| Summary: | 碩士 === 華梵大學 === 資訊管理學系碩士班 === 95 === According to the information security report issued by the Executive Yuan, "The plan for classification of responsibilities of government organizations for security", middle schools and elementary schools are in the D class. This is based on the entity loss and the fact that their documents are less-sensitive documents. However, due to the rapid progress in computing devices and the ever-changing types of threats, it is often that the networks of middle schools and elementary schools are used as a springboard to attack organizations so as to get sensitive data. Information security environments cannot be set up upon the concept of entity loss anymore. In order to build up the architecture information security for middle schools and elementary schools in the N-SOC environment, outsourcing will be the best solution in the real world.
It is impossible for every middle school or elementary school to adopt the same SOC service due to the large varieties of the scales and the school environments, the level of information technology they have, and their diverse requirements for security.How to assist middle schools and elementary schools to evaluate their environments for the outsourcing is addressed in this paper.
This research employs questionnaires based on the Delphi Method and Factor Analysis combining Complementors, Contingency, and Risk theories to build the analysis model about establishing the SOC. Data are collected from literature and interviewing with experts in the security field and the school teachers. Hierarchical analysis and AHP questionnaires are used to determine various parameters in outsourcing plans. 5 evaluation aspects and 25 criteria are proposed in this paper, to help middle schools and elementary schools can enumerate required items and plot outsourcing plans after evaluating their potential threats and risks.
|
|---|
