Corporations have increased their investment in information security because critical business systems have moved into increasingly hostile territory. As the enterprise has embraced new technologies such as EDI/EFT, remote access, and sales automation, confidential data has gradually found itself in ever-riskier venues. Moving to the Internet is the latest — and riskiest — frontier. Nevertheles...

Computer security auditing constitutes an important part of any organization's security procedures. Because of the many inadequacies of currently used manual methods, thorough and timely auditing is often diicult to attain. Recent literature suggests that expert systems techniques can ooer signiicant beneets when applied to security procedures such as risk analysis , security auditing and intru...

nowadays, access to reliable information has become an essential factor leading to success in business. in this regard, adequate security of information and systems that process it is critical to the operation of all organizations. therefore organizations must understand and improve the current status of their information security in order to ensure business continuity and increase rate of retu...

The paper reports on ongoing research into the development of a management system to co-ordinate a set of activities of a virtual organisation for the production of chemicals. The paper reports on the authors’ experience in considering a real virtual organisation and raises issues of co-ordinating atomic activities that span across organisational boundaries and deals with systems that possess a...

INTRODUCTION Instant messaging (IM) is suited for immediate communication because messages are delivered almost in real time. Results from studies of IM use in enterprise work settings make us believe that IM based services may prove useful also within the healthcare sector. However, today's public instant messaging services do not have the level of information security required for adoption of...

The Information Technology Infrastructure Library (ITIL) supports best practices, reengineering activities and IT service support processes. ITIL framework only provides recommendations, and companies need to utilize this framework to improve their IT service support processes and establish best practices. This study provides a methodology on how to apply the ITIL framework for evaluating the I...

Risk management refers to the process of making decisions that minimize the effects of vulnerabilities on the network hosts. This can be a difficult task in the context of high-exploit probability and the difficult to identify new exploits and vulnerabilities. For many years, security engineers have performed risk analysis using economic models for the design and operation of risk-prone, techno...

Each year the reported number of security vulnerabilities increases as does the sophistication of attacks to exploit these vulnerabilities. Most security vulnerabilities are the result of insecure coding practices. There is a critical need to increase the security education of computer science students, particularly in software security. We are designing course modules, to be used at the underg...

Information Systems Security is one of the most critical challenges presently facing nearly every one of the organizations. However, making certain security and quality in both information and the systems which control information is a difficult goal necessitating the mixture of two wide research disciplines which are typically separate: security engineering and secure software engineering. Sec...