| 401. |
- Magnusson, Lars, 1952-
(författare)
-
12.3 Informationssäkerhet på 2010-talet
- 2013. - 10
-
Ingår i: Bonniers IT-managementhandbok. - Stockholm : Bonnier. - 9197429120
-
Bokkapitel (populärvet., debatt m.m.)abstract
- Artikeln går igenom de informationsäkerhetsutmaningar vi står inför under 2010-talet, både tekniskt som processmässigt. Bland annat beskrivs vikten av revisioner och regelverk, samt hur bygga upp en säkerhetspolicy.
|
|
| 402. |
- Padyab, Ali Mohammad, et al.
(författare)
-
Genre-Based Approach to Assessing Information and Knowledge Security Risks
- 2015
-
Ingår i: Transportation Systems and Engineering. - Hershey, PA : IGI Global. - 9781466684737 - 9781466684744 ; , s. 1237-1253
-
Bokkapitel (refereegranskat)abstract
- Contemporary methods for assessing information security risks have adopted mainly technical views on information and technology assets. Organizational dynamics of information management and knowledge sharing have gained less attention. This article outlines a new, genre-based, approach to information security risk assessment in order to orientate toward organization- and knowledge-centric identification and analysis of security risks. In order to operationalize the genre-based approach, we suggest the use of a genre-based analytical method for identifying organizational communication patterns through which organizational knowledge is shared. The genre-based method is then complemented with tasks and techniques from a textbook risk assessment method (OCTAVE Allegro). We discuss the initial experiences of three experienced information security professionals who tested the method. The article concludes with implications of the genre-based approach to analyzing information and knowledge security risks for future research and practice.
|
|
| 403. |
- Padyab, Ali Mohammad, et al.
(författare)
-
Genre-Based Approach to Assessing Information and Knowledge Security Risks
- 2014
-
Ingår i: International Journal of Knowledge Management. - : IGI Global. - 1548-0666 .- 1548-0658. ; 10:2, s. 13-27
-
Tidskriftsartikel (refereegranskat)abstract
- Contemporary methods for assessing information security risks have adopted mainly technical views on information and technology assets. Organizational dynamics of information management and knowledge sharing have gained less attention. This article outlines a new, genre-based, approach to information security risk assessment in order to orientate toward organization- and knowledge-centric identification and analysis of security risks. In order to operationalize the genre-based approach, we suggest the use of a genre-based analytical method for identifying organizational communication patterns through which organizational knowledge is shared. The genre-based method is then complemented with tasks and techniques from a textbook risk assessment method (OCTAVE Allegro). We discuss the initial experiences of three experienced information security professionals who tested the method. The article concludes with implications of the genre-based approach to analyzing information and knowledge security risks for future research and practice.
|
|
| 404. |
- Ingemarsson, Ingemar
(författare)
-
Encryption in Data Networks with Application to Teletex
- 1978
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- TELETEX is a new international telecommunication service for text communication between terminals capable of data storage and possibly integrated in a information processing system, [l]. The new service is intended to fill the same needs as does business mail. With regard to information security this means that the information handled by the TELETEX system shall not be unintentionally changed or destroyed or lost to an unintended receiver. Measures to prevent this are called information protection. (We prefer to use the terms information security and information protection rather than data security and data protection. The reason is that "data " in the sense of a string of symbol s may be lost without revealing the information represented by the data. This is for example the case when the data consists of encrypted information).One of the most efficient methods for information protection is to use encryption. This means that the information is transmitted using a ''language" which i s not understood by is efficiently protected against loss and in most cases also against undetected change. Cryptological methods can also be used to detect information destruction. In Section 2 of this report we discuss the basic problems involved with the use of encryption in data networks in general.In a separate report we discuss the possible threats to the information security in TELETEX. This leads to suggestions regarding suitable protection methods. Our standpoint is that TELETEX shall offer at least the same level of information security as does the established mail distribution system.
|
|
| 405. |
- Åhlfeldt, Rose-Mharie, et al.
(författare)
-
Security Issues in Health Care Process Integration : a Research-in-Progress Report
- 2005
-
Ingår i: EMOI - INTEROP'05 Enterprise Modelling and Ontologies for Interoperability. - : CEUR.
-
Konferensbidrag (refereegranskat)abstract
- The aim of this paper is to summarize our research and describe our current position in the areas of health care process integration and information security. Security is one of the important non functional aspect of interoperability within the INTEROP NoE. The paper will briefly introduce our work and some findings concerning security issues in process integration within the health care sector.
|
|
| 406. |
- Ingemarsson, Ingemar
(författare)
-
Encryption in Telefax
- 1978
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- Our standpoint is that the basic need for information security in TELETEX is provided by the data network used together with the possibility to encrypt the messages in the terminals, thereby protecting the messages from information loss. Means for detection of information destruction or change and f or verification at unencrypted data may then be provided for by the user of the TELETEX system.
|
|
| 407. |
- Al Sabbagh, Bilal, et al.
(författare)
-
A cultural adaption model for global cyber security warning systems : A socio-technical proposal
- 2011
-
Konferensbidrag (refereegranskat)abstract
- In this paper we explore the problems of developing a cyber security warning system both from a theoretical and practical perspective. We review some of the current development in warning systems around the world and we also examine the security metrics area. We then expanded on a proposed socio-technical coordinate system for global cyber security alerts and adapted it to an information security culture framework.
|
|
| 408. |
- Barthe, Gilles, et al.
(författare)
-
Secuirty of Multithreaded Programs by Compilation
- 2009
-
Ingår i: Special Issue of ACM Transactions on Information and System Security (TISSEC). - : Association for Computing Machinery (ACM). - 1094-9224 .- 1557-7406.
-
Tidskriftsartikel (refereegranskat)abstract
- Information security is a pressing challenge for mobile code technologies. In order to claim end-to-end security of mobile code, it is necessary to establish that the code neither intentionally nor accidentally propagates sensitive information to an adversary. Although mobile code is commonly multithreaded low-level code, the literature is lacking enforcement mechanisms that ensure information security for such programs.This article offers a modular solution to the security ofmultithreaded programs. The modularity is three-fold:we give modular extensions of sequential semantics, sequential security typing, and sequential security-type preserving compilation that allow us enforcing security for multithreaded programs. Thanks to the modularity, there are no more restrictions on multithreaded source programs than on sequential ones, and yet we guarantee that their compilations are provably secure for a wide class of schedulers.
|
|
| 409. |
- Gustafsson, Mariana S., 1978-
(författare)
-
Constructing security : reflections on the margins of a case study of the use of electronic identification in ICT platforms in schools
- 2014
-
Ingår i: Privacy and Identity Management for Emerging Services and Technologies. - Berlin, Heidelberg : Springer. - 9783642551369 ; , s. 224-236
-
Bokkapitel (refereegranskat)abstract
- This paper addresses how people construct meanings regarding “the concept of security”, based upon the descriptions collected from participants in a case study of the use of electronic identification in ICT platforms in schools. The aim of the paper is to reflect on the concept of security by identifying and analyzing how people build their own understanding of security when using ICT platforms in schools. The analysis identifies three ontological instances of security: security as an ideal state of affairs, security as a value and information security. The analysis also clarifies the difference between the objective and subjective nature of security, as well as the differences between factual and perceived information security. As a result, I raise several research questions concerning “security”, and identify common assumptions with regard to constructing the concept of security.
|
|
| 410. |
- Ahmadzadegan, M. Hossein, et al.
(författare)
-
Security-Centric Investigation of Social Networks and Preventative Behavioral Analysis of Online Activity by the Kuleshov effect
- 2020
-
Ingår i: 2020 IEE 9th International Conference on Communication Systems and Network Technologies. - : IEEE. ; , s. 271-276
-
Konferensbidrag (refereegranskat)abstract
- The Internet beside providing many advantages has some disadvantages. The full unfamiliarity with cyberspace can bring harms and inconvenience to families. This study attempted to introduce the disadvantages and threats on the Internet and present some countermeasures to decrease such threats and harms. Social networks are currently so epidemic that even many companies and organizations formally supply the internal communication system among their members and employees through this social networks and the number of the users of such networks is increasing daily. The term “information security” covers a broad spectrum of activities in an organization. Information security means preventing the unauthorized access to information and products or apply some changes or delete such information using a series of processes. Such actions can be considered as a protection package against current resources in different situations (e.g., a hacker attacks which occurs a lot) by those in charge of information security. One of the most important issues which is considered as a security challenge in these networks is the security and retention of the data and information shared by users from unauthorized access and unwanted disclosure. In this article the Kuleshov effect from cinema has been deployed to explain and launch a behavioral analysis of online activities.
|
|
