Information system access control

• Main Author: Весна Алексић-Марић, PhD
• Format: Article
• Language: English
• Published: University of Banja Luka, Faculty of Economics 2006-12-01
• Series: Acta Economica
• Subjects: information system, cryptography, Personal Identification Number (PIN), digital signature, smart cards.
• Online Access: http://ae.ef.unibl.org/index.php/AE/article/view/310

Considering the existing situation and indicators pointing to the problems or the inadequacy of some solutions in the system security, research involving a variety of questions has bee conducted. Contemporary business process design means, however, that it is in previous phases of the project that secure information technology (IT) is to be taken into account, the one which does not only support business process but may transform it radically. The main mottoes of the business process reengineering are the secure communication, which ought to provide interface top-down theory bottom-up implementation. This paper covers security planning, security policy definition, procedures and recommendation for implementation of security policy. It also deals with security testing and continuous monitoring of security related events (locally and globally) as well as with updating of security policy and its technical implementation.