Towards a Design Theory for Trustworthy Information Systems

The lack of a competent design theory to shape information system security policy and implementation has exacerbated an already troubling lack of security. Information systems remain insecure and therefore untrustworthy even after more than half a century of technological evolution. The issues grow ever more severe as the volume of data grows exponentially and the cloud emerges as a preferred repository. We aspire to advance security design by expanding the mindsets of stakeholder and designer to include a more complete portfolio of factors. The goal of security design is to craft choices that resonate with stake-holders´ sense of a trustworthy system. To engender trust, security must be intrinsic to any definition of IS design quality. Thriving Systems Theory (TST) is an information systems design theory focused on reconciling and harmonizing stakeholder intentions. Formulating security design through TST is a starting point for a quality-based security design theory for trustworthy information systems.