Perceptions of security contributing to the implementation of secure IS

IFIP Advances in Information and Communication Technology

Volumn 122, Issue , 2003, Pages 313-324

  Tryfonas, Theodore ^a   Kiountouzis, Evangelos ^a  

^a ATHENS UNIVERSITY OF ECONOMICS AND BUSINESS   (Greece)

Author keywords

Information systems implementation; Is security integration; Metaphors; Security perceptions

Indexed keywords

INFORMATION SYSTEMS;

DEVELOPMENT PRACTICES; INFORMATION SYSTEMS IMPLEMENTATION; METAPHORS; SECURITY OBJECTIVES; SECURITY REQUIREMENTS; SYSTEMS DEVELOPMENT; THEORETICAL DESIGN; THEORETICAL FRAMEWORK;

SECURITY OF DATA;

EID: 84904349582     PISSN: 18684238     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-0-387-35691-4     Document Type: Conference Paper

References (25)

1. Anderson, R.J. (1993), "Why cryptosystems fail", Communications of the ACM, Vol. 37, No 11, pp. 32-44.
2. Backhouse, J. and Dhillon, G. (1996), "Structures of responsibilities and security of information systems", European Journal of Information Systems, Vol. 5, No 1, pp. 2-10.
3. Baskerville, R. (1993), "Information Systems Security Design Methods: Implications for Information Systems Development", ACM Computing Surveys, Vol. 25, No. 4, pp. 375-414.
4. Boland, R.J. (1989), "Metaphorical traps in developing information systems for human progress", in Klein, H.K. and Kumar, K. (Eds.), Systems Development for Human Progress, Elsevier Science Publishers, pp.277-290.
5. Chadwick, D.W. and Basden, A. (2001), "Evaluating Trust in a Public Key Certification Authority", Computers & Security, Vol. 20, No 7, pp. 592-611.
6. Dhillon, G. and Moores, S. (2001), "Computer crimes: theorizing about the enemy within", Computers & Security, Vol. 20, No 8, pp. 715-723.
7. Eloff, M., and Von Solms, B. (2000), "Information Security: Process Evaluation and Product Evaluation", in Qing, S. and Eloff, J. (Eds.), Information Security for Global Information Infrastructures, Kluwer Academic Publishers, pp. 11-19.
8. Finne, T. (1998), "A conceptual framework for information security management", Computers & Security, Vol 17, pp. 303-307.
9. Fitzgerald, B. (1998), "An empirical investigation into the adoption of systems development methodologies", Information & Management, Vol. 34, pp. 317-328.
10. Frosdick, S. and Odell, A. (1996), "Practical management of programme risk: the case of the National Strategy for Police Information Systems for England and Wales", Information Management & Computer Security, Vol. 4, No 5, pp. 24-33.
11. Hitchings, J. (1995a), "Deficiencies of the traditional approach to information security and the requirements for a new methodology", Computers & Security, Vol. 14, pp. 377-83.
12. Hitchings, J. (1995b), "Achieving an Integrated Design: The Way Forward for Information Security", in Eloff, J. and von Solms, S. (Eds.), Information Security - the next decade, Chapman & Hall, pp. 369-383.
13. Liechtenstein, S. (1996), "Factors in the selection of a risk assessment method", Information Management & Computer Security, Vol. 4, No 4, pp. 20-25.
14. Morgan, G. (1997), Images of Organization, 2nd Ed., SAGE Publications, California.
15. Muir, S. (1997), "After the break-in occurs: How to handle the student hacker", Library High Tech, Vol. 15, No 1&2, pp. 92-95.
16. Siponen, M. (2001), "An Analysis of the Recent IS Security Development Approaches: Descriptive and Prescriptive Implications", in Dhillon, G. (Ed.), Information Security Management: Global Challenges in the New Millennium, Idea Group Publishing, pp. 101-124.
17. Siponen, M. and Baskerville, R. (2001), "A New Paradigm for Adding Security Into IS Development Methods", in Eloff, J.H.P. et al. (Eds.), Advances in Information Security Management & Small Systems Security, Kluwer Academic Publishers.
18. Smith, E. and Eloff, J.H.P. (2001), "Transaction Based Risk Analysis - Using Cognitive Fuzzy Techniques", in Eloff, J.H.P. et al. (Eds.), Advances in Information Security Management & Small Systems Security, Kluwer Academic Publishers.
19. Spinellis, D., Kokolakis, S. and Gritzalis, S. (1999), "Security requirements, risks, and recommendations for small enterprise and home-office environments", Information Management & Computer Security, Vol. 7, No 3, pp. 121-128.
20. Spurling, P. (1995), "Promoting security awareness and commitment", Information Management & Computer Security, Vol. 3, No 2, pp. 20-26.
21. Tryfonas, T. and Kiountouzis, E. (2002), "IS security and the IS development project: Towards a framework for their integration", in Ghonaimy, M. et al. (Eds.), Security in the Information Society: Visions and Perspectives, Kluwer Academic Publishers, pp. 347-356.
22. Walsham, G. (1991), "Organisational metaphors and information systems research", European Journal of Information Systems, Vol. 1, No. 2, pp. 83-94.
23. Walsham, G. (1995), "Interpretive case studies in IS research: nature and method", European Journal of Information Systems, Vol. 4, pp. 74-81.
24. Wood, C.C. and Snow, K. (1995), "ISO 9000 and Information Security", Computers & Security, Vol. 14, pp. 287-288.
25. Yngstróm, L. (1996), "A holistic approach to IT security", in Eloff, J. and von Solms, S. (Eds.), Information Security - The Next Decade, Chapman & Hall, London.