Call for Paper - January 2024 Edition
IJCA solicits original research papers for the January 2024 Edition. Last date of manuscript submission is December 20, 2023. Read More

Information Systems Threats and Vulnerabilities

International Journal of Computer Applications
© 2014 by IJCA Journal
Volume 89 - Number 3
Year of Publication: 2014
Daniyal M. Alghazzawi
Syed Hamid Hasan
Mohamed Salim Trigui

Daniyal M Alghazzawi, Syed Hamid Hasan and Mohamed Salim Trigui. Article: Information Systems Threats and Vulnerabilities. International Journal of Computer Applications 89(3):25-29, March 2014. Full text available. BibTeX

	author = {Daniyal M. Alghazzawi and Syed Hamid Hasan and Mohamed Salim Trigui},
	title = {Article: Information Systems Threats and Vulnerabilities},
	journal = {International Journal of Computer Applications},
	year = {2014},
	volume = {89},
	number = {3},
	pages = {25-29},
	month = {March},
	note = {Full text available}


Vulnerability of Information Systems is a major concern these days in all spheres of Financial, government, private sectors. Security of the Information Systems is one of the biggest challenges faces by almost all the organizations in today's world. Even though most of the organizations have realized the value of information and the part it plays in the success of the business, yet only a few take adequate measures in ensuring the security of their information, preventing unauthorized access, securing data from intrusion and unapproved disclosures etc. The impact any business is going to bear, in case any of the information system is compromised or goes down, is great; hence ensuring stability and security of these information system is of paramount importance to these businesses.


  • Mellado, D. , E. Fernández-Medina, et al. (2007). "A Common Criteria Based Security Requirements Engineering Process for the Development of Secure Information Systems. "
  • Mellado, D. , C. Blanco, et al. (2010). "A Systematic Review of Security Requirements Engineering standards".
  • Choo, K. -K. R. , R. G. Smith, et al. (2007). Future directions in technology-enabled crime: 2007-09.
  • ITU (2009). ICT Security Standards Roadmap International Telecommunication Union.
  • ISO/IEC (2005). ISO/IEC 27001.
  • Solms, B. v. and R. v. Solms (2004). "The 10 deadly sins of Information Security Management. "
  • Susanto, H. and F. b. Muhaya (2010). "Multimedia Information Security Architecture. "
  • COBITv4. 0 (2006). Cobit Guidelines, Information Security Audit and Control Association.
  • ISM3 (2007). Information security management matury model (ISM3 v. 2. 0), ISM3 Consortium.
  • ISO/IEC27001 (2005). ISO/IEC 27001, Information Technology - Security Techniques Information security management systems - Requirements.
  • ITILv3. 0 (2007). ITIL, Information Technology Infrastructure Library. C. C. a. T. A. (CCTA).
  • Iraburu, M. (2006). "Confidentiality and privacy. "
  • Pardo, G. O. (2006). Legal problems associated with the health information. The Clinical History. .
  • Woo-Sung Park, Sun-Won Seo, et al. (2010). "Analysis of Information Security Management Systems at 5 Domestic Hospitals with More than 500 Beds. "
  • Francia, G. , Clinton, K. : (2005). "Computer forensics laboratory and tools".
  • Yang, J. , T. Li, et al. (2007). "Computer Forensics System Based on Artificial Immune Systems. "
  • Ferrer-Roca, O. , F. Marcano, et al. (2008). Quality labels for e-health.
  • Nance, K. , M. Bishop, et al. (2012). Introduction to Digital Forensics - Education, Research and Practice Minitrack.
  • Bashaw, C. (2003). Computer Forensics in Today's Investigative Process.
  • J. , M. (2004). Computer Forensics in a Global Company.
  • Reis M. A. , G. P. L. (2002). "Standardization of Computer Forensic Protocols and Procedures".
  • Srinivas M. , A. H. , Sung (2003). "Identifying Significant Features for Network Forensic Analysis Using Artificial Intelligent Techniques. "
  • Garfinkel, S. L. (2010). "Digital forensics research: The next 10 years. "
  • Berinato, S. (2005). "A Few Good Information Security Metrics.
  • Payne, S. C. (2006). A Guide to Security Metrics. S. I. I. R. Room.
  • The Center for Internet Security (CIS) (2008). The CIS Security Metrics Service. Velte, A. T. , P. D. Toby J. Velte, et al. (2010). Cloud Computing: A Practical Approach.
  • Jansen, W. (2009). Directions in Security Metrics Research. N. I. o. S. a. Technology
  • Rittinghouse, J. W. and J. F. Ransome, Eds. (2010). Cloud Computing Implementation, Management, and Security.
  • Cloud Security Alliance (2009). Security Guidance for Critical Areas of Focus in Cloud Computing V2. 1. ENISA (2009). Cloud Computing: Benefits, Risks and recommendations for Information security.
  • Jansen, W. and T. Grance (2011). Guidelines on Security and Privacy in Public Cloud Computing.
  • Staden, W. v. and M. S. Olivier (2011). "On Compound Purposes and Compound Reasons for Enabling Privacy. "
  • Bagüés, S. A. , A. Zeidler, et al. (2010). "Enabling Personal Privacy for Pervasive Computing Environments. "
  • NIST (2011). Security and Privacy Controls for Federal Information Systems and Organizations SP.
  • Doherty, N. F. and H. Fulford (2006). "Aligning the Information Security Policy with the Strategic Information Systems Plan"
  • Sánchez, L. E. , A. S. -O. Parra, et al. (2009). "Managing Security and its Maturity in Small and Medium-sized Enterprises ".
  • Dhillon, G. a. J. B. (2000). "Information System Security Management in the New Millennium. "
  • Kluge, D. (2008). Formal Information Security Standards in German Medium Enterprises.
  • Park, C. -S. , S. -S. Jang, et al. (2010). "A Study of Effect of Information Security Management System [ISMS] Certification on Organization Performance. "
  • Barlette, Y. and V. Vladislav. (2008). Exploring the Suitability of IS Security Management Standards for SMEs. .
  • Fal, A. M. (2010). "Standardization in information security management. "
  • Kawachi, A. and T. Koshiba (2006). "Progress in Quantum Computational Cryptography.
  • Goldreich, O. , Ed. (2004). Foundations of Cryptography: Basic Applications
  • Ferguson, N. , B. Schneier, et al. , Eds. (2010). Cryptography Engineering: Design Principles and Practical Applications.
  • Katz, J. and Y. Lindell, Eds. (2008). Introduction to Modern Cryptography.