The Impact of Unavailability on the Effectiveness of Enterprise Information Security Technologies (2008)

Author(s): Parkin SE, Yassin-Kassab R, van Moorsel A

    Abstract: This paper surveys existing enterprise technologies that control access to confidential digital data, and analyzes the impact of system and staff unavailability on the obtained security. The researched technologies allow restrictions to be placed on copying, editing, viewing and printing from within various software applications, provide auditing options and prevent outsider access through encryption. We discuss USB access control solutions, digital rights management software, disk encryption techniques and operating system solutions, respectively. An interesting aspect of the various technologies is their reliance on the cooperation of various people and system components, thus making it vulnerable to unavailability of these people and components. Two opposite effects (security risk and productivity loss) determine the effectiveness of information security technologies, and we analyze the impact of unavailability of resources on both these metrics.

      • Date: March 2008
      • Series Title: School of Computing Science Technical Report Series
      • Pages: 20
      • Institution: School of Computing Science, University of Newcastle upon Tyne
      • Publication type: Report
      • Bibliographic status: Published

      Keywords: USB ACCESS CONTROL, DIGITAL RIGHTS MANAGEMENT, DISK ENCRYPTION, TRUST ECONOMICS, SERVICE AVAILABILITY

      Staff

      Professor Aad van Moorsel
      Head of School, Professor