ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
eBPSM: a new security paradigm for e-business organisations (e-business process security model)
Full text PdfPdf (297 KB)
Source
ACM International Conference Proceeding Series; Vol. 258 archive
Proceedings of the ninth international conference on Electronic commerce table of contents
Minneapolis, MN, USA
SESSION: Session M5: e-business systems and applications table of contents
Pages: 101 - 106  
Year of Publication: 2007
ISBN:978-1-59593-700-1
Author
Sharon Nachtigal  University of London, Egham, United Kingdom
Sponsors
SIGART: ACM Special Interest Group on Artificial Intelligence
ACM: Association for Computing Machinery
SIGEcom: ACM Special Interest Group on Electronic Commerce
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 6,   Downloads (12 Months): 66,   Citation Count: 0
Additional Information:

abstract   references   index terms  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1282100.1282123
What is a DOI?

ABSTRACT

The Internet appears to be a very significant driver in changing business environment and in business models changes as well. More and more organisations perform that change from traditional business to e-business mode, while being exposed to a wide range of vulnerabilities and threats. This paper presents a model for e-business information security design, that is based on a process-based security paradigm. The model, as well as the paradigm on which it is based, are an alternative for the existing perimeter security paradigm, which is no more relevant for an e-business organisation.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Andres Andreu, Professional Pen Testing for Web Applications (Programmer to Programmer), Wrox Press Ltd., Birmingham, UK, 2006
 
2
Rhodes-Ousley , Art Taylor , Ben Rothke, Network Security: The Complete Reference, Osborne/McGraw-Hill, Berkeley, CA, 2002
 
3
S. Crafa, M. Bugliesi, and G. Castagna. Information flow security in boxed ambients. Electronic Notes in Theoretical Computer Science, 66(3), 2004.
4
Dorothy E. Denning, A lattice model of secure information flow, Communications of the ACM, v.19 n.5, p.236-243, May 1976  [doi>10.1145/360051.360056]
 
5
R. Focardi, R. Gorrieri, and F. Martinelli. Information flow analysis in a discrete-time process algebra. 2000.
 
6
Simson Garfinkel , Gene Spafford, Web security & commerce, O'Reilly & Associates, Inc., Sebastopol, CA, 1997
 
7
Dieter Gollmann, Computer security, John Wiley & Sons, Inc., New York, NY, 1999
 
8
S. Harris. CISSP All-In-One Exam Guide. McGraw-Hill/Osborne Media, second edition.
 
9
Konstantin Knorr , Susanne Röhrig, Security Requirements of E-Business Processes, Proceedings of the IFIP Conference on Towards The E-Society: E-Commerce, E-Business, E-Government, p.73-86, October 03-05, 2001
10
Carl E. Landwehr, Formal Models for Computer Security, ACM Computing Surveys (CSUR), v.13 n.3, p.247-278, Sept. 1981  [doi>10.1145/356850.356852]
 
11
J. D. Moffett, C. B. Halley, and B. Nuseibeh. Core security requirements artefacts. ISSN 1744-1986 2004/23, Departmenet of Computing, Faculty of Mathematics and Computing, The Open University, Walton Hall, Milton Keynes, MK7 6AA, UK, 2004.
 
12
S. Nachtigal. E-business security design using process security requirements septet. In ICETE 2007 - International Joint Conference on E-Business and Telecommunications, SECRYPT. INSTICC, July 2007.
 
13
S. Nachtigal and C. Mitchell. Modelling e-business security using business processes. In ICETE 2006 - International Joint Conference on E-Business and Telecommunications, SECRYPT. INSTICC, August 2006.
 
14
A. Sabelfeld and A. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1):5-19, January 2003.
 
15
O. Tettero. Intrinsic Information Security. Embedding Security Issues in the Design Process of Telematicd Systems. Telematica Instituut Fundamental Research Series, No.006 (TI/FRS/006), 2000.
 
16
J. Warner and V. Atluri. Inter-instance authorisation constrsints for secure workflow management. 2006.
 
17
M. V. Wilkes, Time Sharing Computer Systems, Elsevier Science Inc., New York, NY, 1975

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.1 MODELS AND PRINCIPLES

Additional Classification:
  J. Computer Applications
  J.7 COMPUTERS IN OTHER SYSTEMS

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS


General Terms:
Design, Management, Security


Keywords:
e-business, perimeter security, process-based security


The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player