Metodika hodnocení informačních systémů / Information Systems Assessment Methodology

Novák, Lukáš

January 2018

The doctoral dissertation thesis is focused on assessment of information systems and defines the main deficiencies in operation and management of information systems in relation to processes in the department of informatics with partial overlapping into the other parts of the company. The thesis further extends the current view of assessment of information systems in the company and, in accordance with the goal of the work, it defines its own methodology, which defines the specific assessment process and subdivides its contents into individual units. The proposed methodology provides an overview of the deficiencies and possible measures in operation and management of information systems. Qualitative verification of methodology in small, medium and large companies using case studies form a part of the thesis as well.

Analýza informačního systému firmy a návrh změn / Company’s Information System Analysis and Modifications Concept

Chasák, Petr

January 2010

Nowadays the information system of dynamically developing companies has an increasingly important role. The aim of this thesis is to evaluate current information system used in Brněnské komunikace a.s., analyze its drawbacks and weak spots and then propose steps leading to its improvement and thus to increase the company´s performance.

Design Techniques for Secure IoT Devices and Networks

Malin Priyamal Prematilake (12201746)

25 July 2023

<p>The rapid expansion of consumer Internet-of-Things (IoT) technology across various application domains has made it one of the most sought-after and swiftly evolving technologies. IoT devices offer numerous benefits, such as enhanced security, convenience, and cost reduction. However, as these devices need access to sensitive aspects of human life to function effectively, their abuse can lead to significant financial, psychological, and physical harm. While previous studies have examined the vulnerabilities of IoT devices, insufficient research has delved into the impact and mitigation of threats to users' privacy and safety. This dissertation addresses the challenge of protecting user safety and privacy against threats posed by IoT device vulnerabilities. We first introduce a novel IWMD architecture, which serves as the last line of defense against unsafe operations of Implantable and Wearable Medical Devices (IWMDs). We demonstrate the architecture's effectiveness through a prototype artificial pancreas. Subsequent chapters emphasize the safety and privacy of smart home device users. First, we propose a unique device activity-based categorization and learning approach for network traffic analysis. Utilizing this technology, we present a new smart home security framework and a device type identification mechanism to enhance transparency and access control in smart home device communication. Lastly, we propose a novel traffic shaping technique that hinders adversaries from discerning user activities through traffic analysis. Experiments conducted on commercially available IoT devices confirm that our solutions effectively address these issues with minimal overhead.</p>

Digital health

System and network security

Networking and communications

Embedded Systems Security

Implantable Medical Device

internet of things sensors

Internet of Things (loT)

Internet of Things Healthcare Market

Security

Health

device identification

activity identification

Security Framework

Privacy

Safety

Network security.

Computer engineering.

Smart Home Privacy

IMD security

IMD

IWMD

IWMD Security

Internet of Things : The Potential Influence of Enterprise Buyers on the Security of IoT

Mozayani, John

January 2018

While IoT safety and security incidents continue to increase in frequency, scope and severity, there remains a gap in how the issue will be addressed. While the debate continues within academia, industry standards bodies, government and industry media, new entrants continue to rapidly enter the market with cheaper more powerful products with little incentive to address information security issues. In a free market economy, the supply and the demand would determine the product and services and the associated prices without intervention. Manufacturers are free to innovate, consumers drive choice and competition brings these opposing forces to an equilibrium of market price. But how does this economic system factor in the risk of an event that neither party may ever consider and, yet, it may impact not only impact those involved, but has the potential to have catastrophic harm to others? The downside, the system does not consider “external factors”, i.e. a compromise to accommodate what consumers need. Economists often urge governments to adopt policies that "internalize" an externality, so that costs and benefits will affect mainly parties who choose to incur them. Such an intervention, however, often comes with many challenges and consequences. Even with the added urgency of growing risk to human safety, regulatory intervention takes time. Likewise, a self-regulating market would undoubtedly also take a significant amount of time to take the necessary actions to address such an externality, even if incentivized. While it continues to be all too easy to defer the blame and risk on consumer, like the industrial revolution, this industry must overcome its own safety challenges like the auto, transportation or energy industries before it. While, consumers must inevitably take some reasonable measures to protect their interests, clearly the accountability must reside elsewhere. There is a potentially increasingly significant influential subset of consumers in the IoT ecosystem, the Enterprise Buyer, specifically marketing and technology executives, who champion consumer needs within their organization’s broader products and services that incorporate IoT. In this thesis, we aim to investigate the following issue: What are the attitudes and potential role for Enterprise Buyers in influencing negative externalities, i.e. IoT security in the IoT market, specifically from the perspective of marketing and technology executives? We believe that this group is uniquely positioned to understand a consumer first mindset and how to articulate value in otherwise negatively perceived field of information security by examining context, business/technical challenges and opportunities and reveal awareness, attitude and accountability. The results of our survey show the majority of marketing and technology executives who responded believe information security awareness is increasingly an executive accountability and priority and Enterprise Buyers hold a highly influential position in their ability to influence the IoT market and its security development and maturation. / Medan IoT- säkerhetsincidenter fortsätter att öka i frekvens, omfattning och svårighetsgrad, finns det fortfarande ett gap i hur problemet ska hanteras. Samtidigt som debatten fortsätter inom akademin, branschstandardorganen, myndigheter i regeringen och industrin fortsätter nya aktörer att snabbt komma in på marknaden med billigare, kraftfullare produkter med få incitament att ta itu med informationssäkerhetsfrågor. I en öppen marknadsekonomi skulle utbud och efterfrågan avgöra produkt och tjänster och tillhörande priser utan intervention. Tillverkare kan obehindrat driva innovation, konsumenterna driver urval och konkurrens ger dessa motstridiga krafter jämvikt genom marknadspriset. Men hur påverkar detta ekonomiska system risken för en händelse som ingen av parterna någonsin kan överväga och som ändå kan påverka inte bara de inblandade som berörs utan även har potential att få katastrofala skador på andra? Nersidan är att systemet inte beaktar "yttre faktorer", det vill säga gör en kompromiss för att leverera vad konsumenterna behöver. Ekonomer uppmanar ofta regeringar att anta policies som "internaliserar" något externt, så att kostnader och fördelar kommer att påverka främst parter som väljer att ådra sig dem. Ett sådant ingrepp kommer emellertid ofta med många utmaningar och konsekvenser. Trots att förhöjda hot mot människors säkerhet ökar angelägenheten tar uppdatering av regelverken tid. På samma sätt skulle en självreglerande marknad utan tvivel också ta väldigt mycket tid på sig för att vidta nödvändiga åtgärder för att hantera en sådan extern faktor, även om det fanns incitament för att göra det. Medan det fortsätter att vara alltför lätt att överlåta ansvaret och risken till konsumenten, såsom under den industriella revolutionen, måste denna industri övervinna sina egna säkerhetsutmaningar såsom bil-, transport- eller energibranschen gjort före den. Samtidigt som konsumenter oundvikligen behöver vidta rimliga åtgärder för att skydda sina intressen, måste yttersta ansvaret ligga någon annanstans. Det finns en potentiellt allt större inflytelserik delmängd av konsumenter i IoT-ekosystemet; företagsköpare, specifikt ledare inom marknadsföring och teknologi, som driver konsumentbehov inom sin organisations bredare produkter och tjänster som innehåller IoT. I denna avhandling strävar vi efter att undersöka följande problem: Vad är företagsköparnas attityder och möjliga roll för att påverka negativa externa effekter, det vill säga IoT-säkerhet på IoT-marknaden, särskilt ur marknadsförings- och teknikledarens perspektiv? Vi tror att denna grupp är unik positionerad för att förstå en konsumenternas första tankegång och hur man kan uttrycka värdet i ett annars negativt uppfattat område för informationssäkerhet genom att undersöka kontext, affärs- / tekniska utmaningar och möjligheter och avslöja medvetenhet, attityd och ansvar. Resultaten av vår undersökning visar de flesta marknadsförings- och teknikchefer som svarade tror att informationssäkerhet blir del av ledningens ansvar och prioriteringar och att företagsköpare har en mycket inflytelserik position i deras förmåga att påverka IoT- marknaden och dess säkerhetsutveckling och mognad.

Information Security

Internet of Things

IoT

Accountability

Business Models

Innovation and Growth

Consumer Awareness and Advocacy

Customer Experience

Customer First Mindset

Value Proposition

Enterprise Buyers

IoT

Ansvar

Affärsmodeller

Innovation och Tillväxt

Konsumentmedvetenhet och konsumentskydd

Kundupplevelse

Kundens förstånd

Värdesättning

Företags Köparen

Elektroteknik och elektronik