CIS 8080 Security
and Privacy of Information and Information Systems
Fall Semester, 2012
On-Line Readings
Particulars:
Department of Computer Information Systems,
College of Business Administration, Georgia
State University,
Post Office Box 4015,
Atlanta, Georgia
30302-4015, USA
Tel. +1
404.413.7362, Internet
baskerville@acm.org
These pages are for use of students taking the above course at the Georgia State University
and are not intended for the general public.
Contents and
Connections
Downloadable From
Library / Original Source
Note: Accessing some
of these resources may only be completed from an on-campus computer or through
a VPN connection from off-campus. An
on-campus IP address may be required.
For more information see “Connecting to the Network from Home (VPN -
Virtual Private Network)” at http://www.gsu.edu/help/25697.html
- Backhouse, J., Hsu, C. W., &
Silva, L. (2006). Circuits of power in creating de jure standards: Shaping
an international information systems security standard. MIS Quarterly, 30(SI), 413-438.http://proquest.umi.com/pqdweb?did=1084845521&Fmt=7&clientId=19356&RQT=309&VName=PQD
- Baumer, D. L., Earp, J. B., & Poindexter, J. C.
(2004). Internet privacy law: a comparison between the United States and
the European Union. Computers &
Security, 23(5), 400-412.http://proquest.umi.com/pqdweb?did=676585761&Fmt=7&clientId=19356&RQT=309&VName=PQD
- Berg,
G., Freeman, M., & Schneider, K. (2008). Analyzing the TJ Maxx Data
Security Fiasco: Lessons for Auditors. The
CPA Journal, 78(8), 34-37.http://ezproxy.gsu.edu:2048/login?url=http://proquest.umi.com/pqdweb?did=1543521051&Fmt=7&clientId=19356&RQT=309&VName=PQD
- Berghel, H. (2005). The two sides of ROI. Association for Computing Machinery.
Communications of the ACM, 48(4), 15-20.http://proquest.umi.com/pqdweb?did=850779941&Fmt=7&clientId=19356&RQT=309&VName=PQD
·
Caralli, R. A.,
Stevens, J. F., Young, L. R., & Wilson, W. R. (2007). Introducing OCTAVE
Allegro: Improving the Information Security Risk Assessment Process. Carnegie
Mellon University Software Engineering Institute. http://www.cert.org/octave/
- Charoen,
D., Raman, M., & Olfman, L. (2008).
Improving End User Behaviour in Password
Utilization: An Action Research Initiative. Systemic Practice and Action Research, 21(1), 55.http://ezproxy.gsu.edu:2048/login?url=http://proquest.umi.com/pqdweb?did=1413108821&Fmt=7&clientId=19356&RQT=309&VName=PQD
- Herzberg,
A. (2009). Why Johnny can't surf (safely)? Attacks and defenses for web
users. Computers & Security, 28(1/2),
63-71. http://ezproxy.gsu.edu:2048/login?url=http://proquest.umi.com/pqdweb?did=1623320571&Fmt=7&clientId=19356&RQT=309&VName=PQD
- IT Governance Institute. (2007). CobiT 4.1. from http://www.isaca.org/Content/NavigationMenu/Members_and_Leaders1/COBIT6/Obtain_COBIT/Obtain_COBIT.htm
- Leih, M. (2006). The Impact Of
The Sarbanes-Oxley Act On IT Project Management. JITTA : Journal of Information Technology Theory and Application, 8(3),
13-30.http://proquest.umi.com/pqdweb?index=0&did=1366994151&SrchMode=1&sid=4&Fmt=6&VInst=PROD&VType=PQD&RQT=309&VName=PQD&TS=1250629858&clientId=19356
·
Pfleeger, S. L., &
Cunningham, R. K. (2010). Why Measuring Security Is Hard. Security &
Privacy, IEEE, 8(4), 46-54. http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5432146
·
Samuelson, P. (2012). Can online piracy be
stopped by laws? Communications of the
ACM, 55(7), 25-27. http://search.proquest.com/docview/1027211404?accountid=11226
·
Stajano, F., &
Wilson, P. (2011). Understanding scam victims: seven principles for systems
security. Communications of the ACM, 54(3),
70-75. http://ezproxy.gsu.edu/login?url=http://search.proquest.com/docview/858141452?accountid=11226
·
Verizon Risk Team. (2012). 2012 Data Breach
Investigations Report [Electronic Version], from http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf
·
Wallace, L., Lin, H., & Cefaratti,
M. (2011). Information Security and Sarbanes-Oxley Compliance: An Exploratory
Study. Journal of Information Systems, 25(1), 185-211. http://proquest.umi.com/pqdweb?index=0&did=2298740021&SrchMode=5&Fmt=3&retrieveGroup=0&VInst=PROD&VType=PQD&RQT=309&VName=PQD&TS=1312581035&clientId=19356
- Willison, R., & Backhouse, J. (2006).
Opportunities for computer crime: considering systems risk from a
criminological perspective. European
Journal of Information Systems, 15(4), 403-419.http://proquest.umi.com/pqdweb?did=1135913761&Fmt=7&clientId=19356&RQT=309&VName=PQD
- Xu, W., Grant, G., Nguyen, H., & Dai, X. (2008).
Security Breach: The Case of TJX Companies, Inc. Communications of the Association for Information Systems, 23(Article
31), 575-590.http://aisel.aisnet.org/cgi/viewcontent.cgi?article=3391&context=cais
Downloadable
From study.net
Note: The following
case materials are available as a course pack for registered students found at
http://www.study.net/r_mat.asp?crs_id=30026134
·
Compeau, D., Fang, Y.,
& Yin, M. (2010). Google in China (B)
London, Ontario: Richard Ivey School of Business University of Western
Ontario 910E11 Harvard Product 910E11-PDF-ENG)
·
McFarlan, F. W.,
Austin, R. D., Usuba, J., & Egawa,
M. (2008). Secom: Managing Information Security in a Risky World (Case
No. 9-308-015). Boston: Harvard Business School
- Paine,
L., & Phillips, Z. (2006a). ChoicePoint (A)
(Case No. 9-306-001). Boston: Harvard Business School.)
This page is maintained by Richard Baskerville