Records |
Author |
Ummul Khair Israt Ara; Fang Chen |
Title |
Information security in crisis management system |
Type |
Conference Article |
Year |
2012 |
Publication |
ISCRAM 2012 Conference Proceedings – 9th International Conference on Information Systems for Crisis Response and Management |
Abbreviated Journal |
ISCRAM 2012 |
Volume |
|
Issue |
|
Pages |
|
Keywords |
Disasters; Expert systems; Information systems; Interoperability; Management information systems; Security of data; Crisis management; Crisis management systems; Crisis situations; Medical emergency; Security components; Security requirements; Strong securities; Terrorist attacks; Information management |
Abstract |
Information security is an important part of almost any kind of Information System. Crisis Management Systems (CMS) are a type of Information System that deals with information which needs to be secure. No matter what kind of crisis, natural disasters, man-made crisis or terrorist attacks, the CMS security should not be compromised. There are many challenges regarding exchange of qualified information and interoperability between various Expert Systems and the CMS. It is important to have strong security in terms of technology, skills, security requirements, sensitivity of information and trust-worthiness (Vural, Ciftcibasi and Inan, 2010). Depending on the type of crisis situation, different sets of security components should be triggered, since the security requirements vary between situations. For example, a terrorist attack has different security requirements in the system compared to a natural disaster or a medical emergency. In this paper, the importance of Information Security in CMS will be discussed. Methods for secure exchange of qualified information are analyzed and a secure and dynamic Crisis Management Information Security System (CMISS) design is introduced. © 2012 ISCRAM. |
Address |
|
Corporate Author |
|
Thesis |
|
Publisher |
Simon Fraser University |
Place of Publication |
Vancouver, BC |
Editor |
L. Rothkrantz, J. Ristvej, Z.Franco |
Language |
English |
Summary Language |
English |
Original Title |
|
Series Editor |
|
Series Title |
|
Abbreviated Series Title |
|
Series Volume |
|
Series Issue |
|
Edition |
|
ISSN |
2411-3387 |
ISBN |
9780864913326 |
Medium |
|
Track |
Poster Session |
Expedition |
|
Conference |
9th International ISCRAM Conference on Information Systems for Crisis Response and Management |
Notes |
|
Approved |
no |
Call Number |
|
Serial |
76 |
Share this record to Facebook |
|
|
|
Author |
Peter L. O'Dell |
Title |
Communities of trust |
Type |
Conference Article |
Year |
2008 |
Publication |
Proceedings of ISCRAM 2008 – 5th International Conference on Information Systems for Crisis Response and Management |
Abbreviated Journal |
ISCRAM 2008 |
Volume |
|
Issue |
|
Pages |
265 |
Keywords |
Information systems; Security of data; Communications systems; Dissemination controls; Fundamental concepts; Information assurance; Information control; Information sharing systems; Operational continuity; Trust frameworks; Authentication |
Abstract |
Effective response to emergency, security and operational continuity events generally requires cooperation across political, physical and technical boundaries. It's necessary, therefore, to use a communications system that enables people in heterogeneous organization to communicate effectively. Since 2002, Swan Island Networks has been developing an Internet-based information sharing system that links responsible people with the information necessary to make better decisions, and to each other. The system allows people to form “Communities of Trust”, in which all community members are known and authenticated. Each community is formed by a responsible Champion, who determines who can participate and what information will be shared within the community. In order for people to be willing to share, and to accept the information they receive as genuine, the community must operate in an environment of trust. This presentation outlines the fundamental concepts, methodologies and features for access and information control that create a trusted environment, particularly Authorization, Authentication and Audit (AAA). In the system discussed, AAA elements function together to create a comprehensive trust framework, and provide a contextually appropriate level of information assurance, data protection and dissemination control. |
Address |
Swan Island Networks, United States |
Corporate Author |
|
Thesis |
|
Publisher |
Information Systems for Crisis Response and Management, ISCRAM |
Place of Publication |
Washington, DC |
Editor |
F. Fiedrich, B. Van de Walle |
Language |
English |
Summary Language |
English |
Original Title |
|
Series Editor |
|
Series Title |
|
Abbreviated Series Title |
|
Series Volume |
|
Series Issue |
|
Edition |
|
ISSN |
2411-3387 |
ISBN |
9780615206974 |
Medium |
|
Track |
Trust in Emergency Planning and Response |
Expedition |
|
Conference |
5th International ISCRAM Conference on Information Systems for Crisis Response and Management |
Notes |
|
Approved |
no |
Call Number |
|
Serial |
812 |
Share this record to Facebook |
|
|
|
Author |
Annie Searle |
Title |
A seat at the table for operational risk |
Type |
Conference Article |
Year |
2010 |
Publication |
ISCRAM 2010 – 7th International Conference on Information Systems for Crisis Response and Management: Defining Crisis Management 3.0, Proceedings |
Abbreviated Journal |
ISCRAM 2010 |
Volume |
|
Issue |
|
Pages |
|
Keywords |
Information systems; Pattern recognition; Security of data; Aggregate risk; Business continuity; Crisis management; Disaster recovery projects; Executive decisions; Operational risks; Risk assessment |
Abstract |
What role should operational risk leaders have in the executive suite? This paper argues that, when nervous CEOs ask “What can go wrong? How can we get ahead of the curve?”, they should look to their operational risk leaders. Those leaders oversee corporate and information security as well as business continuity, crisis management and disaster recovery programs inside companies. That makes them ideally qualified to take the process of crisis management, including analysis of aggregate risk across all silos – To the CEO and then into the boardroom when the need arises, before the corporate crisis is full-blown. |
Address |
ASA Risk Consultants, United States |
Corporate Author |
|
Thesis |
|
Publisher |
Information Systems for Crisis Response and Management, ISCRAM |
Place of Publication |
Seattle, WA |
Editor |
S. French, B. Tomaszewski, C. Zobel |
Language |
English |
Summary Language |
English |
Original Title |
|
Series Editor |
|
Series Title |
|
Abbreviated Series Title |
|
Series Volume |
|
Series Issue |
|
Edition |
|
ISSN |
2411-3387 |
ISBN |
|
Medium |
|
Track |
Planning, Foresight and/or Risk Analysis |
Expedition |
|
Conference |
7th International ISCRAM Conference on Information Systems for Crisis Response and Management |
Notes |
|
Approved |
no |
Call Number |
|
Serial |
929 |
Share this record to Facebook |
|
|
|
Author |
Bartel A. Van De Walle; Ronald Spanjers; Dirk De Wit |
Title |
Stakeholder perceptions and standards for information security risks : A case study at a dutch health care organization |
Type |
Conference Article |
Year |
2006 |
Publication |
Proceedings of ISCRAM 2006 – 3rd International Conference on Information Systems for Crisis Response and Management |
Abbreviated Journal |
ISCRAM 2006 |
Volume |
|
Issue |
|
Pages |
513-527 |
Keywords |
Health care; Information systems; Security of data; Healthcare organizations; Information security risks; Nen 7510; Patient information; Personal health record; Stakeholder groups; Stakeholder perception; Stakeholders analysis; Risk perception |
Abstract |
With the increased use of electronic patient files in Health Care Organizations (HCOs), addressing the risks related to the storage and use of patient information has become increasingly important to avoid intentional or unintentional disclosure, damage to or abuse of patients' personal health records. This has lead governments from various countries to introduce and impose information security standards for HCOs. The Dutch government introduced the NEN 7510 national information security standard; a standard derived from the international ISO 17799 norm. Preceding the implementation phase of NEN 7510 standard at a Dutch HCO, we conducted a field study to identify the information security risks as perceived by the main stakeholder groups in the HCO. We present the differences in the perceived information security risks and threats by end users, management and suppliers, and the degree to which these identified risks will be addressed by the implementation of the NEN 7510 standard. |
Address |
Tilburg University, Netherlands |
Corporate Author |
|
Thesis |
|
Publisher |
Royal Flemish Academy of Belgium |
Place of Publication |
Newark, NJ |
Editor |
B. Van de Walle, M. Turoff |
Language |
English |
Summary Language |
English |
Original Title |
|
Series Editor |
|
Series Title |
|
Abbreviated Series Title |
|
Series Volume |
|
Series Issue |
|
Edition |
|
ISSN |
2411-3387 |
ISBN |
9090206019; 9789090206011 |
Medium |
|
Track |
STAKEHOLDER COORDINATION FOR CRISIS MANAGEMENT |
Expedition |
|
Conference |
3rd International ISCRAM Conference on Information Systems for Crisis Response and Management |
Notes |
|
Approved |
no |
Call Number |
|
Serial |
1039 |
Share this record to Facebook |