems and technology strategy and governance issues. The next step is to define the domains, to then go on with domain architecture decisions. At the systems level, the enterprise and domain architecture decisions are collected and converted into architecture descriptions accurate in precision, form and detail to be given as input to the information systems development process, following the architectural planning. The model is derived from previous wor…
Method and Practical Guidelines for Overcoming Enterprise Architecture Adoption Challenges
2017
During the last few years, interest towards Enterprise Architecture (EA) has increased, not least due to anticipated benefits resulting from adopting it. For instance, EA has been argued to provide cost reduction, technology standardisation, process improvement, and strategic differentiation. Despite these benefits, the EA adoption rate and maturity are still low. Consequently, EA benefits are not realised. A major reason hindering the adoption is that EA is not understood correctly. This paper aims for minimising the effect of the lack of understanding EA to adopting EA. Based on the research conducted in Finnish public sector, we propose an improved Enterprise Architecture Adoption Method…