Title :
Information security in implementing web applications for small businesses based on COBIT5-SI
Author :
Danilo Jaramillo, H. ; Franco Guaman, B. ; Kruskaya Salazar, E.
Author_Institution :
Dept. de Cienc. de la Comput. y Electron., Univ. Tec. Particular de Loja, Loja, Ecuador
Abstract :
The Information Security is one of the preventive measures to take account for the proper functioning of applications in small and medium enterprises in Ecuador, thus ensuring reliability, availability and integrity of assets, primarily within their web applications measures. This work is based on the integration of the governance framework for Cobit5-SI safety, UWE modeling methodology and open security OWASP project, obtaining the best practices for evaluating the Information Security in implementing web applications these companies. Similarly, the selection of these practices was conducted with the integration of the ISF, ISO / IEC 27001, ISO / IEC 27002, ITIL and NIST.
Keywords :
Internet; security of data; small-to-medium enterprises; Cobit5-SI safety; IEC 27001; IEC 27002; ISF; ISO; ITIL; NIST; SME; UWE modeling methodology; Web applications; asset availability; asset integrity; asset reliability; governance framework; information security; open security OWASP project; small and medium enterprises; small businesses; IEC standards; ISO standards; Information security; NIST; Silicon; Software; Unified modeling language; Information security; cobit5; web applications;
Conference_Titel :
Information Systems and Technologies (CISTI), 2015 10th Iberian Conference on
Conference_Location :
Aveiro
DOI :
10.1109/CISTI.2015.7170390
