Information Security Challenges in VIVO - Adapting the BSI IT Security Catalog Standards Conference Poster uri icon


  • According to the Global Application and Network Security Report 2007-2018 [1] cyber attacks spiked by 40 percent in the year 2017 and half of the surveyed companies reported financially motivated cyber attacks on them. Concerning information security, BSI - the German federal institute for information security developed an advisory catalog [2] for IT security in Germany. The catalog highlights the necessary policies and strategies for IT infrastructures to adopt in order to meet the requirements of modern day world information security and standardization. A study of the catalog revealed that VIVO lacks implementation of some of the key security features like a) browser session expiration b) secure and salted password hashing and c) exclusive labeling of external URLs and adding tooltips to forms, fields, and buttons. Furthermore, there are some suggestions that institutions who use VIVO or plan to use it, should take into consideration. This poster/presentation focuses on the security-related technical challenges and their possible solutions the TIB Hannover needs to implement in VIVO to meet the standards of the BSI IT security catalog.

publication date

  • July 16, 2018