Global ETD Search

451	Attitudes toward, and awareness of, online privacy and security: a quantitative comparison of East Africa and U.S. internet users Ruhwanya, Zainab Said January 1900 (has links) Master of Science / Computing and Information Sciences / Eugene Vasserman / The increase in penetration of Internet technology throughout the world is bringing an increasing volume of user information online, and developing countries such as those of East Africa are included as contributors and consumers of this voluminous information. While we have seen concerns from other parts of the world regarding user privacy and security, very little is known of East African Internet users’ concern with their online information exposure. The aim of this study is to compare Internet user awareness and concerns regarding online privacy and security between East Africa (EA) and the United States (U.S.) and to determine any common attitudes and differences. The study followed a quantitative research approach, with the EA population sampled from the Open University of Tanzania, an open and distance-learning university in East Africa, and the U.S. population sampled from Kansas State University, a public university in the U.S. Online questionnaires were used as survey instruments. The results show no significant difference in awareness of online privacy between Internet users from East Africa and the U.S. There is however, significant difference in concerns about online privacy, which differ with the type of information shared. Moreover, the results have shown that the U.S. Internet users are more aware of online privacy concerns, and more likely to have taken measure to protect their online privacy and conceal their online presence, than the East African Internet users. This study has also shown that East Africans Internet users are more likely to be victims of online identity theft, security issues and reputation damage. Privacy Security Data protection and privacy law Online Privacy Cyber security Internet Computer Science (0984) Information Technology (0489) Sub-Saharan Africa Studies (0639)
452	The Rule of Law and the Effective Protection of Taxpayers' Rights in Developing Countries Valderrama, Irma Johanna Mosquera, Mazz, Addy, Schoueri, Luis Eduardo, Quiñones, Natalia, Roeleveld, Jennifer, Pistone, Pasquale, Zimmer, Frederik January 2017 (has links) (PDF) The overall aim of this article is to analyse the taxpayers' rights in relation to the emerging standard of transparency with specific reference to Brazil, Colombia, South Africa and Uruguay. Exchange of information between tax authorities is increasing rapidly all around the world. This global development is largely the result of the introduction of the standard of transparency by the Organization for Economic Cooperation and Development ("OECD") with the political mandate of the G20 and more recently, in 2013, the introduction of the global standard of automatic exchange of information. Governments have agreed that exchange of information is necessary to prevent tax evasion and to tackle tax avoidance including aggressive tax planning. All surveyed countries have accepted the standard of transparency including the standard of automatic exchange of information. Furthermore, it is evident that the development of such standards appears to have taken place in a coordinated manner, led mainly by international organizations comprising governmental officials. This article has first provided a comparative overview of the rules that Brazil, Colombia, South Africa and Uruguay have introduced to protect the taxpayers' rights in the exchange of information process being the right to access to public information, the right to confidentiality, the right to privacy, and the procedural rights (right to be informed, the right to be notified and right to object and appeal). Thereafter, this article has assessed whether the rules introduced by the surveyed countries to protect these rights are consistent with the fundamental taxpayers' rights that belong to the rule of law of these countries and with the principles of good governance and fiscal transparency. The main conclusion is that the countries have introduced to some extent similar rules to protect the right to confidentiality, right to privacy and the procedural rights in the exchange of information. However, some differences may be found in the detail level of protection of confidentiality in South Africa and in respect of the procedural rights in Uruguay. One of the drawbacks of these rules is that the rules introduced by the surveyed countries do not ensure that the protection of the right to confidentiality and the right to privacy is effectively guaranteed. The results of the analysis show that these rules do not protect the taxpayer in case of breach of confidentiality or misuse of the information exchanged. This article argues that the differences among rules and the lack of protection for taxpayer information may hinder the effective protection of the taxpayer and the tax administration should guarantee the protection of the taxpayer rights as part of the rule of law. Therefore, this article provides in Section 4 three recommendations addressing the right to confidentiality, the right to privacy and the taxpayers' procedural rights. These recommendations may be extended (as best practices) to other developing countries on a similar economic and legal scale. However, further research will be needed to see whether the conclusions of this article are also applicable to (other) developing countries. / Series: WU International Taxation Research Paper Series JEL K33, K34, E62, E63, F62, H26, O23
453	Ochrana osobních údajů v kontextu datového skladu / Protection of personal data in the context of a data warehouse Tůma, David January 2017 (has links) Diploma thesis deals with problematics of protection of personal data in Czech republic with link to legislation of European Union. The main subject of the thesis is detailed analysis of current legal standards and identifying the requirements resulting from the changes adopted. The found changes are practically judged from the data warehouse perspective and for each of them is presented a practical solution.
454	Visualisation of PF firewall logs using open source Coetzee, Dirk January 2015 (has links) If you cannot measure, you cannot manage. This is an age old saying, but still very true, especially within the current South African cybercrime scene and the ever-growing Internet footprint. Due to the significant increase in cybercrime across the globe, information security specialists are starting to see the intrinsic value of logs that can ‘tell a story’. Logs do not only tell a story, but also provide a tool to measure a normally dark force within an organisation. The collection of current logs from installed systems, operating systems and devices is imperative in the event of a hacking attempt, data leak or even data theft, whether the attempt is successful or unsuccessful. No logs mean no evidence, and in many cases not even the opportunity to find the mistake or fault in the organisation’s defence systems. Historically, it remains difficult to choose what logs are required by your organization. A number of questions should be considered: should a centralised or decentralised approach for collecting these logs be followed or a combination of both? How many events will be collected, how much additional bandwidth will be required and will the log collection be near real time? How long must the logs be saved and what if any hashing and encryption (integrity of data) should be used? Lastly, what system must be used to correlate, analyse, and make alerts and reports available? This thesis will address these myriad questions, examining the current lack of log analysis, practical implementations in modern organisation, and also how a need for the latter can be fulfilled by means of a basic approach. South African organizations must use technology that is at hand in order to know what electronic data are sent in and out of their organizations network. Concentrating only on FreeBSD PF firewall logs, it is demonstrated within this thesis the excellent results are possible when logs are collected to obtain a visual display of what data is traversing the corporate network and which parts of this data are posing a threat to the corporate network. This threat is easily determined via a visual interpretation of statistical outliers. This thesis aims to show that in the field of corporate data protection, if you can measure, you can manage. Open source software -- South Africa Data logging -- South Africa Data integrity -- South Africa Data protection -- South Africa Computer crimes -- South Africa Hacktivism
455	An enterprise information security model for a micro finance company: a case study Owen, Morné January 2009 (has links) The world has entered the information age. How the information is used within an organization will determine success or failure of the organisation. This study aims to provide a model, that once implemented, will provide the required protection for the information assets. The model is based on ISO 27002, an international security standard. The primary objective is to build a model that will provide a holistic security system specifically for a South African Micro Finance Company (MFC). The secondary objectives focuses on successful implementation of such a model, the uniqueness of the MFC that should be taken into account, and the maintenance of the model once implemented to ensure ongoing relevance. A questionnaire conducted at the MFC provided insight into the perceived understanding of information security. The questionnaire results were used to ensure the model solution addressed current information security shortcomings within the MFC. This study found that the information security controls in ISO 27002 should be applicable to any industry. The uniqueness for the MFC is not in the security controls, but rather in the regulations and laws applicable to it.
456	A standards-based security model for health information systems Thomson, Steven Michael January 2008 (has links) In the healthcare environment, various types of patient information are stored in electronic format. This prevents the re-entering of information that was captured previously. In the past this information was stored on paper and kept in large filing cabinets. However, with the technology advancements that have occurred over the years, the idea of storing patient information in electronic systems arose. This led to a number of electronic health information systems being created, which in turn led to an increase in possible security risks. Any organization that stores information of a sensitive nature must apply information security principles in order to ensure that the stored information is kept secure. At a basic level, this entails ensuring the confidentiality, integrity and availability of the information, which is not an easy feat in today’s distributed and networked environments. This paved the way for organized standardization activities in the areas of information security and information security management. Throughout history, there have been practices that were created to help “standardize” industries of all areas, to the extent that there are professional organizations whose main objective it is to create such standards to help connect industries all over the world. This applies equally to the healthcare environment, where standardization took off in the late eighties. Healthcare organizations must follow standardized security measures to ensure that patient information stored in health information systems is kept secure. However, the proliferation in standards makes it difficult to understand, adopt and deploy these standards in a coherent manner. This research, therefore, proposes a standards-based security model for health information systems to ensure that such standards are applied in a manner that contributes to securing the healthcare environment as a whole, rather than in a piecemeal fashion.
457	An information privacy model for primary health care facilities Boucher, Duane Eric January 2013 (has links) The revolutionary migration within the health care sector towards the digitisation of medical records for convenience or compliance touches on many concerns with respect to ensuring the security of patient personally identifiable information (PII). Foremost of these is that a patient’s right to privacy is not violated. To this end, it is necessary that health care practitioners have a clear understanding of the various constructs of privacy in order to ensure privacy compliance is maintained. This research project focuses on an investigation of privacy from a multidisciplinary philosophical perspective to highlight the constructs of information privacy. These constructs together with a discussion focused on the confidentiality and accessibility of medical records results in the development of an artefact represented in the format of a model. The formulation of the model is accomplished by making use of the Design Science research guidelines for artefact development. Part of the process required that the artefact be refined through the use of an Expert Review Process. This involved an iterative (three phase) process which required (seven) experts from the fields of privacy, information security, and health care to respond to semi-structured questions administered with an interview guide. The data analysis process utilised the ISO/IEC 29100:2011(E) standard on privacy as a means to assign thematic codes to the responses, which were then analysed. The proposed information privacy model was discussed in relation to the compliance requirements of the South African Protection of Personal Information (PoPI) Bill of 2009 and their application in a primary health care facility. The proposed information privacy model provides a holistic view of privacy management that can residually be used to increase awareness associated with the compliance requirements of using patient PII. Data protection Privacy, Right of Medical records -- Access control Primary health care Medical care Caregivers Community health nursing Confidential communications Information technology -- Management
458	Zpracování osobních údajů v rámci EU se zřetelem na policejní a justiční spolupráci / Processing of personal data in the EU within police and judicial cooperation Jašková, Jitka January 2009 (has links) The thesis deals with the approach level, meaning, purpose and benefit of personal data protection in their processing within police and judicial cooperation in the EU. In the introduction the fundamental issues of personal data protection in the context of the EU and the Czech republic are defined, focusing on terminology and explanations of current issues, particularly the area of biometric data and data retention. Extra attention is also given to the conflict of the right to privacy, and the related right to personal data protection and protection of public interests and safety. After that the thesis deals with a performing of police and judicial cooperation in the EU through specific subjects, in particular Europol and Eurojust. The final part of the thesis focuses on the practical implementation of personal data protection in police and judicial cooperation in the EU, and secondly the importance of personal data protection in police and judicial cooperation, as a deduced basic human right, and the difficulties with which the personal data protection in police and judicial cooperation in the EU are joined. The final part of this thesis consider the main sections in which we can find area for adjustment towards more effective police and judicial cooperation in the EU, with full respect for the right to personal data protection.
459	Audit cloudových služeb pro malé a střední podniky / Cloud Computing Audit for Small and Medium Enterprises Kroft, Karel January 2014 (has links) Cloud computing brings to the world of information systems many opportunities but also new risks. The main one is decreased customer ability to directly control the security of information and systems, because administration responsibility passes to providers. This thesis focuses on cloud services auditing from the small and medium enterprises perspective. In introduction, this work defines information system audit terminology, characterizes cloud services and analyzes international legislation. Standardization organizations, published standards and methodologies that are widely respected in IT field are introduced. For the trust mediation in the cloud are important independent third-party audits and organizations specializing in the examination and control of cloud providers. The assumptions list is assembled on this basis to support screening process and to check, whether enterprise, service providers and services are ready for creating efficient and safe cloud system. The assumptions are applied to selected cloud service providers.
460	L’accountability ou le principe de responsabilité en matière de protection des renseignements personnels / Accountability in data protection Mouchard, Emilie 08 May 2018 (has links) Entre terme anglophone et concept transversal, l’accountability pose la question du principe de responsabilité et de sa réalisation dans la protection des renseignements personnels. Résultat d’un cheminement à la fois social et législatif, l’imputabilité qui ressort du concept fait de la protection des renseignements personnels un processus à la fois collaboratif et individuel de régulation au service de la responsabilité et des risques nouveaux générés par les technologies de l’information et le déploiement des théories de la responsabilité sociale des entreprises.À la fois objectif, mécanisme et instrument d’une protection des renseignements personnels efficace et efficiente, le principe d’accountability est un principe de droit et de gestion, souvent compris par les entreprises comme une technique de management interne. La mise en action de l’accountability project, par le biais de la reconnaissance du principe par l’OCDE, a mis en lumière l’idée d’une accountability comme un standard essentiel, un mécanisme nécessaire, et un besoin de moralisation à intégrer au regard des risques engendrés par les évolutions sociales et technologiques sur le droit fondamental à la vie privée et la protection des renseignements personnels. / Between anglophone word and transversal concept, accountability ask about the responsability and the enforcement of its principle in privacy laws. Result of a social and legislative path, the imputabilité, who came throught the concept, shows privacy laws as a collaborative and individual regulation process, serving the responsability and the risks that cames with the information technologies and the achievement of the corporate social responsability.In the same time seeing as a goal, a mechanism and an instrument of an effective and efficient privacy, the accountability principle is a legal and a management principle, used by companies as an intern management technic. The realisation of the accountability project take place with the acknoledgement of the principle by the OECD, who highlight the accountability as an essential standard, a necessary mecanism and a moralization requirement according the risks that came throught social and technological evolutions on the right to privacy and its laws. Droit à la vie privée Imputabilité Renseignements personnels Données personnelles Technologies de l'information (TIC) Privacy Accountability Data protection Corporate social responsibility (CSR) Internet

Search results