{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,5]],"date-time":"2026-05-05T01:47:11Z","timestamp":1777945631839,"version":"3.51.4"},"reference-count":27,"publisher":"Emerald","issue":"2","license":[{"start":{"date-parts":[[2005,4,1]],"date-time":"2005-04-01T00:00:00Z","timestamp":1112313600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2005,4,1]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-heading\">Purpose<\/jats:title><jats:p>One of the purposes of this paper is to discuss special security concerns and new challenges at front\u2010end e\u2010business and back\u2010end supply chain operations. An e\u2010enterprise security management life cycle (eSMLC) is then proposed to ensure the unification and congruity of e\u2010enterprise security management.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Design\/methodology\/approach<\/jats:title><jats:p>To demonstrate the practicality of the eSMLC, a case study is presented to depict the application and implementation of the methodology at a leading US heating, ventilating, and air\u2010conditioning manufacturing company.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Findings<\/jats:title><jats:p>The case study substantiates that the eSMLC methodology can be employed as a unified mechanism to provide central, cohesive control and global visibility. It helps security professionals in the company develop practical steps and sustainable solutions for tackling the unique security challenges arising in an open, unbounded e\u2010enterprise environment.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Practical implications<\/jats:title><jats:p>Implementing eSMLC can help the security specialists focus on different critical security management jobs in a sequential but interrelated and logical manner. Through the use of eSMLC, in\u2010depth understanding of the potential environmental risks can be properly acquired. The methodology also helps managers perform a proactive analysis of the consequences of security breaches in relation to risks.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Originality\/value<\/jats:title><jats:p>The proposed eSMLC methodology provides a viable foundation for building a secure and manageable computing environment using a recommended set of solutions, processes, procedures, and technologies. eSMLC methodology renders a unified, structured framework which helps develop an actual security plan and solutions and\/or improve currently used security standards, practices, and configurations in response to special security requirements and long\u2010term e\u2010business needs.<\/jats:p><\/jats:sec>","DOI":"10.1108\/09685220510589307","type":"journal-article","created":{"date-parts":[[2005,4,26]],"date-time":"2005-04-26T02:00:06Z","timestamp":1114480806000},"page":"121-134","source":"Crossref","is-referenced-by-count":9,"title":["E\u2010enterprise security management life cycle"],"prefix":"10.1108","volume":"13","author":[{"given":"Stephen C.","family":"Shih","sequence":"first","affiliation":[]},{"given":"H. Joseph","family":"Wen","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2022031520060542100_b1","doi-asserted-by":"crossref","unstructured":"Amidon, D.M. (2002), \u201cCollaborative innovation and the knowledge economy: toward the \u2018world trade of ideas\u2019\u201d, available at: www.entovation.com\/info\/future.htm.","DOI":"10.1016\/B978-0-7506-7592-5.50022-X"},{"key":"key2022031520060542100_b2","doi-asserted-by":"crossref","unstructured":"Avison, D.E. and Fitzgerald, G. (1991), \u201cInformation systems practice education and research\u201d, Journal of Information Systems, Vol. 1 No. 1, pp. 5\u201017.","DOI":"10.1111\/j.1365-2575.1991.tb00023.x"},{"key":"key2022031520060542100_b3","unstructured":"Burstein, F. (1999), \u201cThe systems development or engineering approach to research in information systems: an action research perspective\u201d, Proceedings of the 10th Australasian Conference on Information Systems, pp. 122\u201034."},{"key":"key2022031520060542100_b4","unstructured":"CERT (2002), available at: www.cert.org\/stats\/cert_stats.html."},{"key":"key2022031520060542100_b5","unstructured":"Clarke, R. (1997), \u201cElectronic commerce definitions\u201d, available at: www.anu.edu.au\/people\/Roger.Clarke\/EC\/ECDefns.html."},{"key":"key2022031520060542100_b6","unstructured":"Clarke, R. (2001), \u201cIntroduction to information security\u201d, available at: www.anu.edu.au\/people\/Roger.Clarke\/EC\/IntroSecy.html."},{"key":"key2022031520060542100_b7","unstructured":"Computer Economics (2002), available at: www.computereconomics.com\/cei\/press\/pr92101.htm."},{"key":"key2022031520060542100_b8","unstructured":"COT (2002), \u201cContinuity testing\u201d, available at: www.cisco.com\/univercd\/cc\/td\/doc\/product\/software\/ios120\/120newft\/120t\/120t3\/cot_123.pdf."},{"key":"key2022031520060542100_b9","unstructured":"Cottrel, A. (1977), \u201cEmergent properties of complex systems\u201d, in Duncan, R. (Ed.), The Encyclopedia of Ignorance \u2013 Everything You Ever Wanted to Know about the Unknown, Pergamon Press, Oxford, pp. 129\u201035."},{"key":"key2022031520060542100_b10","doi-asserted-by":"crossref","unstructured":"C\u2010TPAT (2002), available at: www.customs.treas.gov.","DOI":"10.1145\/504689.504690"},{"key":"key2022031520060542100_b11","unstructured":"Ellison, R.J., Fisher, R.C., Linger, H.F., Lispon, H.F., Longstaff, T.A. and Mead, N.R. (1999), \u201cSurvivable systems: an emerging discipline\u201d, Proceedings of the 11th Canadian Information Technology Security Symposium (CITSS), Ottawa, May 10\u201014."},{"key":"key2022031520060542100_b12","unstructured":"Fisher, D.A. and Lipson, H.F. (1999), \u201cEmergent algorithms \u2013 a new method for enhancing survivability in unbounded systems\u201d, Proceedings of the 32nd Annual Hawaii International Conference on System Sciences, Maui, HI, January 5\u20108, HICSS\u201032, IEEE Computer Society, Los Alamitos, CA."},{"key":"key2022031520060542100_b13","unstructured":"Galliers, R. (1992), \u201cChoosing information systems research approaches\u201d, in Galliers, R. (Ed.), Information Systems Research: Issues, Methods and Practical Guidelines, Blackwell Scientific Publications, Oxford, pp. 144\u201062."},{"key":"key2022031520060542100_b14","unstructured":"Grossberg, S. (1997), \u201cNonlinear neural networks: principles, mechanisms, and systems\u201d, Prog. Neurobiol., Vol. 51, pp. 167\u201094."},{"key":"key2022031520060542100_b15","doi-asserted-by":"crossref","unstructured":"Hinton, H.M. (1997), \u201cUnder\u2010specification, composition and emergent properties\u201d, Proceedings of the 1997 New Security Paradigms Workshop, Langdale, September 23\u201026, Association for Computing Machinery, New York, NY.","DOI":"10.1145\/283699.283743"},{"key":"key2022031520060542100_b16","doi-asserted-by":"crossref","unstructured":"Iivari, J., Hirschheim, R. and Klein, H. (1998), \u201cA paradigmatic analysis contrasting information systems development approaches and methodologies\u201d, Information Systems Research, Vol. 9 No. 2, pp. 164\u201093.","DOI":"10.1287\/isre.9.2.164"},{"key":"key2022031520060542100_b17","unstructured":"INL (2001), Independent Newspapers Ltd, available at: www.stuff.co.nz\/inl\/index\/0,1008,665885a1897,FF.html."},{"key":"key2022031520060542100_b18","unstructured":"IS (2000), \u201c2000 industry survey \u2013 security\u2010focused\u201d, Information Security Magazine, September, pp. 40\u201068."},{"key":"key2022031520060542100_b19","unstructured":"Kleijnen, J. (1974), Statistical Techniques in Simulation \u2013 Part I, Marcel Dekker, New York, NY."},{"key":"key2022031520060542100_b20","doi-asserted-by":"crossref","unstructured":"Lipson, H.F. and Fisher, D.A. (1999), \u201cSurvivability \u2013 a new technical and business perspective on security\u201d, Proceedings of the 1999 New Security Paradigms Workshop, Caledon Hills.","DOI":"10.1145\/335169.335187"},{"key":"key2022031520060542100_b21","doi-asserted-by":"crossref","unstructured":"Nunamaker, J., Chen, M. and Purdin, T. (1991), \u201cSystems development in information systems research\u201d, Journal of Management Information Systems, Vol. 7 No. 3, pp. 89\u2010106.","DOI":"10.1080\/07421222.1990.11517898"},{"key":"key2022031520060542100_b22","unstructured":"Riesenhuber, M. and Dayan, P. (1997), \u201cNeural models for part\u2010whole hierarchies\u201d, in Mozer, M., Jordan, M. and Petsche, T. (Eds), Advances in Neural Information Processing Systems, Vol. 9, MIT Press, Cambridge, MA, pp. 17\u201023."},{"key":"key2022031520060542100_b23","unstructured":"SANS (2001), available at: www.incidents.org\/react\/nimda.pdf."},{"key":"key2022031520060542100_b24","unstructured":"UKDTI (2002), UK Dept of Trade and Industry, available at: www.security\u2010survey.gov.uk\/View2002SurveyResults.htm."},{"key":"key2022031520060542100_b25","unstructured":"Zahavi, R. (2000), Enterprise Application Integration with CORBA \u2013 Component and Web\u2010based Solutions, John Wiley & Sons, New York, NY."},{"key":"key2022031520060542100_b26","unstructured":"ZDNet (2001), available at: www.zdnet.com\/zdnn\/stories\/news\/0,4586,2677878,00.html."},{"key":"key2022031520060542100_b27","unstructured":"Zeidner, L. and Wood, R. (2000), \u201cThe collaborative innovation (CI) process\u201d, paper presented at the Altshuller Institute TRIZCON2000, available at: www.triz\u2010journal.com\/archives\/2000\/06\/a\/."}],"container-title":["Information Management &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/09685220510589307","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685220510589307\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685220510589307\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:08:53Z","timestamp":1753402133000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/13\/2\/121-134\/183966"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005,4,1]]},"references-count":27,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2005,4,1]]}},"alternative-id":["10.1108\/09685220510589307"],"URL":"https:\/\/doi.org\/10.1108\/09685220510589307","relation":{},"ISSN":["0968-5227"],"issn-type":[{"value":"0968-5227","type":"print"}],"subject":[],"published":{"date-parts":[[2005,4,1]]}}}