透過您的圖書館登入 IP:3.144.248.24
透過您的圖書館登入
IP:3.144.248.24
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

系統開發生命週期結合資訊安全機制之研究

The Study of Information Security Management Mechanism in System Development Life Cycle.

呂品慧(Pin-Hui Lu)
指導教授 : 游佳萍
淡江大學/商管學院/資訊管理學系碩士班/碩士(2014年)
https://doi.org/10.6846/TKU.2014.00379
全文下載

摘要

本研究使用質性研究以及紮跟理論的三種編碼方法,希望從中探究資訊系統開發過程應注意之資訊安全議題。在研究結果中發現,第一,組織對於不同資訊安全議題,其所注重的程度也不盡相同。第二,各種不同的資訊安全議題,也會互相影響。第三,一個資訊安全議題,可能在數個不同的系統開發階段中受到重視,組織在進行資訊系統開發時,應該注重這些在不同開發階段都會引起討論的議題。   基於本研究的結果,第一,我們建議資訊系統開發的管理者,在系統開發的階段中,應該更重視資訊安全的議題,以建立更完善的資訊安全管理機制。第二,各個資訊安全議題之間可能互相影響。因此組織在進行系統開發時,應該注意到許多的資訊安全議題都是會互相影響的。最後,組織所看重的資訊安全議題,會因不同的系統開發階段,而有所區別。也可以讓組織更加注意到,在多個系統開發階段中都會引起重視的資訊安全議題。

關鍵字

資訊安全 系統開發生命週期 紮根理論

並列摘要

This research used qualitative research and grounded theory, to explore information security issues in the information system development process. In this study, there are several findings. First, the organizations identify various information security issues to implement the information security mechanisms. Second, there are strong connections between security issues. Third, several critical security issue are addressed in the system development process. Based on our findings, first, we suggest the information system managers have to establish robust information security mechanism to implement high quality services. Second, organizations should focus on different information security issues in different system development processes, because there are significant mutual operations between several critical security mechanisms. Finally, the managers have to focus on key information security mechanism from the initial to the end of the system development phases.

並列關鍵字

Information security System development life cycle Grounded theory

參考文獻

1.Amit, R., and Belcourt, M.,“Human resources management processes: a value-creating source of competitive advantage,” European Management Journal(17:2), 1999, pp.174-181.
2.Barnard, L., and von Solms, R. “A formalized approach to the effective selection and evaluation of information security controls,” Computers & Security(19:2), 2000, pp.185-194.
3.Boehm, B. W.“A spiral model of software development and enhancement,” Computer (21:5), 1988,pp.61-72.
8.Dhillon, G., andBackhouse, J. “Technical opinion: Information system security management in the new millennium,” Communications of the ACM (43:7), 2000,pp.125-128.
9.Ellison, R. J., Linger, R. C., Longstaff, T., and Mead, N. R.“Survivable network system analysis: a case study,” IEEE Software (16:4), 1990, pp.70-77.

延伸閱讀

全文下載