Abstract
IT enabled products are the result of a fusion of IT with the core
functionalities of any product or device around us. This fusion is leading to
numerous benefits and advantages that are just beginning to appear. However,
with the increasing number and sophistication of vulnerabilities and threats in IT,
the IT enabled products have also come in the line of fire. Due to the critical and
diverse nature of these products, it is important that a holistic security framework
exists that addresses security in the early phases of product development. The
current state of security in IT enabled products strongly suggests this need along
with the efforts of industry leaders in respective fields. In this thesis, the author
has made an effort to address security in the IT enabled products by proposing a
new framework based on the Balanced Scorecard. The proposed framework
uses the concept of the four views and other characteristics of the Balanced
Scorecard and it has a strong focus on security. The proposed framework has
been evaluated by Prof. James E. Goldman; the chair of this thesis committee
and its application has also been demonstrated to one of the discussed case
examples of security failures. From this research, it has been concluded that the
proposed framework can indeed effectively address security in the IT enabled
products.