Extending trust in enterprise systems

Author

Mondai, Shatabdi ; Setua, S.K.

Author_Institution

Asansol Eng. Coll., Burdwan, India

fYear

2015

fDate

7-8 Feb. 2015

Firstpage

1

Lastpage

6

Abstract

Modern enterprises are facing more and more uncertainties and challenges from insecurity and context sensitivity. In view of information security, an enterprise is considered as a collection of assets and their interrelationships and how users use their rights to access the enterprise. These interrelationships may be built into the enterprise information infrastructure, as in the case of connection of hardware elements in network architecture, or in the installation of software or in the information assets. As a result, access to one element may enable access to another if they are connected. An enterprise may specify the conditions on how to access certain assets in certain mode (read, write etc.) as policies. The interconnection of assets, along with specified policies, may lead to vulnerabilities in the enterprise information system if misused. This paper presents a formal methodology for detection of vulnerabilities and threats to enterprise information systems.

Keywords

enterprise resource planning; information systems; security of data; enterprise information infrastructure; enterprise information system; information security; Additives; Authorization; Availability; Databases; Information systems; Permission; Enterprise information security; Policies; Security parameters; Vulnerability;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on

Conference_Location

Hooghly

Print_ISBN

978-1-4799-4446-0

Type

conf

DOI

10.1109/C3IT.2015.7060169

Filename

7060169