Categories: ISCRAM2008 Conference


5th International Conference on Information Systems for Crisis Response and Management ISCRAM2008


A significant threat to business continuity is the constant assault on the security of an organizationís mission-critical systems. As the number and sophistication of information security threats continue to increase, organizations are investing significant resources into countermeasures. PricewaterhouseCoopers recently reported that organizations spent nearly 20% of their overall IT budget on security. The security infrastructure of most large organizations consist of a variety of devices including firewalls, intrusion detection and prevention systems, anti-virus software, virtual private networks, and authentication devices. As organizations deploy more and more solutions to counter security threats, IT staff are tasked with the challenge of managing this disparate array of security tools in order to prevent an interruption in their operations.

Research Area

The purpose of this special session is to provide a forum for research into the area of information security, with particular emphasis on the design, development, and implementation of the security infrastructure, including both technical and procedural aspects. The session will also focus on the human and organizational issues involved with managing the security infrastructure. We also invite papers that take a systems perspective, including the tools and technologies that are needed by IT security operations to manage security devices and the security of IT infrastructure, applications, and transactions. We invite researchers, practitioners, students, and academicians to submit their high quality research papers to this special session. Relevant topics include but are not limited to:


ï Security Event Management (SEM) tools that consolidate security data from multiple devices and systems
ï Agent-based design of security tools
ï Information security total cost of ownership
ï Theory of coordination applied to security implementation
ï User interface design for security tools
ï Success or failure case studies
ï Human aspects of information security
ï End user security
ï Assessing the value of the security infrastructure
ï Regulatory and compliance issues involving information security
ï Data mining techniques for security event analysis
ï Information visualization for security analysis
ï Integration of security tools with organizational security policies and procedures
ï Tuning and configuration of security tools