Applying NIST SP 800-161 in Supply Chain Processes Empowered by Artificial Intelligence

Al-Alawi, Lamees; Al-Busaidi, Raiya; Ali, Saqib

doi:10.1109/acit53391.2021.9677393

Cited by 1 publication

(1 citation statement)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…NIST has a special publication 800-161 "Supply Chain Risk Management Practices for Federal Information Systems and Organizations" which builds on the basic concepts described in detail in the NIST framework and other publications. NIST SP 800-161 aims to identify, assess, select, and implement risk management processes and mitigation controls within an organization, specifically managing risks resulting from supply chain processes [13]. These identified controls can be modified and adapted to suit any organization based on its requirements and objectives [14].…”

Section: Sd-wanmentioning

confidence: 99%

A Security Framework for Secure Host-to-Host Environments

Sianturi

Ramli

2022

J. RESTI (Rekayasa Sist. Teknol. Inf.)

View full text Add to dashboard Cite

Data security is an infrastructure designed to protect and secure data from unauthorized access, data manipulation, malfunction, destruction, and inappropriate data disclosure. Currently, organizations widely use data transfer to validate and verify data using different media particularly in host-to-host connections. This research focuses on data exchanged (end-to-end communication) using Multi Protocol Label Switching (MPLS), metro ethernet, and Software Defined Wide Area Network (SD-WAN) network architecture with third parties. This research aims to develop a design and analysis framework for verifying data transferred from one host to another in ABC organization by applicable security standards that are appropriate and follow its needs to help the organization. Furthermore, the analysis result is used as materials for drafting a cybersecurity framework through the three standards ISO/EIC 27001:2013, NIST SP800-161, and ITU-T X.805. The methodology used in this study is the comparative analysis of three frameworks, requirement analysis, and content analysis to develop a framework. The framework proposed of eight security dimensions, five threats, and providing mitigation is expected to enhance the security system of data exchange on host-to-host connections in ABC organization.

show abstract

Section: Sd-wanmentioning

confidence: 99%