942 resultados para information security management assessment
Resumo:
"B-223830"--p.[1]
Resumo:
"B-215075"--p. 1.
Resumo:
Includes bibliographical references.
Resumo:
Mode of access: Internet.
Resumo:
Electronic communications devices intended for government or military applications must be rigorously evaluated to ensure that they maintain data confidentiality. High-grade information security evaluations require a detailed analysis of the device's design, to determine how it achieves necessary security functions. In practice, such evaluations are labour-intensive and costly, so there is a strong incentive to find ways to make the process more efficient. In this paper we show how well-known concepts from graph theory can be applied to a device's design to optimise information security evaluations. In particular, we use end-to-end graph traversals to eliminate components that do not need to be evaluated at all, and minimal cutsets to identify the smallest group of components that needs to be evaluated in depth.
Resumo:
As a means of benchmarking their position and assisting with anticipating an uncertain future, the identification of critical information systems (IS) management issues frameworks is becoming an increasingly important research task for both academics and industrialists. This paper provides a description and summary of previous work on identifying IS issues frameworks by reviewing 20 research investigations in terms of what they studied and how they were conducted. It also suggests some possible directions and methodologies for future research. The summary and suggestions for further work are applicable for issues framework research in the IS management field as well as in other business and management areas.
Resumo:
Objective To investigate current use of the internet and eHealth amongst adults. Design Focus groups were conducted to explore participants' attitudes to and reasons for health internet use. Main outcome measures The focus group data were analysed and interpreted using thematic analysis. Results Three superordinate themes exploring eHealth behaviours were identified: decline in expert authority, pervasiveness of health information on the internet and empowerment. Results showed participants enjoyed the immediate benefits of eHealth information and felt empowered by increased knowledge, but they would be reluctant to lose face-to-face consultations with their GP. Conclusions Our findings illustrate changes in patient identity and a decline in expert authority with ramifications for the practitioner–patient relationship and subsequent implications for health management more generally.
Resumo:
Information systems (IS) managers have become key senior executives for organising the IT resources for delivering support to businesses. Understanding characteristics of IS managers’ employment positions is hence an increasingly important topic in computer personnel research. An investigation in Singapore that included a job advertisement analysis, surveys and case studies was thus conducted to investigate such aspects. This article presents the findings of the job advertisement analysis concerning what kinds of IS managers the market is seeking and what are the basic conditions for such management positions. The literature in this area asserts that job advertisements represent firms’ wishes and the nature of the conditions required of different IS personnel. The results of this analysis therefore reflect a collective market perspective about the changing IS managerial workplace. The results of the analysis benefit both firms and IS employees in formulating personnel development plans and actions, and raise issues for further research.
Resumo:
Information systems have developed to the stage that there is plenty of data available in most organisations but there are still major problems in turning that data into information for management decision making. This thesis argues that the link between decision support information and transaction processing data should be through a common object model which reflects the real world of the organisation and encompasses the artefacts of the information system. The CORD (Collections, Objects, Roles and Domains) model is developed which is richer in appropriate modelling abstractions than current Object Models. A flexible Object Prototyping tool based on a Semantic Data Storage Manager has been developed which enables a variety of models to be stored and experimented with. A statistical summary table model COST (Collections of Objects Statistical Table) has been developed within CORD and is shown to be adequate to meet the modelling needs of Decision Support and Executive Information Systems. The COST model is supported by a statistical table creator and editor COSTed which is also built on top of the Object Prototyper and uses the CORD model to manage its metadata.
Resumo:
Different types of ontologies and knowledge or metaknowledge connected to them are considered and analyzed aiming at realization in contemporary information security systems (ISS) and especially the case of intrusion detection systems (IDS) or intrusion prevention systems (IPS). Human-centered methods INCONSISTENCY, FUNNEL, CALEIDOSCOPE and CROSSWORD are algorithmic or data-driven methods based on ontologies. All of them interact on a competitive principle ‘survival of the fittest’. They are controlled by a Synthetic MetaMethod SMM. It is shown that the data analysis frequently needs an act of creation especially if it is applied to knowledge-poor environments. It is shown that human-centered methods are very suitable for resolutions in case, and often they are based on the usage of dynamic ontologies
Resumo:
Possibilities for investigations of 43 varieties of file formats (objects), joined in 10 groups; 89 information attacks, joined in 33 groups and 73 methods of compression, joined in 10 groups are described in the paper. Experimental, expert, possible and real relations between attacks’ groups, method’ groups and objects’ groups are determined by means of matrix transformations and the respective maximum and potential sets are defined. At the end assessments and conclusions for future investigation are proposed.
Resumo:
In this paper a possibility for quantitative measuring of information security of objects, exposed to information attacks and processed with methods of compression, is represented. A co-efficient of information security, which reflects the influence of the level of compression obtained after applying methods of compression to objects and the time, required by the attack to get access to the corresponding object, is proposed. Methods’ groups with the highest and respectively the lowest values of the co-efficient of information security for all methods’ groups in relation to all attacks’ groups are determined. Assessments and conclusions for future investigations are proposed.
Resumo:
In this paper a methodology for evaluation of information security of objects under attacks, processed by methods of compression, is represented. Two basic parameters for evaluation of information security of objects – TIME and SIZE – are chosen and the characteristics, which reflect on their evaluation, are analyzed and estimated. A co-efficient of information security of object is proposed as a mean of the coefficients of the parameter TIME and SIZE. From the simulation experiments which were carried out methods with the highest co-efficient of information security had been determined. Assessments and conclusions for future investigations are proposed.
Resumo:
Postprint
