Title :
Organizational Barriers to the Implementation of Security Engineering
Author_Institution :
Children´´s Hosp. of Philadelphia, Philadelphia, PA, USA
Abstract :
The link between security engineering and systems engineering exists at the earliest stage of systems development, and, as a whole, there is sufficient evidence to suggest the discipline of security engineering is sufficiently mature to support its implementation. However, there is little in the literature on the practical application of security engineering and even less empirical work grounded in adoption theory. In contrast, the body of knowledge on quality programs is quite extensive and includes general literature on quality models as well as adoption studies of their implementation. Specific factors related to quality implementations are also well documented and generally well understood. This survey study clearly substantiates a connection between these quality factors and security engineering, provides the opportunity for further research on causal models, and supports the application of lessons learned from quality program efforts to the implementation of a security engineering methodology in system acquisition and development.
Keywords :
organisational aspects; security of data; adoption theory; organizational barriers; quality factors; quality program; security engineering; system acquisition; system development; system engineering; Costs; Data engineering; Data security; Design engineering; Information security; Information systems; Innovation management; Q factor; Systems engineering and theory; Technological innovation; Product Development; Security; Systems Engineering;
Conference_Titel :
Information Assurance and Security, 2009. IAS '09. Fifth International Conference on
Conference_Location :
Xi´an
Print_ISBN :
978-0-7695-3744-3
DOI :
10.1109/IAS.2009.61
