Identyfikatory
Warianty tytułu
Języki publikacji
Abstrakty
This paper presents the theoretical issues of data security in information systems, a practical implementation of the Clark-Wilson model on the example of Business Intelligence tool, performing the function of a telecommunications operator sales module, and an evaluation of the increase of security of the system created, using risk analysis.
Wydawca
Czasopismo
Rocznik
Tom
Strony
16--19
Opis fizyczny
Bibliogr. 14 poz., rys., tab.
Twórcy
autor
- Warsaw University of Technology, Faculty of Electronics and Information Technology, Institute of Telecommunications, Nowowiejska 15/19, 00-665, Warsaw, Poland.
autor
- Warsaw University of Technology, Faculty of Electronics and Information Technology, Institute of Telecommunications, Nowowiejska 15/19, 00-665, Warsaw, Poland.
Bibliografia
- [1] Buława P.: Implementation and evaluation of the effectiveness of Clark-Wilson data security model on the example of real Business Intelligence system; Master Thesis, 2015.
- [2] Liderman K., Bezpieczeństwo informacyjne, Wydawnictwo Naukowe PWN SA, 2012.
- [3] Molski M., Opala S., Elementarz bezpieczeństwa systemów informatycznych, MIKOM, 2002
- [4] Kenan K., Cryptography in the database: The last line of defence, Pearson Education, Inc 2006
- [5] Anderson R., Security Engineering, Wiley, 2001
- [6] United States Departement of Defense, Trusted Computer System Evaluation Criteria (The Orange Book), 1983, 1985
- [7] Brewer D. F. C., Nash M.J., The Chinese Wall Security Policy, Proceedings of IEEE Symposium on Security and Privacy, 1989
- [8] Ferraiolo D. F., Kuhn D. R., Role Based Access Controls, 15th National Computer Security Conference, 1992
- [9] Ferraiolo D. F., D. Kuhn D. R., Chandramouli R., Role-based Access Control, Artech House, 2003
- [10] Krause M., Tipton H.F., Handbook of information security management, CRC Press LLC, 1997
- [11] Clark D., Wilson D., A Comparison of Commercial and Military Computer Security Policies. Proc. IEEE Symposium on Research in Security and Privacy, 1987.
- [12] Sierocki R., Przegląd koncepcji systemów informatyczno-analitycznych przedsiębiorstw. [W:] Nowoczesne technologie informacyjne w zarządzaniu., Prace Naukowe AE we Wrocławiu nr 1044, Wrocław, s. 295., 2004.
- [13] Liderman K., Analiza ryzyka i ochrona informacji w systemach komputerowych, Wydawnictwo Naukowe PWN SA, 2008.
- [14] ISO/IEC TR 13335-3:1997—Guidelines for the Management of IT Security—Part 3: Techniques for the Management of IT Security.
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-7650e5b3-63f0-497b-b414-5a0ed66361f5