figshare
Browse
VIVO_Conference_2018_BSI-IT-Security.pdf (648.26 kB)

Information Security Challenges in VIVO - Adapting the BSI IT Security Catalog Standards

Download (648.26 kB)
Version 2 2018-07-16, 14:31
Version 1 2018-07-16, 14:22
poster
posted on 2018-07-16, 14:31 authored by Qazi Asim Ijaz Ahmad, Martin Barber, Christian HauschkeChristian Hauschke
According to the Global Application and Network Security Report 2007-2018 [1] cyber attacks spiked by 40 percent in the year 2017 and half of the surveyed companies reported financially motivated cyber attacks on them. Concerning information security, BSI - the German federal institute for information security developed an advisory catalog [2] for IT security in Germany. The catalog highlights the necessary policies and strategies for IT infrastructures to adopt in order to meet the requirements of modern day world information security and standardization. A study of the catalog revealed that VIVO lacks implementation of some of the key security features like a) browser session expiration b) secure and salted password hashing and c) exclusive labeling of external URLs and adding tooltips to forms, fields, and buttons. Furthermore, there are some suggestions that institutions who use VIVO or plan to use it, should take into consideration. This poster/presentation focuses on the security-related technical challenges and their possible solutions the TIB Hannover needs to implement in VIVO to meet the standards of the BSI IT security catalog.

History

Usage metrics

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC