The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The methodological aspects of building standardized profiles describing the development of a security system that is an integral part of a distributed information system are considered. Functional standardization instruments and the theory of open systems are used.
Security in software applications is frequently an afterthought. Even if developers are aware of security policies and software vulnerabilities, they possess little knowledge of how to implement security polices while developing applications. In addition, the lack of support for tools and security automation makes it more challenging to incorporate security policies. In this paper we have proposed...
Establish an effective security force input mechanism is necessary, in order to establish a corresponding mechanism for the disclosure of accounting information is necessary. Security force input mechanism and the disclosure mechanism of accounting information related to the stakeholders to understand business is an important window in safety, security into the performance area. The software security...
Recently, according to the emerging development of smart mobile phones and tablet PC, mobile e-commerce has dramatically increased due to the reason that the function of smart mobile phone and tablet PC are combined together. M-banking is thus become more convenient, effective and timely through the new mobile communication systems. In order to raise the security of M-banking, some banks adopt the...
Ensuring SOA developed applications security has become crucial to protect against potential damage and is a sign of confidence for companies that would like to start collaboration based on SOA services. The aim of the present paper is to present the principles of a novel tool that supports the assessment of SOA security maturity of organizations: the SOASMM (SOA Security Maturity Model). This model...
With the prosperity of E-commerce industry, the electronic commerce course construction also needs developing synchronously. E-commerce security is the important part of e-commerce, and is also a course which combines theory with practice closely. To improve the practical operative ability, a perfect teaching experiment platform is necessary for students to do the e-commerce security-related experiments...
Usage of payment cards such as credit cards, debit cards, and prepaid cards, continues to grow. Security breaches related to payment cards have led to billion dollar losses annually. In order to offset this trend, major payment card networks have founded the Payment Card Industry (PCI) Security Standards Council (SSC), which has designed and released the PCI Data Security Standard (DSS). This standard...
There are so many models for security risk assessment, but most of them are non practical. An effective security risk management process enables enterprises to operate in the most cost efficient manner with a known and acceptable level of business risk. Callio Secura 17799 is a simple, but effective tool for implementing an information security management system, based on the ISO/IEC 27001:2005 standard...
This paper is intended to give an overview about the aspects of information security that are of importance in real life and should be taken into consideration during a regular IT project. Not only in the financial sector it is very popular these days to outsource certain parts of IT like application development and IT operation. From the perspective of a threat analysis team the authors experienced...
The paper considers and discusses two closely related concepts and process, namely risk management and security management. Practically, there is a tendency to consider risk management as a plenty process capable to protect information assets. Based on the literature and international standards, the paper gives an overview of all the aspects and activities related to both processes. risk management...
Local area network (LAN) security evaluation has not only become more important but also affected the LAN or internet advancement and development. Above all, the LAN security characteristics of are analyzed. On the basis, the quality evaluation system framework of LAN security indicator is established. Fuzzy evaluation index system is established to consider various influential factors. As to indexes...
Information security breaches pose major threats to the reliable execution of corporate strategies and may have negative effects on business value. Information security risk management (ISRM) provides an effective approach for assessing, mitigating, and evaluating information security risks. Existing ISRM approaches are highly accepted but demand very detailed knowledge about the IT security domain...
The success of e-government construction, will change the functions of government, business integration, institutional reform restructuring, process reengineering and management innovation, and play an immeasurable role in greatly increased administrative efficiency and quality, and enhance China's overall national strength and international competitiveness. In this paper, the main problems of Chinese...
Information security is the basis for the development of e-commerce, with the development of e-commerce, a variety of Internet transactions show the characteristic of diversification and the security issues become much more prominent. In order to solve this problem, there must be a security technology for protection. In this paper, we explain the existence security problems of the e-commerce, and...
According to all security studies recently published, the regulatory compliance appears as one of the most important drivers in security spending, representing the bigger part of security operating costs. Regulatory compliance is very often mentioned to attest an improved performance and accountability in security mechanism and procedures. This paper aims to analyse the contribution of different laws,...
Currently as even more in the future, enterprises of whatever size and structure highly dependent on information and information processing technologies. A lot effort has been made for securing these assets, focusing on technical and selected organizational solutions mainly. As the rising dependability on information security comes along with an even stronger increase in the necessity to manage information...
Information security is a comprehensive and specialized discipline and related to many different topics of business and science. In this framework, this paper focuses on the role and behavior of business leaders in the hectic modern business environments in realizing and practicing business-related information security management. One of the most obvious characteristics of our modern society and all...
Organizations face a significant challenge in designing and implementing appropriate information security measures. There are many sources of guidance on good and best practice relating to platforms, architectures and industries, but this guidance needs to be interpreted in the context of the specific risks faced by the organization, the desire to mitigate those risks, and the requirements for user...
In this paper we focus on the losses related to information and IT security incidents. The loss dimension in terms of business impacts is often treated only superficially in current standards, best practices and the research literature. The main focus lies often on the impacts on properties of information and services like confidentiality, integrity and availability. We make a step in the direction...
The paper describe relevance of outsourcing managed security services. It has many benefits of using, but also brings key risks for business mission. If organization is planning to implement out of house information security, then it must stick to hard and fast rules to reduce these risks and get all advances. There are listed below steps of interaction such as preparing request for proposal, composing...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.