Enterprise Information System Security: A Life-Cycle Approach

Enterprise Information System Security: A Life-Cycle Approach

Chandan Mazumdar (Jadavpur University, India)
DOI: 10.4018/978-1-61692-852-0.ch111
OnDemand PDF Download:
No Current Special Offers


There has been an unprecedented thrust in employing Computers and Communication technologies in all walks of life. The systems enabled by Information Technology are becoming more and more complex resulting in various threats and vulnerabilities. The security properties, like confidentiality, integrity, and availability, are becoming more and more difficult to protect. In this chapter, a life-cycle approach to achieve and maintain security of enterprises has been proposed. First, enterprise information systems are looked at in detail. Then, the need for enterprise information system security and problems associated with security implementation are discussed. The authors consider enterprise information system security as a management issue and detail the information security parameters. Finally, the proposed security engineering life-cycle is described in detail, which includes, Security Requirement Analysis, Security Policy Formulation, Security Infrastructure Advisory Generation, Security Testing and Validation, and Review and Monitoring phases.

Complete Chapter List

Search this Book: