Understanding computers and cognition
Understanding computers and cognition
Communications of the ACM
New organizational forms for information security management
SEC'97 Proceedings of the IFIP TC11 13 international conference on Information Security (SEC '97) on Information security in research and business
Survivability—a new technical and business perspective on security
Proceedings of the 1999 workshop on New security paradigms
Understanding and Evaluating Methodologies: NIMSAD, a Systematic Framework
Understanding and Evaluating Methodologies: NIMSAD, a Systematic Framework
Information, Systems and Information Systems: Making Sense of the Field
Information, Systems and Information Systems: Making Sense of the Field
Information Security: Process Evaluation and Product Evaluation
Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures
| Hi-index | 0.00 |
Research on Information Security has been based on a well-established definition of the subject. Consequently, it has delivered a plethora of methods, techniques, mechanisms and tools to protect the so-called security attributes (i.e. availability, confidentiality and integrity) of information. However, a modern Information System (IS) appear rather vulnerable and people show mistrust on their ability to deliver the services expected. This phenomenon leads us to the conclusion that information security does not necessarily equal IS security. In this paper, we argue that IS security, contrary to information remains a confusing term and a neglected research area. We attempt to clarify the meaning and aims of IS security and propose a framework for building secure information systems, or as we suggest them to be called, viable information systems.