Research Interests

  • Social and Human Aspects of Information Security
  • Identity and Access Management
  • Information Assurance
  • Electronic Banking and Information Security
  • Economics of Information Security

Publications


    Refereed Journals / Magazines


  1. Gupta, M. and Sharman, R. (2010). “Impact of Web Portal Announcements on Market Valuations: An Event Study”, International Journal of Web Portals. Forthcoming.

  2. Gupta, M. and Sharman, R. (2010). “Activity Governance for Managing Risks in Role Design for SSO Systems”, Journal of Information Assurance and Security. Volume 5, Issue 6, November 2010, Dynamic Publishers. Forthcoming.

  3. Gupta, M. and Sharman, R. (2010). “Incorporating Social-Cultural Contexts in Role Engineering: An Activity Theoretic Approach”. International Journal of Business Information Systems. Volume 6, Issue 4, 2010.

  4. Gupta, M., Bryan, D. and Sharman, R. (2009). “Enabling Business and Security through Technology Implementation: A Financial Services Case Study”. Journal of Applied Security Research, 1936-1629, Volume 4, Issue 3, 2009, Pages 322 – 340, Taylor and Francis Group.

  5. Tallau, L., Gupta, M. and Sharman, R. (2009). “Information Security Investment Decisions: Evaluating Balance Scorecard Method”. International Journal of Business Information Systems. , Volume 4, Issue 6, 2009.

  6. Manish Gupta, Shamik Banerjee, Manish Agrawal and H.R. Rao, Security Analysis of Internet Technology Components Enabling Globally Distributed Workplaces – A framework, ACM Transactions on Internet Technology, November 2008 (volume 8, number 4).

  7. Manish Gupta and Raj Sharman. (2008). Dimensions of Identity Federation: A Case Study in Financial Services. Journal of Information Assurance and Security. (ISSN 1554-1010), Dynamic Publishers. Forthcoming.

  8. Girin Tanna, Manish Gupta, H. Raghav Rao and Shambhu Upadhyaya, “Information Assurance metric development framework for electronic bill presentment and payment systems using transaction and workflow analysis”, Decision Support Systems Journal, Elsevier publications, 2004, 2005. 41(1): p. 242-261.

  9. Manish Gupta, H.R. Rao and S. Upadhyaya, “Electronic Banking and Information Assurance Issues: Survey and Synthesis”, Journal of Organizational and End User Computing, Special Issue on Information Assurance and Security, IDEA Group Publishing, Vol. 16, No. 3, pp. 1-21, July- September 2004.

  10. Manish Gupta, Shamik Banerjee, Manish Agrawal and H.R. Rao, Security Analysis of Internet Technology, InfoSecurity Magazine, Fanatic Media Publications, May 2007.


  11. Books


  12. Managing Information Assurance in Financial Services H.R. Rao, Manish Gupta, and Shambhu Upadhyaya, Idea Group Publishing Inc., 2007, Hershey, Pennsylvania, USA. ISBN: 978-1-59904-171-1 hardcover; 978-1-59904-172-8 soft-cover; 978-1-59904-173-5 e-book

  13. Social and Human Elements of Information Security: Emerging Trends and Countermeasures Manish Gupta and Raj Sharman, Idea Group Publishing Inc., Hershey, Pennsylvania, USA, 2008. ISBN: 978-1-60566-036-3 hardcover; 978-1-60566-037-0 soft-cover

  14. Handbook of research on Social and Organizational Liabilities In Information Security Manish Gupta and Raj Sharman, Idea Group Publishing Inc., Hershey, Pennsylvania, USA, (2009).ISBN: 978-1-60566-132-2

  15. Enterprise Identity and Access Management Engineering: Principles of Organizational Information Authenticity Peter O. Orondo, Tamba Gbondo-Tugbawa and Manish Gupta. , IGI Global Inc., Hershey, Pennsylvania, USA, 2010. Forthcoming.

  16. Digital Identity and Access Management: Technologies and Frameworks Raj Sharman, Sanjukta D. Smith and Manish Gupta, IGI Global Inc., Hershey, Pennsylvania, USA, 2010. Forthcoming.

  17. Book Chapters

  18. Gupta, M., Rao, H. R. and Upadhyaya, S. (2009). “Security of Alternative Delivery Channels in Banking: Issues and Countermeasures”. Socioeconomic and Legal Implications of Electronic Intrusion. (pp 305-327) Eds: Dionysios Politis, Phaedon Kozyris and Ioannis Iglezakis. IGI Publishing, Hershey, PA, USA. (ISBN: 978-1605662046).

  19. Gupta, M., Lee, J. and Rao, H. R.. (2008). “Implications of FFIEC Guidance on Authentication in Electronic Banking”. Handbook of Research on Information Security and Assurance. Eds: Jatinder N.D. Gupta and Sushil Sharma, IGI Publishing, Hershey, PA, April, 2008. USA. (ISBN: 978-1-59904-855-0)

  20. Murphy, D., Gupta, M. and Rao, H. R.. (2009). “Research Notes on Emerging Areas of Conflict in Security”. Handbook of Research on Social and Organizational Liabilities in Information Security. (pp 363-378) Eds: Gupta, M. and Sharman, R, IGI Publishing, Hershey, PA, USA. Forthcoming. (ISBN: 978-1-60566-132-5)

  21. Gupta, M., Sharman, R and Sanders, L. (2008). “Security Requirements Elicitation: An Agenda for Acquisition of Human Factors”. Social and Human Elements of Information Security: Emerging Trends and Countermeasures. ) pp 316-325) Eds: M. Gupta and R. Sharman, IGI Publishing, Hershey, PA, USA. (ISBN: 978-1-60566-036-3)

  22. Ada, S., Sharman, R and Gupta, M.. (2009). “Theories Used in Information Security Research: Survey and Agenda”. Handbook of Research on Social and Organizational Liabilities in Information Security. (pp 279-292) Eds: Gupta, M. and Sharman, R, IGI Publishing, Hershey, PA, USA. Forthcoming. (ISBN: 978-1-60566-132-5)

  23. Gupta, M. and Sharman, R. (2008). “Security-Efficient Identity Management Using Service Provisioning (Markup Language)”. Handbook of Research on Information Security and Assurance. (pp 83-90) Eds: Jatinder N.D. Gupta And Sushil Sharma, IGI Publishing, Hershey, PA, April, 2008. USA. (ISBN: 978-1-59904-855-0)

  24. Gupta, M., Rao, H. R. and Upadhyaya, S. (2007). “Electronic Banking and Information Assurance Issues: Survey and Synthesis”. Advances in Banking Technology and Management: Impacts of ICT and CRM. (pp 119–138) Ed: R. Vadlamani. Information Science Reference, IGI Global, Oct. 2007. (ISBN: 978-1599046754). (Reprint of JOEUC paper)

  25. Gupta, M., Rao, H. R. and Upadhyaya, S. (2007). “Electronic Banking and Information Assurance Issues: Survey and Synthesis”. Information Security and Ethics: Concepts, Methodologies, Tools, and Applications (Volume IV). (pp 2075 – 2094) Ed: Hamid Nemati, Information Science Reference, IGI Global, Sept. 2007. (ISBN: 978-1-59904-937-3). (Reprint of JOEUC paper)

  26. Gupta, M. and Sharman, R. (2008). “Emerging Frameworks in User-focused Identity Management”. Handbook of Research on Enterprise Systems. (pp 362-377) Eds: Jantinder N. D. Gupta, S. K. Sharma & M. A. Rashid. IGI Global Publishing, Hershey, PA. (ISBN- 978-1-59904-859-8).

  27. Gupta, M. and Rao, H. R.. (2007). “Role of FS-ISAC in Countering Cyber Terrorism”. Encyclopedia of Cyber Warfare and Cyber Terrorism. (pp 83-90) Editors: J. Janczewski and Andrew M. Colarik. (ISBN-10: 1591409918)

  28. Gupta, M. and Sharman, R. (2007). “Pharming Attack Designs”. Encyclopedia of Information Ethics and Security. (pp 520-526) Eds: Dr Marian Quigley, IGP. (ISBN-10: 159140987X)

  29. Gupta, M., Rao, H. R. and Upadhyaya, S. (2004). “Electronic Banking and Information Assurance Issues: Survey and Synthesis”. Advanced Topics in Organizational and End User Computing: Volume 4. (pp 233-256) Eds: M. Adam Mahmood, IGP, (ISBN: 1591404746).


  30. Conference and Workshop Proceedings


  31. Das, S., Sharman, R, Gupta, M. and Kutty, V. (2010). “A Multi-staged Approach to Risk Management in IT Software Development”, Proceedings of 5th Annual Symposium on information Assurance (13th Annual New York State Cyber Security Conference), Albany, NY, June 16-17 2010.

  32. Wang, J., Gupta, M. and Rao, H. R. (2009). " Analyzing Temporal Dependency of Security Alarms to Understand Forecast ability of System Intrusions”, In Proceedings of the Fourth Annual AIS SIGSEC Workshop on Information Security & Privacy (WISP 2009) December 14, Phoenix, AZ, USA.

  33. Gupta, M. and Sharman, R. (2009). “Data Security Breach Trends and Exposures: An Exploratory Analysis”, Proceedings of 7th Annual Conference on Information Science Technology and Management (CISTM 2009), Gurgaon, India, July 13 - 15, 2009.

  34. Gupta, M., Banala, K. and Sharman, R. (2009). “Re-evaluating Single-Sign-On System Design Risks: An Activity Theoretic Approach”. Proceedings of 4th Annual Symposium on Information Assurance (12th Annual New York State Cyber Security Conference), Albany, NY, June 3-4 2009.

  35. Herath, T., Gupta, M. and Rao, H. R.. (2009). “Forging an Effective Information Security Governance Program: A Case Study of a Multinational Organization”. IFIP TC 8 International Workshop on Information Systems Security Research. 29-30 May 2009. University of Cape Town, South Africa.

  36. Gupta, M. and Sharman, R. (2008). “Evaluating Risks in the Context of Information Security Technology Acquisition: A Portfolio-Theoretic Framework”. Proceedings of the seventh Workshop on e-Business (WeB2008), 13 Dec, 2008, Paris, France.

  37. Gupta, M. (2008). “Activity Theory Guided Role Engineering”. Proceedings of 14th Americas Conference on Information Systems (AMCIS 2008), Toronto, Canada, August 14-17, 2008.

  38. Gilbert, B. J., Sharman, R, Gupta, M., Rao, H. R., Upadhyaya, S. and Mortensen, K. P. Esq. (2008). “Content-Sensitive, temporally Adaptive Metadata”. Proceedings of 3rd Annual Symposium on Information Assurance (11th Annual New York State Cyber Security Conference), Albany, NY, June 4-5 2008.

  39. - Received the Best Paper Award.
  40. Gupta, M. and Sharman, R. (2008). “Evaluating Organizational Social Engineering Threats: A Metrics Development Framework”. Proceedings of the 7th Annual Security Conference, Las Vegas, June 2-3, 2008.

  41. Herath, T., Gupta, M. and Rao, H. R.. “Security Governance in IT Enabled Services: A Case Study at ABC Multinational”, MISQE Workshop at AMCIS, Toronto, Canada, August 14th, 2008.

  42. Li, J. and Gupta, M. (2007). “Improving information sharing in the emergency response and security systems: A human emotional and cognitive perspective”. Proceedings of the 6th Workshop on e-Business (WeB 2007), Montreal, Quebec, Canada, December 9, 2007.

  43. Gupta, M., Bryan, D., Sharman, R and Li, J. (2007). “A Financial Services Case Study On Enterprise Single-Sign-On Implementation”. Proceedings of Conference on Information Science, Technology and Management (CISTM 2007), Hyderabad, India, July 16-18, 2007

  44. Gupta, M. and Sharman, R. (2007). “Cross-enterprise Identity Federation (OASIS - SAML) Implementation: An exploratory financial services case study”. Proceedings of the 6th Annual Security Conference, Las Vegas, April 11-12, 2007.

  45. Gupta, M., Sharman, R and Tejay, G. (2006). “SAML based Role Hierarchy Preservation Model for Cross-enterprise Identity Federation”. Proceedings of the 2nd Secure Knowledge Management Workshop, Polytechnic University Brooklyn, September 28-29, 2006.

  46. Gupta, M. and Sharman, R. (2006). “Social Network Theoretic Framework for Organizational Social Engineering Susceptibility Index”. Proceedings of 12th Americas Conference on Information Systems (AMCIS 2006), Acapulco, Mexico, August 4-6, 2006.

  47. Gupta, M. and Chennuru, S. (2004). “Information theoretic model for inference-resistant knowledge management in RBAC-based collaborative environment”. Proceedings of the 1st NSF/NSA/AFRL workshop on Secure Knowledge Management, Buffalo, NY, September 2004

  48. .
  49. Gupta, M., Banerjee, S., Rao, H. R. and Upadhyaya, S. (2003). “Intrusion Countermeasures Security Model Based on Prioritization Scheme for Intranet Access”. Proceedings of the 2003 IEEE Workshop on Information Assurance, United States Military Academy, West Point, NY, June 2003.

  50. Gupta, M., Rao, H. R. and S. Upadhyaya. (2003). “Electronic Banking and Information Assurance: A Survey and Synthesis”. Proceedings of the 5th International Conference on Electronic Commerce Research, Montreal, CA, October 23-27 2002.


  51. Unrefereed papers and presentations


  52. Gupta, M. and Sharman, R. (2009). “A New Order in Evolution of Security Threats: Emergence of Social and Softer Organization Issues (Editorial Preface)”. Handbook of Research on Social and Organizational Liabilities in Information Security. Eds: Gupta, M. and Sharman, R, IGI Publishing, Hershey, PA, USA. Forthcoming. (ISBN: 978-1-60566-132-5)

  53. Gupta, M. and Sharman, R. (2008). “Beyond technology and policy, towards comprehensive information security, (Editorial Preface)”. Social and Human Elements of Information Security: Emerging Trends and Countermeasures. Eds: M. Gupta and R. Sharman, IGI Publishing, Hershey, PA, USA. (ISBN: 978-1-60566-036-3)

  54. Gupta, M. (2008). “Incorporating Social and Structural awareness in Enterprise Role Design: An Activity-Theoretic Approach”. Joint Workshop on Cyber Security 2008: Information Assurance in Academic, Business and Government Environment, Center of Excellence in Information Systems Assurance Research and Education at University at Buffalo, May 8, 2008. Poster presentation.