Information Systems Vulnerabilities
Downloads
Nowadays, the role of information technology is difficult to overestimate. Due to their global spread, year by year humanity is increasingly relying on various information systems and, as a result, depends on them. Vulnerability of Information Systems is a major concern these days in all spheres of Financial, government, private sectors. Even though most of the organizations have realized the value of information and the part it plays in the success of the business, only a few take adequate measures in ensuring the security of their information, preventing unauthorized access, securing data from intrusion and unapproved disclosures etc. In this article it is explore the meaning of information security from the perspective of the reasons of the vulnerability of information technologies and systems.
Downloads
Mellado, D., E. Fernández-Medina, et al. (2007). "A Common Criteria Based Security Requirements Engineering Process for the Development of Secure Information Systems."
Mellado, D., C. Blanco, et al. (2010). "A Systematic Review of Security Requirements Engineering standards”.
Techopedia [online] Available: https://www.techopedia.com/definition/13484/ vulnerability.
Choo, K.-K. R., R. G. Smith, et al. (2007). Future directions in technology-enabled crime: 2007-09.
Mazov N.A., Revnivykh A.V., Fedotov A.M., Analysis of information security risks. Vestnik NGU. Ser.: Information Technologies. 2011; 9(2): 80–89.
Brinkley D.L., Schell R.R., “What is there to worry about? An Introduction to the Computer Security Problem”. Information Security: An Integrated Collection of Essays. 1995; 11–39.
Ferrer-Roca, O., F. Marcano, et al. (2008). Quality labels for e-health.
The Center for Internet Security (CIS) (2008). The CIS Security Metrics Service. Velte, A. T., P. D. Toby J. Velte, et al. (2010). Cloud Computing: A Practical Approach.
Solms, B. v. and R. v. Solms (2004). "The 10 deadly sins of Information Security Management."
Susanto, H. and F. b. Muhaya (2010). "Multimedia Information Security Architecture."
COBITv4.0 (2006). Cobit Guidelines, Information Security Audit and Control Association.
Kluge, D. (2008). Formal Information Security Standards in German Medium Enterprises.
ITILv3.0 (2007). ITIL, Information Technology Infrastructure Library. C. C. a. T. A. (CCTA).
Francia, G., Clinton, K.: (2005). "Computer forensics laboratory and tools”.
Yang, J., T. Li, et al. (2007). “Computer Forensics System Based on Artificial Immune Systems.”
Park, C.-S., S.-S. Jang, et al. (2010). "A Study of Effect of Information Security Management System [ISMS] Certification on Organization Performance."
Nance, K., M. Bishop, et al. (2012). Introduction to Digital Forensics - Education, Research and Practice Minitrack
ISO/IEC, "Information technology -- Security Techniques-Information security risk management", ISO/IEC FIDIS 27005:2008.
Technical aspects of information security [online] Available: http://www.ukessays.co.uk/essays/information-system/technical-aspects-of-informationsecurity.php.
Intelligence Community » Members of the IC [online] Available: https://www.dni.gov/index.php/intelligence-community/members-of-the-ic.
The CIA Triad [online] Available: http://www.techrepublic.com/blog/it-security/the-ciatriad/
Securing Europe's Information Society [online] Available: https://www.enisa.europa.eu/topics/threat-risk-management/risk-management/current-risk/risk-managementinventory/glossary.
Berinato, S. (2005). "A Few Good Information Security Metrics.
Carrier, B (2001). "Defining digital forensic examination and analysis tools". Digital Research Workshop II. Retrieved 2 August 2010.
Goldreich, O., Ed. (2004). Foundations of Cryptography: Basic Applications.
Jansen, W. (2009). Directions in Security Metrics Research. N. I. o. S. a. Technology.
NIST (2011). Security and Privacy Controls for Federal Information Systems and Organizations SP.
Rivest, Ronald L. (1990). "Cryptography". In J. Van Leeuwen. Handbook of Theoretical Computer Science. 1. Elsevier.
Jansen, W. and T. Grance (2011). Guidelines on Security and Privacy in Public Cloud Computing.
Staden, W. v. and M. S. Olivier (2011). "On Compound Purposes and Compound Reasons for Enabling Privacy."
Bellare, Mihir; Rogaway, Phillip (21 September 2005). "Introduction". Introduction to Modern Cryptography.
