Proceedings of the 56th Annual Meeting of the ISSS - 2012, San Jose, CA, USA, 56th Annual Proceedings of ISSS

Font Size:  Small  Medium  Large

Value Orchestration Platform for ICT security services

Takafumi Nakamura, Kyoichi Kijima

Abstract


This paper explains the service science approach to ICT security. The first half of 2011 should prove to be the “year of the breaches.”  We saw numerous security breaches targeting high-profile organizations such as, Sony PlayStation, Lockheed Martin, and a dozen of other companies and government organizations. Mitsubishi heavy industries have suffered security attack from anonymous group. The attack, which involved several types of data-stealing malware on Mitsubishi computers, occurred in August 2011. The impacts of the security breach are quite sever for enormous number of people’s private information and top secret information in corporations (or governments) were disclosed in those cases. The damage of the corporate in terms of reliability and economy are enormous. However the security is a non-functional requirement therefore it tends to be ignored at ICT design phase to implement security requirement. The service science approach to ICT security shed a light to the ICT security area to maximize ICT security measures and investments. This paper provides the concept of value orchestration platform for ICT security services. Firstly we survey the current ICT security market, and we conceptualized this situation as two parties’ model between customers and providers. Then we use ICT security standard as security service platform. This enables us to visualize current ICT security venerability or inappropriate investments. Lastly we conceptualize this solution as three parties’ model (i.e. value orchestration platform) between customers, providers and security service platform providers. We conclude that the three parties’ model contribute maximizing ICT security measures and investments as value orchestration platform.


Full Text: PDF