Special Offers
- Acquire a Source of Open Access (OA) APC Funding for Your Institution Through
  IGI Global's OA Fee Waiver (Offset Model) Initiative
  For any library that invests in IGI Global's InfoSci-Books and/or InfoSci-Journals databases, IGI Global will match the library’s investment with a fund of equal value to go toward subsidizing the OA APCs for their faculty patrons when their work is submitted/accepted under OA into an IGI Global journal.
  Learn More
- Subscribe to the Latest Research Through IGI Global's InfoSci-OnDemand Plus
  InfoSci®-OnDemand Plus, a subscription-based service, provides researchers the ability to access full-text content from over 100,000+ peer-reviewed book chapters and 25,000+ scholarly journal articles that spans across 350+ topics in 11 core subjects. Users can select articles or chapters that meet their interests and gain access to the full content permanently in their personal online InfoSci-OnDemand Plus library.
  Subscribe
- Purchase the Encyclopedia of Information Science and Technology, Fourth Edition
  and Receive Complimentary E-Books of Previous Editions
  When ordering directly through IGI Global's Online Bookstore, receive the complimentary e-books for the first, second, and third editions with the purchase of the Encyclopedia of Information Science and Technology, Fourth Edition e-book.
  Purchase
- Create a Free IGI Global Library Account to Receive an Additional 5% Discount on All Purchases
  Exclusive benefits include one-click shopping, flexible payment options, free COUNTER 5 reports and MARC records, and a 5% discount on single all titles, as well as the award-winning InfoSci^®-Databases.
  Sign Up Now!
- Receive a 20% Discount on All Publications Purchased Through
  IGI Global’s Online Bookstore
  This discount cannot be combined with any other offer and is only valid when purchasing directly through IGI Global. (Exclusion of select titles and products may apply).
  Browse Publications
Books
Journals
InfoSci^®-Databases
Articles/Chapters
Publish with Us
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - Researchers
  - Browse Books
  - Browse Journals
  - Search Open Access Content
  - Streaming Videos
  - OnDemand Downloads
  - Webinars
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - Fair Use Policy
  - Open Access Publishing
  - Editorial Services
  - FAQ
  - Distributors
  - Distributor Resources
  - Book Distributors
  - Journal Subscription Agencies
  - E-Resource Partners
Catalogs
About Us
Newsroom

Designing Secure and Privacy-Aware Information Systems

Christos Kalloniatis (Department of Cultural Technology and Communication, University of the Aegean, Lesvos, Greece), Argyri Pattakou (Department of Cultural Technology and Communication, University of the Aegean, Lesvos, Greece), Evangelia Kavakli (Department of Cultural Technology and Communication, University of the Aegean, Lesvos, Greece) and Stefanos Gritzalis (Department of Information and Communication Systems Engineering, University of the Aegean, Samos, Greece)

Source Title: Censorship, Surveillance, and Privacy: Concepts, Methodologies, Tools, and Applications

DOI: 10.4018/978-1-5225-7113-1.ch022

OnDemand PDF Download:

$37.50

Abstract

Pervasiveness of information systems is well underway, redefining our social and economic relationships. This technological revolution has generated enormous capabilities, but also enabled the creation of new vulnerabilities and threats. A major challenge in the field of information systems is therefore, to ensure the trustworthiness of the underlying technologies that make possible the generation, collection, storage, processing and transmission of user data at rates more intensive than ever before. Trust in information systems depends on different aspects, one of which is the security of user's data. Data security is referred as the protection of user's data from corruption and unauthorized access. Another important aspect of trust is the protection of user's privacy. Protecting privacy is about complying with user's desires when it comes to handling personal information. Without security to guarantee data protection, appropriate uses of that data cannot be realized. This implies that security and privacy issues are inherently intertwined and should be viewed synergistically. The aim of this paper is to elevate modern practices for ensuring security and privacy during software systems analysis and design. To this end, the basic security and privacy requirements that should be considered are introduced. Additionally, a number of well known methods in the research area of requirements engineering which focus on eliciting and modeling security and privacy requirements are described. Finally, a comparative analysis between these methods is presented.

Chapter Preview

Top

2. Security And Privacy Requirements

Data security in information systems is referred to the protection of digital data from unauthorized access, processing or disclosure through the whole data life cycle. Data must be secured not only from intentional but from accidental unauthorized access too. Software engineers are responsible to design and implement software systems that are able to prevent potential attackers from unauthorized access and processing in order to ensure data security and business continuity.

Privacy relates to protecting or controlling the disclosure of personal data, i.e. any information concerning the personal or material circumstances of an identified or identifiable person (the data subject). In general, privacy protection can be undertaken by:

Complete Chapter List

Search this Book:

Reset

MLA

APA

Chicago

Export Reference

Designing Secure and Privacy-Aware Information Systems

Abstract

2. Security And Privacy Requirements

Complete Chapter List