Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
ATZ-Fachkongress

Chassis.tech plus 2024


4 Kongresse in einer Veranstaltung

Treffen Sie in München die Fachleute von Chassis, Lenkung, Bremsen sowie Reifen/Räder.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Grid Authentication: A Memorability and User Sentiment Study Kapitel lesen Erstes Kapitel lesen

2019 | OriginalPaper | Buchkapitel

A Framework of Information Security Integrated with Human Factors

verfasst von : Ahmed I. Al-Darwish, Pilsung Choe

Erschienen in: HCI for Cybersecurity, Privacy and Trust

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Information systems support organizations to achieve strategic competitiveness over other organizations and assist senior management in the decision-making process. In addition, they help organizations in timely implementation of projects and effective risk management. A reliable and coherent Information System requires a solid security framework that ensures Confidentiality, Integrity, Availability, Authenticity and Auditability of the critical information assets; therefore, managing security is essential for organizations doing business in a globally networked and competitive environment whilst seeking to achieve their objectives and goals and ensuring the continuity of business. This paper provides an integrated framework that classifies and holistic view of challenges in Information Security Systems, and their interrelationships. The framework is expected to provide a basis that can be used to evaluate individual organizational members’ behavior and the adequateness of existing security measures.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel An Identification Method of Untrusted Interactive Behavior in ERP System Based on Markov Chain
Nächstes Kapitel Making Sense of Darknet Markets: Automatic Inference of Semantic Classifications from Unconventional Multimedia Datasets
Literatur
1.
Audestad, J.: Four reasons why 100% security cannot be achieved. Telektronikk 1, 38–47 (2005)
2.
Johan, N., Rossouw, S.: Understanding Information Security Culture: A Conceptual Framwork: Centre for Information Security Studies. Nelson Mandela Metropolitan University, South Africa (2000)
3.
Adele, V., Jan, E.: An information security governance framework. Inf. Syst. Manage. J. 24, 361–372 (2007)CrossRef
4.
Kankanhalli, A., Teo, H.-H., Tan, B.C., Wei, K.-K.: An integrative study of information systems security effectiveness. Int. J. Inf. Manage. 23, 139–154 (2003)CrossRef
5.
Koskosas, I.V., Paul, R.J.: The interrelationship and effect of culture and risk communication in setting internet banking security goals, New York, NY (2004)
6.
Kraemer, S., Carayon, P.: Human errors and violations in computer and information security: the viewpoint of network administrators and security specialists. Appl. Ergon. 38, 143–154 (2007)CrossRef
7.
8.
Siponen, M., Oinas-Kukkonen, H.: A review of information security issues and respective research contributions. SIGMIS Database 38(1), 60–80 (2007)CrossRef
9.
10.
Kirstie, H., David, B., Rodrigo, W., Kasia, M., Gagne, A., Konstantin, B.: Human, Organizational, and Technological Factors of IT Security, Florence, Italy (2008)
11.
Salahuddin, A., Karen, N., Kavoos, M.: Information security culture: a behavior compliance conceptual framework. School of Management, Queensland University of Technology, Brisbane (2010)
12.
Margareth S.: Information security management to enterprise risk management. In: Sobh, T., Elleithy, K. (eds.) Innovations and Advances in Computing, Switzerland (2015)
13.
14.
Alavi, R., Islam, S., Lee, W.: A Risk-Driven Investment Model for Analyzing Human Factors in Information Security, The University of East London, Computing and Engineering (2016)
15.
Werlinger, R., Hawkey, K., Beznosov, K.: Human, Organizational and Technological Challenges of Implementing Information Security in Organizations, University of British Columbia (2008)
16.
Parsons, K., McCormac, A., Butavicius, M., and Ferguson, L.: Human Factors and Information Security: Individual, Culture and Security Environment. Defense Science and Technology Organization (DSTO-TR-2484) (2010)
17.
Chan, M., Woon, I., Kankanhalli, A.: Perceptions of information security at the workplace: linking information security climate to compliant behavior. J. Inf. Priv. Secur. 1(3), 18–42 (2005)
18.
Huang, D., Rau, P.P., Salvendy, G.: A survey of factors influencing people’s perception of information security. In: Jacko, J. (ed.) Hum.-Comput. Interact. Part IV. Springer, Heidelberg (2007)
19.
ISO: ISO/IEC 17799 Information technology - Security techniques - code of practice for information security management. Second edition 2005-06-15. Reference: ISO/IEC 17799- 1:2005(E). pp. 1–115 (2005)
20.
Needle, D.: Culture at the level of the firm: organizational and corporate perspectives. In: Barry, J., Chandle, J., Clarck, H., Johnson, R., Needle, D. (eds.) Organization and Management: A Critical Text. Business Press, London (2000)
21.
O’Neill, B.: Developing a Risk Communication Model to Encourage Community Safety from Natural Hazards. Paper Presented at the Fourth NSW Safe Communities Symposium, Sydney, and NSW (2004)
22.
Reichers, A.E., Schneider, B.: Climate and culture: an evolution of constructs. In: Schneider, B. (ed.) Organizational Climate and Culture. Jossey-Bass Publishers, San Francisco (1990)
23.
Richardson, R.: 2007 CSI Computer Crime and Security Survey. Computer Security Institute, Ritov (2007)
24.
Schein, E.H.: Organizational Culture and Leadership. Jossey-Bass, San Francisco (1985)
25.
Schultz, E.: The human factor in security. Comput. Secur. 24, 425–426 (2005)CrossRef
26.
Swain, A. D., Guttman, H. E.: Handbook of human reliability analysis with emphasis on nuclear power plant applications, NUREG/CR-1278, Washington, D.C. (1983)
27.
Van der Pligt, J.: Risk perception and self-protective behavior. Eur. Psychol. 1, 34–43 (1996)CrossRef
28.
Wilson, M., Hash, J.: Computer Security: Building an Information Technology Security Awareness and Training Program. Information Technology Laboratory National Institute of Standards and Technology, Gaithersburg, MD 20899-8933 (2003)
29.
Janczewski, L.J., Fu, L.: Social engineering-based attacks: model and New Zealand perspective. In: 2010 International Multiconference on Computer Science and Information Technology, pp. 847–853. IEEE, October 2010
30.
Siponen, M.T.: A conceptual foundation for organizational information security awareness. Inf. Manage. Comput. Secur. 8(1), 31–41 (2000)CrossRef
31.
Werlinger, R., Hawkey, K., Beznosov, K.: An integrated view of human, organizational, and technological challenges of IT security management. Inf. Manage. Comput. Secur. 17(1), 4–19 (2009)CrossRef
32.
Wilde, G.J.S.: Target Risk 2: A New Psychology of Safety and Health. PDE Publications, Toronto (2001)
Metadaten
Titel
A Framework of Information Security Integrated with Human Factors
verfasst von
Ahmed I. Al-Darwish
Pilsung Choe
Copyright-Jahr
2019
Buch
HCI for Cybersecurity, Privacy and Trust

Print ISBN: 978-3-030-22350-2

Electronic ISBN: 978-3-030-22351-9

Copyright-Jahr: 2019

DOI
https://doi.org/10.1007/978-3-030-22351-9_15