[Developing ISMS framework in Securing Aviation Logical Sensitive Data]

by

ACKNOWLEDGEMENT

I would take this opportunity to thank my research supervisor, family and friends for their support and guidance without which this research would not have been possible.

DECLARATION

I, [type your full first names and surname here], declare that the contents of this dissertation/thesis represent my own unaided work, and that the dissertation/thesis has not previously been submitted for academic examination towards any qualification. Furthermore, it represents my own opinions and not necessarily those of the University.

Signed __________________ Date _________________

ABSTRACT

A critical component of aviation security consists of screening passengers and baggage to protect airports and aircraft from terrorist threats. Advancements in screening device technology have increased the ability to detect these threats; however, specifying the operational configurations of these devices in response to changes in the threat environment can become difficult. This article proposes to use Fisher information as a statistical measure for detecting changes in the threat environment. The perceived risk of passengers, according to prescreening information and behaviour analysis, is analyzed as the passengers sequentially enter the security checkpoint. The alarm responses from the devices used to detect threats are also analyzed to monitor significant changes in the frequency of threat items uncovered. The key results are that this information-based measure can be used within the Homeland Security Advisory System to indicate changes in threat conditions in real time, and provide the flexibility of security screening detection devices to responsively and automatically adapt operational configurations to these changing threat conditions.

TABLE OF CONTENTS

ACKNOWLEDGEMENTII

DECLARATIONIII

ABSTRACTIV

LIST OF TABLESVII

LIST OF FIGURESVIII

CHAPTER 1: INTRODUCTION1

Aims of the project5

CHAPTER 2: LITERATURE REVIEW6

Information security management system6

ISMS evaluation7

Benchmarking10

Definition of the problem10

Differences in approach to data adjustment for airlines12

Some benchmarks13

Current Issues19

Bag Screening20

Financing Security20

Privatization Experiment22

The Case For Information Security Scrutiny22

Organization Processes And Security Considerations25

Context26

People28

Structure30

Core Transformation Process32

Management Support Processes33

A Solutions Framework36

Identifying Assets and Vulnerabilities to Known Threats36

Setting Proactive and Reactive Strategies36

Reviewing the Outcomes and Possible Scenario Study37

Contingency Planning38

Security as a Competitive Edge38

Management Buy-In39

Recognition That Security Is Key to the Business39

CHAPTER 3: METHODOLOGY41

Fisher Information46

CHAPTER 4: MODELS, DISCUSSION AND ANALYSIS50

Perceived Passenger Risk50

Detection Device Responses56

Sensitivity To Risk Disturbances58

CHAPTER 5: CONCLUSIONS 62

Industry Best Practices and ISO63

Significant Contribution To The Study65

Future Implications of the Project And Its Importance Or Success66

REFERENCES67

LIST OF TABLES

Table 1: Aeronautical revenue per passenger………………………………………………..…14

Table 2: Commercial revenue per passenger…………………………..……………………….16

Table 3: Total Cost per passenger………………………………………………………………17

LIST OF FIGURES

Figure 1: ISMS risk component flowchart and relationship (ISO/IEC TR 13335-1)8

Figure 2: Relationship between security objectives and requirements18

Figure 3: Airport network technology42

Figure 4: Benchmark clustering45

Figure 5: Network decision making unit and sub-units47

Figure 6: Two-stage airport network technology52

Figure 7: Co-plot of output maximization results with emphasis on Lyon. (Coefficient of alienation is 0.107 and average of correlations is 0.815. The shorter term targets are the white observations and the larger, black observations represent the long term targe54

Figure 8: Information Security Management Act (FISMA) Certification and Accreditation Process Related Guidance56

CHAPTER 1: INTRODUCTION

The increase in worldwide awareness of terrorist activity benefited in August 2006, when several suspected terrorists were arrested in connection with a plot to detonate explosives onboard 10 U.S.-transatlantic ...