DESIGN & DEVELOPMENT OF A CYBER SECURITY CONCEPTUAL FRAMEWORK FOR HIGHER EDUCATION INSTITUTIONS IN THE REPUBLIC OF MOLDOVA
Authors: Alexei Arina
Affiliation: Department of Telecommunications and Electronic Systems, Technical University of Moldova
Keywords: cyber security, framework, Higher Education Institution, DSR, academic processes.
ABSTRACT. This scientific paper reflects the results of research, which aimed to develop a Cyber Security Conceptual Framework for Higher Education Institutions in the Republic of Moldova, to increase cyber security in academic environment. The scientific method Design Science Research was selected for the development of the security framework, due to the practical value it generates, being one of the most used qualitative scientific methods in the field of engineering. The identification of the key processes and stages of implementation of the Cyber Security Conceptual Framework, assessed according to value criteria, supports the way in which cyber security in universities in the Republic of Moldova can be increased. Important contributions are for the academic environment in the Republic of Moldova, where until now, there has been no reference framework to ensure the protection of academic processes.
1. Ahmed, Naved, and Raimundas Matulevičius. 2014. “Securing Business Processes Using Security Risk-Oriented Patterns.” Computer Standards & Interfaces 36 (4): 723–33. https://doi.org/10.1016/j.csi.2013.12.007.
2. Alexei, Arina. 2021. “Ensuring Information Security in Public Organizations in The Republic of Moldova through the ISO 27001 Standard.” Journal of Social Sciences IV (1) (March). https://doi.org/10.52326/jss.utm.2021.4(1).11.
3. Alexei, Arina. 2021. “Network Security Threats to Higher Education Institutions.” In CEE E|Dem and E|Gov Days, 323–33. Budapest. https://doi.org/10.24989/ocg.v341.24.
4. Alexei, Arina. 2021. “Using Design Science Research Method to Develop a Cyber Security Framework for HEIs in Moldova.” In The 12th International Conference on Electronics, Communications and Computing. Chișinău: Technical University of Moldova.
5. Alexei, Arina. 2021. “Cyber Security Strategies for Higher Education Institutions.” Journal of Engineering Science XXVIII (4): 74–92. https://doi.org/10.52326/jes.utm.2021.28(4).07.
6. Alexei, Arina, and Alexei Anatolie. 2021. “Cyber Security Threat Analysis in Higher Education Institutions as a Result of Distance Learning.” International Journal of Scientific & Technology Research 10 (3).
7. Alexei, Arina, Nistiriuc Pavel, and Alexei Anatolie. 2021. “Empirical Study of Cyber Security Threats in Moldovan Higher Education Institutions.” In The 12th International Conference on Electronics, Communications and Computing. Chișinău: Technical University of Moldova.
8. Angelov, Samuil, Paul Grefen, and Danny Greefhorst. 2012. “A Framework for Analysis and Design of Software Reference Architectures.” Information and Software Technology 54 (4): 417–31. https://doi.org/10.1016/j.infsof.2011.11.009.
9. Asosheh, Abbass, Parvaneh Hajinazari, and Hourieh Khodkari. 2013. “A Practical Implementation of ISMS.” In 7th International Conference on E-Commerce in Developing Countries:With Focus on e-Security. IEEE. https://doi.org/10.1109/ECDC.2013.6556730.
10. Barbara Kitchenham. 2004. “Procedures for Performing Systematic Reviews.” Eversleigh NSW 1430, Australia.
11. Baskerville, Richard, Abayomi Baiyere, Shirley Gergor, Alan Hevner, and Matti Rossi. 2018. “Design Science Research Contributions: Finding a Balance between Artifact and Theory.” Journal of the Association for Information Systems 19 (5). https://doi.org/10.17705/1jais.00495.
12. Brocke, Jan vom, Alan Hevner, and Alexander Maedche. 2020. “Introduction to Design Science Research.” In: vom Brocke J., Hevner A., Maedche A. (eds) Design Science Research. Cases. Progress in IS. Springer, Cham. https://doi.org/10.1007/978-3-030-46781-4_1.
13. Chandra Kruse, Leona, Stefan Seidel, and Jan vom Brocke. 2019. “Design Archaeology: Generating Design Knowledge from Real-World Artifact Design.” In: Tulu B., Djamasbi S., Leroy G. (eds) Extending the Boundaries of Design Science Theory and Practice. DESRIST 2019. Lecture Notes in Computer Science, vol 11491. Springer, Cham. https://doi.org/10.1007/978-3-030-19504-5_3.
14. Cheung, Simon K. S. 2014. “Information Security Management for Higher Education Institutions.” In: Pan JS., Snasel V., Corchado E., Abraham A., Wang SL. (eds) Intelligent Data analysis and its Applications, Volume I. Advances in Intelligent Systems and Computing, vol 297. Springer, Cham. https://doi.org/10.1007/978-3-319-07776-5_2
15. Das, Saini, Arunabha Mukhopadhyay, and Bharat Bhasker. 2013. “Today’s Action Is Better than Tomorrow’s Cure - Evaluating Information Security at a Premier Indian Business School.” Journal of Cases on Information Technology 15 (3). https://doi.org/10.4018/jcit.2013070101.
16. Disterer, Georg. 2013. “ISO/IEC 27000, 27001 and 27002 for Information Security Management.” Journal of Information Security 04 (02). https://doi.org/10.4236/jis.2013.42011.
17. Donaldson, Scott E., Stanley G. Siegel, Chris K. Williams, and Abdul Aslam. 2015. “Cybersecurity Frameworks.” In Enterprise Cybersecurity. Berkeley, CA: Apress. https://doi.org/10.1007/978-1-4302-6083-7_17.
18. Dresch, Aline, Daniel Pacheco Lacerda, and José Antônio Valle Antunes Jr. 2015. Design Science Research. Cham: Springer International Publishing. https://doi.org/10.1007/978-3-319-07374-3.
19. Esparza, Daisy Elizabeth Imbaquingo, Francisco Javier Diaz, Tatyana Katherine Saltos Echeverria, Silvia Rosario Arciniega Hidrobo, Diego Andres Leon Villavicencio, and Adrian Robayo Ordonez. 2020. “Information Security Issues in Educational Institutions.” In 2020 15th Iberian Conference on Information Systems and Technologies (CISTI). IEEE. https://doi.org/10.23919/CISTI49556.2020.9141014.
20. Flowerday, Stephen v., and Tite Tuyikeze. 2016. “Information Security Policy Development and Implementation: The What, How and Who.” Computers & Security 61 (August). https://doi.org/10.1016/j.cose.2016.06.002.
21. Gërvalla, Muhamet, Naim Preniqi, and Peter Kopacek. 2018. “IT Infrastructure Library (ITIL) Framework Approach to IT Governance.” In IFAC-PapersOnLine, 51:181–85. Elsevier B.V. https://doi.org/10.1016/j.ifacol.2018.11.283.
22. Ghazvini, Arash, Zarina Shukur, and Zaihosnita Hood. 2018. “Review of Information Security Policy Based on Content Coverage and Online Presentation in Higher Education.” International Journal of Advanced Computer Science and Applications 9 (8). https://doi.org/10.14569/IJACSA.2018.090853.
23. Haji, Sami, Qing Tan, and Rebeca Soler Costa. 2019. “A Hybrid Model for Information Security Risk Assessment.” International Journal of Advanced Trends in Computer Science and Engineering, February, 100–106. https://doi.org/10.30534/ijatcse/2019/1981.12019.
24. Hariyanti, Eva, Arif Djunaidy, and Daniel Oranova Siahaan. 2018. “A Conceptual Model for Information Security Risk Considering Business Process Perspective.” In 2018 4th International Conference on Science and Technology (ICST). IEEE. https://doi.org/10.1109/ICSTC.2018.8528678.
25. Harkins, Malcolm W. 2016. Managing Risk and Information Security. Berkeley, CA: Apress. https://doi.org/10.1007/978-1-4842-1455-8.