Issues in securing Web-accessible information systems

Within higher education, concerns are growing with regard the gap between what university central services traditionally provide and what the academic departments within the institution need. The Institutionally Secure Integrated Data Environment (INSIDE) project is a JCIEL (JISC Committee for Integrated Environments for Learners) funded collaborative project between the Universities of St. Andrew and Durham that proposes to address the above concerns by investigating the issues surrounding the development and delivery of "joined up systems for institutions". The INSIDE project intends to work utilising both universities\´ existing information bases to develop a model of distributed functionality. The intention is to solve the problems at a high enough level of abstraction to provide a generic solution applicable to other higher education institutions. The model must address security implications of "joined up systems for institutions", balancing an institution\´s need for effective data security with universities\´ culture of open access to information. An effective security strategy should address both the technical and social issues raised by Web accessible information systems. It must give recognition to the human and organisational aspects of security and the need to educate users in secure working practices