his.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Improving the Information Security Model by using TFI
University of Skövde, School of Humanities and Informatics. University of Skövde, The Informatics Research Centre.
2007 (English)In: New Approaches for Security, Privacy and Trust in Complex Environments: Proceedings of the 22nd IFIP TC-11 International Information Security Conference (SEC 2007) / [ed] Venter, H. et al, Springer, 2007, 73-84 p.Conference paper, (Refereed)
Abstract [en]

In the context of information systems and information technology, information security is a concept that is becoming widely used. The European Network of Excellence INTEROP classifies information security as a nonfunctional aspect of interoperability and as such it is an integral part of the design process for interoperable systems. In the last decade, academics and practitioners have shown their interest in information security, for example by developing security models for evaluating products and setting up security specifications in order to safeguard the confidentiality, integrity, availability and accountability of data. Earlier research has shown that measures to achieve information security in the administrative or organisational level are missing or inadequate. Therefore, there is a need to improve information security models by including vital elements of information security. In this paper, we introduce a holistic view of information security based on a Swedish model combined with a literature survey. Furthermore we suggest extending this model using concepts based on semiotic theory and adopting the view of an information system as constituted of the technical, formal and informal (TFI) parts. The aim is to increase the understanding of the information security domain in order to develop a well-founded theoretical framework, which can be used both in the analysis and the design phase of interoperable systems. Finally, we describe and apply the Information Security (InfoSec) model to the results of three different case studies in the healthcare domain. Limits of the model will be highlighted and an extension will be proposed.

Place, publisher, year, edition, pages
Springer, 2007. 73-84 p.
Series
IFIP International Federation for Information Processing, ISSN 1571-5736 ; 232/2007
Research subject
Technology
Identifiers
URN: urn:nbn:se:his:diva-3858DOI: 10.1007/978-0-387-72367-9_7Scopus ID: 2-s2.0-36248945558ISBN: 978-0-387-72366-2 OAI: oai:DiVA.org:his-3858DiVA: diva2:309944
Conference
Sandton, South Africa, May 14-16, 2007
Available from: 2010-04-09 Created: 2010-04-09 Last updated: 2013-03-19

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Åhlfeldt, Rose-Mharie
By organisation
School of Humanities and InformaticsThe Informatics Research Centre

Search outside of DiVA

GoogleGoogle Scholar

Altmetric score

Total: 752 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf