论文信息 - A System Framework of Security Management in Enterprise Systems

A System Framework of Security Management in Enterprise Systems

After analysing the security conditions in current Enterprise Systems (ES), this paper proposes a systematic framework that is based on the Secure Sockets Layer Virtual Private Network (SSL-VPN) for improving security management. This framework takes account of several key aspects such as channel strategy, network pattern, workstation authentication, identity authentication, security workflow, etc. The proposed framework has the following advantages: low cost, high performance, easy to implement, and strong security control pattern. In addition, this paper proposes a dynamic security strategy that is about authorizing user ID and roles dynamically and conducting real-time mapping via agent or proxy technologies. Copyright © 2013 John Wiley & Sons, Ltd.

[1] Ling Li,et al. Effects of enterprise technology on supply chain collaboration: analysis of China-linked supply chain , 2012, Enterp. Inf. Syst..

[2] Edward P. Markowski,et al. Assessing the effects of manufacturing infrastructure preparation prior to enterprise information-systems implementation , 2008 .

[3] Mehran Sepehri,et al. A grid-based collaborative supply chain with multi-product multi-period production–distribution , 2012, Enterp. Inf. Syst..

[4] Sohail S. Chaudhry,et al. Piracy in cyber space: consumer complicity, pirates and enterprise enforcement , 2011, Enterp. Inf. Syst..

[5] Lida Xu,et al. Object-Oriented Templates for Automated Assembly Planning of Complex Products , 2014, IEEE Transactions on Automation Science and Engineering.

[6] Anil K. Jain,et al. Fingerprint Image Enhancement: Algorithm and Performance Evaluation , 1998, IEEE Trans. Pattern Anal. Mach. Intell..

[7] Hao Chen,et al. Imaginal Thinking-Based Human-Machine Design Methodology for the Configuration of Reconfigurable Machine Tools , 2012, IEEE Transactions on Industrial Informatics.

[8] Guangyi Xiao,et al. Improving Multilingual Semantic Interoperation in Cross-Organizational Enterprise Systems Through Concept Disambiguation , 2012, IEEE Transactions on Industrial Informatics.

[9] Yuan Sun,et al. Multi-level analysis in information systems research: the case of enterprise resource planning system usage in China , 2011, Enterp. Inf. Syst..

[10] Dong Hoon Lee,et al. Password-Authenticated Key Exchange between Clients with Different Passwords , 2002, ICICS.

[11] Ramaswamy Chandramouli,et al. The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[12] Yue-Hong Yin,et al. Reconfigurable manufacturing execution system for pipe cutting , 2011, Enterp. Inf. Syst..

[13] Fei Tao,et al. FC-PACO-RM: A Parallel Method for Service Composition Optimal-Selection in Cloud Manufacturing System , 2013, IEEE Transactions on Industrial Informatics.

[14] X. Qin,et al. ERP research, development and implementation in China: an overview , 2005 .

[15] Lida Xu,et al. Enterprise Information Systems Architecture—Analysis and Evaluation , 2013, IEEE Transactions on Industrial Informatics.

[16] Sándor Vajna,et al. Multidisciplinary design optimisation of a recurve bow based on applications of the autogenetic design theory and distributed computing , 2012, Enterp. Inf. Syst..

[17] Hervé Panetto,et al. An approach for formalising the supply chain operations , 2011, Enterp. Inf. Syst..

[18] Sameer Kumar,et al. Challenges with the introduction of radio-frequency identification systems into a manufacturer's supply chain – a pilot study , 2011, Enterp. Inf. Syst..

[19] Taekyoung Kwon,et al. Security analysis and improvement of the efficient password-based authentication protocol , 2005, IEEE Communications Letters.

[20] Lida Xu,et al. Extended Interference Matrices for Exploded View of Assembly Planning , 2014, IEEE Transactions on Automation Science and Engineering.

[21] Ling Li. Introduction: Advances in E-business engineering , 2011, Inf. Technol. Manag..

[22] Ashfaq A. Khokhar,et al. Virtual private networks: an overview with performance evaluation , 2004, IEEE Communications Magazine.

[23] David Shan-Hill Wong,et al. Fault Detection Based on Statistical Multivariate Analysis and Microarray Visualization , 2010, IEEE Transactions on Industrial Informatics.

[24] John Boardman,et al. Expanding a System of Systems Model with the Schelling Segregation Model , 2013 .

[25] Ling Li,et al. Guest EditorialIntegrated Healthcare Information Systems , 2012, IEEE Transactions on Information Technology in Biomedicine.

[26] Andrew P. Martin,et al. Using Propositional Logic for Requirements Verification of Service Workflow , 2012, IEEE Transactions on Industrial Informatics.

[27] Lida Xu,et al. Enterprise Systems: State-of-the-Art and Future Trends , 2011, IEEE Transactions on Industrial Informatics.

[28] Lida Xu,et al. EMG and EPP-Integrated Human–Machine Interface Between the Paralyzed and Rehabilitation Exoskeleton , 2012, IEEE Transactions on Information Technology in Biomedicine.

[29] Ricardo Valerdi,et al. Guest Editorial Special Section on Enterprise Systems , 2012, IEEE Trans. Ind. Informatics.

[30] Lida Xu,et al. A Continuous Biomedical Signal Acquisition System Based on Compressed Sensing in Body Sensor Networks , 2013, IEEE Transactions on Industrial Informatics.

[31] Wu He,et al. Integration of Distributed Enterprise Applications: A Survey , 2014, IEEE Transactions on Industrial Informatics.

[32] Yuan Wei,et al. Government informatization: a case study , 2009 .

[33] Lida Xu,et al. Business Intelligence for Enterprise Systems: A Survey , 2012, IEEE Transactions on Industrial Informatics.

[34] Lida Xu,et al. AutoAssem: An Automated Assembly Planning System for Complex Products , 2012, IEEE Transactions on Industrial Informatics.

[35] Jürgen Strohhecker,et al. Implementing Sustainable Business Strategies , 2012 .

[36] Huimin Liu,et al. Modelling and analysis techniques for cross‐organizational workflow systems , 2009 .

[37] Andrew P. Martin,et al. SWSpec: The Requirements Specification Language in Service Workflow Environments , 2012, IEEE Transactions on Industrial Informatics.