CFP last date
20 January 2025
Reseach Article

Information Systems Threats and Vulnerabilities

by Daniyal M. Alghazzawi, Syed Hamid Hasan, Mohamed Salim Trigui
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 89 - Number 3
Year of Publication: 2014
Authors: Daniyal M. Alghazzawi, Syed Hamid Hasan, Mohamed Salim Trigui
10.5120/15483-4248

Daniyal M. Alghazzawi, Syed Hamid Hasan, Mohamed Salim Trigui . Information Systems Threats and Vulnerabilities. International Journal of Computer Applications. 89, 3 ( March 2014), 25-29. DOI=10.5120/15483-4248

@article{ 10.5120/15483-4248,
author = { Daniyal M. Alghazzawi, Syed Hamid Hasan, Mohamed Salim Trigui },
title = { Information Systems Threats and Vulnerabilities },
journal = { International Journal of Computer Applications },
issue_date = { March 2014 },
volume = { 89 },
number = { 3 },
month = { March },
year = { 2014 },
issn = { 0975-8887 },
pages = { 25-29 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume89/number3/15483-4248/ },
doi = { 10.5120/15483-4248 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:08:18.746314+05:30
%A Daniyal M. Alghazzawi
%A Syed Hamid Hasan
%A Mohamed Salim Trigui
%T Information Systems Threats and Vulnerabilities
%J International Journal of Computer Applications
%@ 0975-8887
%V 89
%N 3
%P 25-29
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Vulnerability of Information Systems is a major concern these days in all spheres of Financial, government, private sectors. Security of the Information Systems is one of the biggest challenges faces by almost all the organizations in today's world. Even though most of the organizations have realized the value of information and the part it plays in the success of the business, yet only a few take adequate measures in ensuring the security of their information, preventing unauthorized access, securing data from intrusion and unapproved disclosures etc. The impact any business is going to bear, in case any of the information system is compromised or goes down, is great; hence ensuring stability and security of these information system is of paramount importance to these businesses.

References
  1. Mellado, D. , E. Fernández-Medina, et al. (2007). "A Common Criteria Based Security Requirements Engineering Process for the Development of Secure Information Systems. "
  2. Mellado, D. , C. Blanco, et al. (2010). "A Systematic Review of Security Requirements Engineering standards".
  3. Choo, K. -K. R. , R. G. Smith, et al. (2007). Future directions in technology-enabled crime: 2007-09.
  4. ITU (2009). ICT Security Standards Roadmap International Telecommunication Union.
  5. ISO/IEC (2005). ISO/IEC 27001.
  6. Solms, B. v. and R. v. Solms (2004). "The 10 deadly sins of Information Security Management. "
  7. Susanto, H. and F. b. Muhaya (2010). "Multimedia Information Security Architecture. "
  8. COBITv4. 0 (2006). Cobit Guidelines, Information Security Audit and Control Association.
  9. ISM3 (2007). Information security management matury model (ISM3 v. 2. 0), ISM3 Consortium.
  10. ISO/IEC27001 (2005). ISO/IEC 27001, Information Technology - Security Techniques Information security management systems - Requirements.
  11. ITILv3. 0 (2007). ITIL, Information Technology Infrastructure Library. C. C. a. T. A. (CCTA).
  12. Iraburu, M. (2006). "Confidentiality and privacy. "
  13. Pardo, G. O. (2006). Legal problems associated with the health information. The Clinical History. .
  14. Woo-Sung Park, Sun-Won Seo, et al. (2010). "Analysis of Information Security Management Systems at 5 Domestic Hospitals with More than 500 Beds. "
  15. Francia, G. , Clinton, K. : (2005). "Computer forensics laboratory and tools".
  16. Yang, J. , T. Li, et al. (2007). "Computer Forensics System Based on Artificial Immune Systems. "
  17. Ferrer-Roca, O. , F. Marcano, et al. (2008). Quality labels for e-health.
  18. Nance, K. , M. Bishop, et al. (2012). Introduction to Digital Forensics - Education, Research and Practice Minitrack.
  19. Bashaw, C. (2003). Computer Forensics in Today's Investigative Process.
  20. J. , M. (2004). Computer Forensics in a Global Company.
  21. Reis M. A. , G. P. L. (2002). "Standardization of Computer Forensic Protocols and Procedures".
  22. Srinivas M. , A. H. , Sung (2003). "Identifying Significant Features for Network Forensic Analysis Using Artificial Intelligent Techniques. "
  23. Garfinkel, S. L. (2010). "Digital forensics research: The next 10 years. "
  24. Berinato, S. (2005). "A Few Good Information Security Metrics.
  25. Payne, S. C. (2006). A Guide to Security Metrics. S. I. I. R. Room.
  26. The Center for Internet Security (CIS) (2008). The CIS Security Metrics Service. Velte, A. T. , P. D. Toby J. Velte, et al. (2010). Cloud Computing: A Practical Approach.
  27. Jansen, W. (2009). Directions in Security Metrics Research. N. I. o. S. a. Technology
  28. Rittinghouse, J. W. and J. F. Ransome, Eds. (2010). Cloud Computing Implementation, Management, and Security.
  29. Cloud Security Alliance (2009). Security Guidance for Critical Areas of Focus in Cloud Computing V2. 1. ENISA (2009). Cloud Computing: Benefits, Risks and recommendations for Information security.
  30. Jansen, W. and T. Grance (2011). Guidelines on Security and Privacy in Public Cloud Computing.
  31. Staden, W. v. and M. S. Olivier (2011). "On Compound Purposes and Compound Reasons for Enabling Privacy. "
  32. Bagüés, S. A. , A. Zeidler, et al. (2010). "Enabling Personal Privacy for Pervasive Computing Environments. "
  33. NIST (2011). Security and Privacy Controls for Federal Information Systems and Organizations SP.
  34. Doherty, N. F. and H. Fulford (2006). "Aligning the Information Security Policy with the Strategic Information Systems Plan"
  35. Sánchez, L. E. , A. S. -O. Parra, et al. (2009). "Managing Security and its Maturity in Small and Medium-sized Enterprises ".
  36. Dhillon, G. a. J. B. (2000). "Information System Security Management in the New Millennium. "
  37. Kluge, D. (2008). Formal Information Security Standards in German Medium Enterprises.
  38. Park, C. -S. , S. -S. Jang, et al. (2010). "A Study of Effect of Information Security Management System [ISMS] Certification on Organization Performance. "
  39. Barlette, Y. and V. Vladislav. (2008). Exploring the Suitability of IS Security Management Standards for SMEs. .
  40. Fal, A. M. (2010). "Standardization in information security management. "
  41. Kawachi, A. and T. Koshiba (2006). "Progress in Quantum Computational Cryptography.
  42. Goldreich, O. , Ed. (2004). Foundations of Cryptography: Basic Applications
  43. Ferguson, N. , B. Schneier, et al. , Eds. (2010). Cryptography Engineering: Design Principles and Practical Applications.
  44. Katz, J. and Y. Lindell, Eds. (2008). Introduction to Modern Cryptography.
Index Terms

Computer Science
Information Sciences

Keywords

Information System Security Protocols Enterprise security