PL EN


Preferencje help
Widoczny [Schowaj] Abstrakt
Liczba wyników
Tytuł artykułu

Information systems development and usage with consideration of privacy and cyber security aspects

Wybrane pełne teksty z tego czasopisma
Identyfikatory
Warianty tytułu
Konferencja
Federated Conference on Computer Science and Information Systems (14 ; 01-04.09.2019 ; Leipzig, Germany)
Języki publikacji
EN
Abstrakty
EN
One of the contemporary problems, and at the same time a challenge, with development und usage of supply chain Information Systems are the issues associated with privacy and cyber security, which emerged due to new requirements of legal regulations and directives. The human factor belongs to the biggest risks within these issues. Leak of information, phishing, unauthorized access are the main problems. Also vulnerability of the systems due to new information technologies is an important topic. In this paper we discuss development and usage of Information Systems with regard to the security aspects associated to the software development lifecycle. We present our approach on examples of a user authentication process in logistics.
Rocznik
Tom
Strony
547--554
Opis fizyczny
Bibliogr. 37 poz., il.
Twórcy
  • Uniwersytet Zielonogórski, ul. prof. Z. Szafrana 4a 65-516 Zielona Góra, Poland
autor
  • Uniwersytet Zielonogórski, ul. prof. Z. Szafrana 4a 65-516 Zielona Góra, Poland
Bibliografia
  • 1. General Data Protection Regulation, “Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data” EU 2016/679, 2016.
  • 2. Payment Services Directive 2, “Directive on payment services in the internal market”, EU 2015/2366 Official Journal of the European Union Payment Service Directives 2. EU 2015/2366, 2015.
  • 3. Fintech: www.investopedia.com/terms/f/fintech.asp
  • 4. M. P. Papazoglou, and P. M.A. Ribbes, E-business: organizational and technical foundations, John Wiley and sons. London, 2006.
  • 5. L. Gil, and A. Liska, “Security with AI and machine learning. using advanced tools to improve security at the edge”, New York O’Reily, 2019.
  • 6. Global Economic Crime and Fraud Survey, Pulling fraud out of the shadows. The biggest competitor you didn’t know you had. 2018. https://www.pwc.com/gx/en/forensics/global-economic-crime-and-fraud-survey-2018.pdf
  • 7. D. Bohn, “Android at 10: the world most dominant technology”, 2018 https://www.theverge.com/2018/9/26/17903788/google-android-history-dominance-marketshare-apple
  • 8. Hybrid warfare. Wikipedia https://en.wikipedia.org/wiki/Hybrid_warfare
  • 9. T. Magee, “The most notorious hacke groups”, ComputerworldUK https://www.computerworlduk.com/security/most-notorious-hacker-groups-3679258/
  • 10. G. Perkovitz and A. E. Levite, Eds., “Understanding Cyber Conflict”, Georgetown University Press, 2017.
  • 11. D. Sorin, The cyber dimension of modern hybrid warfare and its relevance for NATO Europolitcs, vol. 10-1, 2016. http://europolity.eu/wp-content/uploads/2016/07/Vol.-10.-No.-1.-2016-editat.7-23.pdf
  • 12. W. Stallings, and L. Brown, “Computer Security: Principles and Practice”, Pearson Education 2018.
  • 13. OWASP Foundation. The free and open software security community, https://www.owasp.org
  • 14. C. Wang, Q. Wang, K. Ren, N. Cao, and W. Lou, “Toward secure and dependable storage services in cloud computing”, IEEE Transactions on Services Computing, vol. 5-2, April-June 2012, pp. 220 – 232, http://dx.doi.org/10.1109/TSC.2011.24
  • 15. D. Mills, K. Wang, B. Malone, A. Ravi, J. Marquardt, Chen, A. Badev, T. Brezinski, L. Fahy, K. Liao, V. Kargenian, M. Ellithorpe, W. Ng, and M. Baird, “Distributed ledger technology in payments, clearing, and settlement”, Finance and Economics Discussion Series 2016-095, 2016. Washington: Board of Governors of the Federal Reserve System, https://doi.org/10.17016/FEDS.2016.095.
  • 16. Official Journal of the European Union. Technical Specification for assurance levels for electronic identification. 1502/2015EN.
  • 17. C. E. Schannon, “Communication theory of secrecy systems”, The Bell System Technical Journal, vol. 28-4 , Oct. 1949.
  • 18. L. Chen, S. Jordan, Y-K. Liu, D. Moody, R. Peralta, R. Perlner, and D. Smith-Tone, “NISTIR 8105 Report on Post-Quantum Cryptography”, http://dx.doi.org/10.6028/NIST.IR.8105 https://nvlpubs.nist.gov/nistpubs/ir/2016/nist.ir.8105
  • 19. Adips, RUBLON, “Trusted access multi-factor authentication”, Zielona Góra, 2016. https://rublon.com/
  • 20. J. Jabłoński, “Encryption system with one-off key”, no. 218339, submitted 20-04-2011, date of the patent 10-09-2014.
  • 21. Project POIR .01.01.01-00-0257/16 - CryptOne unconditional secure crypto-processor, DCD Digital Core Design Bytom, Poland 2016-2019.
  • 22. J. Jasperneite, “What is Industrie 4.0“, Computer&Automation, 2012
  • 23. S. Robak, B. Franczyk, and M. Robak, “Business process optimization with big data analytics under consideration of privacy”, Proceedings of the 2016 Federated Conference on Computer Science and Information Systems, M. Ganzha, L. Maciaszek, M. Paprzycki (eds). ACSIS, Vol. 8, p 1199–1204, 2016, http://dx.doi.org/http://dx.doi.org/10.15439/2016F542
  • 24. B. Schwarzbach, M. Glöckner, A. Pirogov, M. M. Röhling, and B. Franczyk, “Secure service interaction for collaborative business processes in the inter-cloud,” in 2015 Federated Conference on Computer Science and Information Systems, ser. Annals of Computer Science and Information Systems, IEEE, 2015, pp. 1377–1386. http://dx.doi.org/10.15439/2015F282
  • 25. D. Agrawal, S. Das and A. E. Abbadi, „Big data and cloud computing: current state and future opportunities“. EDBT 2011, March 22-24, 2011, Uppsala, Sweden. ACM 978-1-4503-0528-0/11/0003.
  • 26. RFC 6287 “OCRA: OATH Challenge-response algorithm”, Internet Engineering Task Force IETF 2011, https://tools.ietf.org/html/rfc6287
  • 27. P. Grassi, M. Garcia, and J. Fenton, “Digital authentication guideline”, NIST SP 800-63-3, 2016.
  • 28. R. Ross, K. Dempsey, P. Viscuso, M. Riddle, and G. Guissanie, “Protecting controlled unclassified information in nonfederal information systems and organizations” NIST SP 800-171, 2016.
  • 29. HTTP - Hypertext Transfer Protocol, https://www.w3.org/Protocols/
  • 30. S. Rivest,. A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems”, Comm. of the ACM, vol. 21-2, 1978, pp. 120–126.
  • 31. B. Schneier, “Cryptanalysis of MD5 and SHA: Time for a new standard”, Computerworld, 2014.
  • 32. S. Goldwasser, and S. Micali, “Probabilistic encryption”, Journal of Computer and System Sciences, vol. 28-2, 1984, pp. 270-299. https://doi.org/10.1016/0022-0000(84)90070-9
  • 33. A. Toffler, The third wave. Bantam Books, 1980.
  • 34. M. Wolden, R. Valverde, and M. Talla, “The effectiveness of COBIT5 information security framework for reducing cyber attacks on supply chain management system”, IFAC-PapersOnLine Vol. 48-3, 2015, pp. 1846-1852. https://doi.org/10.1016/j.ifacol.2015.06.355
  • 35. L. Wainstein, “7 supply chain security concerns to address in 2019”. https://supplychainbeyond.com/7-supply-chain-security-concerns-to-address-in-2019/
  • 36. M. Robak, and E. Buchmann, “Deriving workflow privacy patterns from legal documents”, Federated Conference on Computer Science and Information Systems, 2019 – accepted paper.
  • 37. V. Gupta, D. Stebila, S. Fung, S.C. Shanz, N. Gura, and H. Eberle, “Speeding up Secure Web Transactions Using Elliptic Curve Cryptography”, http://research.sun.com/projects/crypto
Uwagi
1. Track 4: Information Systems and Technologies
2. Technical Session: 17th Conference on Advanced Information Technologies for Management
3. Opracowanie rekordu ze środków MNiSW, umowa Nr 461252 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2020).
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-8b8449e5-0f08-451d-a39f-6a0d3efa049c
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.