A security evaluation approach for information systems in telecommunication enterprises
- 20 August 2008
- journal article
- research article
- Published by Taylor & Francis Ltd in Enterprise Information Systems
- Vol. 2 (3), 309-324
- https://doi.org/10.1080/17517570802242893
Abstract
In recent years, information systems in telecommunication enterprises have been characterised by boundary expansion and increase of departmental-level applications. These changes increase the complexity of security evaluation and pose new challenges to enterprises' information security. Taking into account the behaviour characters of system users, we put forward a system security evaluation approach based on access paths. This approach can help evaluators and users find out potential security risks without figuring out the boundary of systems explicitly. It has no special requirements for system scale and can be used in the evaluation of enterprise-level and departmental-level systems. This paper also presents the formal definition of access path and related evaluation rules.Keywords
This publication has 15 references indexed in Scilit:
- Material flow, material information, and the analytics of integrative enterprise information systemsEnterprise Information Systems, 2008
- Artificial intelligence applications in the telecommunications industryExpert Systems, 2007
- Electronic marketplace definition and classification: literature review and clarificationsEnterprise Information Systems, 2007
- Enhancing competitive edge through knowledge management in implementing ERP systemsBehavioral Science, 2006
- Deriving information from CRM for knowledge management—a note on a commercial bankBehavioral Science, 2006
- Integrating knowledge management and ERP in enterprise information systemsBehavioral Science, 2006
- Knowledge management in OSS—an enterprise information system for the telecommunications industryBehavioral Science, 2006
- Systems thinking for information systems developmentSystemic Practice and Action Research, 1995
- Systems characteristics in information systems designSystems Research, 1992
- Toward escape from the limitations of economic systems analysis: Introduction of dimensionalitySystems Research, 1987