Document Type

Article

Language

eng

Format of Original

10 p.

Publication Date

10-2007

Publisher

Elsevier

Source Publication

Journal of Systems and Software

Source ISSN

0164-1212

Original Item ID

doi: 10.1016/j.jss.2007.01.043

Abstract

One of the major problems in industrial security management is that most organizations or enterprises do not provide adequate guidelines or well-defined policy with respect to trust management, and trust is still an afterthought in most security engineering projects. With the increase of handheld devices, managers of business organizations tend to use handheld devices to access the information systems. However, the connection or access to an information system requires appropriate level of trust. In this paper, we present a flexible, manageable, and configurable software-based trust framework for the handheld devices of mangers to access distributed information systems. The presented framework minimizes the effects of malicious recommendations related to the trust from other devices or infrastructures. The framework allows managers to customize trust-related settings depending on network environments in an effort to create a more secure and functional network. To cope with the organizational structure of a large enterprise, within this framework, handheld devices of managers are broken down into different categories based upon available resources and desired security functionalities. The framework is implemented and applied to build a number of trust sensitive applications such as health care.

Comments

Accepted version. Journal of Systems and Software, Vol. 80, No. 10 (October 2007): 1621-1630. DOI. © 2007 Elsevier. Used with permission.

Download
ahamed_7705acc.docx (426 kB)
ADA Accessible Version

Share

COinS