11 |
Scenario selection and student assessment modules for CyberCIEGE /Teo, Tiat Leng. January 2003 (has links) (PDF)
Thesis (M.S. in Computer Science)--Naval Postgraduate School, December 2003. / Thesis advisor(s): Cynthia Irvine, Michael Thompson. Includes bibliographical references (p. 103-105). Also available online.
|
12 |
Cryptographic protocolsMerritt, Michael John 05 1900 (has links)
No description available.
|
13 |
Fully compliant? : a study of data protection policy in UK public organisationsWarren, Adam P. January 2003 (has links)
No description available.
|
14 |
A framework for the verification of watermarking protocol /Ho, Sze Chit. January 2004 (has links)
Thesis (M. Phil.)--Hong Kong University of Science and Technology, 2004. / Includes bibliographical references (leaves 70-72). Also available in electronic version. Access restricted to campus users.
|
15 |
Intrusion detection system: ideas from the human immune systemLetaief, Hassine. January 1900 (has links)
Thesis (M.A.)--California State University Channel Islands, 2007. / Submitted in partial fulfillment of the requirements for the degree of Masters Of Science in Computer Science. Title from PDF t.p. (viewed October 22, 2009).
|
16 |
Information security culture.Martins, Adele 24 April 2008 (has links)
The current study originated from the realisation that information security is no longer solely dependent on technology. Information security breaches are often caused by users, most of the time internal to the organisation, who compromise the technology-driven solutions. This interaction between people and the information systems is seemingly the weakest link in information security. A people-oriented approach is needed to address this problem. Incorporating the human element into information security could be done by creating an information security culture. This culture can then focus on the behaviour of users in the information technology environment. The study is therefore principally aimed at making a contribution to information security by addressing information security culture and, for this reason, culminates in the development of an information security culture model and assessment approach. While developing the model, special care was taken to incorporate the behaviour of people in the working environment and hence organisational behaviour coupled with issues concerning information security culture that need to be addressed. An information security culture assessment approach is developed consisting of a questionnaire to assess whether an organisation has an adequate level of information security culture. The assessment approach is illustrated through a case study. Below is an overview of the framework within which the research was conducted: The dissertation consists of four parts. Chapters 1 and 2 constitute Part 1: Introduction and background. Chapter 1 serves as an introduction to the research study by providing the primary motivation for the study and defining the problems and issues to be addressed. In addition, the chapter is devoted to defining a set of standard terms and concepts used throughout the study. The chapter concludes with an overview of the remaining chapters. Chapter 2 gives some background to information security culture and discusses its evolution to date. There is a new trend in information security to incorporate the human element through an information security culture. Information security is divided into two different levels. Level 1 focuses on the human aspects of information security, such as the information security culture, and level 2 incorporates the technical aspects of information security. Part 2: Information security culture model is covered in chapters 3, 4 and 5. In chapter 3, the concept of information security culture is researched. Different perspectives are examined to identify issues that need to be considered when addressing information security culture. A definition of information security culture is constructed based on organisational culture. Chapter 4 is devoted to developing a model that can be used to promote an information security culture. This model incorporates the concept of organisational behaviour as well as the issues identified in chapter 3. Chapter 5 builds upon the information security culture model and aims to identify practical tasks to address in order to implement the model. In Part 3: Assessing information security culture, chapters 6 to 10, attention is given to the assessment of an information security culture, giving management an indication of how adequately the culture is promoted through the model. Chapter 6 considers the use of available approaches such as ISO17799 to aid in promoting and assessing an information security culture. This approach is evaluated against the definition of information security culture and the information security culture model in order to determine whether it could assess information security culture in an acceptable manner. The next four chapters, namely chapters 7 to 10, are devoted to the development of an information security culture assessment approach consisting of four phases. Chapter 7 discusses phase 1. In this phase a questionnaire is developed based on the information security culture model. Chapter 8 uses the information security culture questionnaire as part of a survey in a case study. This case study illustrates phase 2 as well as what information can be obtained through the questionnaire. In chapter 9 the data obtained through the survey is analysed statistically and presented (phase 3). The level of information security culture is then discussed in chapter 10, with interpretations and recommendations to improve the culture (phase 4). Chapter 11 in Part 4: Conclusion serves as a concluding chapter in which the usefulness and limitations of the proposed model and assessment approach are highlighted. The research study culminates in a discussion of those aspects of information security culture that could bear further research. / Prof. J.H.P. Eloff
|
17 |
Information security management : processes and metricsVon Solms, Rossouw 11 September 2014 (has links)
PhD. (Informatics) / Organizations become daily more dependent on information. Information is captured, processed, stored and distributed by the information resources and services within the organization. These information resources and services should be secured to ensure a high level of availability, integrity and privacy of this information at all times. This process is referred to as Information Security Management. The main objective of this, thesis is to identify all the processes that constitute Information Security Management and to define a metric through which the information security status of the organization can be measured and presented. It is necessary to identify an individual or a department which will be responsible for introducing and managing the information security controls to maintain a high level of security within the organization. The position .and influence of this individual, called the Information Security officer, and/or department within the organization, is described in chapter 2. The various processes and subprocesses constituting Information Security Management are identified and grouped in chapter 3. One of these processes, Measuring and Reporting, is currently very ill-defined and few guidelines and/or tools exist currently to help the Information Security officer to perform this task. For this reason the rest of the thesis is devoted to providing an effective means to enable the Information Security officer to measure and report the information security status in an effective way...
|
18 |
Critical reflections on principles governing the protection of personal data in the Democratic Republic of CongoFazili Mihigo, Christian 29 October 2021 (has links)
Nowadays, more personal data are being collected with the advent of computers and the development of new telecommunications technology. However, the emerging form of new technologies creates new challenges and risks in personal processing information, which can be inaccurate, incomplete or irrelevant. Furthermore, personal data can be accessed or disclosed without authorisation, used for a purpose other than that for which they were collected or destroyed. Therefore, the unregulated processing of personal information threatens a person’s right to privacy. In response to this, many countries are adopting or updating data protection legislation and policies. Still, the Democratic Republic of Congo (DRC) has been very slow and insignificant in adopting a data protection law. As a result, there is no specific comprehensive Data Protection legislation in the DRC, even though few provisions on data protection can be found in the Telecommunications and Information and Communications Technology (2020 ICT Act).
This paper aims to do a critical analysis of principles governing the processing of personal data in the DRC to assess the extent to which they comply with international and African regional human rights standards applicable to data protection principles. It principally sets the gaps in the 2020 ICT Act while bringing to light its prospect to strengthen the protection of personal data in the DRC. The research also assesses the weaknesses that may require development going forward and proposes recommendations to ensure that the DRC complies with international standards. / Mini Dissertation (LLM (Human rights and Democratisation in Africa))--University of Pretoria, 2021. / European Union, Royal Norwegian Embassy in Pretoria / Centre for Human Rights / LLM (Human rights and Democratisation in Africa) / Unrestricted
|
19 |
Personlig integritet som informationspolitik : debatt och diskussion i samband med tillkomsten av Datalag (1973:289) / Privacy as information policy : debate and discussion concerning the first Swedish data protection law, Datalag (1973:289)Söderlind, Åsa January 2009 (has links)
The dissertation explores the field of information policy in a historic setting in Sweden, namely the early 1970s. At the time the question of privacy in relation to databanks, data systems and personal records was intensively discussed in all public media, starting in the fall of 1970 when a large-scale population census was carried out in Sweden. The political discussions and public debate resulted in the first Swedish data protection law, Datalag (1973:289), and was counted as one of the first of this type of national legislation in the world. The focus of the empirical study lies in the analysis of the lines of arguments, political reasoning and debates concerning privacy, data protection, information and technology in documents such as official reports, committee reports, proposals and parliamentary records and publications that were produced in the policy process preceding the new legislation. The public debate itself is investigated through the editorials and reports in the daily press of the time. A combination of discourse analysis and agenda-setting theory, as it is presented and used by the political scientist John W Kingdon, constitutes the theoretical framework of the thesis. The study is introduced with a discussion concerning discourse and language use in politics, and here Norman Faircloughs CDA, Critical Discourse Analysis, has been the main inspiration. Kingdon’s agendasetting model contributes with an interesting theoretical perspective on the social and political context of the discourses under study. The research questions also draw upon library and information science and theoretical work within the area of information policy, with issues concerning notions of information and technology, for example information as a public good versus private good in the market, and information as a free or restricted/protected resource. The main findings of the study imply that the political discussion and debate on databanks and privacy were heavily influenced by a public-oriented discourse focusing mainly on governmental authorities’ own use of information systems holding personal data. The new legislation, datalag (1973:289) could also be seen as a tool that sanctions governmental authorities’ extensive use and dependence on new data technologies and automatic data-processing in building up the welfare state and the growing public sector. The discourse was also based on a mixed notion of the new technology, perceiving data technology mainly as the “big machine” which contains a vast amount of personal information. This, at a time when the technology itself was transforming rapidly from bulky machines to personal computers. The practical effects of this discourse could be seen, for example, in the serious underestimation of the overall use of automatic data-processing in society as a whole, the use of which the legislation was set to regulate. When it comes to agenda-setting the public debate together with the activities of different actors in parliament had a major influence on the outcome of the work of the commission of inquiry that was set up. The public debate affected how the problem area of databanks and privacy was considered, but the commission formulated the actual legislation independently, without interference or adjustments by the social democratic government. / <p>Akademisk avhandling som med tillstånd av samhällsvetenskapliga fakulteten vid Göteborgs universitet för vinnande av doktorsexamen framläggs till offentlig granskning kl. 13.15 fredagen den</p><p>11 september 2009 i hörsalen C204, Högskolan i Borås, Allégatan 1 Institutionen Biblioteks- och Informationsvetenskap/Bibliotekshögskolan, Högskolan i Borås och Göteborgs universitet</p>
|
20 |
Die Haftung fur Verstosse gegen Privacy Policies und Codes of Conduct nach US-amerikanischem und deutschem Recht : Zugleich ein beitrag zur Rechtsnatur von Datenschutzerklärungen, Verhaltensregeln gem, [paragraph] 38a BDSG und Unternehmensregelungen gem. [paragraph] 4c Abs. 2 BDSG /Schröder, Christian. January 2007 (has links)
Thesis (doctoral)--Kiel Universiẗat, 2006. / Literaturverz. S. 291 - 313. Includes bibliographical references (p. 291-313).
|
Page generated in 0.1501 seconds