跳到主要內容

臺灣博碩士論文加值系統

(35.174.62.102) 您好!臺灣時間:2021/07/25 05:43
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:張家偉
研究生(外文):Chang, Chiawei
論文名稱:運用風險情境管理提升資訊安全之研究
論文名稱(外文):Applying Contingency Risk Management Model To Enhance Information Security Research
指導教授:趙嘉成趙嘉成引用關係
指導教授(外文):Chao, Chiachen
口試委員:黃瓊玉陳智凱
口試委員(外文):Huang, ChiungyuChen, Chihkai
口試日期:2012-05-26
學位類別:碩士
校院名稱:國立臺北教育大學
系所名稱:資訊科學系碩士班
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2012
畢業學年度:100
語文別:英文
論文頁數:93
中文關鍵詞:資訊安全情境理論專案管理
外文關鍵詞:Information securityContingency TheoryProject Management
相關次數:
  • 被引用被引用:0
  • 點閱點閱:150
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
近年來科技進步迅速,面對電子商務的蓬勃發展及網路的普遍使用,現代人的生活跟電腦或智慧型手機已經是密不可分了。資訊科技所帶來的便利,也使得企業越來越倚賴資訊系統,但在享受便利的同時,其實也潛藏著很大的風險。近幾年電腦、網路的威脅,不管是在數量、或是種類都是快速的增加,許多有心人士也嘗試針對資訊系統的弱點進行攻擊,想要取得不法利益,因此資訊安全也就成為了企業所要面臨的一個重要課題。
本研究的目的是要找出企業在導入資訊安全系統時所會面臨到的風險因素,讓企業在進行資訊安全系統導入時可以避免這些風險,進而增加效益並且避免系統導入失敗。
本研究的研究方法是經由文獻分析探討出資訊安全對企業的重要性及影響,並與資訊安全領域的專家進行深度訪談,接著進行問卷調查驗證假設並確認研究結果。
此研究的結果可為企業導入資訊安全系統時,提供有效的建議,透過了解關鍵的風險因素來避免導入失敗,而達到提升企業資訊安全之目的。
Business enterprises in Taiwan today, face growth in electronic commerce, and with the rapid growth of applications in internet communication, the security for information has become a fundamental issue.
The purpose of this research is to find out the risk factors of implementing information security system, then, to avoid the risk of set up and implement information security system for enterprises in order to reduce the information security system failure.
The research method is review literature and in-depth interviews with administrators from various enterprises were used to collect the data. From previous literature review, we collect comments from interviews to develop a structured questionnaire. Then, using statistic method such as: Pearson correlation, ANOVA, correlation coefficient explains regression analysis results.
This is a research of information security system implementation. The findings of this research will provide more enterprises which plan to implement information security systems with awareness of risk factors to avoid failure.
Table of Contents
Abstract (Chinese) i
Abstract ii
Table of Contents iii
List of Tables v
List of Figures vi
Chapter 1 Introduction 1
1.1 Rationale and motivation of this research 3
1.2 Research purpose 4
1.3 Research scope 5
1.4 Research methods 6
1.5 Contribution 7
1.6 Managerial implications 8
1.7 Research limitations 8
Chapter 2 Literature Review 9
2.1 Contingency theory 9
2.2 Information security 10
2.3 Contingency risk management model 13
2.3.1 Risk exposure construct of information security system implementation 14
2.3.2 Risk management construct of information security system implementation 17
2.3.3 IT surveillance construct 18
2.3.4 Fit construct 20
2.3.5 Contribution construct 21
Chapter 3 Research Method 23
3.1 Research scope 23
3.2 Research model and hypothesis 24
3.3 Research process 26
3.4 Research design 28
3.5 Research method 29
3.6 Statistic methods 29
3.6.1 Descriptive statistics analysis 30
3.6.2 Pearson Coefficient Correlation 30
3.6.3 Regression 30
Chapter 4 Discussions and findings 31
4.1 Data Analysis and Results 31
4.1.1 Descriptive statistics 31
4.1.2 Pearson coefficient correlation analysis (Model I & Model II) 38
4.1.3 Regression analysis (Model I & Model II) 40
4.2 Research finding and discussion 44
Chapter 5 Conclusions 51
Chapter 6 Managerial implications 57
References 61
Appendices A : Tables 67
Appendices B : Figures 83
Appendices C : Questionnaires 85

List of Tables
Table 1-1 Research Scope Illustration 5
Table 2-1 Information Security Issue Types 10
Table 2-2 Risk exposure 16
Table 2-3 Project risk management in information security implementation 18
Table 2-4 IT Surveillance in information security implementation 19
Table 2-5 Fit requirements in information security implementation 21
Table 2-6 Contributions in information security implementation 22
Table 3-1 Research Scope Illustration 23
Table 4-1 Mean of Skills mix 32
Table 4-2 Mean of Software system design 32
Table 4-3 Mean of Software system design 33
Table 4-4 Mean of Project risk management 34
Table 4-5 Mean of IT surveillance 34
Table 4-6 Mean of Fit 35
Table 4-7 Mean of Contribution 36
Table 4-8 Descriptive Statistics of Model I 36
Table 4-9 Descriptive Statistics of Model II 37
Table 4-10 Correlations of Model I 38
Table 4-11 Correlations of Model II 39
Table 4-12 ANOVA of Model I 40
Table 4-13 Coefficients of Model I 40
Table 4 14 Summary of Model I 41
Table 4 15 ANOVA of Model II 42
Table 4 16 Coefficients of Model II 42
Table 4 17 Summary of Model II 43
Table 5 1 Hypotheses and results 54

List of Figures
Figure 2-1 Contingency Risk Management Model (CRMM) 13
Figure 3-1 Contingency Risk Management Model (CRMM) 25
Figure 3-2 Research process 27

[1].Han, L; Liu, JQ; Han, Z; Wei, XY, “Design and implementation of a portable TPM scheme for general-purpose trusted computing based on EFI”,Frontiers Of Computer Science In China,V.5 I.2 pp.169-180,2011
[2].Choo, KKR, “The cyber threat landscape: Challenges and future research directions”,Computers & Security,V.30 I.8 pp.719-731,2011
[3].Wright, RT; Marett, K,Journal Of Management Information Systems, V.27 I.1 P.273-303,2010
[4].Abbasi, A; Zhang, Z; Zimbra, D; Chen, H; Nunamaker, JF,MIS Quarterly, V.34 I.3 P.435-461,2010
[5].Kritzinger, E; von Solms, SH,Computers & Security, V.29 I.8 P.840-847,2010
[6].Huang, XY; Xiang, Y; Chonka, A; Zhou, JY; Deng, RH, “A Generic Framework for Three-Factor Authentication: Preserving Security and Privacy in Distributed Systems”,IEEE Transactions On Parallel And Distributed Systems,V.22 I.8 pp.1390-1397,2011
[7].El Khoury, F; Egea, M; Meskaoui, N; Wakim, N, “An iris recognition model for secured access to data”,Security And Communication Networks,V.4 I.4 pp.428-435,2011
[8].Dias, Z; Rocha, A; Goldenstein, S, “Image Phylogeny by Minimal Spanning Trees”,IEEE Transactions On Information Forensics And Security,V.7 I.2 pp.774-788,2012
[9].Li, JS; Hsieh, CJ; Chang, CY; Chilamkurti, N,Improved “IPsec performance utilizing transport-layer-aware compression architecture”,Security And Communication Networks,V.4 I.9 pp.1063-1074,2011
[10].Breaux, TD; Baumer, DL, “Legally reasonable security requirements: A 10-year FTC retrospective”,Computers & Security,V.30 I.4 pp.178-193,2011
[11].Weber-Jahnke, JH; Obry, C, “Protecting privacy during peer-to-peer exchange of medical documents”,Information Systems Frontiers,V.14 I.1 pp.87-104,2012
[12].Hedstrom, K; Kolkowska, E; Karlsson, F; Allen, JP, “Value conflicts for information security management”,Journal Of Strategic Information Systems,V.20 I.4 pp.373-384,2011
[13].Chang, KC; Wang, CP, “Information systems resources and information security”,Information Systems Frontiers,V.13 I.4 pp.579-593,2011
[14].Marchese, M; Surlinelli, R; Zappatore, S,International Journal Of Communication Systems, V.24 I.1 P.75-93,2011
[15].Garcia-Jimenez, S; Magana, E; Morato, D; Izal, M,Annals Of Telecommunications-Annales Des Telecommunications, V.66 I.1 P.31-43,2011
[16].Li, JS; Hsieh, CJ; Chang, CY; Chilamkurti, N,Security And Communication Networks, V.4 I.9 P.1063-1074,2011
[17].He, MX; Horng, SJ; Fan, PZ; Khan, MK; Run, RS; Lai, JL; Chen, RJ; Sutanto, A,Expert Systems With Applications, V.38 I.10 P.12018-12027,2011
[18].Ferreira, ET; Carrijo, GA; de Oliveira, R; Araujo, NVS , “Intrusion Detection System with Wavelet and Neural Artifical Network Approach for Networks Computers” , IEEE Latin America Transactions , V. 9 I. 5 pp. 832 - 837 , 2011
[19].Moll, V; Wilges, B; Bastos, RC , “Access Control and Collaborative Authoring on the Semantic Web” , IEEE Latin America Transactions , V. 10 I. 1 pp. 1251 - 1255 , 2012
[20].Lin, TH; Lee, CC; Tsai, CS; Guo, SD , “A Tabular Steganography Scheme for Graphical Password Authentication” , Computer Science And Information Systems , V. 7 I. 4 pp. 823 - 841 , 2010
[21].Peterson, B., Brown, M., & Maw, R. , Information security in outsourcing agreements . 2002
[22].Sadan, Z; Schwartz, D,Computers & Security, V.30 I.1 P.4-12,2011
[23].Nguyen, HV; Shin, S; Choi, Y,International Journal Of Technology Management,V.54 I.2 P.229-251,2011
[24].Wang, KC; Huang, CY; Lin, SJ; Lin, YD,Computer Networks, V.55 I.15 P.3275-3286,2011
[25].Wang, HC; Zhang, HK; Chang, CY; Chao, HC,Computers & Mathematics With Applications, V.60 I.2 P.176-186,2010
[26].Hong, SP; Kang, S,Information-An International Interdisciplinary Journal, V.14 I.2 P.411-431,2011
[27].He, MX; Horng, SJ; Fan, PZ; Khan, MK; Run, RS; Lai, JL; Chen, RJ; Sutanto, A,Expert Systems With Applications, V.38 I.10 P.12018-12027,2011
[28].Wright, RT; Marett, K,Journal Of Management Information Systems, V.27 I.1 P.273-303,2010
[29].Abbasi, A; Zhang, Z; Zimbra, D; Chen, H; Nunamaker, JF,MIS Quarterly, V.34 I.3 P.435-461,2010
[30].Kritzinger, E; von Solms, SH,Computers & Security, V.29 I.8 P.840-847,2010
[31].Sumner, M. “Risk Factors in Enterprise-wide/ERP Projects”, Journal of Information Technology, P.317-327 ,2000
[32].Schmidt, R., Lyytinen, K., Keil, M., & Cule, P. , “Identifying software project risks: An international Delphi Study”, Journal of Management Information Systems, P.5–36 ,2001.
[33].Bingi, P., Sharma, M. and Godla, J. ,Critical issues affecting an ERP implementation. Information Systems Management, V.16, I.3, P.7-15,1999
[34].Lonnqvist, A. “Measurement of Intangible Success Factors: Case Studies on the Design, Implementation and Use of Measures”, Tampere University of Technology, Publication 475, 2004
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top