Integrity and Internal Control in Information Systems VI

The development and integration of integrity and internal control mechanisms into information system infrastructures is a challenge for researchers, IT personnel and auditors. Since its beginning in 1997, the IICIS international working conference has focused on the following questions: what precisely do business managers need in order to have confidence in the integrity of their information systems and their data and what are the challenges IT industry is facing in ensuring this integrity; what are the status and directions of research and development in the area of integrity and internal control; where are the gaps between business needs on the one hand and research / development on the other; what needs to be done to bridge these gaps. This sixth volume of IICIS papers, like the previous ones, contains interesting and valuable contributions to finding the answers to the above questions. We want to recommend this book to security specialists, IT auditors and researchers who want to learn more about the business concerns related to integrity. Those same security specialists, IT auditors and researchers will also value this book for the papers presenting research into new techniques and methods for obtaining the desired level of integrity.

Autorentext
Dr. Sushil Jajodia is Professor and Chairman of the Dept. of Information and Software Engineering, and Director of the Center for Secure Information Systems at the George Mason University, Fairfax, Virginia, USA

Klappentext

This sixth volume in the series "Integrity and Internal Control in Information Systems" is a state-of-the-art collection of papers in the area of integrity within information systems and the relationship between integrity in information systems and the overall internal control systems that are established in organizations to support corporate governance codes. BRSTRONGIntegrity and Internal Control in Information Systems VI/STRONG represents a continuation of the dialogue between information security specialists, internal control specialists and the business community. The objectives of this dialogue are: To present methods and techniques that will help business achieve the desired level of integrity in information systems and data; To present the results of research that may in future be used to increase the level of integrity or help management maintain the desired level of integrity; To investigate the shortcomings in the technologies presently in use, shortcomings that require attention in order to protect the integrity of systems in general. The book contains a collection of papers from the Sixth International Working Conference on Integrity and Internal Control in Information Systems (IICIS), sponsored by the International Federation for Information Processing (IFIP) and held in Lausanne, Switzerland in November 2003. It will be essential reading for academics and practitioners in computer science, information technology, business informatics, accountancy and IT-auditing.

Inhalt
Refereed papers.- Remote Integrity Checking.- Automated Checking of SAP Security Permisisons.- A Formal Analysis of a Digital Signature Architecture.- Using Parameterized UML to Specify and Compose Access Control Models.- Enforcing Integrity in Multimedia Surveillance.- A Learning-based Approach to Information Release Control.- Information Security Governance using ISO 17799 and COBIT.- Tracing Attacks and Restoring Integrity with Lascar.- A Secure Multi-Sited Version Control System.- Integration of Integrity Constraints in Database Federations.- Reducing Disruption in Time-Tabled Condition Monitoring.- A Service Oriented System Based Information Flow Model for Damage Assessment.- An Efficient OODB Model for Ensuring the Integrity of User-Defined Constraints.- Invited papers.- From Security Culture to Effective E-Security Solutions.- Consistent Query Answering.- Role of Certification in Meeting Organisation Security Requirements.- Panel session.- Grand Challenges in Data Integrity and Quality: Panel Discussion.