Principles of secure information systems design
暂无分享,去创建一个
For the most part, computer systems designers and analysts are acutely aware of and genuinely concerned about information systems security. Unfortunately, they do not manifest their concern by incorporating specific control measures into the systems they create, enhance, and maintain. The reason for this is that they lack a set of principles of secure information systems design, that may be used when selecting or devising control measures. Such principles can constitute a foundation of thinking about information security, assist in the proper categorization of controls by type, and facilitate prudent selection of appropriate controls from amongst these categories. Responding to the need, this article provides an overview of security principles for information systems design.
[1] Alan E. Brill. Building Controls into Structured Systems , 1983 .
[2] Richard P. Kusserow,et al. Management principles for asset protection: Understanding the criminal equation , 1986 .
[3] Charles Cresson Wood,et al. Computer Security: A Comprehensive Controls Checklist , 1987 .