A paradigmatic analysis of conventional approaches for developing and managing secure IS
作者: Mikko T Siponen , None
关键词:
摘要: Because the methods of development for Information Systems (IS) do not pay attention to security aspects, several information systems (ISS) have been presented. This paper will analyze traditional/conventional approaches, namely normative standards (e.g. checklists, management and evaluation standards), formal methods, common sense principles risk management. These approaches be analyzed in light I) research objectives; II) organizational role IS security; III) used; IV) applicability; V) a conceptual meta-model IS. The contribution is twofold. First analysis sheds hew on underlying foundations conventional approaches. Second, suggests implications researchers practitioners.
springer.com
sci-hub.se 参考文章(88)
Jr. C L Carpenter, G E Murine, Measuring computer system security using software security metrics Proceedings of the 2nd IFIP international conference on Computer security: a global challenge. pp. 207- 215 ,(1984)
Kalle Lyytinen, Heinz K. Klein, THE POVERTY OF SCIENTISM IN INFORMATION SYSTEMS ,(2000)
David Bailey, Marshall Abrams, Abstraction and Refinement of Layered Security Policy ,(2006)
Gene Spafford, Simson Garfinkel, Web security & commerce O'Reilly & Associates, Inc.. ,(1997)
Wai Fong Chua, Radical Developments in Accounting Thought ,(1986)
Juhani Iivari, Levels of Abstraction as a Conceptual Framework for an Information System. ISCO. pp. 323- 352 ,(1989)
James Arlin Cooper, Computer and communications security: strategies for the 1990s Intertext Publications, Inc.,/McGraw-Hill, Inc.. ,(1989)
D. E. Avison, Allen S. Lee, Leslie Willcocks, Richard Baskerville, Information Systems Development ,(1998)
Gurpreet Dhillon, Managing information system security Macmillan Education UK. ,(1997) , 10.1007/978-1-349-14454-9