INTEGRATING SECURITY AND PRIVACY ISSUES IN SYSTEM DESIGN

Jan Guynes Clark, Nicole Beebe, Andrew G. Kotulic

2004

Abstract

Security and privacy issues are often an afterthought when it comes to system design. However, failure to address these issues during analysis and design could result in catastrophic effects. We propose a conceptual model for creating subsystems of security and privacy that are integral parts of the overall system architecture.

References

  1. Cowens, B.: The Security Threat Inside: Building an Awareness Program and Effectively Training Your Staff. The ISSA Journal. November 2003. 10-12.
  2. Lawton, G.: Invasive Software: Who's Inside Your Computer? Computer. July 2002. 15- 18.
  3. Main Outcomes of the Technical Workshop on Privacy-Enhancing Technologies 4 July 2003. http://europa.eu.int/comm/internal_market/privacy/docs/lawreport/pet/200304-petoutcome_en.pdf
  4. Mathur, Sanjay.: Builing an Inside-Out Privacy Compliance Framework. The ISSA Journal. December 2003. 14-17.
  5. Noor, A.: Dealing with data Privacy Regulations and SB-1386. The ISSA Journal. May 2003. 8-10.
  6. Raval, V. Guidelines for Compliance with Sarbanes-Oxley. EDPACS . January 2004. 14- 20.
  7. Rechtin, E.: Systems Architecting: Creating and Building Complex Systems, Prentice Hall, New York 1991.
  8. Taylor, Humphrey. Most People Are “Privacy Pragmatists” Who, While Concerned About Privacy, will Sometimes Trade it Off for Other Benefits. The Harris Poll # 17, March 19, 2003. Http://www.harrisinteractive.com/harris_poll/.
  9. The Open Web Application Security Project (OWASP). January 13, 2003. The Ten Most Critical Web Application Security Vulnerabilities. http://www.owasp.org.
Download


Paper Citation


in Harvard Style

Guynes Clark J., Beebe N. and G. Kotulic A. (2004). INTEGRATING SECURITY AND PRIVACY ISSUES IN SYSTEM DESIGN . In Proceedings of the 2nd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2004) ISBN 972-8865-07-4, pages 33-46. DOI: 10.5220/0002659400330046


in Bibtex Style

@conference{wosis04,
author={Jan Guynes Clark and Nicole Beebe and Andrew G. Kotulic},
title={INTEGRATING SECURITY AND PRIVACY ISSUES IN SYSTEM DESIGN},
booktitle={Proceedings of the 2nd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2004)},
year={2004},
pages={33-46},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002659400330046},
isbn={972-8865-07-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2004)
TI - INTEGRATING SECURITY AND PRIVACY ISSUES IN SYSTEM DESIGN
SN - 972-8865-07-4
AU - Guynes Clark J.
AU - Beebe N.
AU - G. Kotulic A.
PY - 2004
SP - 33
EP - 46
DO - 10.5220/0002659400330046