989 resultados para security practices
Resumo:
Description based on: June 30, 1979.
Resumo:
Thesis (Ph.D.)--University of Washington, 2016-06
Resumo:
The idea of “human security” is gaining attention among policy-makers and security analysts. Little scholarly attention has been given to the questions of why states accept (or reject) a human security agenda or how such an agenda is incorporated into policy practices. The article suggests that a human security approach is most likely to be applied when both humanitarian and national interests combine. Yet when states or organisations adopt a human security approach, they often misjudge the complex and long-term commitment required of such an approach. There is also the potential for such an agenda to be manipulated to justify questionable courses of action. These issues frame an analysis of six recent case studies.
Resumo:
A Work Project, presented as part of the requirements for the Award of a Masters Degree in Management from the NOVA – School of Business and Economics
Resumo:
Although the ASP model has been around for over a decade, it has not achieved the expected high level of market uptake. This research project examines the past and present state of ASP adoption and identifies security as a primary factor influencing the uptake of the model. The early chapters of this document examine the ASP model and ASP security in particular. Specifically, the literature and technology review chapter analyses ASP literature, security technologies and best practices with respect to system security in general. Based on this investigation, a prototype to illustrate the range and types of technologies that encompass a security framework was developed and is described in detail. The latter chapters of this document evaluate the practical implementation of system security in an ASP environment. Finally, this document outlines the research outputs, including the conclusions drawn and recommendations with respect to system security in an ASP environment. The primary research output is the recommendation that by following best practices with respect to security, an ASP application can provide the same level of security one would expect from any other n-tier client-server application. In addition, a security evaluation matrix, which could be used to evaluate not only the security of ASP applications but the security of any n-tier application, was developed by the author. This thesis shows that perceptions with regard to fears of inadequate security of ASP solutions and solution data are misguided. Finally, based on the research conducted, the author recommends that ASP solutions should be developed and deployed on tried, tested and trusted infrastructure. Existing Application Programming Interfaces (APIs) should be used where possible and security best practices should be adhered to where feasible.
Resumo:
Some of the elements that characterize the globalization of food and agriculture are industrialization and intensification of agriculture and liberalization of agricultural markets, that favours elongation of the food chain and homogenization of food habits (nutrition transition), among other impacts. As a result, the probability of food contamination has increased with the distance and the number of “hands" that may contact the food (critical points); the nutritional quality of food has been reduced because of increased transport and longer periods of time from collection to consumption; and the number of food-related diseases due to changes in eating patterns has increased. In this context, there exist different agencies and regulations intended to ensure food safety at different levels, e.g. at the international level, Codex Alimentarius develops standards and regulations for the marketing of food in a global market. Although governments determine the legal framework, the food industry manages the safety of their products, and thus, develops its own standards for their marketing, such as the Good Agricultural Practices (GAP) programs. The participation of the private sector in the creation of regulatory standards strengthens the free trade of food products, favouring mostly large agribusiness companies. These standards are in most cases unattainable for small producers and food safety regulations are favouring removal of the peasantry and increase concentration and control in the food system by industrial actors. Particularly women, who traditionally have been in charge of the artisanal transformation process, can be more affected by these norms than men. In this project I am analysing the impcact of food safety norms over small farms, based on the case of artisanal production made by women in Spain.
Resumo:
EXECUTIVE SUMMARY : Evaluating Information Security Posture within an organization is becoming a very complex task. Currently, the evaluation and assessment of Information Security are commonly performed using frameworks, methodologies and standards which often consider the various aspects of security independently. Unfortunately this is ineffective because it does not take into consideration the necessity of having a global and systemic multidimensional approach to Information Security evaluation. At the same time the overall security level is globally considered to be only as strong as its weakest link. This thesis proposes a model aiming to holistically assess all dimensions of security in order to minimize the likelihood that a given threat will exploit the weakest link. A formalized structure taking into account all security elements is presented; this is based on a methodological evaluation framework in which Information Security is evaluated from a global perspective. This dissertation is divided into three parts. Part One: Information Security Evaluation issues consists of four chapters. Chapter 1 is an introduction to the purpose of this research purpose and the Model that will be proposed. In this chapter we raise some questions with respect to "traditional evaluation methods" as well as identifying the principal elements to be addressed in this direction. Then we introduce the baseline attributes of our model and set out the expected result of evaluations according to our model. Chapter 2 is focused on the definition of Information Security to be used as a reference point for our evaluation model. The inherent concepts of the contents of a holistic and baseline Information Security Program are defined. Based on this, the most common roots-of-trust in Information Security are identified. Chapter 3 focuses on an analysis of the difference and the relationship between the concepts of Information Risk and Security Management. Comparing these two concepts allows us to identify the most relevant elements to be included within our evaluation model, while clearing situating these two notions within a defined framework is of the utmost importance for the results that will be obtained from the evaluation process. Chapter 4 sets out our evaluation model and the way it addresses issues relating to the evaluation of Information Security. Within this Chapter the underlying concepts of assurance and trust are discussed. Based on these two concepts, the structure of the model is developed in order to provide an assurance related platform as well as three evaluation attributes: "assurance structure", "quality issues", and "requirements achievement". Issues relating to each of these evaluation attributes are analysed with reference to sources such as methodologies, standards and published research papers. Then the operation of the model is discussed. Assurance levels, quality levels and maturity levels are defined in order to perform the evaluation according to the model. Part Two: Implementation of the Information Security Assurance Assessment Model (ISAAM) according to the Information Security Domains consists of four chapters. This is the section where our evaluation model is put into a welldefined context with respect to the four pre-defined Information Security dimensions: the Organizational dimension, Functional dimension, Human dimension, and Legal dimension. Each Information Security dimension is discussed in a separate chapter. For each dimension, the following two-phase evaluation path is followed. The first phase concerns the identification of the elements which will constitute the basis of the evaluation: ? Identification of the key elements within the dimension; ? Identification of the Focus Areas for each dimension, consisting of the security issues identified for each dimension; ? Identification of the Specific Factors for each dimension, consisting of the security measures or control addressing the security issues identified for each dimension. The second phase concerns the evaluation of each Information Security dimension by: ? The implementation of the evaluation model, based on the elements identified for each dimension within the first phase, by identifying the security tasks, processes, procedures, and actions that should have been performed by the organization to reach the desired level of protection; ? The maturity model for each dimension as a basis for reliance on security. For each dimension we propose a generic maturity model that could be used by every organization in order to define its own security requirements. Part three of this dissertation contains the Final Remarks, Supporting Resources and Annexes. With reference to the objectives of our thesis, the Final Remarks briefly analyse whether these objectives were achieved and suggest directions for future related research. Supporting resources comprise the bibliographic resources that were used to elaborate and justify our approach. Annexes include all the relevant topics identified within the literature to illustrate certain aspects of our approach. Our Information Security evaluation model is based on and integrates different Information Security best practices, standards, methodologies and research expertise which can be combined in order to define an reliable categorization of Information Security. After the definition of terms and requirements, an evaluation process should be performed in order to obtain evidence that the Information Security within the organization in question is adequately managed. We have specifically integrated into our model the most useful elements of these sources of information in order to provide a generic model able to be implemented in all kinds of organizations. The value added by our evaluation model is that it is easy to implement and operate and answers concrete needs in terms of reliance upon an efficient and dynamic evaluation tool through a coherent evaluation system. On that basis, our model could be implemented internally within organizations, allowing them to govern better their Information Security. RÉSUMÉ : Contexte général de la thèse L'évaluation de la sécurité en général, et plus particulièrement, celle de la sécurité de l'information, est devenue pour les organisations non seulement une mission cruciale à réaliser, mais aussi de plus en plus complexe. A l'heure actuelle, cette évaluation se base principalement sur des méthodologies, des bonnes pratiques, des normes ou des standards qui appréhendent séparément les différents aspects qui composent la sécurité de l'information. Nous pensons que cette manière d'évaluer la sécurité est inefficiente, car elle ne tient pas compte de l'interaction des différentes dimensions et composantes de la sécurité entre elles, bien qu'il soit admis depuis longtemps que le niveau de sécurité globale d'une organisation est toujours celui du maillon le plus faible de la chaîne sécuritaire. Nous avons identifié le besoin d'une approche globale, intégrée, systémique et multidimensionnelle de l'évaluation de la sécurité de l'information. En effet, et c'est le point de départ de notre thèse, nous démontrons que seule une prise en compte globale de la sécurité permettra de répondre aux exigences de sécurité optimale ainsi qu'aux besoins de protection spécifiques d'une organisation. Ainsi, notre thèse propose un nouveau paradigme d'évaluation de la sécurité afin de satisfaire aux besoins d'efficacité et d'efficience d'une organisation donnée. Nous proposons alors un modèle qui vise à évaluer d'une manière holistique toutes les dimensions de la sécurité, afin de minimiser la probabilité qu'une menace potentielle puisse exploiter des vulnérabilités et engendrer des dommages directs ou indirects. Ce modèle se base sur une structure formalisée qui prend en compte tous les éléments d'un système ou programme de sécurité. Ainsi, nous proposons un cadre méthodologique d'évaluation qui considère la sécurité de l'information à partir d'une perspective globale. Structure de la thèse et thèmes abordés Notre document est structuré en trois parties. La première intitulée : « La problématique de l'évaluation de la sécurité de l'information » est composée de quatre chapitres. Le chapitre 1 introduit l'objet de la recherche ainsi que les concepts de base du modèle d'évaluation proposé. La maniéré traditionnelle de l'évaluation de la sécurité fait l'objet d'une analyse critique pour identifier les éléments principaux et invariants à prendre en compte dans notre approche holistique. Les éléments de base de notre modèle d'évaluation ainsi que son fonctionnement attendu sont ensuite présentés pour pouvoir tracer les résultats attendus de ce modèle. Le chapitre 2 se focalise sur la définition de la notion de Sécurité de l'Information. Il ne s'agit pas d'une redéfinition de la notion de la sécurité, mais d'une mise en perspectives des dimensions, critères, indicateurs à utiliser comme base de référence, afin de déterminer l'objet de l'évaluation qui sera utilisé tout au long de notre travail. Les concepts inhérents de ce qui constitue le caractère holistique de la sécurité ainsi que les éléments constitutifs d'un niveau de référence de sécurité sont définis en conséquence. Ceci permet d'identifier ceux que nous avons dénommés « les racines de confiance ». Le chapitre 3 présente et analyse la différence et les relations qui existent entre les processus de la Gestion des Risques et de la Gestion de la Sécurité, afin d'identifier les éléments constitutifs du cadre de protection à inclure dans notre modèle d'évaluation. Le chapitre 4 est consacré à la présentation de notre modèle d'évaluation Information Security Assurance Assessment Model (ISAAM) et la manière dont il répond aux exigences de l'évaluation telle que nous les avons préalablement présentées. Dans ce chapitre les concepts sous-jacents relatifs aux notions d'assurance et de confiance sont analysés. En se basant sur ces deux concepts, la structure du modèle d'évaluation est développée pour obtenir une plateforme qui offre un certain niveau de garantie en s'appuyant sur trois attributs d'évaluation, à savoir : « la structure de confiance », « la qualité du processus », et « la réalisation des exigences et des objectifs ». Les problématiques liées à chacun de ces attributs d'évaluation sont analysées en se basant sur l'état de l'art de la recherche et de la littérature, sur les différentes méthodes existantes ainsi que sur les normes et les standards les plus courants dans le domaine de la sécurité. Sur cette base, trois différents niveaux d'évaluation sont construits, à savoir : le niveau d'assurance, le niveau de qualité et le niveau de maturité qui constituent la base de l'évaluation de l'état global de la sécurité d'une organisation. La deuxième partie: « L'application du Modèle d'évaluation de l'assurance de la sécurité de l'information par domaine de sécurité » est elle aussi composée de quatre chapitres. Le modèle d'évaluation déjà construit et analysé est, dans cette partie, mis dans un contexte spécifique selon les quatre dimensions prédéfinies de sécurité qui sont: la dimension Organisationnelle, la dimension Fonctionnelle, la dimension Humaine, et la dimension Légale. Chacune de ces dimensions et son évaluation spécifique fait l'objet d'un chapitre distinct. Pour chacune des dimensions, une évaluation en deux phases est construite comme suit. La première phase concerne l'identification des éléments qui constituent la base de l'évaluation: ? Identification des éléments clés de l'évaluation ; ? Identification des « Focus Area » pour chaque dimension qui représentent les problématiques se trouvant dans la dimension ; ? Identification des « Specific Factors » pour chaque Focus Area qui représentent les mesures de sécurité et de contrôle qui contribuent à résoudre ou à diminuer les impacts des risques. La deuxième phase concerne l'évaluation de chaque dimension précédemment présentées. Elle est constituée d'une part, de l'implémentation du modèle général d'évaluation à la dimension concernée en : ? Se basant sur les éléments spécifiés lors de la première phase ; ? Identifiant les taches sécuritaires spécifiques, les processus, les procédures qui auraient dû être effectués pour atteindre le niveau de protection souhaité. D'autre part, l'évaluation de chaque dimension est complétée par la proposition d'un modèle de maturité spécifique à chaque dimension, qui est à considérer comme une base de référence pour le niveau global de sécurité. Pour chaque dimension nous proposons un modèle de maturité générique qui peut être utilisé par chaque organisation, afin de spécifier ses propres exigences en matière de sécurité. Cela constitue une innovation dans le domaine de l'évaluation, que nous justifions pour chaque dimension et dont nous mettons systématiquement en avant la plus value apportée. La troisième partie de notre document est relative à la validation globale de notre proposition et contient en guise de conclusion, une mise en perspective critique de notre travail et des remarques finales. Cette dernière partie est complétée par une bibliographie et des annexes. Notre modèle d'évaluation de la sécurité intègre et se base sur de nombreuses sources d'expertise, telles que les bonnes pratiques, les normes, les standards, les méthodes et l'expertise de la recherche scientifique du domaine. Notre proposition constructive répond à un véritable problème non encore résolu, auquel doivent faire face toutes les organisations, indépendamment de la taille et du profil. Cela permettrait à ces dernières de spécifier leurs exigences particulières en matière du niveau de sécurité à satisfaire, d'instancier un processus d'évaluation spécifique à leurs besoins afin qu'elles puissent s'assurer que leur sécurité de l'information soit gérée d'une manière appropriée, offrant ainsi un certain niveau de confiance dans le degré de protection fourni. Nous avons intégré dans notre modèle le meilleur du savoir faire, de l'expérience et de l'expertise disponible actuellement au niveau international, dans le but de fournir un modèle d'évaluation simple, générique et applicable à un grand nombre d'organisations publiques ou privées. La valeur ajoutée de notre modèle d'évaluation réside précisément dans le fait qu'il est suffisamment générique et facile à implémenter tout en apportant des réponses sur les besoins concrets des organisations. Ainsi notre proposition constitue un outil d'évaluation fiable, efficient et dynamique découlant d'une approche d'évaluation cohérente. De ce fait, notre système d'évaluation peut être implémenté à l'interne par l'entreprise elle-même, sans recourir à des ressources supplémentaires et lui donne également ainsi la possibilité de mieux gouverner sa sécurité de l'information.
Resumo:
Mobile technologies have brought about major changes in police equipment and police work. If a utopian narrative remains strongly linked to the adoption of new technologies, often formulated as 'magic bullets' to real occupational problems, there are important tensions between their 'imagined' outcomes and the (unexpected) effects that accompany their daily 'practical' use by police officers. This article offers an analysis of police officers' perceptions and interactions with security devices. In so doing, it develops a conceptual typology of strategies for coping with new technology inspired by Le Bourhis and Lascoumes: challenging, neutralizing and diverting. To that purpose, we adopt an ethnographic approach that focuses on the discourses, practices and actions of police officers in relation to three security devices: the mobile digital terminal, the mobile phone and the body camera. Based on a case study of a North American municipal police department, the article addresses how these technological devices are perceived and experienced by police officers on the beat.
Resumo:
Please consult the paper edition of this thesis to read. It is available on the 5th Floor of the Library at Call Number: Z 9999 P65 D53 2007
Resumo:
While service-learning is often said to be beneficial for all those involved—students, community members, higher education institutions, and faculty members—there are relatively few studies of the attraction to, and effect of, service-learning on faculty members. Existing studies have tended to use a survey design, and to be based in the United States. There is a lack of information on faculty experiences with service-learning in Ontario or Canada. This qualitative case study of faculty experiences with service-learning was framed through an Appreciative Inquiry social constructionist approach. The data were drawn from interviews with 18 faculty members who belong to a Food Security Research Network (FSRN) at a university in northern Ontario, reports submitted by the network, and personal observation of a selection of network-related events. This dissertation study revealed how involvement with service-learning created opportunities for faculty learning and growth. The focus on food security and a commitment to the sustainability of local food production was found to be an ongoing attraction to service-learning and a means to engage in and integrate research and teaching on matters of personal and professional importance to these faculty members. The dissertation concludes with a discussion of the FSRN’s model and the perceived value of a themed, transdisciplinary approach to service-learning. This study highlights promising practices for involving faculty in service-learning and, in keeping with an Appreciative Inquiry approach, depicts a view of faculty work at its best.
Resumo:
This paper provides an overview of the ‘state of the art’ in the academic literature on EU labour migration policies. It forms part of the research agenda of Work Package 18 of the NEUJOBS project, which aims at reviewing legislation and practices regarding the labour market inclusion and protection of rights of different categories of foreign workers in European labour markets. Accordingly, particular attention is paid to the works of scholars who evaluate the status of rights of third-country national workers in relation to labour market access, employment security, social integration, etc., in European legislation on labour immigration. More specifically, the review has selected those scholarly works that focus specifically on analysing the manner in which policy-makers have addressed the granting of rights to non-EU migrant workers, and the manner in which policy agendas – through the relevant political and institutional dynamics – have found their translation in the legislation adopted. This paper consists of two core parts. In the first section, it reviews the works of scholars who have touched on these research questions with respect to the internal dimensions of EU labour migration policies. The second section does the same for the external dimensions of these policies. Both sections start off by analysing the main trends in the literature that reviews these questions for the internal and external dimensions of European migration policies as a whole, and then move on to how these ‘trends’ can (or cannot) be found translated in scholarly writings on labour migration policies more specifically. In the final section, the paper concludes by summarising the main trends and gaps in the literature reviewed, and indicates avenues for further research.
Resumo:
Urban regeneration programmes in the UK over the past 20 years have increasingly focused on attracting investors, middle-class shoppers and visitors by transforming places and creating new consumption spaces. Ensuring that places are safe and are seen to be safe has taken on greater salience as these flows of income are easily disrupted by changing perceptions of fear and the threat of crime. At the same time, new technologies and policing strategies and tactics have been adopted in a number of regeneration areas which seek to establish control over these new urban spaces. Policing space is increasingly about controlling human actions through design, surveillance technologies and codes of conduct and enforcement. Regeneration agencies and the police now work in partnerships to develop their strategies. At its most extreme, this can lead to the creation of zero-tolerance, or what Smith terms 'revanchist', measures aimed at particular social groups in an effort to sanitise space in the interests of capital accumulation. This paper, drawing on an examination of regeneration practices and processes in one of the UK's fastest-growing urban areas, Reading in Berkshire, assesses policing strategies and tactics in the wake of a major regeneration programme. It documents and discusses the discourses of regeneration that have developed in the town and the ways in which new urban spaces have been secured. It argues that, whilst security concerns have become embedded in institutional discourses and practices, the implementation of security measures has been mediated, in part, by the local socio-political relations in and through which they have been developed.
Resumo:
While many studies have demonstrated the sensitivities of plants and of crop yield to a changing climate, a major challenge for the agricultural research community is to relate these findings to the broader societal concern with food security. This paper reviews the direct effects of climate on both crop growth and yield and on plant pests and pathogens and the interactions that may occur between crops, pests, and pathogens under changed climate. Finally, we consider the contribution that better understanding of the roles of pests and pathogens in crop production systems might make to enhanced food security. Evidence for the measured climate change on crops and their associated pests and pathogens is starting to be documented. Globally atmospheric [CO(2)] has increased, and in northern latitudes mean temperature at many locations has increased by about 1.0-1.4 degrees C with accompanying changes in pest and pathogen incidence and to farming practices. Many pests and pathogens exhibit considerable capacity for generating, recombining, and selecting fit combinations of variants in key pathogenicity, fitness, and aggressiveness traits that there is little doubt that any new opportunities resulting from climate change will be exploited by them. However, the interactions between crops and pests and pathogens are complex and poorly understood in the context of climate change. More mechanistic inclusion of pests and pathogen effects in crop models would lead to more realistic predictions of crop production on a regional scale and thereby assist in the development of more robust regional food security policies.
Resumo:
Soils most obviously contribute to food security in their essential role in crop and fodder production, so affecting the local availability of particular foods. They also have a direct influence on the ability to distribute food, the nutritional value of some foods and, in some societies, the access to certain foods through local processes of allocation and preferences. The inherent fertility of some soils is greater than that of others, so that crop yields vary greatly under semi-natural conditions. Husbandry practices, including the use of manures and fertilisers, have evolved to improve biological, chemical and physical components of soil fertility and thereby increase crop production. The challenge for the future is to sustain soil fertility in ways that increase the yield per unit area while simultaneously avoiding other detrimental environmental consequences. This will require increased effort to develop practices that use inputs such as nutrients, water and energy more efficiently. Opportunities to achieve this include adopting more effective ways to apply water and nutrients, adopting tillage practices that promote water infiltration and increase of organic matter, and breeding to improve the effectiveness of root systems in utilising soil-based resources.
Resumo:
Rising demands for agricultural products will increase pressure to further intensify crop production, while negative environmental impacts have to be minimized. Ecological intensification entails the environmentally friendly replacement of anthropogenic inputs and/or enhancement of crop productivity, by including regulating and supporting ecosystem services management in agricultural practices. Effective ecological intensification requires an understanding of the relations between land use at different scales and the community composition of ecosystem service-providing organisms above and below ground, and the flow, stability, contribution to yield, and management costs of the multiple services delivered by these organisms. Research efforts and investments are particularly needed to reduce existing yield gaps by integrating context-appropriate bundles of ecosystem services into crop production systems.
