From the Publisher:
This collection of essays provides a comprehensive summary of practice and research. The essays provide an overview of the vulnerabilities and threats to information security and introduce the important concepts and terms. In addition, the essays summarize the definitions and controls of the trusted computer system evaluation criteria and discuss information security policy focusing on information control and dissemination. Recommendations are presented based on practical experience. Other essays explore the architectures used in the development of trusted relational database management systems, discuss the effects that multilevel DBMS security requirements can have on the system's data integrity, and compare three research DBMS prototypes. Additional essays identify the motivation for using formal methods across different development stages of a trusted computer system, feature a new approach to formal modeling of a trusted computer system, and present a new security model for mandatory access controls in object-oriented database systems. The book concludes with a list of acronyms, a glossary offering multiple definitions of terms, and a list of references from the text.
Cited By
- Xie X, Ray I, Adaikkalavan R and Gamble R Information flow control for stream processing in clouds Proceedings of the 18th ACM symposium on Access control models and technologies, (89-100)
- Lúcio L, Syriani E, Amrani M, Zhang Q and Vangheluwe H Invariant preservation in iterative modeling Proceedings of the 6th International Workshop on Models and Evolution, (57-62)
- Adaikkalavan R, Ray I and Xie X Multilevel secure data stream processing Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy, (122-137)
- Yang L Teaching database security and auditing Proceedings of the 40th ACM technical symposium on Computer science education, (241-245)
- Yang L (2009). Teaching database security and auditing, ACM SIGCSE Bulletin, 41:1, (241-245), Online publication date: 4-Mar-2009.
- Al Bouna B and Chbeir R Multimedia-based authorization and access control policy specification Proceedings of the 3rd ACM workshop on Secure web services, (61-68)
- Grediaga Á, Ibarra F, García F, Ledesma B and Brotóns F Application of neural networks in network control and information security Proceedings of the Third international conference on Advances in Neural Networks - Volume Part III, (208-213)
- Srinivasan S and Kumar A Database security curriculum in InfoSec program Proceedings of the 2nd annual conference on Information security curriculum development, (79-83)
- Picó F, Olivo A, Crespi F and Camara A An electronic reconfigurable neural architecture for intrusion detection Proceedings of the First international work-conference on the Interplay Between Natural and Artificial Computation conference on Artificial Intelligence and Knowledge Engineering Applications: a bioinspired approach - Volume Part II, (376-384)
- Röhrig S and Knorr K (2019). Security Analysis of Electronic Business Processes, Electronic Commerce Research, 4:1-2, (59-81), Online publication date: 1-Jan-2004.
- Vaughn R, Dampier D and Warkentin M Building an information security education program Proceedings of the 1st annual conference on Information security curriculum development, (41-45)
- Rjaibi W An introduction to multilevel secure relational database management systems Proceedings of the 2004 conference of the Centre for Advanced Studies on Collaborative research, (232-241)
- Rjaibi W and Bird P A multi-purpose implementation of mandatory access control in relational database management systems Proceedings of the Thirtieth international conference on Very large data bases - Volume 30, (1010-1020)
- Vaughn R Application of security tot he computing science classroom Proceedings of the thirty-first SIGCSE technical symposium on Computer science education, (90-94)
- Vaughn R (2000). Application of security tot he computing science classroom, ACM SIGCSE Bulletin, 32:1, (90-94), Online publication date: 1-Mar-2000.
Recommendations
Information security management: An information security retrieval and awareness model for industry
The purpose of this paper is to present a conceptual view of an Information Security Retrieval and Awareness (ISRA) model that can be used by industry to enhance information security awareness among employees. A common body of knowledge for information ...
An impact of information security investment on information security incidents: a case of Korean organizations
ICEC '16: Proceedings of the 18th Annual International Conference on Electronic Commerce: e-Commerce in Smart connected WorldInformation security incidents are serious threats for a modern business environment. Firms believe that an investment on information security contribute to firms avoiding security incidents. However, there is a little research on economic outcomes of ...
Employees' adherence to information security policies: An exploratory field study
The key threat to information security comes from employees who do not comply with information security policies. We developed a new multi-theory based model that explained employees' adherence to security policies. The paradigm combines elements from ...