981 resultados para Internal security
Resumo:
Executive Summary The objective of this report was to use the Sydney Opera House as a case study of the application of Building Information Modelling (BIM). The Sydney opera House is a complex, large building with very irregular building configuration, that makes it a challenging test. A number of key concerns are evident at SOH: • the building structure is complex, and building service systems - already the major cost of ongoing maintenance - are undergoing technology change, with new computer based services becoming increasingly important. • the current “documentation” of the facility is comprised of several independent systems, some overlapping and is inadequate to service current and future services required • the building has reached a milestone age in terms of the condition and maintainability of key public areas and service systems, functionality of spaces and longer term strategic management. • many business functions such as space or event management require up-to-date information of the facility that are currently inadequately delivered, expensive and time consuming to update and deliver to customers. • major building upgrades are being planned that will put considerable strain on existing Facilities Portfolio services, and their capacity to manage them effectively While some of these concerns are unique to the House, many will be common to larger commercial and institutional portfolios. The work described here supported a complementary task which sought to identify if a building information model – an integrated building database – could be created, that would support asset & facility management functions (see Sydney Opera House – FM Exemplar Project, Report Number: 2005-001-C-4 Building Information Modelling for FM at Sydney Opera House), a business strategy that has been well demonstrated. The development of the BIMSS - Open Specification for BIM has been surprisingly straightforward. The lack of technical difficulties in converting the House’s existing conventions and standards to the new model based environment can be related to three key factors: • SOH Facilities Portfolio – the internal group responsible for asset and facility management - have already well established building and documentation policies in place. The setting and adherence to well thought out operational standards has been based on the need to create an environment that is understood by all users and that addresses the major business needs of the House. • The second factor is the nature of the IFC Model Specification used to define the BIM protocol. The IFC standard is based on building practice and nomenclature, widely used in the construction industries across the globe. For example the nomenclature of building parts – eg ifcWall, corresponds to our normal terminology, but extends the traditional drawing environment currently used for design and documentation. This demonstrates that the international IFC model accurately represents local practice for building data representation and management. • a BIM environment sets up opportunities for innovative processes that can exploit the rich data in the model and improve services and functions for the House: for example several high-level processes have been identified that could benefit from standardized Building Information Models such as maintenance processes using engineering data, business processes using scheduling, venue access, security data and benchmarking processes using building performance data. The new technology matches business needs for current and new services. The adoption of IFC compliant applications opens the way forward for shared building model collaboration and new processes, a significant new focus of the BIM standards. In summary, SOH current building standards have been successfully drafted for a BIM environment and are confidently expected to be fully developed when BIM is adopted operationally by SOH. These BIM standards and their application to the Opera House are intended as a template for other organisations to adopt for the own procurement and facility management activities. Appendices provide an overview of the IFC Integrated Object Model and an understanding IFC Model Data.
Resumo:
The Queensland Department of Public Works (QDPW) and the Queensland Department of Main Roads (QDMR) have identified a need for industry e-contracting guidelines in the short to medium term. Each of these organisations conducts tenders and contracts for over $600 million annually. This report considers the security and legal issues relating to the shift from a paper-based tendering system to an electronic tendering system. The research objectives derived from the industry partners include: • a review of current standards and e-tendering systems; • a summary of legal requirements impacting upon e-tendering; • an analysis of the threats and requirements for any e-tendering system; • the identification of outstanding issues; • an evaluation of possible e-tendering architectures; • recommendations for e-tendering systems.
Resumo:
Internal marketing has been discussed in the management and academic literature for over three decades, yet it remains ill defined and poorly operationalized. This paper responds to calls for research to develop a single clear understanding of the construct, for the development of a suitable instrument to measure it, and for empirical evidence of its impact. Existing, divergent conceptualization of internal marketing are explored, and a new, multidimensional construct, describing the managerial behaviors associated with internal marketing is developed, and termed internal market orientation (IMO). IMO represents the adaptation of market orientation to the context of employer-employee exchanges in the internal market. The paper describes the development of a valid and reliable measure of IMO in a retail services context. Five dimensions of IMO are identified and confirmed. These are 1) formal written information generation, 2) formal face-to-face information generation, 3) informal information generation, 4) communication and dissemination of information, and 5) responding to this internal market information. The impact of IMO on important organizational factors is also explored. Results indicate positive consequences for customer satisfaction, relative competitive position, staff attitudes, staff retention and staff compliance.
Resumo:
Measuring quality attributes of object-oriented designs (e.g. maintainability and performance) has been covered by a number of studies. However, these studies have not considered security as much as other quality attributes. Also, most security studies focus at the level of individual program statements. This approach makes it hard and expensive to discover and fix vulnerabilities caused by design errors. In this work, we focus on the security design of an object oriented application and define a number of security metrics. These metrics allow designers to discover and fix security vulnerabilities at an early stage, and help compare the security of various alternative designs. In particular, we propose seven security metrics to measure Data Encapsulation (accessibility) and Cohesion (interactions) of a given object-oriented class from the point of view of potential information flow.
Resumo:
The role of internal marketing in developing organisational competencies is identified as a key area for continued research (Rafiq and Ahmed, 2003). One competence of particular interest to marketers is market orientation. This paper examines the impact of internal marketing, operationalised as a set of internal market orientated behaviours (IMO) on market orientation (MO), and consequently organisational performance, and provides the first quantitative evidence to support the long held assumption that internal marketing has an impact on marketing success. Data from UK retail managers were analysed using structural equations modelling employing LISREL software. These data indicate significant relationships between internal market orientation, employee motivation and external marketing success (market orientation, financial performance and customer satisfaction). Our results also support previous findings indicating a positive impact of external market orientation on customer satisfaction and financial performance. For marketing practitioners, the role of internal market orientation is developing marketing strategies is discussed.
Resumo:
The Open and Trusted Health Information Systems (OTHIS) Research Group has formed in response to the health sector’s privacy and security requirements for contemporary Health Information Systems (HIS). Due to recent research developments in trusted computing concepts, it is now both timely and desirable to move electronic HIS towards privacy-aware and security-aware applications. We introduce the OTHIS architecture in this paper. This scheme proposes a feasible and sustainable solution to meeting real-world application security demands using commercial off-the-shelf systems and commodity hardware and software products.
Resumo:
The protection of privacy has gained considerable attention recently. In response to this, new privacy protection systems are being introduced. SITDRM is one such system that protects private data through the enforcement of licenses provided by consumers. Prior to supplying data, data owners are expected to construct a detailed license for the potential data users. A license specifies whom, under what conditions, may have what type of access to the protected data. The specification of a license by a data owner binds the enterprise data handling to the consumer’s privacy preferences. However, licenses are very detailed, may reveal the internal structure of the enterprise and need to be kept synchronous with the enterprise privacy policy. To deal with this, we employ the Platform for Privacy Preferences Language (P3P) to communicate enterprise privacy policies to consumers and enable them to easily construct data licenses. A P3P policy is more abstract than a license, allows data owners to specify the purposes for which data are being collected and directly reflects the privacy policy of an enterprise.
Resumo:
The research on project learning has recognised the significance of knowledge transfer in project based organisations (PBOs). Effective knowledge transfer across projects avoids reinventions, enhances knowledge creation and saves lots of time that is crucial in project environment. In order to facilitate knowledge transfer, many PBOs have invested lots of financial and human resources to implement IT-based knowledge repository. However, some empirical studies found that employees would rather turn for knowledge to colleagues despite their ready access to IT-based knowledge repository. Therefore, it is apparent that social networks play a pivotal role in the knowledge transfer across projects. Some scholars attempt to explore the effect of network structure on knowledge transfer and performance, however, focused only on egocentric networks and the groups’ internal social networks. It has been found that the project’s external social network is also critical, in that the team members can not handle critical situations and accomplish the projects on time without the assistance and knowledge from external sources. To date, the influence of the structure of a project team’s internal and external social networks on project performance, and the interrelation between both networks are barely known. In order to obtain such knowledge, this paper explores the interrelation between the structure of a project team’s internal and external social networks, and their effect on the project team’s performance. Data is gathered through survey questionnaire distributed online to respondents. Collected data is analysed applying social network analysis (SNA) tools and SPSS. The theoretical contribution of this paper is the knowledge of the interrelation between the structure of a project team’s internal and external social networks and their influence on the project team’s performance. The practical contribution lies in the guideline to be proposed for constructing the structure of project team’s internal and external social networks.
Resumo:
This study explores whether the relation between internal audit quality and firm performance is associated with firm characteristics of information asymmetry and uncertainty (growth opportunities) and certain governance controls (audit committee effectiveness). The results from this preliminary study of 60 Malaysian companies show that the association between internal audit quality and firm performance is stronger for firms with high growth opportunities and that this positive association is weakened by increasing audit committee independence. These findings demonstrate the internal auditors conflicting roles and question the governance recommendations that require all members of the audit committee to be non-executive directors.
Resumo:
An examination of Information Security (IS) and Information Security Management (ISM) research in Saudi Arabia has shown the need for more rigorous studies focusing on the implementation and adoption processes involved with IS culture and practices. Overall, there is a lack of academic and professional literature about ISM and more specifically IS culture in Saudi Arabia. Therefore, the overall aim of this paper is to identify issues and factors that assist the implementation and the adoption of IS culture and practices within the Saudi environment. The goal of this paper is to identify the important conditions for creating an information security culture in Saudi Arabian organizations. We plan to use this framework to investigate whether security culture has emerged into practices in Saudi Arabian organizations.
Resumo:
Understanding the complex dynamic and uncertain characteristics of organisational employees who perform authorised or unauthorised information security activities is deemed to be a very important and challenging task. This paper presents a conceptual framework for classifying and organising the characteristics of organisational subjects involved in these information security practices. Our framework expands the traditional Human Behaviour and the Social Environment perspectives used in social work by identifying how knowledge, skills and individual preferences work to influence individual and group practices with respect to information security management. The classification of concepts and characteristics in the framework arises from a review of recent literature and is underpinned by theoretical models that explain these concepts and characteristics. Further, based upon an exploratory study of three case organisations in Saudi Arabia involving extensive interviews with senior managers, department managers, IT managers, information security officers, and IT staff; this article describes observed information security practices and identifies several factors which appear to be particularly important in influencing information security behaviour. These factors include values associated with national and organisational culture and how they manifest in practice, and activities related to information security management.
Resumo:
A method of improving the security of biometric templates which satisfies desirable properties such as (a) irreversibility of the template, (b) revocability and assignment of a new template to the same biometric input, (c) matching in the secure transformed domain is presented. It makes use of an iterative procedure based on the bispectrum that serves as an irreversible transformation for biometric features because signal phase is discarded each iteration. Unlike the usual hash function, this transformation preserves closeness in the transformed domain for similar biometric inputs. A number of such templates can be generated from the same input. These properties are illustrated using synthetic data and applied to images from the FRGC 3D database with Gabor features. Verification can be successfully performed using these secure templates with an EER of 5.85%
