| 1. |
- Lundgren, Björn, 1984-, et al.
(författare)
-
Defining Information Security
- 2017
-
Ingår i: Science and Engineering Ethics. - : Springer. - 1353-3452 .- 1471-5546.
-
Tidskriftsartikel (refereegranskat)abstract
- This article proposes a new definition of information security, the ‘Appropriate Access’ definition. Apart from providing the basic criteria for a definition—correct demarcation and meaning concerning the state of security—it also aims at being a definition suitable for any information security perspective. As such, it bridges the conceptual divide between so-called ‘soft issues’ of information security (those including, e.g., humans, organizations, culture, ethics, policies, and law) and more technical issues. Because of this it is also suitable for various analytical purposes, such as analysing possible security breaches, or for studying conflicting attitudes on security in an organization. The need for a new definition is demonstrated by pointing to a number of problems for the standard definition type of information security—the so-called CIA definition. Besides being too broad as well as too narrow, it cannot properly handle the soft issues of information security, nor recognize the contextual and normative nature of security.
|
|
| 2. |
- Lundgren, Björn, 1984-
(författare)
-
Semantic Information and Information Security : Definitional Issues
- 2016
-
Licentiatavhandling (övrigt vetenskapligt/konstnärligt)abstract
- This licentiate thesis consist of two separate research papers which concern two tangential topics – that of semantic information and that of information security. Both topics are approached by similar methods, i.e. with a concern about conceptual and definitional issues. In Paper I – concerning the concept of information, and a semantic conception thereof – the conceptual, and definitional, issues focus on one property, that of truthfulness. It is argued – against the veridicality thesis – that semantic information need not be truthful. In Paper II – concerning information security – it is argued that the current leading definitions (so-called ‘CIA’ definitions, which define information as secure if, and only if, the properties of confidentiality, integrity, and availability are retained) suffer from both actual and possible counter-examples, and lack an appropriate conceptual sense. On the basis of this criticism a new kind of definitions is proposed and argued for.
|
|
| 3. |
- Lundgren, Björn, 1984-
(författare)
-
Information, Security, Privacy, and Anonymity : Definitional and Conceptual Issues
- 2018
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- This doctoral thesis consists of five research papers that address four tangential topics, all of which are relevant for the challenges we are facing in our socio-technical society: information, security, privacy, and anonymity. All topics are approached by similar methods, i.e. with a concern about conceptual and definitional issues. In Paper I—concerning the concept of information and a semantic conception thereof—it is argued that the veridicality thesis (i.e. that information must be true or truthful) is false. In Paper II—concerning information security—it is argued that the current leading definitions suffer from counter-examples, and lack an appropriate conceptual sense. Based on this criticism a new kind of definition is proposed and defended. In Paper III—concerning control definitions of privacy—it is argued that any sensible control-definition of privacy must properly recognize the context as part of the defining criteria. In Paper IV—concerning the concept of privacy—it is argued that privacy is a normative concept and that it is constituted by our social relations. Final, in Paper V—concerning anonymity—it is argued that the threat from deanonymization technology goes beyond harm to anonymity. It is argued that a person who never is deanonymized can still be harmed and what is at stake is an ability to be anonymous.
|
|
| 4. |
- Friberg von Sydow, Rikard, 1978-
(författare)
-
The Nordfront customer database-leak: A case study
- 2019
-
Ingår i: Information and Knowledge Management. - Gabarone : University of Botswana. - 9789996845871 ; , s. 413-431
-
Konferensbidrag (refereegranskat)abstract
- In June 2017 the Nordic National Socialist organization ”Nordic Resistance Movement” discovered that their web-shop, “Nordfront”, had been hacked and the customer data leaked on the Internet.Later they admitted publicly to being hacked and soon there after the actual data base was released by the perpetrators. Online discussions and media reports followed. Politicians who had ordered merchandise from the web-shop had to resign and musicians who had done the same had their concerts canceled. Data hacking led to a political and cultural scandal in Sweden with consequences for those involved. The purpose of this study is to investigate the reactions in online forums from persons in the political sphere that was affected by the leak. How do commentators react when information that connects a person to a controversial, and in this case anti-democratic and racist, political organization, is spread on the Internet? How is the quality of the information valued from an information security perspective? How can the database-leak be analyzed with help from models of information security? The study will be done using a case study method, with the main focus towards the supporters of the Nordic Resistance Movement.
|
|
| 5. |
- Friberg von Sydow, Rikard, 1978-
(författare)
-
Restricted availability of digital platforms and the creation of analog solutions : A case study of the use of a digital school platform in Uppsala Municipality, Sweden
- 2023
-
Konferensbidrag (refereegranskat)abstract
- In Sweden where my research is performed, most if not all schools on all levels use a digital platform to communicate with children and their parents. It could be any type of communication, from personal communication regarding a child to information regarding homework for a class, what you need to bring to the field trip, and so on. In Sweden, having a law regarding compulsory school attendance between the age of 6 and 15, and also having a rather strict law regarding who could access the information regarding, the information transferred through these platforms are both important and under restricted access.The problem I investigate is when this system meets a child with special needs. Especially if that child and its parents are supported through different services. Having a support family that the child lives with during periods of time or an institution that the child stays at temporarily. Because of the restricted access to the digital platforms they are unavailable within such arrangements, forcing schools to choose other forms of communication – mostly in the form of analog “contact books”. There are also information security issues when communicating information regarding the child's medical needs through digital platforms.These problems with the use of digital platforms have led to some ad hoc solutions in Uppsala municipality, which is the focus of my investigation. In this poster, I will explain the process of communication and the consequences regarding information security and preservation of archives when a system forces users to use analog communication where digital communication is the norm.
|
|
