Security for enterprise resource planning systems

Information Systems Security

Volumn 16, Issue 3, 2007, Pages 152-163

  She, Wei ^a   Thuraisingham, Bhavani ^a  

^a UNIVERSITY OF TEXAS AT DALLAS   (United States)

Author keywords

Authorization; Enterprise Resource Planning; Exchange infrastructure; Policies; RBAC; Web services

Indexed keywords

EID: 84995946668     PISSN: 1065898X     EISSN: None     Source Type: Journal    
DOI: 10.1080/10658980701401959     Document Type: Article

References (29)

1. Bakry, A. H. and Bakry, S. H. (2005). –Enterprise resource planning - a review and a STOPE view,— International Journal of Network Management 15. pp. 363-370.
2. Bertino, E. (2004). –Security for Web Services,— Proceedings IEEE Web Services Conferences.
3. Bertino, E., Carminati, B., Ferrari, E., Thuraisingham, B., and Gupta, A. (2004). –Selective and Authentic Third-Party Distribution of XML Documents,— IEEE Transactions on Knowledge and Data Engineering, 16(10): 1263-1278.
4. Glass, R. L. (1998). –Enterprise Resource Planning - Breakthrough or Term Problem,— The Database for Advances in Information Systems, 29:2.
5. Goodman, E. (2004). –Security Evaluation and Management for the SAP R/3 Environment,— GSEC Certification Practical.
6. Iacovou, L., Benbasat, I., and Dexter, A. S. (1995). –Electronic Data Interchange and Small Organizations: Adoption and Impact of Technology,— MIS Quarterly, 19: 4, pp. 465-485.
7. Jayaweera, P., Johannesson, P., and Wohed, P. (2001). –Collaborative Process Patterns for e-Business,— Sig group Bulletin, 22:2.
8. Kern, A., Kuhlmann, M., Schaad, A., and Moffett, J. (2002). –Observations on the Role Life-Cycle in the Context of Enterprise Security Management,— SACMAT'02, June 3-4.
9. Kumar, K. and van Hillegersberg, J. (2000). –ERP Experiences and Evolution.— Communications of the ACM, Vol. 43. No. 4.
10. Nagpal, A., de Bruyn, G. M., and Lyfareff, R. (1999). ALE, EDI & IDoc Technologies for SAP pp. 6-20, 376-384. Prima Publishing.
11. Park, J. and Sandhu, R. (2004). –The UCONABC Usage Control Model,— ACM Transactions on Information and System Security, 7: 1.
12. Rashid, M., Hossain, L., and Patrick, J. D. (2002). –The Evolution of ERP Systems: A Historical Perspective.— http://jobfunctions.bnet.com.
13. Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E. (1996). –Role-Based Access Control Models,— IEEE Comput., 29: 2.
14. Schaad, A. (2006). –Panel: Security in Enterprise Resource Planning Systems and Service-Oriented Architectures,— SACMAT'06, June 7-9.
15. Shehab, E. M., Sharp, M. W., Supramaniam, L., and Spedding, T. A. (2004). –Enterprise resource planning - an integrative review,— Business Process Management Journal, 10:4, pp. 359-386.
16. Sprott, D. (2000). –Componentizing the Enterprise Application Packages,— Communications of the ACM, 43:4.
17. Thuraisingham, B. (2005). –Security Standards for the Semantic Web,— Computer Standards and Interfaces Journal, 27(3): 257-268.
18. Thuraisingham, B. (2005). Database and Applications Security, Integrating Information Security and Data Management, pp. 2-19. Auerbach Publications.
19. Thuraisingham, B. (2006). –Assured Information Sharing,— UTD Technical Report.
20. Valente, G. (1999). –Baan Application Security,— ISACA Spring Conference.
21. van de Riet, R., Janssen, W., and de Gruijter, P. (1998). –Security Moving from Database Systems to ERP Systems.— Database and Expert Systems Applications, Proceedings, pp. 273-280, August.
22. W3C. (2006). –Extensible Markup Language (XML) 1.0 (Fourth Edition).— http://www.w3.org/TR/2006/REC-xml-20060816/
23. W3C. (2004). –XML Schema Part 0: Primer Second Edition.— http:// www.w3.org/TR/xmlschema-0/.
24. W3C. (2004). –XML Schema Part 1: Structures Second Edition.— http:// www.w3.org/TR/xmlschema-1/.
25. W3C. (2004). –XML Schema Part 2: Data types Second Edition.— http:// www.w3.org/TR/xmlschema-2/.
26. White Paper. (2002). SAP Exchange Infrastructure 2.0, SAP AG and Sun Microsystems.
27. White Paper. (2000). –Authorizations Made Easy User Role Templates and Generating Authorization Profiles.— Release 4.6A/B. SAP AG.
28. White Paper. (2002). –SAP R/3 Enterprise (version 1.0)—. SAP AG.
29. White Paper. (2002). –SAP Exchange Infrastructure 2.0 Technical Infrastructure— SAP AG.