Balancing confidentiality and efficiency in untrusted relational DBMSs
Proceedings of the 10th ACM conference on Computer and communications security
Modeling and assessing inference exposure in encrypted databases
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the 34th annual ACM SIGUCCS fall conference: expanding the boundaries
CEA'08 Proceedings of the 2nd WSEAS International Conference on Computer Engineering and Applications
Strategic planning for the computer science security
WSEAS Transactions on Computers
A systematic review of security requirements engineering
Computer Standards & Interfaces
Information and Software Technology
Applying a security requirements engineering process
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
Hi-index | 0.00 |
The University of Pittsburgh is at the midpoint of a three-year strategic plan focused on information technology. Our strategic direction is based on a tiered model consisting of these layers: network infrastructure, middleware, Web infrastructure, and the set of applications and services that can be provided to our user community. As applications and services become increasingly more complex, there is a greater potential for security breaches that must be adequately addressed.The ability for students and faculty to share data and collaborate on projects is of utmost importance to any higher education institution. A large, multidisciplinary institution such as the University of Pittsburgh must be able to find an effective balance between the need to provide people in the local, national, and international communities with access to information and the need to protect sensitive information from unauthorized access and misuse.The subject of information security has received a great deal of attention within academia before and after the events of September 11, 2001. Federal regulations such as the HIPAA legislation protecting patient data, the USA PATRIOT Act, and the Digital Millennium Copyright Act all have significant impact. The complexities involved in developing adequate security plans have resulted in the development of the ISO 17799 standard, used widely in security plan development.A University-wide security plan is under development that, when completed, will address security at all levels. This comprehensive security plan will cover policies, business practice changes, and user awareness concerns. This presentation focuses on the process that is underway to identify security issues and to design and implement a comprehensive security plan that maintains an open academic environment and fully addresses relevant legislation and best practice models.