SECURITYENHANCED APPLICATIONSFOR INFORMATIONSYSTEMS  EditedbyChristosKalloniatis            Security Enhanced Applications for Information Systems Edited by Christos Kalloniatis Published by InTech Janeza Trdine 9, 51000 Rijeka, Croatia Copyright © 2012 InTech All chapters are Open Access distributed under the Creative Commons Attribution 3.0 license, which allows users to download, copy and build upon published articles even for commercial purposes, as long as the author and publisher are properly credited, which ensures maximum dissemination and a wider impact of our publications. After this work has been published by InTech, authors have the right to republish it, in whole or part, in any publication of which they are the author, and to make other personal use of the work. Any republication, referencing or personal use of the work must explicitly identify the original source. As for readers, this license allows users to download, copy and build upon published chapters even for commercial purposes, as long as the author and publisher are properly credited, which ensures maximum dissemination and a wider impact of our publications. Notice Statements and opinions expressed in the chapters are these of the individual contributors and not necessarily those of the editors or publisher. No responsibility is accepted for the accuracy of information contained in the published chapters. The publisher assumes no responsibility for any damage or injury to persons or property arising out of the use of any materials, instructions, methods or ideas contained in the book. Publishing Process Manager Romina Skomersic Technical Editor Teodora Smiljanic Cover Designer InTech Design Team First published May, 2012 Printed in Croatia A free online edition of this book is available at www.intechopen.com Additional hard copies can be obtained from orders@intechopen.com Security Enhanced Applications for Information Systems, Edited by Christos Kalloniatis p. cm. ISBN 978-953-51-0643-2    Contents  Preface IX Chapter 1 Web and Database Security 1 Jiping Xiong, Lifeng Xuan, Jian Zhao and Tao Huang Chapter 2 Cyber Security 19 Barry Lunt, Dale Rowe and Joseph Ekstrom Chapter 3 Development of an e-Learning Recommender System Using Discrete Choice Models and Bayesian Theory: A Pilot Case in the Shipping Industry 35 Amalia Polydoropoulou and Maria A. Lambrou Chapter 4 Intrusion Detection and Prevention in High Speed Network 53 Kuo Zhao and Liang Hu Chapter 5 Challenges in Building Trusted Information Systems 87 Serena Chan and Gregory N. Larsen Chapter 6 Construction of Effective Database System for Information Risk Mitigation 111 Kiyoshi Nagata Chapter 7 Quality Model – Master Plan and DNA of an Information System 131 Finne Auvo Chapter 8 Services for the Digital Citizen 151 Seppo Sirkemaa Chapter 9 The Requirements for the Legal Regulation of Commercial Relations in Cloud Computing 161 Ivan Pogarcic, Marko Pogarcic and Matej Pogarcic VI Contents Chapter 10 Developing a Theoretical Framework for the Adoption of Biometrics in M-Government Applications Using Grounded Theory 183 Thamer Alhussain and Steve Drew Chapter 11 Building Expert Profiles Models Applying Semantic Web Technologies 209 Valentina Janev and Sanja Vraneš    Preface  One of the main challenges that modern Information Systems are dealing with is the protection of security for both the external users that take advantage of the various services offered as well as the stakeholders and internal users. Security is dealt in every level of system development from the analysis stage through the implementation and testing stages. In every stage a number of methods and techniques have been proposed trying to fulfill the basic security concerns namely confidentiality,integrityandavailability. Nowadaystherapiddevelopmentof newinformationinfrastructuresincreasesusers’ dependability on Information Systems and this can lead to a  vulnerable information society based on insecure technologies. Indeed, more and more users access services and electronically transmit information which is usually disseminated over insecure networks and processed by websites and databases, which lack proper security protectionmechanismsandtools.Thismayhaveanimpactonboththeusers’trustas well as the reputation of the system’s stakeholders. Designing and implementing securityenhancedsystemsisofvitalimportance. Therefore, this book aims to present a number of innovative security enhanced applications,itistitled“SecurityEnhancedApplicationsforInformationSystems”and includes11chapters.Thisbookisaqualityguidefor teaching purposesaswellasfor young researchers since it presents leading innovative contributions on security enhancedapplicationsonvariousInformationSystems.Itinvolvescasesbasedonthe standalone,networkandCloudenvironments. ChristosKalloniatis DepartmentofCulturalTechnologyandCommunication, UniversityoftheAegean, Greece    [...]... system) as well as a worm or virus infection, the resource consumption; audit of hard disk, CPU, memory, network load, processes, operating system security log, system events, access to the important document 12     Security Enhanced Applications for Information Systems Main server host application platform software: It mainly includes the audit of the running of the important application platform... operations and other operations of maintenance and management, to access and change important data, and data integrity Main application system audit: It mainly includes the audit of office automation system, document flow and operation, webpage integrity, interrelated service systems etc The relevant business system includes normal operation of business system, important operations of setting up or stopping