The Proceedings of the Information Systems Education Conference 2004: §3413    Home    Papers/Indices    prev (§3412)    Next (§3414)
Sat, Nov 6, 3:30 - 3:55, Rose Island II     Paper (refereed)
Recommended Citation: Alijani, G S, J E Christy, H Craft, P Mok, and J S Welsh.  Design and Implementation of an Information Security Model for E-Business.  In The Proceedings of the Information Systems Education Conference 2004, v 21 (Newport): §3413. ISSN: 1542-7382. (A later version appears in Information Systems Education Journal 4(4). ISSN: 1545-679X.)
 
Recipient of Meritorious Paper Award
 
CDpic

Design and Implementation of an Information Security Model for E-Business

thumb
Refereed11 pages
Ghasem S. Alijani    [a1] [a2]
Graduate Studies Program in Computer Information Systems
Southern University at New Orleans    [u1] [u2]
New Orleans, Louisiana, USA    [c1] [c2]

James E. Christy    [a1] [a2]
Graduate Studies Program in Computer Information Systems
Southern University at New Orleans    [u1] [u2]
New Orleans, Louisiana, USA    [c1] [c2]

Hugh Craft    [a1] [a2]
Graduate Studies Program in Computer Information Systems
Southern University at New Orleans    [u1] [u2]
New Orleans, Louisiana, USA    [c1] [c2]

Peter Mok    [a1] [a2]
Graduate Studies Program in Computer Information Systems
Southern University at New Orleans    [u1] [u2]
New Orleans, Louisiana, USA    [c1] [c2]

J. Steven Welsh    [a1] [a2]
Graduate Studies Program in Computer Information Systems
Southern University at New Orleans    [u1] [u2]
New Orleans, Louisiana, USA    [c1] [c2]

One of the foremost small businesses security concerns is the protection of critical information, both within their internal financial infrastructures and from external elements. Studies show that most cyber-attacks occur inside organizations, instigated by personnel with valid access to the system. This paper describes the design, implementation, and testing of a security system that enhances the capability of small businesses to protect information within the boundary of their networks. Within a specified network, database and transactions are encrypted, decrypted, and processed by the Internal Control and Employee Agents. The database was clustered and access method was provided to employees using private keys. The test results indicate that this additional security layer provides a simple solution to the data sharing and transition within an organization's network. The results of this study will be of significance to owners, managers, and the security personnel responsible for small business networks.

Keywords: electronic commerce, information security, internal control agent

Read this refereed paper in Adobe Portable Document (PDF) format. (11 pages, 1059 K bytes)
Preview this refereed paper in Plain Text (TXT) format. (21 K bytes)

CDpic
Comments and corrections to
webmaster@isedj.org