Proceedings of the 2nd IFIP international conference on Computer security: a global challenge
Computer security: a comprehensive controls checklist
Computer security: a comprehensive controls checklist
Designing information systems security
Designing information systems security
The schematic protection model: its definition and analysis for acyclic attenuating schemes
Journal of the ACM (JACM)
Critical issues in information systems research
Can the field of MIS be disciplined?
Communications of the ACM
A survey of password mechanisms: weaknesses and potential improvement, part 1
Computers and Security
User authentication by cognitive passwords: an empirical assessment
JCIT Proceedings of the fifth Jerusalem conference on Information technology
Systems development in information systems research
Journal of Management Information Systems - Special issue on management support systems
Covert Flow Trees: A Visual Approach to Analyzing Covert Storage Channels
IEEE Transactions on Software Engineering
A Uniform Presentation of Confidentiality Properties
IEEE Transactions on Software Engineering
Information systems security design methods: implications for information systems development
ACM Computing Surveys (CSUR)
Database security
IEEE Spectrum
State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
Specification and Validation of a Security Policy Model
IEEE Transactions on Software Engineering
Design and natural science research on information technology
Decision Support Systems - Special issue on WITS '92
Role-Based Access Control Models
Computer
Authentication, access control, and audit
ACM Computing Surveys (CSUR)
A Methodology for Testing Intrusion Detection Systems
IEEE Transactions on Software Engineering
Secure electronic commerce: building the infrastructure for digital signatures and encryption
Secure electronic commerce: building the infrastructure for digital signatures and encryption
Security in unattended computing labs—safeguarding users as well as machines
SIGUCCS '93 Proceedings of the 21st annual ACM SIGUCCS conference on User services
Web security & commerce
A practical solution to the complex human issues of information security design
Information systems security
A framework for dealing with and specifying security requirements in information systems
Information systems security
The ARBAC97 model for role-based administration of roles: preliminary description and outline
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Smart card security and applications
Smart card security and applications
Internet besieged
Java security: Web browsers and beyond
Internet besieged
A taxonomy for key recovery encryption systems
Internet besieged
Security when outsourcing: concepts, constructs, compliance
SEC'97 Proceedings of the IFIP TC11 13 international conference on Information Security (SEC '97) on Information security in research and business
Technical trials and legal tribulations
Communications of the ACM
Fighting computer crime: a new framework for protecting information
Fighting computer crime: a new framework for protecting information
Crowds: anonymity for Web transactions
ACM Transactions on Information and System Security (TISSEC)
Firewalls fend off invasions from the Net
IEEE Spectrum
Diversity in information systems action research methods
European Journal of Information Systems
Modelling data secrecy and integrity
Data & Knowledge Engineering
Viewpoint: choosing appropriate information systems research methodologies
Communications of the ACM
Symmetric and Asymmetric Encryption
ACM Computing Surveys (CSUR)
Shared resource matrix methodology: an approach to identifying storage and timing channels
ACM Transactions on Computer Systems (TOCS)
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Protection in operating systems
Communications of the ACM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Raising the Bar on Software Security Testing
IT Professional
Protecting Digital-Image Copyrights: A Framework
IEEE Computer Graphics and Applications
Digital Watermarking: From Concepts to Real-Time Video Applications
IEEE Computer Graphics and Applications
Watermarking 3D Objects for Verification
IEEE Computer Graphics and Applications
Lattice-Based Access Control Models
Computer
Computer
Biometrics: A New Era in Security
Computer
Computer
Java Security: Present and Near Future
IEEE Micro
IEEE Internet Computing
A Policy Based Role Object Model
EDOC '97 Proceedings of the 1st International Conference on Enterprise Distributed Object Computing
Privilege Graph: an Extension to the Typed Access Matrix Model
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
An Approach for Mobile Agent Security and Fault Tolerance using Distributed Transactions
ICPADS '97 Proceedings of the 1997 International Conference on Parallel and Distributed Systems
Working Group Report on Internet/Intranet Security
WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Secure Mobile IP using IP Security Primitives
WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Information Security Awareness - Selling the Cause
IFIP/Sec '92 Proceedings of the IFIP TC11, Eigth International Conference on Information Security: IT Security: The Need for International Cooperation
Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures
Policies for Construction of Information Systems' Security Guidelines: Five Approaches
Proceedings of the IFIP TC11 Fifteenth Annual Working Conference on Information Security for Global Information Infrastructures
A Paradigmatic Analysis Contrasting Information Systems Development Approaches and Methodologies
Information Systems Research
ACM SIGOPS Operating Systems Review
An Evaluation of the Java Security Model
ACSAC '96 Proceedings of the 12th Annual Computer Security Applications Conference
Modeling Secure and Fair Electronic Commerce
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
A Language for Modeling Secure Business Transactions
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
An Abstract Authorization System for the Internet
DEXA '98 Proceedings of the 9th International Workshop on Database and Expert Systems Applications
Addressing Security Issues in Programming Languages for Mobile Code
DEXA '98 Proceedings of the 9th International Workshop on Database and Expert Systems Applications
Optimal authentication protocols resistant to password guessing attacks
CSFW '95 Proceedings of the 8th IEEE workshop on Computer Security Foundations
Process Algebra and Non-interference
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
A Software Platform for Secure Applications based on CORBA
FTDCS '97 Proceedings of the 6th IEEE Workshop on Future Trends of Distributed Computing Systems
An Analysis of Ethics as Foundation of Information Security in Distributed Systems
HICSS '98 Proceedings of the Thirty-First Annual Hawaii International Conference on System Sciences-Volume 6 - Volume 6
SDNE '96 Proceedings of the 3rd Workshop on Services in Distributed and Networked Environments (SDNE '96)
Blocking Java Applets at the Firewall
SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
Probable Plaintext Cryptanalysis of the IP Security Protocols
SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
Managing Network Security - A Pragmatic Approach
SRDS '98 Proceedings of the The 17th IEEE Symposium on Reliable Distributed Systems
Security in the Large: Is Java's Sandbox Scalable?
SRDS '98 Proceedings of the The 17th IEEE Symposium on Reliable Distributed Systems
Role-based security for distributed object systems
WET-ICE '96 Proceedings of the 5th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'96)
Modelling Static and Dynamic Aspects of Hypermedia Systems
ICMCS '97 Proceedings of the 1997 International Conference on Multimedia Computing and Systems
Managing information systems security: a soft approach
ISCNZ '96 Proceedings of the 1996 Information Systems Conference of New Zealand (ISCNZ '96)
WWW Distribution of Private Information with Watermarking
HICSS '99 Proceedings of the Thirty-second Annual Hawaii International Conference on System Sciences-Volume 5 - Volume 5
Cost-Effective Computer Security: Cognitive and Associative Passwords
OZCHI '96 Proceedings of the 6th Australian Conference on Computer-Human Interaction (OZCHI '96)
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
A security policy model for clinical information systems
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Analyzing consistency of security policies
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Developing Internet Security Policy for Organizations
HICSS '97 Proceedings of the 30th Hawaii International Conference on System Sciences: Information Systems Track—Internet and the Digital Economy - Volume 4
A Generic Virus Detection Agent on the Internet
HICSS '97 Proceedings of the 30th Hawaii International Conference on System Sciences: Information Systems Track—Internet and the Digital Economy - Volume 4
Viewing business-process security from different perspectives
International Journal of Electronic Commerce - Special issue: Developing the business components of the digital economy
Tamper resistance: a cautionary note
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
A Dynamic Framework for Classifying Information Systems Development Methodologies and Approaches
Journal of Management Information Systems
On the limits of steganography
IEEE Journal on Selected Areas in Communications
BPEL4RBAC: An Authorisation Specification for WS-BPEL
WISE '08 Proceedings of the 9th international conference on Web Information Systems Engineering
Video steganography for confidential documents: integrity, privacy and version control
Proceedings of the 26th annual ACM international conference on Design of communication
The curse of ease of access to the internet
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Information security culture: a behaviour compliance conceptual framework
AISC '10 Proceedings of the Eighth Australasian Conference on Information Security - Volume 105
| Hi-index | 0.00 |
This paper identifies four security issues (access to Information Systems, secure communication, security management, development of secure Information Systems), and examines the extent to which these security issues have been addressed by existing research efforts. Research contributions in relation to these four security issues are analyzed from three viewpoints: a meta-model for information systems, the research approaches used, and the reference disciplines used. Our survey reveals that most information security research has focused on the technical context, and on issues of access to IS and secure communication. The corresponding security issues have been resolved by using mathematical approaches as a research approach. The reference disciplines most commonly reflected have been mathematics, including philosophical logic. Based on this analysis, we suggest new directions for studying information security from an information systems viewpoint, with respect to research methodology and research questions. Empirical studies in relation to the issues of security management and the development of secure IS, based on suitable reference theories (e.g., psychology, sociology, semiotics, and philosophy), are particularly necessary.