Injecting security into information systems development
| Autor(a) principal: | |
|---|---|
| Data de Publicação: | 2010 |
| Tipo de documento: | Artigo |
| Idioma: | eng |
| Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| Texto Completo: | http://hdl.handle.net/10400.5/10065 |
Resumo: | This paper will attempt to reconcile the apparent developmental duality (Baskerville, 1992) between Information Systems (IS) development and IS security development IS Development and IS Security Development each have a substantial foundation of literature on their respective approaches and methodologies. Livari, Hirschheim and Klein (2001) provide a dynamic framework for classifying IS development approaches and methodologies. Besides providing a method for classification, this framework demonstrates the rich history behind IS Development. Baskerville (1993) likewise provides a valuable literature history for IS security development. We believe part of the cause of the security problems that continue to plague organizations (Dhillon, 2001) is ad hoc security implementation (Baskerville, 1993). This "security after the fact" can lead to an incompatibility between the system and the security of the system. Our argument is that a theoretically grounded and methodological approach is lacking for integrating security with Information Systems Development. |
| id |
RCAP_72e9735ddb8a7a3c7288dfe5a8b84575 |
|---|---|
| oai_identifier_str |
oai:www.repository.utl.pt:10400.5/10065 |
| network_acronym_str |
RCAP |
| network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| repository_id_str |
7160 |
| spelling |
Injecting security into information systems developmentInformation Systems DevelopmentSecurityThis paper will attempt to reconcile the apparent developmental duality (Baskerville, 1992) between Information Systems (IS) development and IS security development IS Development and IS Security Development each have a substantial foundation of literature on their respective approaches and methodologies. Livari, Hirschheim and Klein (2001) provide a dynamic framework for classifying IS development approaches and methodologies. Besides providing a method for classification, this framework demonstrates the rich history behind IS Development. Baskerville (1993) likewise provides a valuable literature history for IS security development. We believe part of the cause of the security problems that continue to plague organizations (Dhillon, 2001) is ad hoc security implementation (Baskerville, 1993). This "security after the fact" can lead to an incompatibility between the system and the security of the system. Our argument is that a theoretically grounded and methodological approach is lacking for integrating security with Information Systems Development.Instituto Superior de Economia e GestãoRepositório da Universidade de LisboaLapke, Michael2015-11-05T13:11:42Z20102010-01-01T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10400.5/10065engLapke, Michael (2010). "Injecting security into information systems development". Portuguese Journal of Management Studies, XV(2):235-248info:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-03-06T14:40:26Zoai:www.repository.utl.pt:10400.5/10065Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T16:56:35.144728Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
| dc.title.none.fl_str_mv |
Injecting security into information systems development |
| title |
Injecting security into information systems development |
| spellingShingle |
Injecting security into information systems development Lapke, Michael Information Systems Development Security |
| title_short |
Injecting security into information systems development |
| title_full |
Injecting security into information systems development |
| title_fullStr |
Injecting security into information systems development |
| title_full_unstemmed |
Injecting security into information systems development |
| title_sort |
Injecting security into information systems development |
| author |
Lapke, Michael |
| author_facet |
Lapke, Michael |
| author_role |
author |
| dc.contributor.none.fl_str_mv |
Repositório da Universidade de Lisboa |
| dc.contributor.author.fl_str_mv |
Lapke, Michael |
| dc.subject.por.fl_str_mv |
Information Systems Development Security |
| topic |
Information Systems Development Security |
| description |
This paper will attempt to reconcile the apparent developmental duality (Baskerville, 1992) between Information Systems (IS) development and IS security development IS Development and IS Security Development each have a substantial foundation of literature on their respective approaches and methodologies. Livari, Hirschheim and Klein (2001) provide a dynamic framework for classifying IS development approaches and methodologies. Besides providing a method for classification, this framework demonstrates the rich history behind IS Development. Baskerville (1993) likewise provides a valuable literature history for IS security development. We believe part of the cause of the security problems that continue to plague organizations (Dhillon, 2001) is ad hoc security implementation (Baskerville, 1993). This "security after the fact" can lead to an incompatibility between the system and the security of the system. Our argument is that a theoretically grounded and methodological approach is lacking for integrating security with Information Systems Development. |
| publishDate |
2010 |
| dc.date.none.fl_str_mv |
2010 2010-01-01T00:00:00Z 2015-11-05T13:11:42Z |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article |
| format |
article |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/10400.5/10065 |
| url |
http://hdl.handle.net/10400.5/10065 |
| dc.language.iso.fl_str_mv |
eng |
| language |
eng |
| dc.relation.none.fl_str_mv |
Lapke, Michael (2010). "Injecting security into information systems development". Portuguese Journal of Management Studies, XV(2):235-248 |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf |
| dc.publisher.none.fl_str_mv |
Instituto Superior de Economia e Gestão |
| publisher.none.fl_str_mv |
Instituto Superior de Economia e Gestão |
| dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
| instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
| instacron_str |
RCAAP |
| institution |
RCAAP |
| reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
| repository.mail.fl_str_mv |
|
| _version_ |
1799131047938490368 |