University of Jyväskylä | JYX Digital Repository

  • English  | Give feedback |
    • suomi
    • English
 
  • Login
JavaScript is disabled for your browser. Some features of this site may not work without it.
View Item 
  • JYX
  • Opinnäytteet
  • Pro gradu -tutkielmat
  • View Item
JYX > Opinnäytteet > Pro gradu -tutkielmat > View Item

A method framework of integrating information security into the enterprise architecture

Thumbnail
View/Open
3.7 Mb

Downloads:  
Show download detailsHide download details  
Authors
Larno, Sara
Date
2019
Discipline
TietojärjestelmätiedeInformation Systems Science
Copyright
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.

 
Tietoturvan sisällyttämiseksi osaksi kokonaisarkkitehtuuria on kehitetty useita menetelmiä ja malleja. Tarjolla olevat mallit on kuitenkin usein koettu raskaiksi ja työläiksi käyttää, eivätkä ne kata kaikkia kokonaisarkkitehtuurin osa-alueita. Jotta tietoturva olisi mahdollista integroida kokonaisarkkitehtuuriin sen kaikille osa-alueille, yhtenä mahdollisena lähestymistapana on esitetty tietoturvan integroimista kokonaisarkkitehtuuriperiaatteista käsin. Tässä tutkielmassa raportoidaan suunnittelutieteellisellä menetelmällä kehitetty menetelmäkehys, jonka avulla voidaan luoda kokonaisarkkitehtuurin tietoturvaperiaatteita. Tutkimusaineistona on käytetty valmiita asiantuntijahaastatteluja, joissa 26 haastateltavaa vastasi Suomen julkisen hallinnon kokonaisarkkitehtuurin tilaa koskeviin kysymyksiin. Näistä poimittiin tarkasteltavaksi tietoturvaa koskevat osiot, joita käytettiin yhdessä kirjallisuuslähteiden kanssa määrittelemään lähtökohtia menetelmäkehyksen suunnittelulle. Menetelmäkehyksen luomisessa on hyödynnetty sekä tietoturvaperiaatteiden että kokonaisarkkitehtuuriperiaatteiden luomisen metamalleja ja se on mallinnettu ArchiMate-notaatiolla. Menetelmäkehyksen arvioimiseksi toteutettiin yhdeksän asiantuntijahaastattelua, joiden perusteella kehys muokattiin lopulliseen muotoon. Menetelmäkehyksen avulla tietoturva voidaan integroida osaksi kokonaisarkkitehtuurityötä jo työn varhaisessa vaiheessa, jolloin vältetään hankalaksi ja työlääksi koettu tietoturvavaatimusten ja kokonaisarkkitehtuurityön yhdistäminen. ...
 
Several methods and models have been developed to integrate information security into the enterprise architecture. However, the models available are often difficult and laborious to use and do not cover all aspects of the enterprise architecture. In order to integrate information security into the enterprise architecture for all its components, one possible approach is to integrate information security from the enterprise architecture principles. This thesis reports a method framework developed by a design science method that can be used to create information security principles for the enterprise architecture. The research material used in this thesis is consists in part of ready-made expert interviews, where 26 interviewees answered questions about the state of the enterprise architecture of Finnish public administration. These included sections on information security that were used in conjunction with literary sources to determine the basis for designing a method framework. The method framework has been built using meta models from both information security principles and the creation of enterprise architectural principles and is modelled with ArchiMate notation. In order to evaluate the method framework, nine expert interviews were conducted on the basis of which the method framework was finalized. With the method framework, information security can be integrated into the enterprise architecture work in an early state, avoiding the difficult and laborious combination of information security requirements and enterprise architecture work. ...
 
Keywords
design science research tietoturva kokonaisarkkitehtuuri data security enterprise architecture
URI

http://urn.fi/URN:NBN:fi:jyu-201904252269

Metadata
Show full item record
Collections
  • Pro gradu -tutkielmat [25543]

Related items

Showing items with similar title or keywords.

  • Method Framework for Developing Enterprise Architecture Security Principles 

    Larno, Sara; Seppänen, Ville; Nurmi, Jarkko (RTU Press, 2019)
    Organizations need to consider many facets of information security in their daily operations – among others, the rapidly increasing use of IT, emerging technologies and digitalization of organizations’ core resources provoke ...
  • Method and Practical Guidelines for Overcoming Enterprise Architecture Adoption Challenges 

    Syynimaa, Nestori (Springer, 2017)
    During the last few years, interest towards Enterprise Architecture (EA) has increased, not least due to anticipated benefits resulting from adopting it. For instance, EA has been argued to provide cost reduction, ...
  • Towards the design of an agile enterprise architecture management method 

    Lumor, Truth (2016)
    Enterprises engage in dynamic environments and do need capabilities that will enable them to (re)configure and integrate existing capabilities or create new capabilities in order to remain viable and competitive in such ...
  • Reconsidering the Role of Research Method Guidelines for Qualitative, Mixed-methods, and Design Science Research 

    Holtkamp, Philipp; Soliman, Wael; Siponen, Mikko (University of Hawai'i at Manoa, 2019)
    Guidelines for different qualitative research genres have been proposed in information systems (IS). As these guidelines are outlined for conducting and evaluating good research, studies may be denied publication ...
  • Development of an Agile Requirements Risk Prioritization Method : A Design Science Research Study 

    Tuunanen, Tuure; Vartiainen, Tero; Kainulainen, Sanna; Ebrahim, Mehdi (Association for Information Systems, 2023)
    The practice of information systems development (ISD) has changed during the past two decades from very structured approaches to agile ISD methods. However, many methods available for managing requirements-related risks ...
  • Browse materials
  • Browse materials
  • Articles
  • Conferences and seminars
  • Electronic books
  • Historical maps
  • Journals
  • Tunes and musical notes
  • Photographs
  • Presentations and posters
  • Publication series
  • Research reports
  • Research data
  • Study materials
  • Theses

Browse

All of JYXCollection listBy Issue DateAuthorsSubjectsPublished inDepartmentDiscipline

My Account

Login

Statistics

View Usage Statistics
  • How to publish in JYX?
  • Self-archiving
  • Publish Your Thesis Online
  • Publishing Your Dissertation
  • Publication services

Open Science at the JYU
 
Data Protection Description

Accessibility Statement

Unless otherwise specified, publicly available JYX metadata (excluding abstracts) may be freely reused under the CC0 waiver.
Open Science Centre