The analysis, design, and implementation of information systems (3rd ed.)
The analysis, design, and implementation of information systems (3rd ed.)
MIS, concept and design (2nd ed.)
MIS, concept and design (2nd ed.)
A rational design process: How and why to fake it
IEEE Transactions on Software Engineering
Towards an expert system for computer-facility certification
Proceedings of the 2nd IFIP international conference on Computer security: a global challenge
An automated method for assessing the effectiveness of computer security safeguards
Proceedings of the 2nd IFIP international conference on Computer security: a global challenge
Computers and Security
Computers and Security
Cost-effectiveness modeling for a decision support system in computer security
Computers and Security
Designing information systems security
Designing information systems security
Systems analysis and design: current practices
MIS Quarterly
Introduction to systems analysis and design
Introduction to systems analysis and design
The computer virus crisis
Modern structured analysis
Communications of the ACM
The cuckoo's egg: tracking a spy through the maze of computer espionage
The cuckoo's egg: tracking a spy through the maze of computer espionage
SPAN—A DSS for security plan analysis
Computers and Security
Principles of secure information systems design
Computers and Security
Computer security methodology: risk analysis and project definition
Computers and Security
Computer viruses and anti-virus warfare
Computer viruses and anti-virus warfare
Computers at risk: safe computing in the information age
Computers at risk: safe computing in the information age
Information systems development research: an exploration of ideas in practice
The Computer Journal - Special issue on methodologies (systems and software)
System development methodolgy and project success: an assessment of situational approaches
Information and Management
One approach to risk assessment
Computers and Security
Object-oriented systems analysis: a model-driven approach
Object-oriented systems analysis: a model-driven approach
The art and science of designing computet artifacts
Scandinavian Journal of Information Systems
Risk analysis as a source of professional knowledge
Computers and Security
Object-oriented modeling and design
Object-oriented modeling and design
Object-oriented analysis (2nd ed.)
Object-oriented analysis (2nd ed.)
Cyberpunk: outlaws and hackers on the computer frontier
Cyberpunk: outlaws and hackers on the computer frontier
A report on the joint CIMA and IIA computer fraud survey
Computers and Security
A reappraisal of structured analysis: design in an organizational context
ACM Transactions on Information Systems (TOIS)
The entity-relationship model—toward a unified view of data
ACM Transactions on Database Systems (TODS) - Special issue: papers from the international conference on very large data bases: September 22–24, 1975, Framingham, MA
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
An Introduction to Information Engineering: From Strategic Planning to Information Systems
An Introduction to Information Engineering: From Strategic Planning to Information Systems
Spectacular Computer Crimes: What They Are and how They Cost American Business Half a Billion Dollars a Year!
Out of the Inner Circle: The True Story of a Computer Intruder Capable of Cracking the Nation's Most Secure Computer Systems
The Analysis and Design of Computer-Based Information Systems
The Analysis and Design of Computer-Based Information Systems
Information Systems Security
Safe: Security Audit and Field Evaluation for Computer Facilities and Information Systems
Safe: Security Audit and Field Evaluation for Computer Facilities and Information Systems
Security, Accuracy, and Privacy in Computer Systems
Security, Accuracy, and Privacy in Computer Systems
EDP Auditing: Conceptual Foundations and Practice
EDP Auditing: Conceptual Foundations and Practice
Information Systems Development: Methodologies, Techniques and Tools
Information Systems Development: Methodologies, Techniques and Tools
Computer Security Handbook
Structured Development for Real-Time Systems
Structured Development for Real-Time Systems
Designing Controls into Computerized Systems
Designing Controls into Computerized Systems
Exploring Requirements: Quality Before Design
Exploring Requirements: Quality Before Design
Structured Systems Analysis: Tools and Techniques
Structured Systems Analysis: Tools and Techniques
Business Systems Analysis and Design
Business Systems Analysis and Design
Computer Systems Development: History Organization and Implementation
Computer Systems Development: History Organization and Implementation
The Impact of Computer-Assisted Software Engineering on Systems Development
Proceedings of the IFIP WG8.2 Working Conference on The Impact of Computer Supported Technologies in Information Systems Development
Systems Without Method: The Impact of New Technologies on Information Systems Development Projects
Proceedings of the IFIP WG8.2 Working Conference on The Impact of Computer Supported Technologies in Information Systems Development
Structured Analysis and System Specification
Structured Analysis and System Specification
Communications of the ACM
Improving the protection of assets in open distributed systems by use of X-ifying risk analysis
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
Security concerns for contemporary development practices: a case study
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
A paradigmatic analysis of conventional approaches for developing and managing secure IS
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
Organizational Modeling for Efficient Specification of Information Security Requirements
ADBIS '99 Proceedings of the Third East European Conference on Advances in Databases and Information Systems
The Role of the Development Process in Operating System Security
ISW '00 Proceedings of the Third International Workshop on Information Security
Manageable access control for CORBA
Journal of Computer Security - Special issue on ESORICS 2000
PFIRES: a policy framework for information security
Communications of the ACM - A game experience in every application
The IS risk analysis based on a business model
Information and Management
Toward an integrative model of application-software security
Practicing software engineering in the 21st century
An analysis of the traditional IS security approaches: implications for research and practice
European Journal of Information Systems
Agile development of secure web applications
ICWE '06 Proceedings of the 6th international conference on Web engineering
A review of information security issues and respective research contributions
ACM SIGMIS Database
Design security for internet-based workflow management systems adopting security agents
AIKED'05 Proceedings of the 4th WSEAS International Conference on Artificial Intelligence, Knowledge Engineering Data Bases
From privacy methods to a privacy toolbox: Evaluation shows that heuristics are complementary
ACM Transactions on Computer-Human Interaction (TOCHI)
Do secure information system design methods provide adequate modeling support?
Information and Software Technology
Assessing the risk of intercepting VoIP calls
Computer Networks: The International Journal of Computer and Telecommunications Networking
Risk assessment in practice: A real case study
Computer Communications
Security Patterns for Automated Continuous Auditing
Information Security Journal: A Global Perspective
Towards more secure systems: how to combine expert evaluations
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Formalizing information security knowledge
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Choice and Chance: A Conceptual Model of Paths to Information Security Compromise
Information Systems Research
Information security management standards: Problems and solutions
Information and Management
Information and Software Technology
A calculus for the qualitative risk assessment of policy override authorization
Proceedings of the 3rd international conference on Security of information and networks
Introducing mitigation use cases to enhance the scope of test cases
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
A tool-supported method for the design and implementation of secure distributed applications
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
ICSR'10 Proceedings of the Second international conference on Social robotics
Systematic design of secure Mobile Grid systems
Journal of Network and Computer Applications
Discovering Multidimensional Correlations among Regulatory Requirements to Understand Risk
ACM Transactions on Software Engineering and Methodology (TOSEM)
A framework for exploiting security expertise in application development
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
Information modeling for automated risk analysis
CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Are markets for vulnerabilities effective?
MIS Quarterly
Research notes: Research directions in information systems security
International Journal of Information Management: The Journal for Information Professionals
International Journal of Information Management: The Journal for Information Professionals
In defense of the realm: understanding the threats to information security
International Journal of Information Management: The Journal for Information Professionals
Point-and-shoot security design: can we build better tools for developers?
Proceedings of the 2012 workshop on New security paradigms
Investing in IT Security: How to Determine the Maximum Threshold
International Journal of Information Security and Privacy
A Methodology for Managing Information-Based Risk
Information Resources Management Journal
Sustaining accessibility of information through digital preservation: A literature review
Journal of Information Science
Cyber-risk decision models: To insure IT or not?
Decision Support Systems
Information and Software Technology
| Hi-index | 0.02 |
The security of information systems is a serious issue because computer abuse is increasing. It is important, therefore, that systems analysts and designers develop expertise in methods for specifying information systems security. The characteristics found in three generations of general information system design methods provide a framework for comparing and understanding current security design methods. These methods include approaches that use checklists of controls, divide functional requirements into engineering partitions, and create abstract models of both the problem and the solution. Comparisons and contrasts reveal that advances in security methods lag behind advances in general systems development methods. This analysis also reveals that more general methods fail to consider security specifications rigorously.