Abstract
This paper presents a case of application of an interpretive framework, which intends to formally integrate information systems security concerns within the information system’s lifecycle. Aspects that are not normally taken under consideration, such as the involved stakeholders, the development approach and their implication to security issues, are introduced in such a way to benefit and empower the IS security design process. In the case presented here, the framework is used to extract a powerful process model description focusing on security concerns, so as to enlighten the work of the security designer significantly earlier before the use of risk analysis and the construct of a security plan or policy.
Supported in part through YPER97 programme by the Hellenic Ministry of Development.
Chapter PDF
Similar content being viewed by others
Key words
References
Baskerville, R. (1993), “Information Systems Security Design Methods: Implications for Information Systems Development”, ACM Computing Surveys, Vol. 25 No. 4.
Checkland, P. (1981), Systems thinking, systems practice, Wiley.
Checkland, P. (1999), SSM: a 30-year retrospective, Wiley.
Downs, E., Clare, P. and Coe, I. (1992), SSADM: Application and Context, Prentice Hall.
Eden, C. and Huxham, C. (1996), “Action Research for the Study of Organizations”, in Handbook of Organization Studies, S.R. Clegg, C. Hardu, W.R. Nord (eds), Sage.
Eloff, M., and Von Solms, B. (2000), “Information Security: Process Evaluation and Product Evaluation”, in Information Security for Global Information Infrastructures, S. Qing and J. Eloff (Eds.), Kluwer Academic Publishers, pp. 11–19.
Fitzgerald, B. (1998), “An empirical investigation into the adoption of system development methodologies”, Information & Management, 34, pp. 317–328.
Hitchings, J. (1995a), “Deficiencies of the Traditional Approach to Information Security and the Requirements for a New Methodology”, Computers & Security, 14, pp. 377–383.
Hitchings J. (1995b), “Achieving an Integrated Design: The Way Forward for Information Security”, in Information Security-the next decade, J. Ellof and S. von Solms (Eds.), Chapman & Hall.
Kiountouzis E.A. and Kokolakis S.A. (1996), “An analyst’s view of IS Security”, in Information System Security facing the information society, S. Katsikas and D. Gritzalis (Eds.), Chapman & Hall, pp. 23–33.
Klein, H. and Myers, M. (1999), “A set of principles for conducting and evaluating interpretive field studies in information systems”, MIS Quarterly, Vol. 23 No. 1, pp. 67–94.
Kokolakis, S. (1996), “Is there a need for new information security models?”, in Communications and Multimedia Security II, P. Horster (Ed.), Chapman & Hall.
Mumford, E. (1998), “Problems, knowledge, solutions: solving complex problems”, Journal of Strategic Information Systems, 7, pp. 255–269.
Pouloudi, A. (1999), “Aspects of the Stakeholder Concept and their Implications for Information Systems Development”, Proceedings of the 32 nd IEEE International Conference on System Sciences.
Tryfonas, T., Kiountouzis, E. and Poylimenakoy, A. (2000), “Embedding security practices in contemporary information systems development approaches”, submitted to Information Management and Computers security.
Walsham, G. (1995), “Interpretive case studies in IS research: nature and method”, European Journal of Information Systems, 4, pp. 74–81.
Ynström, L. (1999), “Systemic-Holistic Approach to IT Security”, in IPICS 99 lecture notes volume, University of the Aegean.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 IFIP International Federation for Information Processing
About this paper
Cite this paper
Tryfonas, T., Kiountouzis, E. (2001). Security Concerns for Contemporary Development Practices. In: Dupuy, M., Paradinas, P. (eds) Trusted Information. SEC 2001. IFIP International Federation for Information Processing, vol 65. Springer, Boston, MA. https://doi.org/10.1007/0-306-46998-7_29
Download citation
DOI: https://doi.org/10.1007/0-306-46998-7_29
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-7923-7389-6
Online ISBN: 978-0-306-46998-5
eBook Packages: Springer Book Archive