Security analysis of Internet technology components enabling globally distributed workplaces

Security analysis of Internet technology components enabling globally distributed workplaces—a framework

Published:2008-09 Issue:4 Volume:8 Page:1-38
ISSN:1533-5399
Container-title:ACM Transactions on Internet Technology
language:en
Short-container-title:ACM Trans. Internet Technol.

Author:

Gupta Manish¹,Banerjee Shamik²,Agrawal Manish³,Rao H. Raghav⁴

Affiliation:

1. M&T Bank Corporation, Buffalo, NY

2. Conagra Foods Inc., Omaha, NB

3. University of South Florida, Tampa, FL

4. State University of New York, Buffalo, NY

Abstract

As organizations increasingly operate, compete, and cooperate in a global context, business processes are also becoming global to propagate the benefits from coordination and standardization across geographical boundaries. In this context, security has gained significance due to increased threats, as well as legislation and compliance issues. This article presents a framework for assessing the security of Internet technology components that support a globally distributed workplace. Four distinct information flow and design architectures are identified based on location sensitivities and placements of the infrastructure components. Using a combination of scenarios, architectures, and technologies, the article presents the framework of a development tool for information security officers to evaluate the security posture of an information system. To aid managers in better understanding their options to improve security of the system, we also propose a three-dimensional representation, based on the framework, for embedding solution alternatives. To demonstrate its use in a real-world context, the article also applies the framework to assess a globally distributed workforce application at a northeast financial institution.

Funder

National Science Foundation

Publisher

Association for Computing Machinery (ACM)

Subject

Computer Networks and Communications

Link

https://dl.acm.org/doi/pdf/10.1145/1391949.1391951

Reference43 articles.

1. Agrawal M. Kuo C.-J. Nam K. and Rao H. R. 2003. Electronic commerce infrastructure. Encyclopedia of Information Systems H. Bidgoli ed. Academic Press 29--46. Agrawal M. Kuo C.-J. Nam K. and Rao H. R. 2003. Electronic commerce infrastructure. Encyclopedia of Information Systems H. Bidgoli ed. Academic Press 29--46.

2. A Systematic Approach toward Assessing the Value of an Information System

3. Alberts C. and Dorofee A. 2002. Managing Information Security Risks The OCTAVE Approach. Addison Wesley Longman. Alberts C. and Dorofee A. 2002. Managing Information Security Risks The OCTAVE Approach. Addison Wesley Longman.

4. Bass L. Clements P. and Kazman R. 2003. Software Architecture in Practice. Addison Wesley Longman. Bass L. Clements P. and Kazman R. 2003. Software Architecture in Practice. Addison Wesley Longman.

Cited by 13 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Toward Systematizing Hot Fixing for Production Software;Companion Proceedings of the 32nd ACM International Conference on the Foundations of Software Engineering;2024-07-10

2. Hot Patching Hot Fixes: Reflection and Perspectives;2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE);2023-09-11

3. How are financial institutions enabling online fraud? A developmental online financial fraud policy review;Journal of Financial Crime;2023-01-17

4. Shall we follow? Impact of reputation concern on information security managers’ investment decisions;Computers & Security;2020-10

5. Time to payoff: Efficacy of analyst recommendations in the Indian stock market;IIMB Management Review;2020-06