Security Requirements Specification in Process-aware Information Systems

2010 ◽  
pp. 145-154
Author(s):  
Michael Menzel ◽  
Ivonne Thomas ◽  
Benjamin Schüler ◽  
Maxim Schnjakin ◽  
Christoph Meinel
Keyword(s):  
Information Systems ◽  
Requirements Specification ◽  
Security Requirements

scholarly journals Model and Technique for Abonent Address Masking in Cyberspace

2020 ◽  
pp. 2-13
Author(s):  
Vadim Kuchurov ◽  
◽  
Roman Maximov ◽  
Roman Sherstobitov ◽  
◽  
...  
Keyword(s):  
Information System ◽  
Information Systems ◽  
Information Security ◽  
Information Exchange ◽  
Information Technologies ◽  
System Structure ◽  
Security Requirements ◽  
Kolmogorov Equation ◽  
Basic Set ◽  
Technical Solutions

Regulators charge to counter information security threats against the structural and functional characteristics of the information system to ensure the information security requirements. These requirements include information system structure and composition, information technologies and functioning characteristics, physical and logical, functional and technological interconnections between information system segments. They order false components of information system emulation as a basic step of protection, as well as information technologies hiding, information system configuration management and its switching to predetermined configuration that provides a protection. However that steps are not included into basic set and they protection aims are reached with compensative assets, formalizing and implementing inhibitory orders and set of organizational and technical measures on threat source. The purpose of research – to disclose and to state main ways of search of new technical solutions for structure masking of distributed information systems in cyberspace implementing masking traffic taking into account the requirements for the timeliness of information exchange. The method of research – operations research in the face of uncertainty, the application of the theory of Markov processes and Kolmogorov equation for solving the problem of increasing the efficiency of masking exchange. The result of research – finding the probabilistic and temporal characteristics of the functioning process of the data transmission network when applying technical solutions for information systems masking in cyberspace. The results obtained make it possible to explicitly implement protection measures aimed at forming persistent false stereotypes among violators about information systems and control processes implemented with their help.

An Accounting Information Systems Perspective on Data Analytics and Big Data

2017 ◽  
Vol 31 (3) ◽  
pp. 101-114 ◽  
Author(s):  
Esperanza Huerta ◽  
Scott Jensen
Keyword(s):  
Big Data ◽  
Information Systems ◽  
Data Analytics ◽  
Accounting Information ◽  
Security Requirements ◽  
Future Research ◽  
Accounting Information Systems ◽  
Systems Perspective ◽  
Analytic Skills

ABSTRACT Forty-six academics and practitioners participated in the second Journal of Information Systems Conference to discuss data analytics and Big Data from an accounting information systems perspective. The panels discussed the evolving role of technology in accounting, privacy within the domain of Big Data, and people and Big Data. Throughout all three panels, several topics emerged that impact all areas of accounting—developing enhanced analytical and data handling skills; evaluating privacy, security requirements, and risks; thinking creatively; and assessing the threat of automation to the accounting profession. Other topics were specific to a segment of the profession, such as the growing demand for privacy compliance audits and the curriculum adjustments necessary to develop data analytic skills. This commentary synthesizes and expands the discussions of the conference panels and suggests potential areas for future research.

Internal Control Considerations for Information System Changes and Patches

2014 ◽  
pp. 161-179 ◽  
Author(s):  
Jeffrey S. Zanzig ◽  
Guillermo A. Francia III ◽  
Xavier P. Francia
Keyword(s):  
Information System ◽  
Information Systems ◽  
Internal Control ◽  
Security Requirements ◽  
Information Technology Professionals ◽  
Organization Management ◽  
Internal Auditors ◽  
Security Issues ◽  
System Changes ◽  
Current Change

The dependence of businesses on properly functioning information systems to allow organizational personnel and outside investors to make important decisions has never been more pronounced. Information systems are constantly evolving due to operational and security requirements. These changes to information systems involve a risk that they could occur in a way that results in improper processing of information and/or security issues. The purpose of this chapter is to consider related guidance provided in a Global Technology Audit Guide (GTAG) from The Institute of Internal Auditors in conjunction with current change and patch management literature in order to assist internal auditors and organizational personnel in better understanding a process that leads to efficient and effective information system changes. The authors describe how internal auditors and information technology professionals can work together with organization management to form a mature approach in addressing both major information system changes and patches.

A Mark-Up Language for the Specification of Information Security Governance Requirements

2013 ◽  
pp. 103-123
Author(s):  
Anirban Sengupta ◽  
Chandan Mazumdar
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Security Requirements ◽  
Security Requirement ◽  
Security Governance ◽  
Digital World ◽  
Information Security Governance ◽  
Version 2.0 ◽  
Enterprise Security ◽  
And Control

As enterprises become dependent on information systems, the need for effective Information Security Governance (ISG) assumes significance. ISG manages risks relating to the confidentiality, integrity and availability of information, and its supporting processes and systems, in an enterprise. Even a medium-sized enterprise contains a huge collection of information and other assets. Moreover, risks evolve rapidly in today’s connected digital world. Therefore, the proper implementation of ISG requires automation of the various monitoring, analysis, and control processes. This can be best achieved by representing information security requirements of an enterprise in a standard, structured format. This paper presents such a structured format in the form of Enterprise Security Requirement Markup Language (ESRML) Version 2.0. It is an XML-based language that considers the elements of ISO 27002 best practices.

A Methodology for Developing Trusted Information Systems

2008 ◽  
pp. 872-899
Author(s):  
Maria Grazia Fugini ◽  
Pierluigi Plebani
Keyword(s):  
Information System ◽  
Information Systems ◽  
Security Requirements ◽  
Mutual Trust ◽  
Distributed Information Systems ◽  
Distributed Information ◽  
Design And Implementation ◽  
Analysis Design ◽  
Data Sensitivity ◽  
Cooperative Processes

In building cooperative distributed information systems, a methodology for analysis, design and implementation of security requirements of involved data and processes is essential for obtaining mutual trust between cooperating organizations. Moreover, when the information system is built as a cooperative set of e-services, security is related to the type of data, to the sensitivity context of the cooperative processes and to the security characteristics of the communication paradigms. This paper presents a methodology to build a trusted cooperative environment, where data sensitivity parameters and security requirements of processes are taken into account. The phases are illustrated and a reference example is presented in a cooperative information system and e-applications. An architecture for trusted exchange of data in cooperative information system is proposed. The requirements analysis phase is presented in detail.

Sign in / Sign up

Export Citation Format

Share Document