Wednesday, 15 December 2010

nice qutes

An Empirical Evaluation of Information Security Awareness Levels in Designing Secure Business Process. 2009
by Fergle D’Aubeterre, Lakshmi S. Iyer, and Rahul Singh:
 
"Information Security is critical to ensuring the integrity and credibility of digitally exchanged information in business    processes".

BPM "development methodology that considers security requirements in the early phases (modeling, and requirments collecting) of systems development is essential" for information security.

"information security awareness should be present in the requirements gathering phase, so that analysts become more aware of security constraints and possible violations resulting into secure business processes".

the 2006 CSI/FBI Computer Crime and Security Survey identified that authorization violations are the second largest cause of economic losses (Gordon et al., 2006).

security should be embedded into the overall information systems development and not added as an afterthought (Mouratidis et al. 2009).

Existing work is mainly focused either on the technical or the social aspect of considering security, and approaches are usually applicable only to certain development stages (Mouratidis et al. 2009).


No comments:

Post a Comment