Security Model for the Integration of the Ministry of Telecommunications and the Information Society with a Public Organization of Ecuador

Segundo Moisés T. Toapanta; Gary Xavier Rázuri Peralta; Luis Enrique Mafla Gallegos

doi:10.1145/3404663.3404670

Security Model for the Integration of the Ministry of Telecommunications and the Information Society with a Public Organization of Ecuador

Segundo Moisés T. Toapanta, Gary Xavier Rázuri Peralta, Luis Enrique Mafla Gallegos

Computing, Security And Information Technology For A Globalized World (CSITGW)

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución de conferencia › revisión exhaustiva

1 Cita (Scopus)

Resumen

Information security is one of the most important aspects in organizations that has been constantly developing, driven by advances in Information and Communication Technologies. It should be noted that such development also entails the constant identification of new threats that put at risk the Information Security within the organization, so it is important the implementation of a security model that would guarantee the security of computer assets in the process of integration of the Ministry of Telecommunications and the information society with a Public organization of Ecuador with the objective of ensuring the basic principles of Information Security: Integrity, availability and confidentiality. Therefore, using the ISO / IEC 27001 standard, the guidelines of the safety model were defined. It should be noted that for the implementation of the ISO / IEC 27001 standard, it was based on the Deming Cycle which based the analysis stages that were implemented in the security model. The result was a security model that allowed an early identification of risk and the establishment of corrective measures to mitigate it, based on the criticality analysis of the assets generated in the integration of organizations, the impact measurement generated from the involvement of an asset due to the materialization of a risk, among others. In addition, the defined security model was based on the implementation of the Deming cycle, resulting in a dynamic model for risk management.

Idioma original	Inglés
Título de la publicación alojada	Proceedings of the 2020 4th International Conference on Information System and Data Mining, ICISDM 2020
Editorial	Association for Computing Machinery
Páginas	43-50
Número de páginas	8
ISBN (versión digital)	9781450377652
DOI	https://doi.org/10.1145/3404663.3404670
Estado	Publicada - 15 may. 2020
Evento	4th International Conference on Information System and Data Mining, ICISDM 2020 - Hilo, Estados Unidos Duración: 15 may. 2020 → 17 may. 2020

Serie de la publicación

Nombre	ACM International Conference Proceeding Series

Conferencia

Conferencia	4th International Conference on Information System and Data Mining, ICISDM 2020
País/Territorio	Estados Unidos
Ciudad	Hilo
Período	15/05/20 → 17/05/20

Nota bibliográfica

Funding Information:
The author thanks the Salesian Polytechnic University, Guayaquil Ecuador, Research Group "Computing, Security and Information Technology for a Globalized World" (CSITGW) established in accordance with resolution 142-06-2017-07 -19 and the Ministry Education, Science, Technology and Innovation (Senescyt).

Publisher Copyright:
© 2020 ACM.

Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.

Acceder al documento

10.1145/3404663.3404670

Otros archivos y enlaces

Enlace a la publicación en Scopus

Citar esto

Toapanta, S. M. T., Peralta, G. X. R., & Gallegos, L. E. M. (2020). Security Model for the Integration of the Ministry of Telecommunications and the Information Society with a Public Organization of Ecuador. En Proceedings of the 2020 4th International Conference on Information System and Data Mining, ICISDM 2020 (pp. 43-50). (ACM International Conference Proceeding Series). Association for Computing Machinery. https://doi.org/10.1145/3404663.3404670

Toapanta, Segundo Moisés T. ; Peralta, Gary Xavier Rázuri ; Gallegos, Luis Enrique Mafla. / Security Model for the Integration of the Ministry of Telecommunications and the Information Society with a Public Organization of Ecuador. Proceedings of the 2020 4th International Conference on Information System and Data Mining, ICISDM 2020. Association for Computing Machinery, 2020. pp. 43-50 (ACM International Conference Proceeding Series).

@inproceedings{daa523f58fdc4dc0b0eeaa93cd9b373c,

title = "Security Model for the Integration of the Ministry of Telecommunications and the Information Society with a Public Organization of Ecuador",

abstract = "Information security is one of the most important aspects in organizations that has been constantly developing, driven by advances in Information and Communication Technologies. It should be noted that such development also entails the constant identification of new threats that put at risk the Information Security within the organization, so it is important the implementation of a security model that would guarantee the security of computer assets in the process of integration of the Ministry of Telecommunications and the information society with a Public organization of Ecuador with the objective of ensuring the basic principles of Information Security: Integrity, availability and confidentiality. Therefore, using the ISO / IEC 27001 standard, the guidelines of the safety model were defined. It should be noted that for the implementation of the ISO / IEC 27001 standard, it was based on the Deming Cycle which based the analysis stages that were implemented in the security model. The result was a security model that allowed an early identification of risk and the establishment of corrective measures to mitigate it, based on the criticality analysis of the assets generated in the integration of organizations, the impact measurement generated from the involvement of an asset due to the materialization of a risk, among others. In addition, the defined security model was based on the implementation of the Deming cycle, resulting in a dynamic model for risk management.",

keywords = "Access Control, Information Security, Public Organizations, Risk Management, Security Model, Security Policies",

author = "Toapanta, {Segundo Mois{\'e}s T.} and Peralta, {Gary Xavier R{\'a}zuri} and Gallegos, {Luis Enrique Mafla}",

note = "Funding Information: The author thanks the Salesian Polytechnic University, Guayaquil Ecuador, Research Group {"}Computing, Security and Information Technology for a Globalized World{"} (CSITGW) established in accordance with resolution 142-06-2017-07 -19 and the Ministry Education, Science, Technology and Innovation (Senescyt). Publisher Copyright: {\textcopyright} 2020 ACM. Copyright: Copyright 2020 Elsevier B.V., All rights reserved.; 4th International Conference on Information System and Data Mining, ICISDM 2020 ; Conference date: 15-05-2020 Through 17-05-2020",

year = "2020",

month = may,

day = "15",

doi = "10.1145/3404663.3404670",

language = "English",

series = "ACM International Conference Proceeding Series",

publisher = "Association for Computing Machinery",

pages = "43--50",

booktitle = "Proceedings of the 2020 4th International Conference on Information System and Data Mining, ICISDM 2020",

}

Toapanta, SMT, Peralta, GXR & Gallegos, LEM 2020, Security Model for the Integration of the Ministry of Telecommunications and the Information Society with a Public Organization of Ecuador. En Proceedings of the 2020 4th International Conference on Information System and Data Mining, ICISDM 2020. ACM International Conference Proceeding Series, Association for Computing Machinery, pp. 43-50, 4th International Conference on Information System and Data Mining, ICISDM 2020, Hilo, Estados Unidos, 15/05/20. https://doi.org/10.1145/3404663.3404670

Security Model for the Integration of the Ministry of Telecommunications and the Information Society with a Public Organization of Ecuador. / Toapanta, Segundo Moisés T.; Peralta, Gary Xavier Rázuri; Gallegos, Luis Enrique Mafla.
Proceedings of the 2020 4th International Conference on Information System and Data Mining, ICISDM 2020. Association for Computing Machinery, 2020. p. 43-50 (ACM International Conference Proceeding Series).

Producción científica: Capítulo del libro/informe/acta de congreso › Contribución de conferencia › revisión exhaustiva

TY - GEN

T1 - Security Model for the Integration of the Ministry of Telecommunications and the Information Society with a Public Organization of Ecuador

AU - Toapanta, Segundo Moisés T.

AU - Peralta, Gary Xavier Rázuri

AU - Gallegos, Luis Enrique Mafla

N1 - Funding Information: The author thanks the Salesian Polytechnic University, Guayaquil Ecuador, Research Group "Computing, Security and Information Technology for a Globalized World" (CSITGW) established in accordance with resolution 142-06-2017-07 -19 and the Ministry Education, Science, Technology and Innovation (Senescyt). Publisher Copyright: © 2020 ACM. Copyright: Copyright 2020 Elsevier B.V., All rights reserved.

PY - 2020/5/15

Y1 - 2020/5/15

N2 - Information security is one of the most important aspects in organizations that has been constantly developing, driven by advances in Information and Communication Technologies. It should be noted that such development also entails the constant identification of new threats that put at risk the Information Security within the organization, so it is important the implementation of a security model that would guarantee the security of computer assets in the process of integration of the Ministry of Telecommunications and the information society with a Public organization of Ecuador with the objective of ensuring the basic principles of Information Security: Integrity, availability and confidentiality. Therefore, using the ISO / IEC 27001 standard, the guidelines of the safety model were defined. It should be noted that for the implementation of the ISO / IEC 27001 standard, it was based on the Deming Cycle which based the analysis stages that were implemented in the security model. The result was a security model that allowed an early identification of risk and the establishment of corrective measures to mitigate it, based on the criticality analysis of the assets generated in the integration of organizations, the impact measurement generated from the involvement of an asset due to the materialization of a risk, among others. In addition, the defined security model was based on the implementation of the Deming cycle, resulting in a dynamic model for risk management.

AB - Information security is one of the most important aspects in organizations that has been constantly developing, driven by advances in Information and Communication Technologies. It should be noted that such development also entails the constant identification of new threats that put at risk the Information Security within the organization, so it is important the implementation of a security model that would guarantee the security of computer assets in the process of integration of the Ministry of Telecommunications and the information society with a Public organization of Ecuador with the objective of ensuring the basic principles of Information Security: Integrity, availability and confidentiality. Therefore, using the ISO / IEC 27001 standard, the guidelines of the safety model were defined. It should be noted that for the implementation of the ISO / IEC 27001 standard, it was based on the Deming Cycle which based the analysis stages that were implemented in the security model. The result was a security model that allowed an early identification of risk and the establishment of corrective measures to mitigate it, based on the criticality analysis of the assets generated in the integration of organizations, the impact measurement generated from the involvement of an asset due to the materialization of a risk, among others. In addition, the defined security model was based on the implementation of the Deming cycle, resulting in a dynamic model for risk management.

KW - Access Control

KW - Information Security

KW - Public Organizations

KW - Risk Management

KW - Security Model

KW - Security Policies

UR - http://www.scopus.com/inward/record.url?scp=85092430224&partnerID=8YFLogxK

U2 - 10.1145/3404663.3404670

DO - 10.1145/3404663.3404670

M3 - Conference contribution

AN - SCOPUS:85092430224

T3 - ACM International Conference Proceeding Series

SP - 43

EP - 50

BT - Proceedings of the 2020 4th International Conference on Information System and Data Mining, ICISDM 2020

PB - Association for Computing Machinery

T2 - 4th International Conference on Information System and Data Mining, ICISDM 2020

Y2 - 15 May 2020 through 17 May 2020

ER -

Toapanta SMT, Peralta GXR, Gallegos LEM. Security Model for the Integration of the Ministry of Telecommunications and the Information Society with a Public Organization of Ecuador. En Proceedings of the 2020 4th International Conference on Information System and Data Mining, ICISDM 2020. Association for Computing Machinery. 2020. p. 43-50. (ACM International Conference Proceeding Series). doi: 10.1145/3404663.3404670

Security Model for the Integration of the Ministry of Telecommunications and the Information Society with a Public Organization of Ecuador

Resumen

Serie de la publicación

Conferencia

Nota bibliográfica

Acceder al documento

Otros archivos y enlaces

Huella

Citar esto