52 resultados para Integration and security technologies
Resumo:
With the intensive use of information and communication technologies, governments are transforming into e-governments. While public management research has given increased attention to this subject lately, this article reviews the limited literature that deals with the impacts of e-government technologies on street-level bureaucracies. A twofold argument is being developed. First, what can be called the 'curtailment thesis', stressing the reduction or disappearance of frontline policy discretion, is addressed. Second, the 'enablement thesis' gets attention, highlighting how technologies provide frontline workers and citizens with additional action resources. The article concludes with propositions for a future research agenda on the topic.
Resumo:
In most Western postindustrial societies today, the population is aging, businesses are faced with global integration, and important migration flows are taking place. Increasingly work organizations are hiring crossnational and multicultural workteams. In this situation it is important to understand the influence of certain individual and cultural characteristics on the process of professional integration. The present study explores the links between personality traits, demographic characteristics (age, sex, education, income, and nationality), work engagement, and job stress. The sample consisted of 618 participants, including 394 Swiss workers (200 women, 194 men) and 224 foreigners living and working in Switzerland (117 women, 107 men). Each participant completed the NEO-FFI, the UWES, and the GWSS questionnaires. Our results show an interaction between age and nationality with respect to work engagement and general job stress. The levels of work engagement and job stress appear to increase with age among national wotkers, whereas they decrease among foreign workers. In addition, work engagement was negatively associated with Neuroticism and positively with the other four personality dimensions. Finally, job stress was positively associated with Neuroticism and Conscientiousness, and negatively associated with Extraversion. However, the strength of these relationships appeared to vary according to the worker's nationality, age, sex, education, and income.
Resumo:
Unipolar depression is among the leading cause of invalidity and disability-adjusted life-years. Many depressed patients do not respond to several antidepressant treatments. Several treatments have been investigated in resistant depression using electrical or magnetic stimulation of the brain. In this field, electroconvulsivotherapy remains to date the only treatment validated for efficacy and security. Novel neuromodulatory treatments used in neurological conditions are currently under investigation. Vagus nerve stimulation and deep brain stimulation may offer long-term efficacy and therefore justify expensive and highly specialized treatment programs.
Resumo:
Objective: Converging evidence speak in favor of an abnormal susceptibility to oxidative stress in schizophrenia. A decreased level of glutathione (GSH), the principal non-protein antioxidant and redox regulator, was observed both in cerebrospinal-fluid and prefrontal cortex of schizophrenia patients (Do et al., 2000). Results: Schizophrenia patients have an abnormal GSH synthesis most likely of genetic origin: Two independent case-control studies showed a significant association between schizophrenia and a GAG trinucleotide repeat (TNR) polymorphism in the GSH key synthesizing enzyme glutamate-cysteine-ligase (GCL) catalytic subunit (GCLC) gene. The most common TNR genotype 7/7 was more frequent in controls, whereas the rarest TNR genotype 8/8 was three times more frequent in patients. The disease-associated genotypes correlated with a decrease in GCLC protein expression, GCL activity and GSH content. Such a redox dysregulation during development could underlie the structural and functional anomalies in connectivity: In experimental models, GSH deficit induced anomalies similar to those observed in patients. (a) morphology: In animal models with GSH deficit during the development we observed in prefrontal cortex a decreased dendritic spines density in pyramidal cells and an abnormal development of parvalbumine (but not of calretinine) immunoreactive GABA interneurones in anterior cingulate cortex. (b) physiology: GSH depletion in hippocampal slices induces NMDA receptors hypofunction and an impairment of long term potentiation. In addition, GSH deficit affected the modulation of dopamine on NMDA-induced Ca 2+ response in cultured cortical neurons. While dopamine enhanced NMDA responses in control neurons, it depressed NMDA responses in GSH-depleted neurons. Antagonist of D2-, but not D1-receptors, prevented this depression, a mechanism contributing to the efficacy of antipsychotics. The redox sensitive ryanodine receptors and L-type calcium channels underlie these observations. (c) cognition: Developing rats with low [GSH] and high dopamine lead deficit in olfactory integration and in object recognition which appears earlier in males that females, in analogy to the delay of the psychosis onset between man and woman. Conclusion: These clinical and experimental evidence, combined with the favorable outcome of a clinical trial with N-Acetyl Cysteine, a GSH precursor, on both the negative symptoms (Berk et al., submitted) and the mismatch negativity in an auditory oddball paradigm supported the proposal that a GSH synthesis impairment of genetic origin represent, among other factors, one major risk factor in schizophrenia.
Resumo:
Background: The variety of DNA microarray formats and datasets presently available offers an unprecedented opportunity to perform insightful comparisons of heterogeneous data. Cross-species studies, in particular, have the power of identifying conserved, functionally important molecular processes. Validation of discoveries can now often be performed in readily available public data which frequently requires cross-platform studies.Cross-platform and cross-species analyses require matching probes on different microarray formats. This can be achieved using the information in microarray annotations and additional molecular biology databases, such as orthology databases. Although annotations and other biological information are stored using modern database models ( e. g. relational), they are very often distributed and shared as tables in text files, i.e. flat file databases. This common flat database format thus provides a simple and robust solution to flexibly integrate various sources of information and a basis for the combined analysis of heterogeneous gene expression profiles.Results: We provide annotationTools, a Bioconductor-compliant R package to annotate microarray experiments and integrate heterogeneous gene expression profiles using annotation and other molecular biology information available as flat file databases. First, annotationTools contains a specialized set of functions for mining this widely used database format in a systematic manner. It thus offers a straightforward solution for annotating microarray experiments. Second, building on these basic functions and relying on the combination of information from several databases, it provides tools to easily perform cross-species analyses of gene expression data.Here, we present two example applications of annotationTools that are of direct relevance for the analysis of heterogeneous gene expression profiles, namely a cross-platform mapping of probes and a cross-species mapping of orthologous probes using different orthology databases. We also show how to perform an explorative comparison of disease-related transcriptional changes in human patients and in a genetic mouse model.Conclusion: The R package annotationTools provides a simple solution to handle microarray annotation and orthology tables, as well as other flat molecular biology databases. Thereby, it allows easy integration and analysis of heterogeneous microarray experiments across different technological platforms or species.
Resumo:
Duchenne muscular dystrophy is is the most common form of the childhood muscular dystrophies. It follows a predictable clinical course marked by progressive skeletal muscle weakness, lost of ambulation before teen-age and death in early adulthood secondary to respiratory or cardiac failure. Becker muscular dystrophy is less common and has a milder clinical course but also results in respiratory and cardiac failure.Altough recent advances in respiratory care and new technologies have improved the outlook many patients already received only a traditional non-interventional approach. The aims of this work are: to analyse the pathophysiology and natural history of respiratory function in these diseases, to descript their clinical manifestations, to present the diagnostics tools and to provide recommendations for an adequated respiratory care in this particular population based on the updated literature referenced.
Resumo:
INTRODUCTION: Diverse microarray and sequencing technologies have been widely used to characterise the molecular changes in malignant epithelial cells in breast cancers. Such gene expression studies to identify markers and targets in tumour cells are, however, compromised by the cellular heterogeneity of solid breast tumours and by the lack of appropriate counterparts representing normal breast epithelial cells. METHODS: Malignant neoplastic epithelial cells from primary breast cancers and luminal and myoepithelial cells isolated from normal human breast tissue were isolated by immunomagnetic separation methods. Pools of RNA from highly enriched preparations of these cell types were subjected to expression profiling using massively parallel signature sequencing (MPSS) and four different genome wide microarray platforms. Functional related transcripts of the differential tumour epithelial transcriptome were used for gene set enrichment analysis to identify enrichment of luminal and myoepithelial type genes. Clinical pathological validation of a small number of genes was performed on tissue microarrays. RESULTS: MPSS identified 6,553 differentially expressed genes between the pool of normal luminal cells and that of primary tumours substantially enriched for epithelial cells, of which 98% were represented and 60% were confirmed by microarray profiling. Significant expression level changes between these two samples detected only by microarray technology were shown by 4,149 transcripts, resulting in a combined differential tumour epithelial transcriptome of 8,051 genes. Microarray gene signatures identified a comprehensive list of 907 and 955 transcripts whose expression differed between luminal epithelial cells and myoepithelial cells, respectively. Functional annotation and gene set enrichment analysis highlighted a group of genes related to skeletal development that were associated with the myoepithelial/basal cells and upregulated in the tumour sample. One of the most highly overexpressed genes in this category, that encoding periostin, was analysed immunohistochemically on breast cancer tissue microarrays and its expression in neoplastic cells correlated with poor outcome in a cohort of poor prognosis estrogen receptor-positive tumours. CONCLUSION: Using highly enriched cell populations in combination with multiplatform gene expression profiling studies, a comprehensive analysis of molecular changes between the normal and malignant breast tissue was established. This study provides a basis for the identification of novel and potentially important targets for diagnosis, prognosis and therapy in breast cancer.
Resumo:
Phytohormones have been implicated in vascular development in various ways, but their precise function and the extent of their influence is still controversial. Recent results from experimental manipulation of developing organs and Arabidopsis developmental genetics support a role for polar auxin flow in cell axis formation within the vascular system and, interestingly, also in the embryonic establishment of the plant body axis. Vascular responses to auxin transport inhibition indicate patterns of auxin distribution during leaf development and new technologies may enable these predictions to be tested within the near future. Moreover, recently discovered Arabidopsis axialisation mutants seem to identify essential genes that relay auxin signals in vascular development. A first gene in this class, MONOPTEROS (MP) has been cloned and encodes a transcription factor capable of binding to auxin response elements in the control regions of auxin regulated genes. Molecular identification of further axialisation genes may provide access to a mechanistic understanding of plant cell axis formation.
Resumo:
The integration of specific institutions for teacher education into the higher education system represents a milestone in the Swiss educational policy and has broad implications. This thesis explores organizational and institutional change resulting from this policy reform, and attempts to assess structural change in terms of differentiation and convergence within the system of higher education. Key issues that are dealt with are, on the one hand, the adoption of a research function by the newly conceptualized institutions of teacher education, and on the other, the positioning of the new institutions within the higher education system. Drawing on actor-centred approaches to differentiation, this dissertation discusses system-level specificities of tertiarized teacher education and asks how this affects institutional configurations and actor constellations. On the basis of qualitative and quantitative empirical data, a comparative analysis has been carried out including case studies of four universities of teacher education as well as multivariate regression analysis of micro-level data on students' educational choices. The study finds that the process of system integration and adaption to the research function by the various institutions have unfolded differently depending on the institutional setting and the specific actor constellations. The new institutions have clearly made a strong push to position themselves as a new institutional type and to find their identity beyond the traditional binary divide which assigns the universities of teacher education to the college sector. Potential conflicts have been identified in divergent cognitive normative orientations and perceptions of researchers, teacher educators, policy-makers, teachers, and students as to the mission and role of the new type of higher education institution. - L'intégration dans le système d'enseignement supérieur d'institutions qui ont pour tâche spécifique de former des enseignants peut être considérée comme un événement majeur dans la politique éducative suisse, qui se trouve avoir des conséquences importantes à plusieurs niveaux. Cette thèse explore les changements organisationnels et institutionnels résultant de cette réforme politique, et elle se propose d'évaluer en termes de différentiation et de convergence les changements structurels intervenus dans le système d'éducation tertiaire. Les principaux aspects traités sont d'une part la nouvelle mission de recherche attribuée à ces institutions de formation pédagogique, et de l'autre la place par rapport aux autres institutions du système d'éducation tertiaire. Recourant à une approche centrée sur les acteurs pour étudier les processus de différen-tiation, la thèse met en lumière et en discussion les spécificités inhérentes au système tertiaire au sein duquel se joue la formation des enseignants nouvellement conçue et soulève la question des effets de cette nouvelle façon de former les enseignants sur les configurations institutionnelles et les constellations d'acteurs. Une analyse comparative a été réalisée sur la base de données qualitatives et quantitatives issues de quatre études de cas de hautes écoles pédagogiques et d'analyses de régression multiple de données de niveau micro concernant les choix de carrière des étudiants. Les résultats montrent à quel point le processus d'intégration dans le système et la nouvelle mission de recherche peuvent apparaître de manière différente selon le cadre institutionnel d'une école et la constellation spécifique des acteurs influents. A pu clairement être observée une forte aspiration des hautes écoles pédagogiques à se créer une identité au-delà de la structure binaire du système qui assigne la formation des enseignants au secteur des hautes écoles spéciali-sées. Des divergences apparaissent dans les conceptions et perceptions cognitives et normatives des cher-cheurs, formateurs, politiciens, enseignants et étudiants quant à la mission et au rôle de ce nouveau type de haute école. - Die Integration spezieller Institutionen für die Lehrerbildung ins Hochschulsystem stellt einen bedeutsamen Schritt mit weitreichenden Folgen in der Entwicklung des schweizerischen Bildungswesens dar. Diese Dissertation untersucht die mit der Neuerung verbundenen Veränderungen auf organisatorischer und institutioneller Ebene und versucht, die strukturelle Entwicklung unter den Gesichtspunkten von Differenzierung und Konvergenz innerhalb des tertiären Bildungssystems einzuordnen. Zentrale Themen sind dabei zum einen die Einführung von Forschung und Entwicklung als zusätzlichem Leistungsauftrag in der Lehrerbildung und zum andern die Positionierung der pädagogischen Hochschulen innerhalb des Hochschulsystems. Anhand akteurzentrierter Ansätze zur Differenzierung werden die Besonderheiten einer tertiarisierten Lehrerbildung hinsichtlich der Systemebenen diskutiert und Antworten auf die Frage gesucht, wie die Reform die institutionellen Konfigurationen und die Akteurkonstellationen beeinflusst. Auf der Grundlage qualitativer und quantitativer Daten wurde eine vergleichende Analyse durchgeführt, welche Fallstudien zu vier pädagogischen Hochschulen umfasst sowie Regressionsanalysen von Mikrodaten zur Studienwahl von Maturanden. Die Ergebnisse machen deutlich, dass sich der Prozess der Systemintegration und die Einführung von Forschung in die Lehrerbildung in Abhängigkeit von institutionellen Ordnungen und der jeweiligen Akteurkonstellation unterschiedlich gestalten. Es lässt sich bei den neu gegründeten pädagogischen Hochschulen ein starkes Bestreben feststellen, sich als neuen Hochschultypus zu positionieren und sich eine Identität zu schaffen jenseits der herkömmlichen binären Struktur, welche die pädagogischen Hochschulen dem Fachhochschul-Sektor zuordnet. Potentielle Konflikte zeichnen sich ab in den divergierenden kognitiven und normativen Orientierungen und Wahrnehmungen von Forschern, Ausbildern, Bildungspolitikern, Lehrern und Studierenden hinsichtlich des Auftrags und der Rolle dieses neuen Typs Hochschule.
Resumo:
Hippocampal adult neurogenesis results in the continuous formation of new neurons in the adult hippocampus, which participate to learning and memory. Manipulations increasing adult neurogenesis have a huge clinical potential in pathologies involving memory loss. Intringuingly, most of the newborn neurons die during their maturation. Thus, increasing newborn neuron survival during their maturation may be a powerful way to increase overall adult neurogenesis. The factors governing this neuronal death are yet poorly known. In my PhD project, we made the hypothesis that synaptogenesis and synaptic activity play a role in the survival of newborn hippocampal neurons. We studied three factors potentially involved in the regulation of the synaptic integration of adult-born neurons. First, we used propofol anesthesia to provoke a global increase in GABAergic activity of the network, and we evaluated the outcome on newborn neuron synaptic integration, morphological development and survival. Propofol anesthesia impaired the dendritic maturation and survival of adult-born neurons in an age-dependent manner. Next, we examined the development of astrocytic ensheathment on the synapses formed by newborn neurons, as we hypothesized that astrocytes are involved in their synaptic integration. Astrocytic processes ensheathed the synapses of newborn neurons very early in their development, and the processes modulated synaptic transmission on these cells. Finally, we studied the cell-autonomous effects of the overexpression of synaptic adhesion molecules on the development, synaptic integration and survival of newborn neurons, and we found that manipulating of a single adhesion molecule was sufficient to modify synaptogenesis and/or synapse function, and to modify newborn neuron survival. Together, these results suggest that the activity of the neuronal network, the modulation of glutamate transport by astrocytes, and the synapse formation and activity of the neuron itself may regulate the survival of newborn neurons. Thus, the survival of newborn neurons may depend on their ability to communicate with the network. This knowledge is crucial for finding ways to increase neurogenesis in patients. More generally, understanding how the neurogenic niche works and which factors are important for the generation, maturation and survival of neurons is fundamental to be able to maybe, one day, replace neurons in any region of the brain.
Resumo:
Duchenne muscular dystrophy (DMD) is an X-linked genetic disease, caused by the absence of the dystrophin protein. Although many novel therapies are under development for DMD, there is currently no cure and affected individuals are often confined to a wheelchair by their teens and die in their twenties/thirties. DMD is a rare disease (prevalence <5/10,000). Even the largest countries do not have enough affected patients to rigorously assess novel therapies, unravel genetic complexities, and determine patient outcomes. TREAT-NMD is a worldwide network for neuromuscular diseases that provides an infrastructure to support the delivery of promising new therapies for patients. The harmonized implementation of national and ultimately global patient registries has been central to the success of TREAT-NMD. For the DMD registries within TREAT-NMD, individual countries have chosen to collect patient information in the form of standardized patient registries to increase the overall patient population on which clinical outcomes and new technologies can be assessed. The registries comprise more than 13,500 patients from 31 different countries. Here, we describe how the TREAT-NMD national patient registries for DMD were established. We look at their continued growth and assess how successful they have been at fostering collaboration between academia, patient organizations, and industry.
Resumo:
Advanced neuroinformatics tools are required for methods of connectome mapping, analysis, and visualization. The inherent multi-modality of connectome datasets poses new challenges for data organization, integration, and sharing. We have designed and implemented the Connectome Viewer Toolkit - a set of free and extensible open source neuroimaging tools written in Python. The key components of the toolkit are as follows: (1) The Connectome File Format is an XML-based container format to standardize multi-modal data integration and structured metadata annotation. (2) The Connectome File Format Library enables management and sharing of connectome files. (3) The Connectome Viewer is an integrated research and development environment for visualization and analysis of multi-modal connectome data. The Connectome Viewer's plugin architecture supports extensions with network analysis packages and an interactive scripting shell, to enable easy development and community contributions. Integration with tools from the scientific Python community allows the leveraging of numerous existing libraries for powerful connectome data mining, exploration, and comparison. We demonstrate the applicability of the Connectome Viewer Toolkit using Diffusion MRI datasets processed by the Connectome Mapper. The Connectome Viewer Toolkit is available from http://www.cmtk.org/
Resumo:
EXECUTIVE SUMMARY : Evaluating Information Security Posture within an organization is becoming a very complex task. Currently, the evaluation and assessment of Information Security are commonly performed using frameworks, methodologies and standards which often consider the various aspects of security independently. Unfortunately this is ineffective because it does not take into consideration the necessity of having a global and systemic multidimensional approach to Information Security evaluation. At the same time the overall security level is globally considered to be only as strong as its weakest link. This thesis proposes a model aiming to holistically assess all dimensions of security in order to minimize the likelihood that a given threat will exploit the weakest link. A formalized structure taking into account all security elements is presented; this is based on a methodological evaluation framework in which Information Security is evaluated from a global perspective. This dissertation is divided into three parts. Part One: Information Security Evaluation issues consists of four chapters. Chapter 1 is an introduction to the purpose of this research purpose and the Model that will be proposed. In this chapter we raise some questions with respect to "traditional evaluation methods" as well as identifying the principal elements to be addressed in this direction. Then we introduce the baseline attributes of our model and set out the expected result of evaluations according to our model. Chapter 2 is focused on the definition of Information Security to be used as a reference point for our evaluation model. The inherent concepts of the contents of a holistic and baseline Information Security Program are defined. Based on this, the most common roots-of-trust in Information Security are identified. Chapter 3 focuses on an analysis of the difference and the relationship between the concepts of Information Risk and Security Management. Comparing these two concepts allows us to identify the most relevant elements to be included within our evaluation model, while clearing situating these two notions within a defined framework is of the utmost importance for the results that will be obtained from the evaluation process. Chapter 4 sets out our evaluation model and the way it addresses issues relating to the evaluation of Information Security. Within this Chapter the underlying concepts of assurance and trust are discussed. Based on these two concepts, the structure of the model is developed in order to provide an assurance related platform as well as three evaluation attributes: "assurance structure", "quality issues", and "requirements achievement". Issues relating to each of these evaluation attributes are analysed with reference to sources such as methodologies, standards and published research papers. Then the operation of the model is discussed. Assurance levels, quality levels and maturity levels are defined in order to perform the evaluation according to the model. Part Two: Implementation of the Information Security Assurance Assessment Model (ISAAM) according to the Information Security Domains consists of four chapters. This is the section where our evaluation model is put into a welldefined context with respect to the four pre-defined Information Security dimensions: the Organizational dimension, Functional dimension, Human dimension, and Legal dimension. Each Information Security dimension is discussed in a separate chapter. For each dimension, the following two-phase evaluation path is followed. The first phase concerns the identification of the elements which will constitute the basis of the evaluation: ? Identification of the key elements within the dimension; ? Identification of the Focus Areas for each dimension, consisting of the security issues identified for each dimension; ? Identification of the Specific Factors for each dimension, consisting of the security measures or control addressing the security issues identified for each dimension. The second phase concerns the evaluation of each Information Security dimension by: ? The implementation of the evaluation model, based on the elements identified for each dimension within the first phase, by identifying the security tasks, processes, procedures, and actions that should have been performed by the organization to reach the desired level of protection; ? The maturity model for each dimension as a basis for reliance on security. For each dimension we propose a generic maturity model that could be used by every organization in order to define its own security requirements. Part three of this dissertation contains the Final Remarks, Supporting Resources and Annexes. With reference to the objectives of our thesis, the Final Remarks briefly analyse whether these objectives were achieved and suggest directions for future related research. Supporting resources comprise the bibliographic resources that were used to elaborate and justify our approach. Annexes include all the relevant topics identified within the literature to illustrate certain aspects of our approach. Our Information Security evaluation model is based on and integrates different Information Security best practices, standards, methodologies and research expertise which can be combined in order to define an reliable categorization of Information Security. After the definition of terms and requirements, an evaluation process should be performed in order to obtain evidence that the Information Security within the organization in question is adequately managed. We have specifically integrated into our model the most useful elements of these sources of information in order to provide a generic model able to be implemented in all kinds of organizations. The value added by our evaluation model is that it is easy to implement and operate and answers concrete needs in terms of reliance upon an efficient and dynamic evaluation tool through a coherent evaluation system. On that basis, our model could be implemented internally within organizations, allowing them to govern better their Information Security. RÉSUMÉ : Contexte général de la thèse L'évaluation de la sécurité en général, et plus particulièrement, celle de la sécurité de l'information, est devenue pour les organisations non seulement une mission cruciale à réaliser, mais aussi de plus en plus complexe. A l'heure actuelle, cette évaluation se base principalement sur des méthodologies, des bonnes pratiques, des normes ou des standards qui appréhendent séparément les différents aspects qui composent la sécurité de l'information. Nous pensons que cette manière d'évaluer la sécurité est inefficiente, car elle ne tient pas compte de l'interaction des différentes dimensions et composantes de la sécurité entre elles, bien qu'il soit admis depuis longtemps que le niveau de sécurité globale d'une organisation est toujours celui du maillon le plus faible de la chaîne sécuritaire. Nous avons identifié le besoin d'une approche globale, intégrée, systémique et multidimensionnelle de l'évaluation de la sécurité de l'information. En effet, et c'est le point de départ de notre thèse, nous démontrons que seule une prise en compte globale de la sécurité permettra de répondre aux exigences de sécurité optimale ainsi qu'aux besoins de protection spécifiques d'une organisation. Ainsi, notre thèse propose un nouveau paradigme d'évaluation de la sécurité afin de satisfaire aux besoins d'efficacité et d'efficience d'une organisation donnée. Nous proposons alors un modèle qui vise à évaluer d'une manière holistique toutes les dimensions de la sécurité, afin de minimiser la probabilité qu'une menace potentielle puisse exploiter des vulnérabilités et engendrer des dommages directs ou indirects. Ce modèle se base sur une structure formalisée qui prend en compte tous les éléments d'un système ou programme de sécurité. Ainsi, nous proposons un cadre méthodologique d'évaluation qui considère la sécurité de l'information à partir d'une perspective globale. Structure de la thèse et thèmes abordés Notre document est structuré en trois parties. La première intitulée : « La problématique de l'évaluation de la sécurité de l'information » est composée de quatre chapitres. Le chapitre 1 introduit l'objet de la recherche ainsi que les concepts de base du modèle d'évaluation proposé. La maniéré traditionnelle de l'évaluation de la sécurité fait l'objet d'une analyse critique pour identifier les éléments principaux et invariants à prendre en compte dans notre approche holistique. Les éléments de base de notre modèle d'évaluation ainsi que son fonctionnement attendu sont ensuite présentés pour pouvoir tracer les résultats attendus de ce modèle. Le chapitre 2 se focalise sur la définition de la notion de Sécurité de l'Information. Il ne s'agit pas d'une redéfinition de la notion de la sécurité, mais d'une mise en perspectives des dimensions, critères, indicateurs à utiliser comme base de référence, afin de déterminer l'objet de l'évaluation qui sera utilisé tout au long de notre travail. Les concepts inhérents de ce qui constitue le caractère holistique de la sécurité ainsi que les éléments constitutifs d'un niveau de référence de sécurité sont définis en conséquence. Ceci permet d'identifier ceux que nous avons dénommés « les racines de confiance ». Le chapitre 3 présente et analyse la différence et les relations qui existent entre les processus de la Gestion des Risques et de la Gestion de la Sécurité, afin d'identifier les éléments constitutifs du cadre de protection à inclure dans notre modèle d'évaluation. Le chapitre 4 est consacré à la présentation de notre modèle d'évaluation Information Security Assurance Assessment Model (ISAAM) et la manière dont il répond aux exigences de l'évaluation telle que nous les avons préalablement présentées. Dans ce chapitre les concepts sous-jacents relatifs aux notions d'assurance et de confiance sont analysés. En se basant sur ces deux concepts, la structure du modèle d'évaluation est développée pour obtenir une plateforme qui offre un certain niveau de garantie en s'appuyant sur trois attributs d'évaluation, à savoir : « la structure de confiance », « la qualité du processus », et « la réalisation des exigences et des objectifs ». Les problématiques liées à chacun de ces attributs d'évaluation sont analysées en se basant sur l'état de l'art de la recherche et de la littérature, sur les différentes méthodes existantes ainsi que sur les normes et les standards les plus courants dans le domaine de la sécurité. Sur cette base, trois différents niveaux d'évaluation sont construits, à savoir : le niveau d'assurance, le niveau de qualité et le niveau de maturité qui constituent la base de l'évaluation de l'état global de la sécurité d'une organisation. La deuxième partie: « L'application du Modèle d'évaluation de l'assurance de la sécurité de l'information par domaine de sécurité » est elle aussi composée de quatre chapitres. Le modèle d'évaluation déjà construit et analysé est, dans cette partie, mis dans un contexte spécifique selon les quatre dimensions prédéfinies de sécurité qui sont: la dimension Organisationnelle, la dimension Fonctionnelle, la dimension Humaine, et la dimension Légale. Chacune de ces dimensions et son évaluation spécifique fait l'objet d'un chapitre distinct. Pour chacune des dimensions, une évaluation en deux phases est construite comme suit. La première phase concerne l'identification des éléments qui constituent la base de l'évaluation: ? Identification des éléments clés de l'évaluation ; ? Identification des « Focus Area » pour chaque dimension qui représentent les problématiques se trouvant dans la dimension ; ? Identification des « Specific Factors » pour chaque Focus Area qui représentent les mesures de sécurité et de contrôle qui contribuent à résoudre ou à diminuer les impacts des risques. La deuxième phase concerne l'évaluation de chaque dimension précédemment présentées. Elle est constituée d'une part, de l'implémentation du modèle général d'évaluation à la dimension concernée en : ? Se basant sur les éléments spécifiés lors de la première phase ; ? Identifiant les taches sécuritaires spécifiques, les processus, les procédures qui auraient dû être effectués pour atteindre le niveau de protection souhaité. D'autre part, l'évaluation de chaque dimension est complétée par la proposition d'un modèle de maturité spécifique à chaque dimension, qui est à considérer comme une base de référence pour le niveau global de sécurité. Pour chaque dimension nous proposons un modèle de maturité générique qui peut être utilisé par chaque organisation, afin de spécifier ses propres exigences en matière de sécurité. Cela constitue une innovation dans le domaine de l'évaluation, que nous justifions pour chaque dimension et dont nous mettons systématiquement en avant la plus value apportée. La troisième partie de notre document est relative à la validation globale de notre proposition et contient en guise de conclusion, une mise en perspective critique de notre travail et des remarques finales. Cette dernière partie est complétée par une bibliographie et des annexes. Notre modèle d'évaluation de la sécurité intègre et se base sur de nombreuses sources d'expertise, telles que les bonnes pratiques, les normes, les standards, les méthodes et l'expertise de la recherche scientifique du domaine. Notre proposition constructive répond à un véritable problème non encore résolu, auquel doivent faire face toutes les organisations, indépendamment de la taille et du profil. Cela permettrait à ces dernières de spécifier leurs exigences particulières en matière du niveau de sécurité à satisfaire, d'instancier un processus d'évaluation spécifique à leurs besoins afin qu'elles puissent s'assurer que leur sécurité de l'information soit gérée d'une manière appropriée, offrant ainsi un certain niveau de confiance dans le degré de protection fourni. Nous avons intégré dans notre modèle le meilleur du savoir faire, de l'expérience et de l'expertise disponible actuellement au niveau international, dans le but de fournir un modèle d'évaluation simple, générique et applicable à un grand nombre d'organisations publiques ou privées. La valeur ajoutée de notre modèle d'évaluation réside précisément dans le fait qu'il est suffisamment générique et facile à implémenter tout en apportant des réponses sur les besoins concrets des organisations. Ainsi notre proposition constitue un outil d'évaluation fiable, efficient et dynamique découlant d'une approche d'évaluation cohérente. De ce fait, notre système d'évaluation peut être implémenté à l'interne par l'entreprise elle-même, sans recourir à des ressources supplémentaires et lui donne également ainsi la possibilité de mieux gouverner sa sécurité de l'information.
