Bibtex
Cite as text
@Select Types{,
Journal = "Band-1",
Title= "Mapping the State of Security Standards Mappings",
Author= "Andrea Mussmann, Michael Brunner, Ruth Breu",
Doi= "https://doi.org/10.30844/wi_2020_l4-mussmann",
Abstract= "Companies often have to comply with more than one security standard and refine parts of security standards to apply to their domain and specific security goals. To understand which requirements different security standards stipulate, a systematic overview or mapping of the relevant natural language security standards is necessary. Creating such standards mappings is a difficult task; to discover which methodologies and tools researchers and practitioners propose and use to map security standards, we conducted a systematic literature review. We identified 44 resources published between 2004 and 2018 using ACM Digital Library, IEEEXplore, SpringerLink, ScienceDirect, dblp and additional grey literature sources. We found that research focuses either on manual methods or on security ontologies to create security standards mappings. We also observed an increase in scientific publications over the investigated timespan which we attribute to the ISO 27001 standard update in 2013 and the EU GDPR coming into effect in 2018.
",
Keywords= "Security Requirements, Security Standards, Security Mapping, Compliance Management, Systematic Literature Review.
",
}
Andrea Mussmann, Michael Brunner, Ruth Breu: Mapping the State of Security Standards Mappings. Online: https://doi.org/10.30844/wi_2020_l4-mussmann (Abgerufen 26.12.24)
Open Access
Companies often have to comply with more than one security standard and refine parts of security standards to apply to their domain and specific security goals. To understand which requirements different security standards stipulate, a systematic overview or mapping of the relevant natural language security standards is necessary. Creating such standards mappings is a difficult task; to discover which methodologies and tools researchers and practitioners propose and use to map security standards, we conducted a systematic literature review. We identified 44 resources published between 2004 and 2018 using ACM Digital Library, IEEEXplore, SpringerLink, ScienceDirect, dblp and additional grey literature sources. We found that research focuses either on manual methods or on security ontologies to create security standards mappings. We also observed an increase in scientific publications over the investigated timespan which we attribute to the ISO 27001 standard update in 2013 and the EU GDPR coming into effect in 2018.
Security Requirements, Security Standards, Security Mapping, Compliance Management, Systematic Literature Review.