An Overview of Current Information Systems Security Challenges and Innovations

Information Systems Security is one of the most pressing challenges confronting all kinds of present-day organizations. Although many companies have discovered how critical information is to the success of their business or operations, very few have managed to be effective in maintaining their information secure, avoiding unauthorized access, preventing intrusions, stopping secret information disclosure, etc. Security is currently a widespread and growing concern that affects all areas of society: business, domestic, financial, government, and so on. In fact, the so-called information society is increasingly dependent on a wide range of software systems whose mission is critical, such as air traffic control systems, financial systems, or public health systems. The potential losses that are confronted by businesses and organizations that rely on all these hardware and software systems have therefore led to a situation in which it is crucial for information systems to be properly secured from the outset.

[1]  N. Doherty,et al.  Aligning the information security policy with the strategic information systems plan , 2006, Comput. Secur..

[2]  Matt Bishop,et al.  Introduction to Digital Forensics: Education, Research, and Practice Minitrack , 2013, 2015 48th Hawaii International Conference on System Sciences.

[3]  Daniel Mellado,et al.  A systematic review of security requirements engineering , 2010, Comput. Stand. Interfaces.

[4]  Mario Piattini,et al.  A common criteria based security requirements engineering process for the development of secure information systems , 2007, Comput. Stand. Interfaces.

[5]  T. Grance,et al.  SP 800-144. Guidelines on Security and Privacy in Public Cloud Computing , 2011 .

[6]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[7]  Martin S. Olivier,et al.  On Compound Purposes and Compound Reasons for Enabling Privacy , 2011, J. Univers. Comput. Sci..

[8]  Frank Gens,et al.  Cloud Computing Benefits, risks and recommendations for information security , 2010 .

[9]  Takeshi Koshiba,et al.  Progress in Quantum Computational Cryptography , 2006, J. Univers. Comput. Sci..

[10]  Alan L. Rector,et al.  MEDICAL INFORMATICS , 1990, The Lancet.

[11]  日本規格協会 情報技術-セキュリティ技術-情報セキュリティマネジメントシステム-要求事項 : 国際規格ISO/IEC 27001 = Information technology-Security techniques-Information security management systems-Requirements : ISO/IEC 27001 , 2005 .

[12]  Simson L. Garfinkel,et al.  Digital forensics research: The next 10 years , 2010, Digit. Investig..

[13]  Toby Velte,et al.  Cloud Computing, A Practical Approach , 2009 .

[14]  PiattiniMario,et al.  A common criteria based security requirements engineering process for the development of secure information systems , 2007 .

[15]  Shirley C. Payne,et al.  A Guide to Security Metrics , 2007 .

[16]  Carlos Fernández-Balandrón ITIL: Information Technology Infrastructure Library , 2007 .

[17]  Carlos Fernández-Valdivielso,et al.  Enabling Personal Privacy for Pervasive Computing Environments , 2010, J. Univers. Comput. Sci..

[18]  Daniele Catteddu,et al.  Cloud Computing: Benefits, Risks and Recommendations for Information Security , 2009 .

[19]  David Kluge Formal Information Security Standards in German Medium Enterprises , 2008 .

[20]  Andreas L. Opdahl,et al.  Experimental comparison of attack trees and misuse cases for security threat identification , 2009, Inf. Softw. Technol..

[21]  Mario Piattini,et al.  Managing Security and its Maturity in Small and Medium-sized Enterprises , 2009, J. Univers. Comput. Sci..

[22]  Yong-Tae Park,et al.  A Study of Effect of Information Security Management System(ISMS) Certification on Organization Performance , 2010 .

[23]  A. M. Fal Standardization in information security management , 2010 .

[24]  Tao Li,et al.  Computer Forensics System Based on Artificial Immune Systems , 2007, J. Univers. Comput. Sci..

[25]  Bruce Schneier,et al.  Cryptography Engineering - Design Principles and Practical Applications , 2010 .

[26]  John W. Rittinghouse,et al.  Cloud Computing: Implementation, Management, and Security , 2009 .

[27]  Guillermo A. Francia,et al.  Computer forensics laboratory and tools , 2005 .

[28]  Vladislav Fomin,et al.  Exploring the Suitability of IS Security Management Standards for SMEs , 2008, Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008).

[29]  Wayne A. Jansen,et al.  Directions in Security Metrics Research , 2009 .

[30]  Young-Sik Bae A study of Effect of Information Security Management System [ISMS] Certification on Organization Performance , 2012 .

[31]  Woo-Sung Park,et al.  I. Introduction , 1962, Geological Society, London, Memoirs.

[32]  M Iraburu [Confidentiality and privacy]. , 2006, Anales del sistema sanitario de Navarra.

[33]  Francisco Marcano,et al.  Quality labels for e-health , 2008, IET Commun..

[34]  G. Dhillon,et al.  Technical opinion: Information system security management in the new millennium , 2000, CACM.

[35]  Rossouw von Solms,et al.  The 10 deadly sins of information security management , 2004, Comput. Secur..

[36]  Andrew H. Sung,et al.  Identifying Significant Features for Network Forensic Analysis Using Artificial Intelligence Techniques , 2003, Int. J. Digit. EVid..

[37]  Kim-Kwang Raymond Choo,et al.  Future directions in technology-enabled crime: 2007-09 , 2008 .