Title :
Extending trust in enterprise systems
Author :
Mondai, Shatabdi ; Setua, S.K.
Author_Institution :
Asansol Eng. Coll., Burdwan, India
Abstract :
Modern enterprises are facing more and more uncertainties and challenges from insecurity and context sensitivity. In view of information security, an enterprise is considered as a collection of assets and their interrelationships and how users use their rights to access the enterprise. These interrelationships may be built into the enterprise information infrastructure, as in the case of connection of hardware elements in network architecture, or in the installation of software or in the information assets. As a result, access to one element may enable access to another if they are connected. An enterprise may specify the conditions on how to access certain assets in certain mode (read, write etc.) as policies. The interconnection of assets, along with specified policies, may lead to vulnerabilities in the enterprise information system if misused. This paper presents a formal methodology for detection of vulnerabilities and threats to enterprise information systems.
Keywords :
enterprise resource planning; information systems; security of data; enterprise information infrastructure; enterprise information system; information security; Additives; Authorization; Availability; Databases; Information systems; Permission; Enterprise information security; Policies; Security parameters; Vulnerability;
Conference_Titel :
Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on
Conference_Location :
Hooghly
Print_ISBN :
978-1-4799-4446-0
DOI :
10.1109/C3IT.2015.7060169
