of Information Technology,
Ministry of Communications and Information Technology,
Government of India
Information System Security Design and Operational Management (WISSDOM)
is a web enabled service that allows the users to secure their
enterprise information by following a security enginerring life cycle.
The security engineering life cycle consists of four phases.
Overview and Scope
Aim of the
project is to develop a robust and survivable Unified Formal Model of
Enterprise Information System Security based on the existing and new
models of different facets of security. The model and the theory behind
it will be used to develop a set of easily measurable metrics for
Management decision making and assurance of RoI.
Based on the above model and the metrics, a Web-enabled Object-oriented
Framework for Enterprise Security Management will be developed along
with a number of component services to be integrated with the Framework
to automate different phases of the Security Engineering Life-cycle.
The scope of work will include the following:
1. Survey and integration of different models of the facets of
Information Security into a unified formal model of Enterprise
Information System Security.
2. Development of new metrics for risk, assurance, architectural
efficacy, operational efficiency, protection capability, protection
3. Development of a Web-enabled Object-oriented Framework for Security
Management consisting of the following components
(i) Security Requirement Analysis Component
(ii) Risk Analysis and Mitigation Component
(iii) Policy Development Component
(iv) Security Architecture and Infrastructure Advice Generation
(v) Operational Advice Generation Component
(vi) Security Testing Component
(vii) Web-based Training Component