A new model of a system to monitor the activity of employees In the organization in accordance with ISO/IEC 27001 requirements

El Fray, I.

Artykuł - szczegóły

Tytuł artykułu

A new model of a system to monitor the activity of employees In the organization in accordance with ISO/IEC 27001 requirements

Autorzy

El Fray I.

Wybrane pełne teksty z tego czasopisma

http://pe.org.pl/

Identyfikatory

Warianty tytułu

Model systemu monitorowania czynności pracowników

Języki publikacji

Abstrakty

Zaproponowany model systemu monitorowania czynności pracowników skupia się na stworzeniu bezpiecznego i stabilnego rozwiązania, które nie obciąża obserwowanej maszyny. Model ten jest uzupełnieniem wymagań polityki bezpieczeństwa organizacji zgodnie z ISO/IEC 27001. Opiera się on na znanych i sprawdzonych technologiach, wykorzystujących zalety podobnych rozwiązań krajowych i zagranicznych, jednocześnie eliminując ich wady. Przeprowadzone badania wykazały iż proponowany model zapewnia szeroki wachlarz pożytecznych dla potencjalnego nadzorcy funkcjonalności w zmieniającym się otoczeniu.

The proposed model of the system to monitor the activity of employees focused on creating a safe and stable solution, which, together with the monitoring process, is not overloading the observed device. This model complements the organization's security policy requirements In accordance with ISO/IEC 27001 standard. It is based on known and proven technology using the advantages of similar solutions, domestic and foreign, while eliminating their drawbacks. The study showed that the proposed model provides a wide range of useful functionality for a potential supervisor in dynamically changing environment of the observed machine.

Słowa kluczowe

bezpieczeństwo systemów teleinformatycznych system monitorowania monitoring aktywności pracowników

information system security monitoring system monitoring employee activity

Wydawca

Wydawnictwo SIGMA-NOT

Czasopismo

Przegląd Elektrotechniczny

Rocznik

2012

Tom

R. 88, nr 11a

Strony

59--65

Opis fizyczny

Bibliogr. 28 poz., tab., rys.

Twórcy

autor

El Fray I.

West Pomeranian University of Technology, ielfray@wi.zut.edu.pl

Bibliografia

[1] Raduan, C. R., Jegak, U., Haslinda, A., Alimin, I.I.: A Conceptual Framework of the Relationship Between Organizational Resources, Capabilities, Systems, Competitive Advantage and Performance. Research Journal of International Studies. 12(2009) 45-58
[2] Van Kleef, J.A.G., Roome, N.J.: Developing capabilities and competence for sustainable business management as innovation: a research agenda. Journal of Cleaner Production. 15(2007) 38-51
[3] Baker, W. H., Wallace, L.: Is Information Security Under Control?: Investigating Quality in Information Security Management. Security & Privacy, IEEE. 5(2007) 36 – 44
[4] Yeh, Q-J., Chang, A., J-T.: Threats and countermeasures for information system security: A cross-industry study. Information & Management. 44(2007) 480–491
[5] FENG N., XIE J. N.: Security Risk Assessment Model Based on Evidence Theory in Multi-uncertain Environment. Chinese Journal of Management 8 (2011), 614- 621
[6] Nguyen, N., Reiher, P., Kuenning, G.H.: Detecting insider threats by monitoring system call activity. Information Assurance Workshop, IEEE Systems Man and Cybernetics Society, (2003) 45-52
[7] Badr, Y.: The Integration of Corporate Security Strategies in Collaborative Business Processes. Services Computing, IEEE Transactions on 4(2011), 243 – 254
[8] Mueller R.: The Federal Bureau of Investigation invigilate American people. http://wiadomosci.gazeta.pl/Wiadomosci/1,80645,3977985.html collected on 20 April 2012 [in Polish]
[9] Kosmaty P.: The boundaries of the secret surveillance of citizens in a democratic state of law, http://www.sprp.pl/tresc/prokurator/19cf24d513ebaf153fba4e58 3eed547f.pdf, collected on 20 April 2012 [in Polish]
[10] Cass, R.A., Strauss P.L.: The residential signing statements controversy. heinonline.org/HOL/LandingPage?collection=journals&handle= hein.journals/wmbrts16&div=8&id=&page=, collected on 20 April 2012
[11] Falkvinge, R.: Sweden's new wiretapping law 'much worse than the Stasi'. http://www.redicecreations.com/article.php?id=4076 , collected on 20 April 2012
[12] Szewczyk, H,.: Protection of personal interest and basic forms of employees’ supervision. Movement of Jurists, Economics and Sociology 3(2011) 227-240 [in Polish]
[13] Polish Civil Code. Dz. U. 1964 No 16 section 93, Act of 23 April 1964
[14] Polish Constitution. Dz. U. 1997 No 78 section 483, 2 April 1997
[15] Chakowski M., Ciszek P.: Employee Monitoring. e-Dziennik Gazeta Prawna. 214 (2005) [in Polish] http://edgp.gazetaprawna.pl/index.php?act=mprasa&sub=articl e&id=116584, collected on 20 April 2012
[16] Jackson, T., Dawson, R., Wilson, D.: The cost of email interruption. Journal of Systems and Information Technology. 5(2001), pp.81 - 92
[17] Weckert J.: Electronic Monitoring in the Workplace: Controversies and Solutions. Idea Group Publishing, 2005
[18] Sack, M.A.: Model of user activity supervision system in the ICT system. Master's thesis under the direction of I. El Fray (2011)
[19] http://www.okoszefa.pl/, collected on 25 February 2012.
[20] http://www.netvizor.net. collected on 15 February 2012.
[21] http://www.elite-keylogger.com, collected on 19 February 2012.
[22] http://www.staffcop.com/, collected on 24 February 2012.
[23] http://www.wireshark.org/, collected on 21 April 2012
[24] http://www.jitbit.com/macro-recorder/, collected on 21 March 2012
[25] Wineblat,E.: Service Hiding, Apriorit Inc., http://www.codeproject.com/KB/system/service-hiding.aspx, collected on 10 March 2012
[26] Sheik Abdullah: Hack Windows Task Manager. http://www.codeproject.com/KB/system/Hack_Windows_Task_ Manager.aspx, collected on 10 March 2012
[27] http://www.winpcap.org/default.htm, collected on 10 March 2012
[28] ISO/IEC 27001: Information technology – Security techniques – information security management systems (2005)

Typ dokumentu

Bibliografia

Identyfikator YADDA

bwmeta1.element.baztech-article-BPS4-0004-0053