Structures of responsibility and security of information systems

European Journal of Information Systems

Volumn 5, Issue 1, 1996, Pages 2-9

  Backhouse, J ^a   Dhillon, G ^b  

^a LONDON SCHOOL OF ECONOMICS   (United Kingdom)

^b CRANFIELD UNIVERSITY   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

EID: 21344459955     PISSN: 0960085X     EISSN: 14769344     Source Type: Journal    
DOI: 10.1057/ejis.1996.7     Document Type: Article

References (45)

1. ADAM NR and WORTMANN JC (1989) Security-control methods for statistical databases: a comparative study. ACM Computing Surveys 21(4), 515-556.
2. AFIPS (American Federation of Information Processing Societies) (1979) Security: checklist for computer center self audits. AFIPS Press, Arlington, Va.
3. AUSTIN JL (1962) How to do things with words. Harvard University Press, Cambridge, MA.
4. BACKHOUSE J (1991) The use of semantic analysis in the development of information systems. Ph D Diss London School of Economics, University of London.
5. BACKHOUSE J and DHILLON G (1995) Managing computer crime: a research outlook. Computers & Security 14(7), 645-651.
6. BASKERVILLE R (1988) Designing information systems security. John Wiley & Sons, New York.
7. BASKERVILLE R (1991) Risk analysis: an interpretive feasibility tool in justifying information systems security. European Journal of Information Systems 1(2), 121-130.
8. BECK U (1992) Risk Society. Sage, London.
9. BELL D and PADULA L (1976) Secure computer Systems: unified exposition and multics interpretation. MITRE Corporation, Bedford.
10. BEQUAI A (1987) Technocrimes the computerisation of crime and terrorism. Lexington Books, MA.
11. BIRCH D and MCEVOY N (1992) Risk analysis for information systems. Journal of Information Systems 7(1), 44-53.
12. BOOCKHOLDT JL (1987) Security and integrity controls for microcomputers: a summary analysis. Information and Management 13(1), 33-41.
13. BUCHANAN J and LINOWES R (1980) Understanding distributed data processing. Harvard Business Review (July/August), 143-153.
14. CHOKHANI S (1992) Trusted products evaluation. Communications of ACM 35(7), 66-76.
15. CLEMENTS DP (1977) Fuzzy ratings for computer security evaluation. Ph D Diss. University of California, Berkeley.
16. COURTNEY R (1977) Security risk analysis in electronic data processing. In AFIPS Conference Proceedings NCC. pp 97-104. AFIPS Press, Arlington Va.
17. DEMARCO T (1978) Structural analysis and system specification. Your- don Press, New York.
18. DOBSON J (1990) A methodology for analysing human and computer- related issues in secure systems. In Sixth IFIP International Conference on Computer Security and Information Integrity. (K DITTRICH, S RAUTAKIVI and J SAARI, Ed), IFIP/Sec ’90. pp 151-170. Espoo (Helsinki), Finland: North-Holland.
19. FISHER R (1984) Information systems security. Prentice-Hall, Englewood Cliffs.
20. GALLEGOS F (1987) Audit and control of information systems. South-Western, Cincinnati.
21. GIBSON JJ (1977) The theory of affordances: In Perceiving, acting and knowing. R SHAW and J BRANSFORD (Eds), Lawrence Erlbaum Associates, Publishers, Hillsdale, NJ.
22. HIGHLAND H (1985) Microcomputer security: data protection techniques. Computers and Security 4 (June), 517-531.
23. HOFFMAN J (1978) SECURATE - Security evaluation and analysis using fuzzy metrics. AFIPS National Conference Proceedings 47 531-540.
24. HSIAO D (1979) Computer security. Academic Press, New York.
25. LANE VP (1985) Security of computer based information systems. Macmillan, London.
26. LIEBENAU J and BACKHOUSE J (1990) Understanding information. Macmillan, London.
27. LOCH KD (1992) Threats to information systems: today’s reality, yesterday’s understanding. MIS Quarterly 16(2), 173-186.
28. LONGLEY D (1991) Formal methods of secure systems. In Information security handbook. (W CAELLI, D LONGLEY and M SHAIN, Eds), pp 707-798. Stockton Press, New York.
29. MANNING P (1992) Organisational communication. Aldine de Gruyter, New York.
30. MCLEEN J (1990) Specification and modelling of computer security. Computer 23(1), 9-16.
31. MERTEN A (1982) Putting information assets on a balance sheet. Risk Management 29(1), 12-14, 16.
32. MORGAN G (1986) Images of organisations. Sage Publications, Newbury Park, CA.
33. NORMAN A (1983) Computer insecurity. Chapman and Hall, London.
34. PARKER D (1981) Computer security management. Reston Publishing, Reston.
35. SALTMARSH T and BROWNE P (1983) Data processing - risk assessment. In Advances in computer security management (M WOFSEY, Eds), pp 93-116. John Wiley & Sons, Chichester.
36. SEARLE JR (1987) Speech acts: an essay in the philosophy of language. Cambridge University Press, New York.
37. SHAVER KG (1985) The attribution of blame: causality, responsibility and blameworthiness. Springer-Verlag, New York.
38. STAMPER RK (1988) Semantic normal form? In Meaning: the frontier of informatics. (KP JONES Ed) ASLIB, London.
39. TURN R (1982) Privacy protection in the 80s. In IEEE Symposium in Security and Privacy. AFIPS Press, Silver Srings, MD.
40. WALSHAM G (1991) Organisational metaphors and information systems research. European Journal of Information Systems 1(2), 83-94.
41. WARMAN A (1993) Computer security within organisations. Macmillan, London.
42. WEBER R (1982) EDP Auditing: conceptual foundations and practice. McGraw-Hill, New York.
43. WILLCOCKS L and MARGETTS H (1994) Risk assessment and information systems. European Journal of Information Systems 3(2), 127-139.
44. WITHINGTON FG (1980) Coping with computer proliferation. Harvard Business Review (May/June), 152-164.
45. WONG K (1977) Risk analysis and control. National Computing Centre, Manchester.