A Roadmap for Delivering Trustworthy IT Processes
Kassem Saleh (American University of Sharjah, UAE), Imran Zualkerman (American University of Sharjah, UAE) and Ibrahim Al Kattan (American University of Sharjah, UAE)
Copyright: © 2007
Due to the proliferations of computers and networks, organizations are providing many of their services online. Consequently, organizations are becoming more vulnerable to attacks by cyber criminals, in addition to attacks by insiders. Ultimately, these attacks lead to reducing the trust in the organization and the trustworthiness of its provided services. Online services are mainly provided using internal IT processes. In this chapter, we provide a systematic roadmap that addresses the delivery of trustworthy IT processes at the strategic, tactical and operational levels. This roadmap is based on a defensive and preventive approach to ensure the trustworthiness of the services provided by an organization. We argue that to deliver trustworthy services, the IT processes used must be trustworthy themselves. The requirements for implementing and delivering trustworthy IT processes in an organization are discussed. For each IT process, we discuss how confidentiality, integrity, availability, accountability, reliability, privacy and business integrity requirements can be satisfied.