Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

Information Security and Ethics: Concepts, Methodologies, Tools, and Applications

Information Security and Ethics: Concepts, Methodologies, Tools, and Applications
Author(s)/Editor(s): Hamid Nemati (The University of North Carolina at Greensboro, USA)
Copyright: ©2008
DOI: 10.4018/978-1-59904-937-3
ISBN13: 9781599049373
ISBN10: 1599049376
EISBN13: 9781599049380


View Information Security and Ethics: Concepts, Methodologies, Tools, and Applications on the publisher's website for pricing and purchasing information.


Information Security and Ethics: Concepts, Methodologies, Tools, and Applicationsserves as the ultimate source on all theories and models associated with information privacy and safeguard practices to help anchor and guide the development of technologies, standards, and best practices to meet these challenges.

Compiling over 250 chapters representing the work of 484 international experts in these fields, this commanding, six-volume collection examines a complete array of topics in this area, including authentication technologies, cyber crime, cryptographic tools, monitoring systems, forensic computing, and confidentiality applications and their relation to raising the level of security and ethical standards in technology-driven environments. Essential to the information technology collection of any library, Information Security and Ethics: Concepts, Methodologies, Tools, and Applications will serve the needs of researchers in a variety of related fields, including business, e-commerce, government, law enforcement, and many more.

Table of Contents



Emphasis on knowledge and information is one of the key factors that differentiate the intelligent business enterprise of the 21st century. In order to harness knowledge and information to improve effectiveness, enterprises of the new millennium must capture, manage and utilize information with rapid speed in an effort to keep pace with the continually changing technology. Information security and ethical considerations of technology are important means by which organizations can better manage and secure information. Not easily defined, the field of information security and ethics embodies a plethora of categories within the field of information science and technology.

Over the past two decades, numerous researchers have developed a variety of techniques, methodologies, and measurement tools that have allowed them to develop, deliver and at the same time evaluate the effectiveness of several areas of information security and ethics. The explosion of these technologies and methodologies have created an abundance of new, state-of-art literature related to all aspects of this expanding discipline, allowing researchers and practicing educators to learn about the latest discoveries within the field.

Rapid technological changes, combined with a much greater interest in discovering innovative techniques to manage information security in today’s modern organizations, have led researchers and practioners to continually search for literature that will help them stay abreast of the far-reaching effects of these changes, as well as to facilitate the development and deliverance of more ground-breaking methodologies and techniques utilizing new technological innovation. In order to provide the most comprehensive, in-depth, and recent coverage of all issues related to information security and ethics, as well as to offer a single reference source on all conceptual, methodological, technical and managerial issues, as well as the opportunities, future challenges, and emerging trends related to this subject, Information Science Reference is pleased to offer a six-volume reference collection on this rapidly growing discipline, in order to empower students, researchers, academicians, and practitioners with a comprehensive understanding of the most critical areas within this field of study.

This collection entitled, “Information Security and Ethics: Concepts, Methodologies, Tools, and Applications” is organized in eight (8) distinct sections, providing the most wide-ranging coverage of topics such as: 1) Fundamental Concepts and Theories; 2) Development and Design Methodologies; 3) Tools and Technologies; 4) Utilization and Application; 5) Organizational and Social Implications; 6) Managerial Impact; 7) Critical Issues; and 8) Emerging Trends. The following provides a summary of what is covered in each section of this multi volume reference collection:

Section 1, Fundamental Concepts and Theories, serves as a foundation for this exhaustive reference tool by addressing crucial theories essential to the understanding of information security and ethics. Chapters such as, “Leadership Style, Anonymity, and the Discussion of an Ethical Issue in an Electronic Context” by Surinder S. Kahai and Bruce J. Avolio as well as “Information Security Management” by Mariana Hentea provide an excellent framework in which to position information security and ethics within the field of information science and technology. “Privacy and Security in E-Learning” by George Yee, Yuefei Xu, Larry Korba and Khalil El-Khatib offers excellent insight into the critical incorporation of security measures into online and distance learning systems, while chapters such as, “A Unified Information Security Management Plan” by Mari W. Buch and Chelley Vician address some of the basic, yet crucial stumbling blocks of information management. With 45 chapters comprising this foundational section, the reader can learn and chose from a compendium of expert research on the elemental theories underscoring the information security and ethics discipline.

Section 2, Development and Design Methodologies, provides in-depth coverage of conceptual architecture frameworks to provide the reader with a comprehensive understanding of the emerging technological developments within the field of information security and ethics. “Framework for Secure Information Management in Critical Systems” by Rajgopal Kannan, S. Sitharama Iyengar, and A. Durresi offers research fundamentals imperative to the understanding of research and developmental processes within information management. From broad examinations to specific discussions on security tools such as, Tsau Young Lin’s, “Chinese Wall Security Policy Model: Granular Computing on DAC Model” the research found within this section spans the discipline while offering detailed, specific discussions. From basic designs to abstract development, chapters such as “Do Information Security Policies Reduce the Incidence of Security Breaches: An Exploratory Analysis” by Neil F. Doherty and Heather Fulford, and “Potential Security Issues in a Peer-to-Peer Network from a Database Perspective” by Sridhar Asvathanarayanan serve to expand the reaches of development and design technologies within the information security and ethics community. This section includes over 28 contributions from researchers throughout the world on the topic of information security and privacy within the information science and technology field.

Section 3, Tools and Technologies, presents an extensive coverage of various tools and technologies available in the field of information security and ethics that practioners and academicians alike can utilize to develop different techniques. Chapters such as Paloma Díaz, Daniel Sanz, Susana Montero and Ignacio Aedo’s “Integrating Access Policies into the Development Process of Hypermedia Web Systems” enlightens readers about fundamental research on one of the many methods used to facilitate and enhance the integration of security controls in hypermedia systems whereas chapters like, “A National Information Infrastructure Model for Information Warfare Defence?” by Vernon Stagg and Matthew Warren explore defense strategies for information warfare—an increasingly pertinent research arena. It is through these rigorously researched chapters that the reader is provided with countless examples of the up-and-coming tools and technologies emerging from the field of information security and ethics. With more than 32 chapters, this section offers a broad treatment of some of the many tools and technologies within the IT security community.

Section 4, Utilization and Application discusses a variety of applications and opportunities available that can be considered by practioners in developing viable and effective information security programs and processes. This section includes more than 47 chapters such as “Law, CyberCrime and Digital Forensics: Trailing Digital Suspects” by Andreas Mitrakas and Damián Zaitch which reviews certain legal aspects of forensic investigation, the overall legal framework in the EU and U.S. and additional self-regulatory measures that can be leveraged upon to investigate cyber crime in forensic investigations. Additional chapters such as Sunil Hazari’s, “Perceptions of End-Users on the Requirements in Personal Firewall Software: An Exploratory Study” investigates issues affecting selection of personal firewall software in organizations. Also considered in this section are the challenges faced when utilizing information security and ethics with healthcare systems as outlined by Christina Ilioudi and Athina Lazakidou’s, “Security in Health Information Systems”. Contributions included in this section provide excellent coverage of today’s global community and how research into information security and ethics is impacting the social fabric of our present-day global village.

Section 5, Organizational and Social Implications includes a wide range of research pertaining to the social and organizational impact of information security technologies around the world. Introducing this section is Barbara Paterson’s chapter entitled, “We Cannot Eat Data: The Need for Computer Ethics to Address the Cultural and Ecological Impacts of Computing” which critically analyzes the links between computing and cultural diversity as well as the natural environment. Additional chapters included in this section such as “Gender Influences on Ethical Considerations in the IT Environment” by Jessica Leong examine the link between ethics and IT and the influence of gender on ethical considerations in the IT environment. Also investigating a concern within the field of information security is Katherine M. Hollis and David M. Hollis’, “Identity Management: A Comprehensive Approach to Ensuring a Secure Network Infrastructure” which provides an introductory overview of identity management as it relates to data networking and enterprise information management systems. With 32 chapters the discussions presented in this section offer research into the integration of security technology as well as implementation of ethical considerations for all organizations.

Section 6, Managerial Impact presents contemporary coverage of the social implications of information security and ethics, more specifically related to the corporate and managerial utilization of information sharing technologies and applications, and how these technologies can be facilitated within organizations. Core ideas such as training and continuing education of human resources in modern organizations are discussed through these 12 chapters. “A Security Blueprint for E-Business Applications” by Jun Du, Yuan-Yuan Jiao and Jianxin (Roger) Jiao discusses strategic planning related to the organizational elements and information security program requirements that are necessary to build a framework in order to institutionalize and sustain information systems as a core business process. Equally as crucial, chapters such as “Online Information Privacy and Its Implications for E-Entrepreneurship and E-Busines Ethics” by Carmen Gould and Fang Zhao contain a comprehensive examination of the internal, external/environmental, and behavioral dimensions of information privacy, as well as a description of findings for e-entrepreneurship and e-business ethics. Concluding this section is a chapter by Raj Sharman, K. Pramod Krishna, H. Raghov Rao and Shambhu Upadhyaya, “Malware and Antivirus Deployment for Enterprise Security”. This chapter examines growth of the Internet and the effects of the wide availability of toolsets and documentation, making malware development easy. As blended threats continue to combine multiple types of attacks into single and more dangerous payloads, newer threats are emerging. These professors explore phishing, pharming, spamming, spoofing, spyware, and hacking incidents while offering security options to defend against these increasingly more complex breeches of security and privacy.

Section 7, Critical Issues, contains 43 chapters addressing issues such as computer ethics, identify theft, e-fraud, social responsibility, cryptography, and online relationships, to name a few. Within the chapters, the reader is presented with an in-depth analysis of the most current and relevant issues within this growing field of study. Carolyn Currie’s, “Integrity and Security in the E-Century” studies the effects of technological innovation in the light of theories of regulation that postulate a struggle between attempts to control innovation and further innovation and regulation while “Hacker Wars: E-Collaboration by Vandals and Warriors” by Richard Baskerville develops an analytical framework for new forms of information warfare that may threaten commercial and government computing systems by using e-collaboration in new ways. Crucial questions are addressed such as that presented in Bernd Carsten Stahl’s chapter, “What is the Social Responsibility in the Information Age? Maximising Profits?” which analyzes the notion of social responsibility and its relationship to the information age while expressing some of the normative questions of the information age. “Culture and Technology: A Mutual-Shaping Approach” by Thomas Herdin, Wolfgang Hofkirchner and Ursula Maier-Rabler closes this section with a discussion of the mutual influence between culture and technology on a broad inter- and transcultural level.

The concluding section of this authoritative reference tool, Emerging Trends, highlights research potential within the field of information security and ethics while exploring uncharted areas of study for the advancement of the discipline. Introducing this section is a chapter entitled, “Security Engineering for Ambient Intelligence: A Manifesto” by A. Maña, C. Rudolph, G. Spanoudakis, V. Lotz, F. Massacci, M. Melideo, and J. S. López-Cobo which sets the stage for future research directions and topical suggestions for continued debate. Providing an alternative view of security in our post 9/11 world is the chapter, “Information Technology as a Target and Shield in the Post 9/11 Environment” by Laura Lally. This chapter draws upon Normal Accident Theory and the Theory of High Reliability Organizations to examine the potential impacts of Information Technology being used as a target in terrorist and other malicious attacks, while arguing that Information Technology can also be used as a shield to prevent further attacks and mitigate their impact if they should occur. Another debate which currently finds itself at the forefront of research within this field is presented by Kai Kristian Kimppa’s research, “Intellectual Property Rights - or Rights to the Immaterial - in Digitally Distributable Media Gone All Wrong” which discusses three major ethical theories, Lockean liberalism, consequentialism, and Kantian deontology and the implication of these three theories as they are applied to intellectual property rights in digitally distributed media. Found in these 20 chapters concluding this exhaustive multi-volume set are areas of emerging trends and suggestions for future research within this rapidly expanding discipline.

Although the primary organization of the contents in this multi-volume is based on its eight sections, offering a progression of coverage of the important concepts, methodologies, technologies, applications, social issues, and emerging trends, the reader can also identify specific contents by utilizing the extensive indexing system listed at the end of each volume. Furthermore to ensure that the scholar, researcher and educator have access to the entire contents of this multi volume set as well as additional coverage that could not be include in the print version of this publication, the publisher will provide unlimited multi-user electronic access to the online aggregated database of this collection for the life of edition, free of charge when a library purchases a print copy. This aggregated database provides far more contents than what can be included in the print version in addition to continual updates. This unlimited access, coupled with the continuous updates to the database ensures that the most current research is accessible knowledge seekers.

Information security and ethics as a discipline has witnessed fundamental changes during the past two decades, allowing information seekers around the globe to have access to information which two decades ago, was inaccessible. In addition to this transformation, many traditional organizations and business enterprises have taken advantage of the technologies offered by the development of information security systems in order to expand and augment their existing programs. This has allowed practioners and researchers to serve their customers, employees and stakeholders more effectively and efficiently in the modern virtual world. With continued technological innovations in information and communication technology and with on-going discovery and research into newer and more innovative techniques and applications, the information security and ethics discipline will continue to witness an explosion of information within this rapidly evolving field.

The diverse and comprehensive coverage of information security and ethics in this six-volume authoritative publication will contribute to a better understanding of all topics, research, and discoveries in this developing, significant field of study. Furthermore, the contributions included in this multi-volume collection series will be instrumental in the expansion of the body of knowledge in this enormous field, resulting in a greater understanding of the fundamentals while fueling the research initiatives in emerging fields. We at Information Science Reference, along with the editor of this collection, and the publisher hope that this multi-volume collection will become instrumental in the expansion of the discipline and will promote the continued growth of information security and ethics.


Reviews and Testimonials

As we face our situation as the first generation of humans that are almost fully dependent on information and technology, the need to apply security that guarantees the trustworthiness of the information and the integrity of the technology is at the forefront. This six volume publication on information security and ethics compiles the most definitive research in the industry into one single compendium making it an indispensable reference tool to be used by all.

– Hamid Nemati, The University of North Carolina at Greensboro, USA

Nearly 800 international authorities present exhaustive research on theories and models associated with informational privacy and safeguard practices, providing guidance on the development of technologies, standards, and best practices to keep up with those challenges.

– Kathy Dempsey, Computers in Libraries, November/December 2007, Vol. 27 No. 10

BOTTOM LINE: …since few other resources of this scope are available, it would be a valuable addition to upper-level university and research collections. And because information technology changes so rapidly, the publisher offers buyers free online updates.

– Library Journal, February 2008

Nemati and the editorial staff have done a fantastic job of compiling a plethora of topics that will allow anyone to find their area of interest and easily expand their understanding.

– CHOICE, Vol. 45, No. 8 (April 2008)

Information Security and Ethics: Concepts, Methodologies, Tools, and Applications is a one-of-a-kind compilation of up-to-date articles related to information security and ethics. It is recommended that public and academic libraries have a copy available for students interested in computer science, information technology, and social sciences.

– American Reference Books Annual, Vol. 39

Author's/Editor's Biography

Hamid Nemati (Ed.)
Hamid Nemati is an associate professor of information systems in the Department of Information Systems and Operations Management at the University of North Carolina at Greensboro. He holds a doctorate from the University of Georgia and a Master of Business Administration from the University of Massachusetts. Before coming to UNCG, he was on the faculty of J. Mack Robinson College of Business Administration at Georgia State University. He has extensive professional experience in various consulting, business intelligence, and analyst positions and has consulted for a number of major organizations. His research specialization is in the areas of decision support systems, data warehousing, data mining, knowledge management, and information privacy and security. He has presented numerous research and scholarly papers nationally and internationally. His articles have appeared in a number of premier professional and scholarly journals.


Body Bottom