IInvestigating the Situation of Information Security Architecture in Mazandaran Public Libraries Based on ISO / IEC 27002 Standard

Document Type : Research Paper

Authors

1 Department of Knowledge and Information Science, Babol Branch, Islamic Azad University, Babol, Iran

2 Ph.D Candidate, Department of Knowledeg and Information Science, Babol Branch, Islamic Azad University, Babol, Iran.

Abstract

Purpose: The purpose of this study was to evaluate the implementation of information security architecture in Mazandaran Public Library, based on the ISO / IEC 27002 standard.
Methodology: The present research is an analytical survey and in terms of its purpose. The statistical population of the study consist of 193 librarians of the general libraries of Mazandaran. A sample of 129 people was selected through the Cochran formula. The data gathering tool is the ISO / IEC 27002 Standard Information Security Architecture, which is used in the research of Malek Allahami (2012) and includes 11 indicators and 39 components. Cronbach's alpha test was used to test the reliability of the questionnaire and the KS test was used to measure the normality of the data, then t-test was used for testing the questions and Pearson test was used for the hypotheses. To analyze the information needed for the test, statistical software 22 SPSS has been used.
Results: The findings showed that the highest mean for the physical and environmental security index was 4.75, the lowest for security policy index was 2.42. According to the mentioned mean, information security in public libraries of Mazandaran province is evaluated at high level. There is also a significant difference between the implementation of the information security architecture and its components in the libraries under the ISO / IEC 27002 standard.
Conclusion: The results show that managers and security managers need to consider different aspects of security in order to provide security in any information system, helping them create a secure information system and also based on People's comments can be used to assess the architectural levels of information security in the organization.

Keywords

Main Subjects

References

بصیریان جهرمی، رضا (1392). معماری اطلاعات، مجله نما، 6(3)، 52-78.
تقوا، محمدرضا؛ ایزدی، ماندانا (1393). بررسی امنیت در سیستم‌های اطلاعاتی توسعه‌یافته با روش معماری سرویس‌گرا (SOA). مدیریت فناوری اطلاعات، 5 (5)، 25-42.
حریری، نجلا و نظری، زینب (1391). امنیت اطلاعات در کتابخانه‌های دیجیتالی ایران. کتابداری و اطلاع‌رسانی، 16(2)، 45-80.
حاجی زین‌العابدینی، محسن؛ رفعتی، مینا (1396). بررسی نظام مدیریت امنیت اطلاعات در کتابخانه‌های مرکزی دانشگاه‌های دولتی شهر تهران. پژوهش‌های نظری و کاربردی در علم اطلاعات و دانش‌شناسی، 7(1)، 257-279.
دی‌پیر، محمود؛ هلیلی، خداداد و عبیری، داوود (1395). بررسی الزامات اجرایی معماری امنیت اطلاعات سازمان‌های دفاعی. فصلنامه امنیت پژوهی، 54(15)، 68-54.
رضایی چگینی، جهانگیر (1394). معماری اطلاعات: ارتباطات فنون کتابداری و استاندارد تاپیک مپ، فصلنامه علوم و فناوری اطلاعات، 21(2)، ۸۵–۱۰۳.
ملک الکلامی، میلاد (1391). ارزیابی وضعیت عملکرد مدیریت امنیت اطلاعات در کتابخانه‌های مرکزی دانشگاه‌های دولتی مستقر در شهر تهران بر اساس استاندارد ایزو/آی.ای.سی 27002،پایان‌نامه کارشناسی ارشد، دانشگاه علامه طباطبایی، دانشکده علوم تربیتی و روانشناسی.
موسوی، پریسا؛ یوسفی زنوز، رضا؛ حسن‌پور، اکبر (1394). شناسایی ریسک‌های امنیت اطلاعات سازمانی با استفاده از روش دلفی فازی در صنعت بانکداری. مدیریت فناوری اطلاعات. 7(1): 184-163.
Buecker, A., Ashley, P. & Borrett, M., Readshaw, N. (2017). Understanding SOA Security Design and Implementation. International Technical Support Organization, Brussels, IBM redbook Publication.
Chang, G. (2014). Service Web Services with SOAP Security Proxies. Proceeding of the 13th International Conference, 7-9 September, Dresden, Germany.
Fareghzadeh, N. (2015). Web Service Security Method To SOA Development. World Academy Of Science Engineering And Technology, 49(5): 36-48.
Lee, M, Chodavarapu, P. And Kanneganti, R. (2015). SOA Security. 8th International Conference Web Services, 10-12 December, Grenoble, France.
Newby, N. (2017). Information Security For Libraries. Information Security For Libraries. 9(2):379-404.
Ojeme, C. (2015). A Security Framework For Service Oriented Architectures. Proceeding Of The 5th Military Communications Conference,15-17 October, Florida.
Singh, B. (2018).Information Security Measures of Libraries of Central Universities of Delhi: A Study. Journal of Library & Information Technology, 38(2):102-109.
Sulaiman, A.(2009). Information security landscape and maturity level: case study of Malaysian Public service organization (MPS).Government Information Quarterly(4) 26: 584-593.
 young, V. soun, m and teylor,M. (2016). A Policy-Based Evaluation for Quality and Security in Service Oriented Architectures. 6th IEEE International Conference Web Services, 3-5 May, Leipzig, Germany.
Digital and Smart Libraries Researches
Volume 6, Issue 2
June 2019
Pages 35-50

Files

History

  • Receive Date: 31 December 2019
  • Revise Date: 08 May 2020
  • Accept Date: 25 June 2020
  • First Publish Date: 25 June 2020

Share

How to cite

Statistics