电子商务信息系统安全管理体系PRS-ISMS的研究

Research on Secure Management System PRS-ISMS of E-Commerce Information System

信息是电子商务至关重要的资产,电子商务的正常运转必须建立在安全的信息系统之上,因而电子商务信息系统安全问题成为人们日益关注的重点.根据电子商务信息系统特点,从信息系统过程(Process)、资源(Resource)和安全目标(Security)三个视角分析了电子商务信息安全风险的要素及其关系,构建了三维信息系统安全管理体系模型PRS-ISMS,提出了改进的信息安全风险管理过程PRS-PDCA.

Security issues on e-commerce information system is becoming increasingly im- portant as information is a kind of critical e-commerce asset, as well as the normal operation of e-commerce must be built on secure information system. In this article, elements of infor- mation security risks and their relationships are analyzed and the three-dimensional secure system model PRS-ISMS and improved management process PRS-PDCA of information sys- tem are built from such views as information system Resource, information system process and security objectives based on the characteristics of the e-commerce information system.