A review of information security issues and respective research contributions-Reference-Cited by-同舟云学术

A review of information security issues and respective research contributions

Published:2007-02-28 Issue:1 Volume:38 Page:60-80
ISSN:0095-0033
Container-title:ACM SIGMIS Database: the DATABASE for Advances in Information Systems
language:en
Short-container-title:SIGMIS Database

Author:

Siponen Mikko T.¹,Oinas-Kukkonen Harri¹

Affiliation:

1. University of Oulu

Abstract

This paper identifies four security issues (access to Information Systems, secure communication, security management, development of secure Information Systems), and examines the extent to which these security issues have been addressed by existing research efforts. Research contributions in relation to these four security issues are analyzed from three viewpoints: a meta-model for information systems, the research approaches used, and the reference disciplines used. Our survey reveals that most information security research has focused on the technical context, and on issues of access to IS and secure communication. The corresponding security issues have been resolved by using mathematical approaches as a research approach. The reference disciplines most commonly reflected have been mathematics, including philosophical logic. Based on this analysis, we suggest new directions for studying information security from an information systems viewpoint, with respect to research methodology and research questions. Empirical studies in relation to the issues of security management and the development of secure IS, based on suitable reference theories (e.g., psychology, sociology, semiotics, and philosophy), are particularly necessary.

Publisher

Association for Computing Machinery (ACM)

Subject

Computer Networks and Communications,Management Information Systems

Link

https://dl.acm.org/doi/pdf/10.1145/1216218.1216224

Reference198 articles.

1. A higher level of computer security through active policies

2. Abrams M. D. and Podell H. J. (1995). "Evaluation Issues " in Abrams M.D. Jajodia S. and Podell H.J. (Eds.) Information Security - An Integrated Collection of Essays Los Alamitos CA: IEEE Computer Society Press. Abrams M. D. and Podell H. J. (1995). "Evaluation Issues " in Abrams M.D. Jajodia S. and Podell H.J. (Eds.) Information Security - An Integrated Collection of Essays Los Alamitos CA: IEEE Computer Society Press.

3. The theory of planned behavior

4. Anderson R. (1996). "A Security Policy Model for Clinical Information Systems " Proceedings of the 1996 IEEE Symposium on Security and Privacy. Anderson R. (1996). "A Security Policy Model for Clinical Information Systems " Proceedings of the 1996 IEEE Symposium on Security and Privacy.

Cited by 112 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Validating and extending the unified model of information security policy compliance;Information & Computer Security;2024-09-05

2. When Your Thing Won’t Behave: Security Governance in the Internet of Things;Information Systems Frontiers;2024-08-22

3. Physical security culture: The neglected foundation for effective security;Safety Science;2024-07

4. Innovations, Difficulties, and Approaches for Next-Generation Cybersecurity: Protecting the Digital Future;2024 International Conference on Trends in Quantum Computing and Emerging Business Technologies;2024-03-22

5. Implementing Double-Blind Peer Assessment in Virtual Classroom;2024 11th International and the 17th National Conference on E-Learning and E-Teaching (ICeLeT);2024-02-27