信息安全控制理论:实现信息共享与保护的可持续协调

浏览数:388

Information Security Control Theory: Achieving a Sustainable Reconciliation Between Sharing and Protecting the Privacy of Information

《Journal of Management Information Systems》作者:Chad Anderson, Richard L Baskerville, Mala Kaul.

内容摘要:Contemporary organizations operate in highly interconnected environments where they are frequently confronted by the challenge of balancing the protection of information resources with the need for sharing information. This tension between the expected benefits and the potential security risks inherent in the information sharing process, exists in many domains, including business, health care, law enforcement, and military—yet it is not well-understood. We propose an information security control theory to explain and manage this tension. We evaluate this theory through a longitudinal case study of the iterative development of the information security policies for a health information exchange in the western United States. Our study shows that the theory offers a good framework through which to understand the information security policy development process, and a way to reconcile the tension between information sharing and information protection. The theory has practical applicability to many business domains.

Copyright © 2015  中国信息经济学会  www.cies.org.cn                  

ABUIABAEGAAgsPHPrgUo9KTLlQQwqwI4Uw
联系我们

  地址:北京市中国人民大学理工楼配楼四层  

   邮编:100872  

   电话:010-62511264

   邮件:info@ciesorg.com


网站导航