• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 502
  • 312
  • 1
  • Tagged with
  • 815
  • 815
  • 815
  • 813
  • 813
  • 172
  • 170
  • 60
  • 51
  • 48
  • 42
  • 41
  • 37
  • 36
  • 33
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
21

ICT Security Readiness Checklist for Developing Countries : A Social-Technical Approach

Tarimo, Charles N. January 2006 (has links)
The consequences of Information and Communication Technology (ICT) revolution on society are almost impossible to enumerate. New types of ICT products, services and capabilities are finding their way into our offices, schools and homes - almost on daily basis; impacting the way we work, learn and live. Following this revolution, governments around the world have recognised that the transformation from traditional government to electronic government is one of the most important public policy issues to embrace. Likewise, organisations and businesses around the world are transforming from traditional organisations and businesses to their electronic equivalent. However, to be a part in this revolution, it is important for the concerned governments and organisations to have an ability to differentiate between implementing a new IT/ICT system and a transformation to e-government, e-organisation, and e-business. E-government is not simply about implementing new ICT systems, but it is about changing business models and processes to do things differently and better. ICT offers the solutions, but e-government, eorganisation, and e-business are about changing the way they operate to achieve their mission objectives.Implicitly there are a number of key issues to be considered in this transformation. One such key issue is security, since many of the technical and social security control mechanisms that are in place today are rendered ineffective by the ICT revolution. As such, we can no longer rely entirely on our traditional security controls—e.g. physical access controls, security guards and locks—to ensure the security of an organisation’s assets, processes and communications. The multiplicity of new technical possibilities gives rise not only to new products, services and more efficient and effective ways of doing things, but also to the possibility of misuse of the technology. Consequently, new social and technical security controls are imperative in this revolution. However, research findings show that, in many cases, security issues come as an-after-thought in the ongoing transformations to ICT-enabled organisational or governmental contexts. In this thesis, the challenges of the process of computerisation and other changes due to ICT are investigated from a security point of view. An explorative study of both theoretical and practical aspects of addressing ICT security in organisations was performed. The findings from some organisations studied show that, organisations—as social-technical systems—are facing a myriad of problems in their effort to adequately and effectively implementing a sound ICT security program. As a result, the organisations, individuals, or nations as a whole; may fail in meeting the challenges of exploiting the benefits of ICT; due, in part, to their failure to manage the risks which ICT presents—not being ‘e-ready’ in ICT security matters. In view of the above, the following are the end products of the research: a Model of Security Knowledge, and a Social-Technical ICT Security Readiness Checklist. These end products draw from the available ICT-security knowledge-body and a practical experience from an empirical study conducted in Tanzania. We believe the model and checklist would serve as a starting point in assisting organisations having a similar security situation as those studied, to meet the security challenges of exploiting the benefits of ICT. By providing means for evaluation, formation and implementation of ICT security controls—both social and technical ones—the checklist can be helpful in managing the risks that ICT presents.
22

Strategic Planning of Knowledge Management Systems : A Problem Exploration Approach

Aidemark, Jan January 2007 (has links)
Knowledge management (KM) is focused on the problems and opportunities of using organizational knowledge as a resource. Information systems that are used to support KM processes are called knowledge management systems (KMS). A KMS is distinguished from any information system by the organizational processes that it supports, that is, creation, capture, storage and dissemination of competences and knowledge. The research area can be summarized as: “Perspectives and frameworks for the strategic planning of knowledge management systems, i.e. information systems for the support of organizational knowledge processes”. We approach the problem area from a strategic point of view, assuming that the problems of the area are based on a socio-technical dimension and that a multiple-paradigm approach is necessary for dealing with the problems of the various KM areas. The research strategy applied to achieve this is interpretative case studies. A number of case studies are used for exploring KM planning areas, developing frameworks for planning and testing the resulting approach. The empirical material consists of three main case studies, together with a number of secondary cases by other writers in the KM field. The outcome of the research is a planning approach, which is given the name: “The problem exploration approach”. The approach is intended for the generation of ideas of possible systems, as a strategic part of knowledge management systems planning. The purpose of the planning approach is to support the creation of a portfolio of KMS. A KMS portfolio is a structured set of information systems that could be developed for an organizational unit. The approach consists of five planning frameworks, all targeting different aspects of an organization. “The problem exploration approach” and its development process are then examined for more general insights into the subject of strategic KM planning. As an outcome of this examination a 12-point program for balancing a planning approach is presented.
23

Plot, Spectacle, and Experience : Contributions to the Design and Evaluation of Interactive Storytelling

Laaksolahti, Jarmo January 2008 (has links)
Interactive storytelling is a new form of storytelling emerging in the crossroads of many scholarly, artistic, and industrial traditions. In interactive stories the reader/spectator moves from being a receiver of a story to an active participant. By allowing participants to influence the progression and outcome of the story new experiences will arise. This thesis has worked on three aspects of interactive storytelling: plot, spectacle, and experience. The first aspect is concerned with finding methods for combining the linear structure of a story, with the freedom of action required for an interactive experience. Our contribution has focused on a method for avoiding unwanted plot twists by predicting the progression of a story and altering its course if such twists are detected. The second aspect is concerned with supporting the storytelling process at the level of spectacle. In Aristotelian terms, spectacle refers to the sensory display that meets the audience of a drama and is ultimately what causes the experience. Our contribution focuses on graphically making changing emotions and social relations, important elements of dramatic stories in our vision, salient to players at the level of spectacle. As a result we have broadened the view of what is important for interactive storytelling, as well as what makes characters believable. So far not very much research has been done on evaluating interactive stories. Experience, the third aspect, is concerned with finding qualitative methods for evaluating the experience of playing an interactive story. In particular we were interested in finding methods that could tell us something about how a players experience evolved over time, in addition to qualities such as agency that have been claimed to be characteristic for interactive stories. Our contribution consists of two methods that we have developed and adapted for the purposes of evaluating interactive stories that can provide such information. The methods have been evaluated on three different interactive storytelling type games.
24

Mobile Agent Approach to Congestion Control in Heterogeneous Networks

Nguyen, Hong Van January 2008 (has links)
One of the motivations to study the behavior of the Internet is to find out the best way to maintain the relative stability of the global network. This leads into the investigations of events that impair the performance of the system such as congestion that occurs whenever the demand for resources exceed the available capacity. When the congestion is left uncontrolled the performance of the whole system degrades through severe delays, lost packets, and even a complete shutdown of the network. Hence, congestion management through monitoring, detection and control is necessary in order to sustain acceptable levels of network performance and this may be done via the transport protocols. Consequently, many modifications of the original TCP protocol have been implemented to manage the control. On the other hand, unlike TCP, UDP has no knowledge of congestion whatsoever and hence unresponsive to the network problems. The work explores the possibility to influence and modify the unresponsive behavior of UDP or similar protocols via the mobile agent paradigm. The autonomous entities are able to migrate across the network and sense the state of the network and when needed tame the intensity of UDP or alike flows to prevent congestion. The proposed model is termed the Combined Model for Congestion Control (CM4CC) and has two different objectives. The first one is to employ the host centric or end-to-end (E2E) congestion control mechanisms for the TCP flows; the second one is to invoke the mobile agent paradigm to manage the non-TCP (or UDP) traffic. Both mechanisms must work together to avoid congestion. When it eventually appears, they have to assist the network in speedy recovery and return to the normal mode of operation. The validity of the CM4CC has been verified through numerous simulation scenarios using the Optimized Network Engineering Tool (OPNET). The results provide the basis for an environment that makes possible the coexistence of responsive and unresponsive flows.
25

Information Security in Distributed Healthcare : Exploring the Needs for Achieving Patient Safety and Patient Privacy

Åhlfeldt, Rose-Mharie January 2008 (has links)
In healthcare, patient information is a critical factor. The right information at the right time is a necessity in order to provide the best possible care for a patient. Patient information must also be protected from unauthorized access in order to protect patient privacy. It is furthermore common for patients to visit more than one healthcare provider, which implies a need for cross border healthcare and continuity in the patient process. This thesis is focused on information security in healthcare when patient information has to be managed and communicated between various healthcare actors and organizations. The work takes a practical approach with a set of investigations from different perspectives and with different professionals involved. Problems and needs have been identified, and a set of guidelines and recommendations has been suggested and developed in order to improve patient safety as well as patient privacy. The results show that a comprehensive view of the entire area concerning patient information management between different healthcare actors is missing. Healthcare, as well as patient processes, have to be analyzed in order to gather knowledge needed for secure patient information management. Furthermore, the results clearly show that there are deficiencies both at the technical and the administrative level of security in all investigated healthcare organizations. The main contribution areas are: an increased understanding of information security by elaborating on the administrative part of information security, the identification of information security problems and needs in cross border healthcare, and a set of guidelines and recommendations in order to advance information security measures in healthcare.
26

Beyond Users : Grounding Technology in Experience

Ljungblad, Sara January 2008 (has links)
This thesis goes beyond a user-centred design approach to explore potential future applications and modes of interaction. With several design cases, we investigate how early technology ideas can be matched with a specific practice to inspire novel design. This involves learning about existing experiences, interests and activities that can be relevant for a potential application, but which are not necessarily found among the intended users. Starting with early technology ideas and then finding a suitable practice to learn from is an alternative perspective of design activities. This can be useful for researchers and designers in Human Computer Interaction (HCI) who are interested in complementing approaches compared to user-centred design. Our approach is also relevant for researchers that face technology-driven starting points, and want to investigate future applications by grounding the design in existing practices. A set of design cases show how the overall research goes from a usability-oriented perspective towards a more experience-oriented one, in order to accommodate technology-driven design situations. The design cases have involved different technical starting points, including information display technologies, surface-based networking, digital photography, and robot technology for everyday settings. The overall design process evolves towards matching the technology with a practice, and to investigate applications by developing one or more research prototypes. This has resulted knowledge of novel applications and interaction for the technology in question, as well as knowledge on how to employ empirical data to inspire novel design. Finally, we provide an overall reflection of the research process and show how a design approach that goes beyond users can benefit the design process.
27

IT-supported Knowledge Repositories : Increasing their Usefulness by Supporting Knowledge Capture

Aggestam, Lena January 2008 (has links)
Organizations use various resources to achieve business objectives, and for financial gain. In modern business, knowledge is a critical resource, and organizations cannot afford not to manage it. Knowledge Management (KM) aims to support learning and to create value for the organization. Based on three levels of inquiry (why, what, how), work presented in this thesis includes a synthesized view of the existing body of knowledge concerning KM and hence a holistic characterization of KM. This characterization reveals a strong dependency between KM and Learning Organization (LO). Neither of them can be successful without the other. We show that a KM project resulting in an IT-supported knowledge repository is a suitable way to start when the intention is to initiate KM work. Thus, our research focuses on ITsupported knowledge repositories. Large numbers of KM projects fail, and organizations lack support for their KM undertakings. These are the main problems that our research addresses. In order for an IT-supported knowledge repository to be successful, it must be used. Thus, the content of the repository is critical for success. Our work reveals that the process of capturing new knowledge is critical if the knowledge repository is to include relevant and updated knowledge. With the purpose of supporting the capture process, this thesis provides a detailed characterization of the capture process as well as guidance aiming to facilitate the implementation of the capture process in such a way that knowledge is continuously captured, also after the KM implementation project is completed. We argue that the continuous capture of new knowledge which can potentially be stored in the knowledge repository will, in the long term perspective, have a positive influence on the usefulness of the repository. This will most likely increase the number of users of the repository and accordingly increase the number of successful KM projects. All the work presented in this thesis is the result of a qualitative research process comprising a literature review and an empirical study that were carried out in parallel. The empirical study is a case study inspired by action research, which involved participation in the project Efficient Knowledge Management and Learning in Knowledge Intensive Organizations (EKLär).
28

Towards integrating agile development and risk management

Nyfjord, Jaana January 2008 (has links)
Risk management has become recognized as a best practice in the software industry. Controlling risks improves essential software development features such as product quality, planning precision and cost-efficiency. For this reason, the inclusion of risk management in software development is an important factor to consider if one wishes to achieve project success. Agile software development models claim to be risk-driven. They state that their iterative approach enables continuous attention to risks and that the risks can be reduced by practices such as continuous software integration and early testing. In reality, however, the agile development models implement few risk management practices. The research problem addressed in this thesis is multi-faceted. The problem concerns the lack of explicit risk management practices in agile development. However, it also concerns the need to address risk management on an organization-wide basis. In addition, it concerns the conflict that emerges from trying to merge the agile process with standard industrial processes, such as risk management, without compromising agility. The goal of this thesis is to explore integration as a solution for addressing the lack of risk management in the agile model based on empirical research. It involves (a) outlining a model integrating the agile and risk management processes on an organization-wide basis, and (b) providing a foundation for its extension. The results show that, within the scope of this research, the proposed solution is a valid candidate for improving the agile situation. However, it is still in its infancy. It does not claim to be complete but needs to be further elaborated and complemented with details. Hence, we outline the model and provide a foundation established in empirical investigation for extending it in future research.
29

Securing Information Assets : Understanding, Measuring and Protecting against Social Engineering Attacks

Nohlberg, Marcus January 2008 (has links)
Social engineering denotes, within the realm of security, a type of attack against the human element during which the assailant induces the victim to release information or perform actions they should not. Our research on social engineering is divided into three areas: understanding, measuring and protecting. Understanding deals with finding out more about what social engineering is, and how it works. This is achieved through the study of previous work in information security as well as other relevant research areas. The measuring area is about trying to find methods and approaches that put numbers on an organization’s vulnerability to social engineering attacks. Protecting covers the ways an organization can use to try to prevent attacks. A common approach is to educate the users on typical attacks, assailants, and their manipulative techniques. In many cases there are no preventive techniques, dealing with the human element of security, in place. The results show that social engineering is a technique with a high probability of success. Furthermore, defense strategies against it are complicated, and susceptibility to it is difficult to measure. Important contributions are a model describing social engineering attacks and defenses, referred to as the Cycle of Deception, together with a thorough discussion on why and how social engineering works. We also propose new ways of conducting social engineering penetration testing and outline a set of recommendations for protection. It is crucial to involve managers more, but also to train the users with practical exercises instead of theoretical education, for example, by combining measuring exercises and penetration testing with training. We also discuss the future threat of Automated Social Engineering, in which software with a simple form of artificial intelligence can be used to act as humans using social engineering techniques online, making it quite hard for Internet users to trust anyone they communicate with online.
30

Organizational patterns for knowledge capture in B2B engagements

Niwe, Moses January 2010 (has links)
The purpose of this research is to present a means of knowledge capture in form of patterns that are solutions to reoccurring problems for business-to-business (B2B) organizations. Using empirical data, we examine the processes involved in the B2B engagement and capture valuable solutions as best practices. The collection of patterns forms a pattern language for B2B engagements that addresses operational, communication and collaboration areas of the B2B environment. The thesis is organized into three parts. Part I presents an overview of the work tying Part II and Part III. It contains problem, research objective, research process, contribution, result, publications, and thesis structure. Part II presents the first set of patterns developed. Part III builds up on the work in Part II by taking an in-depth study using more organizations to expound on the pattern language. Patterns developed in this thesis essentially are best practices in the B2B domain. Natural language is used to present the knowledge embedded in the patterns, i.e. solutions and suggestions that give advice on how the pattern is to be applied in a real case scenario. In some cases, this knowledge constitutes an organizational design proposal serving as a suggestion or inspiration for design B2B engagements in organizations. Citations are used in the motivation field of pattern to emphasize the reason for using industry practices and experience. The pattern validation process is performed after pattern development, and it showed the external consistency of the knowledge embedded in the developed patterns. The research result shows that organizations appreciate and are willing to participate in capturing best practices in the form of organizational patterns. These patterns are seen as generic and abstract organizational designs that can be adapted and reused in practice.

Page generated in 0.096 seconds