Information System Life Cycles and Security

Information System Life Cycles and Security

Albin Zuccato (University of Karlstad, Sweden)
Copyright: © 2007 |Pages: 11
DOI: 10.4018/978-1-59904-090-5.ch015
OnDemand PDF Download:


Organizations are required by legal provision to include information system security into their day- today management activities. To do this effectively and efficiently, it is necessary that information security management integrates into the overall system life cycle. Here I will present a system life cycle and suggest which aspects of security should be covered at which life cycle stage of the system. Based on this, I will present a process framework that due to its iterativity and detailedness accommodates the needs for life cycle oriented security management.

Complete Chapter List

Search this Book:
Table of Contents
Peter F. Linington
Djamel Khadraoui, Francine Herrmann
Chapter 1
Sophie Gastellier-Prevost
Within a more and more complex environment, where connectivity, reactivity and availability are mandatory, companies must be “electronically... Sample PDF
Security Architectures
Chapter 2
Eric Garcia
GRID computing implies sharing heterogeneous resources, located in different places belonging to different administrative domains over a... Sample PDF
Security in GRID Computing
Chapter 3
Göran Pulkkis
Security issues of Symbian-based mobile computing devices such as PDAs and smart phones are surveyed. The evolution of Symbian OS architecture is... Sample PDF
Security of Symbian Based Mobile Devices
Chapter 4
Michéle Germain, Alexis Ferrero, Jouni Karvo
Using WLAN networks in enterprises has become a popular method for providing connectivity. We present the security threats of WLAN networks, and the... Sample PDF
Wireless Local Area Network Security
Chapter 5
Mário M. Ferire
This chapter addresses the problem of interoperability among intrusion detection systems. It presents a classification and a brief description of... Sample PDF
Interoperability Among Instrusion Detection Systems
Chapter 6
Snezana Sucurovic
This chapter presents security solutions in integrated patient-centric Web-based health-care information systems, also known as electronic... Sample PDF
Security in E-Health Applications
Chapter 7
Hristo Koshutanski
Autonomic communication and computing is the new paradigm for dynamic service integration over a network. In an autonomic network, clients may have... Sample PDF
Interactive Access Control and Trust Negotiation for Autonomic Communication
Chapter 8
Isaac Agudo
Advanced applications for the Internet need to make use of the authorization service so that users can prove what they are allowed to do and show... Sample PDF
Delegation Services: A Step Beyond Authorization
Chapter 9
Jean-Henry Morin, Michel Pawlak
This chapter introduces digital rights management (DRM) in the perspective of digital policy management (DPM) focusing on the enterprise and... Sample PDF
From DRM to Enterprise Rights and Policy Management: Challenges and Opportunities
Chapter 10
Srinivas Mukkamala
Malware has become more lethal by using multiple attack vectors to exploit both known and unknown vulnerabilities and can attack prescanned targets... Sample PDF
Limitations of Current Anti-Virus Scanning Technologies
Chapter 11
Indranil Bose
Phishing is a new form of online crime where the unsuspecting user is tricked into revealing his/her personal information. It is usually conducted... Sample PDF
Phishing: The New Security Threat on the Internet
Chapter 12
Bogdan Hoanca
The field of information security has realized many advances in the past few decades. Some of these innovations include new cryptographic... Sample PDF
Phishing Attacks and Countermeasures: Implications for Enterprise Information Security
Chapter 13
Halim Khelafa
The purpose of this chapter is to provide a wide spectrum of end users with a complete reference on malicious code or malware. End users include... Sample PDF
Prevention and Handling of Malicious Code
Chapter 14
Francine Herrmann, Djamel Khadraoui
This chapter provides a wide spectrum of existing security risk management methodologies. The chapter starts presenting the concept and the... Sample PDF
Security Risk Management Methodologies
Chapter 15
Albin Zuccato
Organizations are required by legal provision to include information system security into their day- today management activities. To do this... Sample PDF
Information System Life Cycles and Security
Chapter 16
Mohammed Hussein
General-purpose software specification languages are introduced to model software by providing a better understanding of their characteristics.... Sample PDF
Software Specification and Attack Languages
Chapter 17
R. Manjunath
Providing security for the content that gets exchanged between physically and geographically different locations is challenging. The cost and... Sample PDF
Dynamic Management of Security Constraints in Advanced Enterprises
Chapter 18
Fredrik Vraalsen, Tobias Mahler
This chapter gives an introduction to the CORAS approach for model-based security risk analysis. It presents a guided walkthrough of the CORAS risk... Sample PDF
Assessing Enterprise Risk Level: The CORAS Approach
About the Contributors