A Study on Access Control for ISO/IEC 27001 Implementation to Military Organizations:Perspectives of Administrator and Executor
碩士 === 德明財經科技大學 === 資訊管理系 === 105 === The enterprise operation pattern transformation and expansion by way of information technology has also indirectly caused the war pattern evolution from the point-line-plane pattern to the paralytic offence and defense in network space. Therefore, the informatio...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | zh-TW |
| Published: |
2017
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/jzsu4n |
| Summary: | 碩士 === 德明財經科技大學 === 資訊管理系 === 105 === The enterprise operation pattern transformation and expansion by way of information technology has also indirectly caused the war pattern evolution from the point-line-plane pattern to the paralytic offence and defense in network space. Therefore, the information security has become an important and key subject in constructing the dependable fighting capacity for defense by the defense force, among which the “access control” is a most frequently confronted information security threat. Based on this, this study explores the importing of access control measures into military agencies based on the ISO 27001 information security standards. The study results show that the “system and application access control” is a dimension requiring the most attention. Both the managers and executives regard the “access control of program code” as a key measure of the highest importance under this dimension. In addition, the study results also show that there are still the conflict between managers and executives on the priority order of importing the measures under the dimensions of “user’s access management and responsibilities” and “operating requirements of access control”. It is therefore recommended that the defense unit should first import the access control measures of high-degree consensus so as to gather the participants’ morale and reduce the passive resistance.
|
|---|