<title>Enterprise systems security management: a framework for breakthrough protection</title>

Web service is becoming an important area of business processing and research for enterprise systems. Various Web service providers currently offer diverse computing services ranging from entertainment, finance, and health care to real-time application. With the widespread proliferation of Web Services, not only delivering secure services has become a critical challenge for the service providers, but users face constant challenges in selecting the appropriate Web services for their enterprise application systems. Security has become an important issue for information systems (IS) managers for a secure integration of Web services with their enterprise systems. Security is one of the determining factors in selecting appropriate Web services. The need for run-time composition of enterprise systems with third-party Web services requires a careful selection process of Web services with security assurances consistent with the enterprise business goal. Selection of appropriate Web services with required security assurances is essentially a problem of choice among several alternative services available in the market. The IS managers have little control of the actual security behavior of the third-party Web services, however, they can control the selection of right services which could likely comply their security requirements. Selecting third-party Web services arbitrarily over the Internet is critical as well as risky.

Download Full-text

A Decision Support System for Selecting Secure Web Services

Encyclopedia of Decision Making and Decision Support Technologies ◽

10.4018/978-1-59904-843-7.ch024 ◽

2011 ◽

pp. 211-217 ◽

Cited By ~ 1

Author(s):

Khaled M. Khan

Keyword(s):

Web Services ◽

Web Service ◽

Service Providers ◽

Selection Process ◽

Enterprise Systems ◽

Third Party ◽

Security Requirements ◽

Enterprise Application ◽

Systems Security ◽

Selection Of

Web service is becoming an important area of business processing and research for enterprise systems. Various Web service providers currently offer diverse computing services ranging from entertainment, finance, and health care to real-time application. With the widespread proliferation of Web Services, not only delivering secure services has become a critical challenge for the service providers, but users face constant challenges in selecting the appropriate Web services for their enterprise application systems. Security has become an important issue for information systems (IS) managers for a secure integration of Web services with their enterprise systems. Security is one of the determining factors in selecting appropriate Web services. The need for run-time composition of enterprise systems with third-party Web services requires a careful selection process of Web services with security assurances consistent with the enterprise business goal. Selection of appropriate Web services with required security assurances is essentially a problem of choice among several alternative services available in the market. The IS managers have little control of the actual security behavior of the third-party Web services, however, they can control the selection of right services which could likely comply their security requirements. Selecting third-party Web services arbitrarily over the Internet is critical as well as risky.

Download Full-text

Information systems security: Management success factors

Computers & Security ◽

10.1016/0167-4048(87)90066-6 ◽

1987 ◽

Vol 6 (4) ◽

pp. 314-320 ◽

Cited By ~ 11

Author(s):

Charles Cresson Wood

Keyword(s):

Information Systems ◽

Success Factors ◽

Security Management ◽

Information Systems Security ◽

Systems Security

Download Full-text

Mini track: 'information systems security management'

37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the ◽

10.1109/hicss.2004.1265442 ◽

2004 ◽

Author(s):

M. Siponen ◽

G. Dhillon

Keyword(s):

Information Systems ◽

Security Management ◽

Information Systems Security ◽

Systems Security

Download Full-text

An integral framework for information systems security management

Computers & Security ◽

10.1016/s0167-4048(03)00413-9 ◽

2003 ◽

Vol 22 (4) ◽

pp. 337-360 ◽

Cited By ~ 34

Author(s):

Denis Trèek

Keyword(s):

Information Systems ◽

Security Management ◽

Information Systems Security ◽

Systems Security

Download Full-text

Conceptualizing the Domain and an Empirical Analysis of Operations Security Management

10.4018/978-1-6684-3698-1.ch025 ◽

2022 ◽

pp. 533-560

Author(s):

Winfred Yaokumah

Keyword(s):

Information Systems ◽

Empirical Analysis ◽

Security Management ◽

Information Systems Security ◽

Computing Environment ◽

Maturity Level ◽

Security Controls ◽

Systems Security ◽

Level 3 ◽

State Of Practice

Operations security management integrates the activities of all the information systems security controls. It ensures that the entire computing environment is adequately secured. This chapter conducts an in-depth review of scholarly and practitioner works to conceptualize the domain of operations security management. Drawing upon the existing information systems security literature, the chapter classifies operations security management into 10 domains. Following, the chapter performs an empirical analysis to investigate the state-of-practice of operations security management in organizations. The findings show that the maturity level of operations security management is at the Level 3 (well-defined). The maturity levels range from Level 0 (not performed) to Level 5 (continuously improving). The results indicate that operations security processes are documented, approved, and implemented organization-wide. Backup and malware management are the most applied operations security controls, while logging, auditing, monitoring, and reviewing are the least implemented controls.

Download Full-text