Security is a hot issue to be discussed, ranging from business activities, correspondence, banking and financial activities; it requires prudence and high precision. Since information security has a very important role in supporting activities of the organization, we need a standard or benchmark which regulates governance over information security. The main objective of this paper is to impleme...

Analysing large amounts of financial information within databases can be hardly accomplished when dealing with money laundering. The main reason is the lack of digital forensics and proper database analysis procedures within the anti-money laundering strategies of financial institutions. Also, analysing single or grouped financial events related to money laundering is difficult when the Know-Yo...

Compliance with law, industry standards, and corporate governance regulations are one of the driving factors for discovering security requirements. This paper aims to incorporate constraints from regulations through security requirements at an early stage of development. Constraints are extracted using a pattern based approach from legal texts of information security laws and policies derived f...

This paper describes different proposals made at UNED, for post-graduated students, at the area of IT Services Management and specially trying to fill the gap, of paramount importance, of the treatment due in ITIL® (Information Technology Infrastructure Library) to Information Security Management. We analyze the treatment given to Information Security Management in ITIL, both versions 2 and 3, ...

The authors present a Case Study conducted in a Portuguese military organization, to answer the following research questions: (1) what are the most relevant dimensions and categories of information security controls applied in military organizations? (2) What are the main scenarios of information security incidents that are expected to occur? (3) What is the decision process used for planning a...

Actually Information security becomes a very important part for the organization’s intangible assets, so level of confidence and stakeholder trusted are performance indicator as successes organization. Since information security has a very important role in supporting the activities of the organization, we need a standard or benchmark which regulates governance over information security. The ma...

Our paper deals with the security of operational environments for evoting and its importance for the security of electronic elections. So far the security of e-voting was focused on secure e-voting protocols. We show that the security of electronic elections requires a secure operational environment as well. We provide a comprehensive catalogue of organizational and technical requirements which...

This paper describes a technical security analysis which is based on experiments done in a laboratory and verified in a physician’s practice. The health care telematics infrastructure in Germany stipulates every physician and every patient to automatically be given an electronic health smart card (for patients) and a corresponding health professional card (for health care providers). We analyze...

This paper envisions the performance side of large-scale distributed systems. Security is the biggest performance hurdle; accordingly the most efficient technique to maintain or enhance system performance is to provide a reliable Integrated Security Management Process capable to support large-scale high performance distributed systems. A framework describing information security management core...