A Framework for Enhancing Systems Security

Abstract Security concerns have grown in sync with the growth of ecommerce. This paper presents a framework for analyzing systems security in terms of three dimensions, namely, technology, process, and people. The paper also advocates a systems development life cycle view of security. It describes different activities that need to be carried out throughout the development cycle in order to improve overall systems security. It also discusses the theoretical and practical implications of the study, and identifies future research directions.

[1]  Francesco Buccafurri,et al.  Implementing disposable credit card numbers by mobile phones , 2011, Electron. Commer. Res..

[2]  Haider Abbas,et al.  Addressing Dynamic Issues in Information Security Management , 2011, Inf. Manag. Comput. Secur..

[3]  Jie Yu,et al.  Enhancing host security using external environment sensors , 2010, International Journal of Information Security.

[4]  Christos Xenakis,et al.  A comparative evaluation of intrusion detection architectures for mobile ad hoc networks , 2011, Comput. Secur..

[5]  Aggeliki Tsohou A Security Standards' Framework to Facilitate Best Practices' Awareness and Conformity , 2010, Inf. Manag. Comput. Secur..

[6]  Ahmed Patel,et al.  A review and future research directions of secure and trustworthy mobile agent-based e-marketplace systems , 2010, Inf. Manag. Comput. Secur..

[7]  Yoshimi Teshigawara,et al.  Security Guideline Tool for Home Users Based on International Standards , 2010, Inf. Manag. Comput. Secur..

[8]  Antonio F. Gómez-Skarmeta,et al.  PKI-based trust management in inter-domain scenarios , 2010, Comput. Secur..

[9]  Faith-Michael E. Uzoka,et al.  Empirical analysis of biometric technology adoption and acceptance in Botswana , 2009, J. Syst. Softw..

[10]  Xin Luo,et al.  Consumer motivations in taking action against spyware: an empirical investigation , 2009, Inf. Manag. Comput. Secur..

[11]  Chin-Tser Huang,et al.  Multi-dimensional credentialing using veiled certificates: Protecting privacy in the face of regulatory reporting requirements , 2009, Comput. Secur..

[12]  Haralambos Mouratidis,et al.  Management versus security specialists: an empirical study on security related perceptions , 2008, Inf. Manag. Comput. Secur..

[13]  Hervé Debar,et al.  Security information management as an outsourced service , 2006, Inf. Manag. Comput. Secur..

[14]  Harold Tipton,et al.  Information Security Management Handbook, Volume 5 , 2006 .

[15]  Bill Orr A Single Sign-On for All Supply Chain Members? Its Time May Be Coming, Now That Federated Identity Is Here , 2005 .

[16]  L. R. Chao,et al.  An integrated system theory of information security management , 2003, Inf. Manag. Comput. Secur..

[17]  R. Panko Corporate Computer and Network Security , 2003 .

[18]  Eugene Schultz Security views , 2002, Comput. Secur..

[19]  Mikko T. Siponen,et al.  Towards maturity of information security maturity criteria: six lessons learned from software maturity criteria , 2002, Inf. Manag. Comput. Secur..

[20]  Judith S. Olson,et al.  i2i trust in e-commerce , 2000, CACM.

[21]  G. Dhillon,et al.  Technical opinion: Information system security management in the new millennium , 2000, CACM.

[22]  Robert W. Shirey,et al.  Internet Security Glossary , 2000, RFC.

[23]  Julie D Nosworthy,et al.  Implementing Information Security In The 21st Century Do You Have the Balancing Factors? , 2000, Comput. Secur..

[24]  Sebastiaan H. von Solms,et al.  Information Security Management: A Hierarchical Framework for Various Approaches , 2000, Comput. Secur..

[25]  I. Monitor Information Security Management Handbook , 2000 .