engleski

Sigurnosne izmjene podataka u sustavu kritičnih infrastruktura

Communication and data exchange in critical infrastructure management is one of the fundamental factors underlying the functionality of the system. Due to the sensitivity of the issues, data authenticity and classification, and controlled access, special attention must be given to the establishment of an appropriate information security system and support services to all authorized users. This paper critically reviews the approach, and the importance of features to achieve with these security objectives by implementing the requirements of ISO / IEC 27001 (Information technology - Security techniques - Information security management systems - Requirements) and ISO / IEC 20000-1 (Information technology - Service management - Part 1: Service management system requirements). The application of these international standards is analyzed in all stages of design, implementation, maintenance and improvement of communication in the critical infrastructure management systems. Based on the analysis of the applicability of these two international standards appropriate measures and procedures are proposed for successful implementation and to ensure the safety objectives of data exchange. The paper is based on the results and effects of the application of these international standards in similar complex information systems dispersed to a number of users of different profiles and rights of access to information.

ISMS, ITSMS, critical infrastructure, information security

nije evidentirano