Submitted by: Submitted by palak
Views: 594
Words: 2682
Pages: 11
Category: Business and Industry
Date Submitted: 11/27/2010 12:04 PM
21st National Information Systems Security Conference 1998 Conference paper submission Type of submission: paper Title or Topic: Security and e-business: is there a prescription ? Abstract Over the past few years it has become increasingly common for organizations, government agencies and businesses, i.e., enterprises, to position some or all of their information assets in close proximity to the Internet. Do enterprise architectures and designs apply to secure e-business computing? Issues of classification and management of data assets beyond the enterprise boundary, plus legal liabilities of electronically executed business transactions suggest that new approaches are needed. This paper analyzes the conceptual similarities and differences of the design intra-, and extraenterprise design environments in an effort to highlight some complexities of creating an ebusiness architecture. This paper concludes that the network/security architect cannot effect comprehensive e-business security for all aspects of an enterprise. The strategy and the solution needs to be addressed in a more fundamental way than firewalls, SSL or PKI. Author Jim Whitmore IBM Corporation 717-796-3264 (voice) 717-796-3414 (fax) whitmore@us.ibm.com
Introduction Over the past several years it has become increasingly common for organizations, government agencies and businesses, i.e., enterprises, to position some or all of their information assets in close proximity to the Internet and serve them to remote, often anonymous audiences. Throughout those same years I have had the opportunity to work with individuals representing enterprises in each category, performing requirements analysis, design, planning and integration phases of Internet-related projects, including building: the “nth” firewall, web server, demilitarized zone, split-DNS, Socks servers, mail gateway, etc. Beginning in 1997 the questions and engagements were more often than not about leveraging the reach of the Internet to a...