Paper Info
Title
ERPSEC - A Reference Framework to Enhance Security in ERP Systems
Abstract
This paper proposes a method of integrating the concept of information ownership in an Enterprise Resource Planning (ERP) system for enhanced security. In addition to providing enhanced security, the reference framework ERPSEC developed for this study provides better manageability and eases implementation of security within ERP software packages. The results of this study indicate that central administration, control and management of security within the ERP systems under investigation for this study weaken security. It was concluded that central administration of security should be replaced by a model that distributes the responsibility for security to so-called information owners. Such individuals hold the responsibility for processes and profitability within an organization. Thus, they are best suited to decide who has access to their data and how their data may be used. Information ownership, coupled with tight controls can significantly enhance information security within an ERP system.
Year
DOI
Venue
2005
10.1007/0-387-25660-1_6
International Federation for Information Processing
Keywords
Field
DocType
database security,security policy,misuse detection,authentication,information flow
Security convergence,Asset (computer security),Computer science,Computer security,Certified Information Security Manager,Database security,Security service,Cloud computing security,Security information and event management,Computer security model,Process management
Conference
Volume
ISSN
Citations 
181
1571-5736
0
PageRank 
References 
Authors
0.34
1
2
Name
Order
Citations
PageRank
Sebastiaan H. Von Solms111653.32
M. P. Hertenberger210.69