CIS-311 Management Information Systems

Dr. Kelley Fall 2001

Your Name:

Date:

1. Internet Dichotomies

1. Easily accessible, convenient, inexpensive

2. Private, secure, reliable

3. Shared medium à easy, inexpensive access

4. Shared medium à eavesdropping

5. Open, common standards à easy connectivity

6. Open, common standards à no privacy

7. Bandwidth restrictions à compression à better performance

8. Security concerns à encryption à worse performance

2. Security Needs:

1. Authentication

2. Authorization

3. Integrity (Unadulteration)

4. Trust

5. Completeness

6. Timeliness

7. Non-repudiation

8. Transparency

9. Modularity

10. Robustsness

11. Self-healing

12. Redundancy

13. Traceability

14. Managability

15. Cost-effectiveness

3.  Bridging Security and Business Needs

American Family Mutual Insurance Security Ambassadors

http://www.computerworld.com/cwi/story/0,1199,NAV47_STO64308,00.html

4. 1996 - 2006 HIPAA

1996 Health Insurance Portability and Accountability Act (Kassebaum-Kennedy Act)

http://www.healthit.com/resources/hipaa.htm

Types of Information Affected:

5. Corporate WAN Connectivity

1. T1/Frame Relay point-to-point links

2.  T3/OC-3/ATM/MPLS Internet Backbone

3. VPNs (Virtual Private Networks): IPSec, firewalls

6. Online privacy

http://www.wisbar.org/wislawmag/2001/02/barlament.html

1. Volutnary Information vs. Clickstream (Cookies, Web Bugs)

2. FTC regulations: Notice, Choice, Access, Security, Enforcement

3. European Union position: Specific Use, Disclose Context, Permit Changes to Incorrect Data