Global ETD Search

371	Plantering av trädarter i svenska städer : risker för introducering av nya skadegörare / Planting tree species in Swedish cities : risk of introduktion of new pests Eriksson, Ann January 2023 (has links) Med dagens transportteknik är det enkelt för stadsplanerare att importera exotiska träd från hela världen. Med importerade plantor finns dock risk att det följer med nya trädsjukdomar och skadegörare till länder där dessa sjukdomar ej funnits tidigare. När nya skadegörarna väl har etablerat sig på stadsträden är näst steg spridning till omgivande skogar. Förutom skador på skogsekosystem kan dessa skadegörare orsaka stora ekonomiska förluster. Syftet med studien var att identifiera möjliga risker för introducering av nya trädskadegörare till svenska skogar och jämföra hur stor andel importerat planteringsmaterial som används i olika delar av Sverige. I materialet från totalt sex städer upptäcktes brister i dokumentation av planterade träd, framför allt saknades information om planteringsmaterialetsursprungsland. Ett bättre registreringssystem behövs för att proaktivt kunna minska risker att främmande trädsjukdomar och skadegörare kan etablera sig i Sverige. Forestry Tree diseases Biological threats Spread of infection Urban trees Skogsbruk Trädsjukdomar Biologiska hot Smittspridning Stadsträd Lantbruksvetenskap, skogsbruk och fiske
372	IT security expert’s perceptions of cybersecurity when working remotely compared to working in the office : A quality study on Swedish insurance companies / IT-säkerhetsexperters uppfattningar om cybersäkerhet vid distansarbete jämfört med arbete på kontoret : En kvalitativ studie på svenska försäkringsbolag Kullander, Kristoffer, Cselenyi, Mathilda January 2024 (has links) Teleworking has become a significant aspect of working life, especially after the outbreak of the COVID-19 pandemic, which accelerated the trend of teleworking. However, this shift has increased the risk of cyber threats and security risks. Despite organizations' efforts to strengthen cybersecurity, a significant risk remains, with employees posing one of the main security risks in the form of human error and mistakes. Previous research highlights that employees tend to exhibit lower levels of cybersecurity awareness and are more likely to perform riskful actions when working remotely compared to working in the office. However, recent research has shown the opposite, where employees are more conscious of cybersecurity awareness and more likely to apply security-based precaution measures during remote work compared to office work. In light of these research findings, this study focuses on examining how IT-security experts perceive cybersecurity when working remotely compared to working in the office. To explore this, the study has, through qualitative mapping, conducted semi-structured interviews with a theoretical basis in Protection Motivation Theory (PMT). Overall, the study showed that IT- security experts perceive cybersecurity as more manageable when working in the office compared to remote work, with an increased awareness of the importance of the human factor. / Distansarbete har blivit en betydande aspekt av arbetslivet, särskilt efter utbrottet av Covid-19- pandemin, vilket accelererade trenden med distansarbete. Denna omställning har emellertid ökat risken för cyberhot och säkerhetsrisker. Trots organisationers insatser för att stärka cybersäkerheten kvarstår en betydande risk, då anställda utgör en av de främsta säkerhetsriskerna i form av mänskliga fel och misstag. Tidigare forskning framhäver att anställda ofta är mindre säkerhetsmedvetna och mer benägna att utföra riskfyllda handlingar när de arbetar på distans jämfört med arbete på kontoret. Däremot har senare forskning visat motsatsen, där anställda är mer säkerhetsmedvetna och mer benägna att vidta säkerhetsåtgärder under distansarbete jämfört med arbete på kontoret. Mot bakgrund till dessa forskningsresultat, fokuserar denna studie på att undersöka hur IT-säkerhetsexperter uppfattar cybersäkerhet vid distansarbete jämfört med arbete på kontoret. För att utforska detta har studien, genom kvalitativ kartläggning, genomfört semistrukturerade intervjuer med teoretisk grund i Protection Motivation Theory (PMT). Sammantaget visade studien på att IT-säkerhetsexperter uppfattar cybersäkerhet som mer hanterbar vid arbete på kontoret jämfört med distansarbete, med en ökad medvetenhet om den mänskliga faktorns betydelse. Cyber security cyber threats cybersecurity awareness remote work Protection Motivation Theory Cybersäkerhet cyberhot säkerhetsmedvetenhet distansarbete Protection Motivation Theory Information Systems
373	Совершенствование финансовой безопасности предприятия на примере АО «Святогор» : магистерская диссертация / Improving the financial security of an enterprise using the example of JSC Svyatogor Зайцев, И. Д., Zaitsev, I. D. January 2023 (has links) ВКР (магистерская диссертация) состоит из введения, трех глав, заключения, библиографического списка, включающего 65 наименований, 2 приложений. Цель исследования – опираясь на теоретические и практические основы науки о финансовой безопасности, проанализировать современные методы определения уровня финансовой безопасности предприятия и выявить пути повышения. Объектом исследования выступает АО «Святогор». Практическая значимость исследования заключается в применении авторских предложений по совершенствованию финансовой безопасности предприятия. Эффективность рекомендаций - по итогам предложенных мероприятий по укреплению финансовой безопасности предприятия АО «Святогор» можно сказать, что уровень финансовой безопасности повышается. Также ежегодно показатели финансовой устойчивости, рентабельности и ликвидности будут жестко стабильно увеличиваться. / The master's thesis (master's thesis) consists of an introduction, three chapters, a conclusion, a bibliography including 65 titles, and 2 appendices. The purpose of the study is based on theoretical and practical foundations science of financial security, analyze modern methods for determining the level of financial security of an enterprise and identify ways to improve it. The object of the study is JSC Svyatogor. The practical significance of the study lies in the application of the author’s proposals to improve the financial security of the enterprise. The effectiveness of the recommendations - based on the results of the proposed measures to strengthen the financial security of the enterprise JSC Svyatogor, we can say that the level of financial security is increasing. Also, indicators of financial stability, profitability and liquidity will increase steadily every year. MASTER'S THESIS FINANCIAL SECURITY ASSESSMENT OF FINANCIAL SECURITY THREATS AND RISKS OF FINANCIAL SECURITY
374	”Jag blir slagpåsen för att jag är gräsroten som skrivit på beslutet” : En kvalitativ studie om otillåten påverkan i form av hot, trakasserier och skuldbeläggning inom ekonomiskt bistånd / "I become the punching bag because I’m the grassroot who signed the decision" : A qualitative study on threats, harassment and blame within financial assistance Khamis, Zeinab, Ghorbani, Marjan January 2024 (has links) Syftet med studien var att undersöka socialsekreterares upplevelser av otillåten påverkan, inklusive hot, trakasserier och skuldbeläggning. Fokus låg på att identifiera de emotionella och praktiska strategierna som socialsekreterare använder för att hantera sådana incidenter, samt de åtgärder som upplevs finnas inom myndigheten för att bemöta dem. Studien använde en kvalitativ metodologisk ansats och tio socialsekreterare från olika kommuner i Sverige deltog i individuella intervjuer. Empirin analyserades utifrån tematisk analysmetod och resultatet visade att otillåten påverkan som fenomen var vanligt förekommande på arbetsplatsen. De vanligaste erfarenheterna av otillåten påverkan inkluderade hot om självmord, hot om fysiskt våld och skuldbeläggning. Skuldbeläggningen uttrycktes ofta genom att klienter höll socialsekreterarna ansvariga för deras situation och för att förstöra deras liv. Intervjupersonerna beskrev sina upplevelser av dessa händelser som obehagliga, skrämmande och präglade av maktlöshet. För att hantera dessa incidenter använde socialsekreterarna flera strategier, inklusive emotionell distansering, kollegial ventilation och rolldistansering mellan deras professionella och personliga identitet. Trots att syftet med studien inte var att jämföra kommuner emellan, noterades en betydande skillnad i upplevelserna av vilka resurser och åtgärder som myndigheterna hade i olika kommuner. Vissa socialsekreterare hade tillgång till rutiner, utbildning och riktlinjer för att hantera händelser av otillåten påverkan, medan andra inte hade samma möjligheter. Detta lyfts fram och diskuteras eftersom vi observerade att denna aspekt hade en betydande inverkan på socialsekreterarnas arbetsmiljö och välbefinnande. Resultatet analyserades med hjälp av de teoretiska perspektiven coping, empatitrötthet, byråkratisk organisation och handlingsutrymme. / The purpose of the study was to explore social worker’s experiences of undue influence including threats, harassment and blame. The focus was on identifying the emotional and practical strategies social workers use to handle such incidents, as well as the measures perceived to be in place within the organization to address them. The study employed a qualitative methodological approach, with ten social workers from various Swedish municipalities participated in individual interviews. The empirical data where analyzed using thematic analysis and the results indicated that undue influence was common. The most common experiences of undue influence included threats of suicided, threats of physical violence and blame. Blame was often expressed through clients holding social workers responsible for their situation and the destruction of their lives. Participant described their experiences of this as uncomfortable, frightening and characterized by a sense of powerlessness. To cope with these incidents, social workers used several strategies including emotional distancing, collegial ventilation and a separation between their professional and personal identity. Even though the purpose of the study wasn’t to compare municipalities, a significant difference was noted in the resources and measures the authority had in different municipalities. Some social workers had access to procedures, training and guidelines for dealing with undue influence, while others did not have the same. This is highlighted and discussed because we observed that this factor had a significant impact on the social worker’s work environment and wellbeing. The analysis of the results was conducted using theories of coping, compassion fatigue, bureaucratic organization and discretion. Unauthorized influence undue influence threats and harassment indebtedness social workers Otillåten påverkan otillbörlig påverkan hot och trakasserier skuldbeläggning socialsekreterare Social Work Socialt arbete
375	”Men nu har vi haft det så här i så många år och ingenting händer, ingenting blir bättre” : En kvalitativ studie om socialsekreterares erfarenheter av klientutövat hot och våld. / ”Now we have had it like this for so many years and nothing happens, nothing gets better” : An qualitative study on social workers’ experiences of client-initiated threats and violence. Mujanovic, Elma, Persson, Sara January 2024 (has links) Client-initiated threats and violence towards social workers is a widespread problem, nationally as well as internationally, where every third social worker is at risk. Social workers' vulnerability can, according to previous studies, conceivably be derived from the dual role of authority personnel, where they need to balance functions of support and control when facing clients. It appears from previous studies that social workers operating within children and young people are particularly exposed. The study aims to examine the experiences of client-initiated threats and violence of social workers in an authority position within children and young people. Through the study’s framing of questions, the study intends to examine how client-initiated threats and violence affect social workers’ professional role and possibilities for action, social workers’ strategies in dealing with client-initiated threats and violence, and to examine how the workplace views this problem. The empirical material was collected through semi-structured interviews with professionals. The selection of interviewees has been targeted and includes seven social workers in southern Sweden. A thematic analysis was used to identify key aspects considering the study’s framing of questions and the social workers’ experiences. Lipsky’s professionalism theory and Lazarus and Folkman’s coping theory have been applied to analyze the empirical material. The result shows that social workers’ professional role contains complex considerations between a helping role and setting boundaries in the meeting with clients, which can alter the possibilities for action. Consequently, this can threaten legal certainty and change the social workers’ democratic role in society. Furthermore, the result also shows different strategies being used both preemptively as well as remediatively in the meeting with a client. The strategies are individual and affected by the workplace’s resources. Thus, there is no unequivocal understanding of which strategies that can and should be used regarding client-initiated threats and violence. The workplace’s support is portrayed differently between the respondents, where the workplace’s safety climate affects how the social worker perceives client-initiated threats and violence. In light of this, there is a demand for an increased commitment from the management of the workplace, together with the social workers, to carry out a discussion regarding guidelines, support and policy for the organization to develop continuously. / Klientutövat hot och våld mot socialsekreterare är ett utbrett problem, såväl nationellt som internationellt, där var tredje socialsekreterare är utsatt. Socialsekreterares utsatthet kan enligt den tidigare forskningen härledas till den dubbla rollen hos myndighetsutövare, där de behöver balansera funktioner av stöd och kontroll i mötet med klienter. Det framgår av tidigare forskning att socialsekreterare som är verksamma i barn och ungdomsenheter är särskilt utsatta. Studien syftar till att undersökta erfarenheter av klientutövat hot och våld hos myndighetsutövande socialsekreterare inom barn och unga. Genom studiens frågeställningar ämnar studien att undersöka hur klientutövat hot och våld inverkar på socialsekreterares yrkesroll och handlingsutrymme, socialsekreterares strategier i mötet med klientutövat hot och våld och att undersöka hur arbetsplatsen betraktar detta problem. Det empiriska materialet samlades in genom semistrukturerade intervjuer med yrkesverksamma. Urvalet har varit målstyrt och omfattat sju socialsekreterare i södra Sverige. En tematisk analys användes för att identifiera centrala aspekter med utgångspunkt från studiens forskningsfrågor, utifrån socialsekreterarnas erfarenheter. Lipskys professionsteori och Lazarus och Folkmans copingteori har använts för att analysera det inhämtade empiriska materialet. Resultatet visar att socialsekreterares yrkesroll innehåller komplexa avvägningar mellan en hjälpande roll och gränssättning i mötet med klienter, vilket kan förändra handlingsutrymmet. Följaktligen kan detta hota rättssäkerheten och förändra socialsekreterares demokratiska roll i samhället. Resultatet visar även olika strategier som används både förebyggande samt avhjälpande i mötet med klient. Strategierna är individuella och påverkansbara av arbetsplatsens resurser. Därigenom finns det ingen entydig uppfattning om vilka strategier som kan och bör användas beträffande klientutövat hot och våld. Arbetsplatsens stöd skildras olika mellan respondenterna där arbetsplatsens säkerhetsklimat påverkar hur socialsekreteraren uppfattar klientutövat hot och våld. Mot bakgrund av detta finns en efterfrågan till ökat engagemang från arbetsplatsens ledning att tillsammans med socialsekreterarna föra en öppen diskussion gällande riktlinjer, stöd och policy för att verksamheten ska utvecklas fortlöpande. Social work Social services Threats and violence Possibilities for action Professional role Coping strategies Safety climate Socialt arbete Socialtjänst Hot och våld Handlingsutrymme Yrkesroll Copingstrategier Säkerhetsklimat Social Work Socialt arbete
376	Säkerhetsförutsättningar vid attentat mot fysiska evenemang i offentliga miljöer : - En litteraturstudie Holmberg, Emelie January 2024 (has links) Den ökade hotbilden har gjort att nya frågor har väckts till liv i samhället. Efter en sammanställning gjord av MSB och Polisen är nöjesliv och offentliga miljöer särskilt utsatta gällande dödlighet i attentat. Nöjesliv och offentliga miljöer kan kopplas till olika typer av evenemang. Vid attentat har arrangör, kommun, polis, räddningstjänst och sjukvård olika funktioner men tillsammans kan de utgöra en säkerhetsorganisation inför upprättandet av ett evenemang. Tillsammans i säkerhetsorganisationen kan alla aktörer bidra med sakkunskaper inom respektive ämnesområde. Syftet med litteraturstudien har varit att undersöka människans beteendeskiljaktigheter mellan händelse av brand respektive attentat. Utöver beteende har också andra förutsättningar för att sätta sig i säkerhet undersökts. Avsikten med studien var att öka kunskapen och förståelsen av evenemangssäkerhet vid antagonistiska hot och terrorism i form av attentat i större folksamlingar. Evenemangssäkerhet innefattar samarbetspartner som polis, räddningstjänst, ambulans, evenemangsansvarig och övriga aktörer. Följande frågeställningar har ställt i studien: Vilka svårigheter möter man vid antagonistiska hot och större folksamlingar på evenemang? Hur skiljer sig beteendemönstret vid antagonistiska hot respektive brand? Kan beteendet påverka förmågan att söka sig till säkerhet? Finns det några brister vid planering av evenemang som påverkar säkerhetsförutsättningar som exempelvis inrymning, utrymning eller utestängning? Finns det tydliga åtgärder för att stärka säkerheten mot attentat på ett utomhusevenemang? Studien behandlar enbart evenemang utomhus och jämför mot inomhusförutsättningar när regelverk saknas för utomhusförutsättningar. Studien har avgränsats till evenemang med höga personantal eller persontätheter i offentliga miljöer som gator, torg och andra ytor där evenemang genomförs. Utöver de nämnda avgränsningarna har studien kompletterats med observationer från händelser genom historien via video och ljudmaterial. Den teoretiska referensramen för säkerhet innefattar bakgrund för både brand och attentat men även förutsättningar som påverkar utrymning, inrymning och utestängning. Användningsområdet för säkerhets-strategierna utrymning, inrymning och utestängning förklaras och förtydligas. Sammanfattningsvis finns det flera faktorer som påverkar förutsättningarna att sätta sig själv i säkerhet. Där är persontäthet, utrymningsvägar, hastigheter, kommunikation och beteende, faktorer som alla är avgörande i både inomhus- och utomhusförutsättningar. Evenemangets säkerhetsarbete upprättas i samband med evenemangets olika faser. I upprättandet av evenemanget undersöker man bland annat på förutsättningar i utformning av platsen, skalskydd, beredskap och vilket förbyggande arbete som ska genomföras. Samtidigt undersöks utrymningsmöjligheter av ett område samt vilken samverkan som ska sättas i bruk. Samverkan kan bestå av säkerhet-, kris eller stabsorganisationen och tillämpas utifrån situationen. Utifrån förbestämda insatsplaner delas evenemangsområdet upp i olika zoner för att underlätta en insats. Utifrån den bristande existensen av regler och reglering gällande evenemangsutformning samt upprättning så finns det flertal bristande i säkerhet på evenemang. Som arrangör finns det bra guider utgivna av MSB men idag är det brist på allmänna råd och lagstadgade utformningar av publik- och utrymningskapacitet. Skyddade platser, offentliga miljöer, publikkommunikation, prövning av säkerhetspersonal och problematiken med panik är alla faktorer som är intressanta ur ett säkerhetsperspektiv. Utöver dessa faktorer så utreder studien paralleller mellan inomhus- och utomhusförutsättningar ur ett utrymningsperspektiv. För att kunna erbjuda ett effektivt skydd på offentliga miljöer och evenemangsplatser krävs ett gott organisatoriskt och systematiskt arbete. Arbetet inkluderar allt från handlings-/åtgärdsplaner till utbildning. Övervakningskameror, farthinder och genomsökning av området är några exempel på fysiska skyddsåtgärder och hur en arrangör kan bygga skydd på djupet. / The increased threat level has raised new questions in society. According to a compilation made by MSB and the Police, public environment and entertainment are particularly vulnerable in term of mortality in attacks. Event and public environment can be linked to different types of events. In the event of an attack, the event organizer or manager, municipality, rescue service, police and ambulance have different functions. Together, they can form a security organization prior to the establishment of an event a thus contribute with expertise in their subject area. The purpose of the literature study has been to investigate the difference in human behavior between fire and attack events. In addition to behavior, other prerequisites for safety have been investigated. The purpose of the study was to increase the knowledge and understanding of event security in the event of antagonistic threats in the form of attacks in large crowds. Event security also includes partners such as the police, emergency services, ambulance, event manager and other stakeholders. The following questions have been posed in the study: What difficulties are encountered in the event of a attack and large crowd at events? How do behavioral pattern differ in the case of antagonistic threats versus fire that require safety measures. Can behavior affect the ability to seek safety? Are there any shortcomings in the planning of event that effect security conditions such as containment, evacuation, or exclusion? Are there clear measures to strengthen security against attacks at an outdoor event? The study only deals with outdoor events and compares only with indoor conditions as there are no regulations for outdoor. The study has been limited to events with high numbers or densities of people in public environments such as streets, squares, and other areas where events are held. In addition to the aforementioned limitations, the study has been supplemented with observation from events throughout history. The theoretical framework for security includes the background of fire, attacks and conditions that affect evacuation, containment, and exclusion. The security strategies of evacuation, containment and exclusion are explained and clarified. In summary, there are several factors that affect the conditions for making oneself safe. There, crowd density, escape routes, speed, communications, and behavior are all factors that are crucial in both indoor and outdoor conditions. Event security work prepared in connections with the various phases of event. The preparation of the event includes checking the conditions for the design of the site, shell protection, preparedness, and the preventive work to be carried out. In the event of an accident, the possibilities for evacuation an area are examined, as well as the cooperation to be implemented by the security, crisis or staff organization based on the situation. Based on predetermined response plans, the event area is divided into different zones to facilitate the response. Due to the lack of rules and regulations regarding event design and set-up, there are several shortcomings in event security. As an organizer, there are good guides published by MSB, but today there is a lack of general advice and statutory designs of audience and evacuation capacity. Sheltered places, public environments, public communication, crowd communications, security staff training and the problem of panic are topics discussed. Parallels between indoor and outdoor conditions are compared from an evacuation perspective. Providing effective protection in public spaces and event venues require good organizational and systematic work. This work includes everything from action plans to training. Surveillance cameras, speed bumps and area searches are some examples how an organizer can achieve in-depth protection. Terrorism Antagonistic threats Attacks Crowd Event and security Outdoor public spaces Terrorism Antagonistiska hot Attentat Folksamlingar Evenemang och säkerhet Offentliga miljöer utomhus Construction Management Byggproduktion
377	The Mortality or Pre-Emtive War : In search of Justifications and Guidelines for Pre-Emptive Warfare Srimuang, Sarunsiri January 2007 (has links) <p>The thesis argues that, as a tradition, the concept of just war is socially and contextually sensitive and revisable. It explores the relevance of theory according to the dynamic changes in the nature of threats in the international arena and concludes that the just war tradition is still relevant to the contemporary modern threats that require an act of pre-emptive warfare. However, it needs some revision to be comprehensively applicable to the dynamic of modern threats and the nature of pre-emptive war. Due to the nature of pre-emptive war a nation launches the attack before the aggression from the other nation-in-conflict erupts. The author, therefore, proposed several theoretical and procedural revisions in both the principle of “Jus Ad Bellum” and “Jus In Bello” using the method of reflective equilibrium to create a comprehensive “just” pre-emptive war doctrine as part of the development and dynamic in just war tradition.</p> Morality of war Ethics of war Rights to national self-defense Jus Ad Bellum Jus In Bello Jus Post Bellum Warfare International Security Principle of Double-Effects Reflective Equilibrium Nuclear threats Modern threats. Just war tradition Pre-emptive war Just Pre-emptive war Philosophy subjects Filosofiämnen
378	The Mortality or Pre-Emtive War : In search of Justifications and Guidelines for Pre-Emptive Warfare Srimuang, Sarunsiri January 2007 (has links) The thesis argues that, as a tradition, the concept of just war is socially and contextually sensitive and revisable. It explores the relevance of theory according to the dynamic changes in the nature of threats in the international arena and concludes that the just war tradition is still relevant to the contemporary modern threats that require an act of pre-emptive warfare. However, it needs some revision to be comprehensively applicable to the dynamic of modern threats and the nature of pre-emptive war. Due to the nature of pre-emptive war a nation launches the attack before the aggression from the other nation-in-conflict erupts. The author, therefore, proposed several theoretical and procedural revisions in both the principle of “Jus Ad Bellum” and “Jus In Bello” using the method of reflective equilibrium to create a comprehensive “just” pre-emptive war doctrine as part of the development and dynamic in just war tradition. Morality of war Ethics of war Rights to national self-defense Jus Ad Bellum Jus In Bello Jus Post Bellum Warfare International Security Principle of Double-Effects Reflective Equilibrium Nuclear threats Modern threats. Just war tradition Pre-emptive war Just Pre-emptive war Philosophy subjects Filosofiämnen
379	A framework for the protection of mobile agents against malicious hosts Biermann, Elmarie 30 September 2004 (has links) The mobility attribute of a mobile agent implies deployment thereof in untrustworthy environments, which introduces malicious host threats. The research question deals with how a security framework could be constructed to address the mentioned threats without introducing high costs or restraining the mobile agent's autonomy or performance. Available literature have been studied, analysed and discussed. The salient characteristics as well as the drawbacks of current solutions were isolated. Through this knowledge a dynamic mobile agent security framework was defined. The framework is based on the definition of multiple security levels, depending on type of deployment environment and type of application. A prototype was constructed and tested and it was found to be lightweight and efficient, giving developers insight into possible security threats as well as tools for maximum protection against malicious hosts. The framework outperformed other frameworks / models as it provides dynamic solutions without burdening a system with unnecessary security gadgets and hence paying for it in system cost and performance / Computing / D.Phil. Computer security Communication networks Countermeasure classification Mobile agent security framework Security framework requirements Threats classification Malicious hosts Mobile agent security 005.8 Mobile agents (Computer software) Computer security Computer networks -- Security measures
380	Information security, privacy, and compliance models for cloud computing services Alruwaili, Fahad F. 13 April 2016 (has links) The recent emergence and rapid advancement of Cloud Computing (CC) infrastructure and services have made outsourcing Information Technology (IT) and digital services to Cloud Providers (CPs) attractive. Cloud offerings enable reduction in IT resources (hardware, software, services, support, and staffing), and provide flexibility and agility in resource allocation, data and resource delivery, fault-tolerance, and scalability. However, the current standards and guidelines adopted by many CPs are tailored to address functionality (such as availability, speed, and utilization) and design requirements (such as integration), rather than protection against cyber-attacks and associated security issues. In order to achieve sustainable trust for cloud services with minimal risks and impact on cloud customers, appropriate cloud information security models are required. The research described in this dissertation details the processes adopted for the development and implementation of an integrated information security cloud based approach to cloud service models. This involves detailed investigation into the inherent information security deficiencies identified in the existing cloud service models, service agreements, and compliance issues. The research conducted was a multidisciplinary in nature, with detailed investigations on factors such as people, technology, security, privacy, and compliance involved in cloud risk assessment to ensure all aspects are addressed in holistic and well-structured models. The primary research objectives for this dissertation are investigated through a series of scientific papers centered on these key research disciplines. The assessment of information security, privacy, and compliance implementations in a cloud environment is described in Chapters two, three, four, and five. Paper 1 (CCIPS: A Cooperative Intrusion Detection and Prevention Framework for Cloud Services) outlines a framework for detecting and preventing known and zero-day threats targeting cloud computing networks. This framework forms the basis for implementing enhanced threat detection and prevention via behavioral and anomaly data analysis. Paper 2 (A Trusted CCIPS Framework) extends the work of cooperative intrusion detection and prevention to enable trusted delivery of cloud services. The trusted CCIPS model details and justifies the multi-layer approach to enhance the performance and efficiency of detecting and preventing cloud threats. Paper 3 (SOCaaS: Security Operations Center as a Service for Cloud Computing Environments) describes the need for a trusted third party to perform real-time monitoring of cloud services to ensure compliance with security requirements by suggesting a security operations center system architecture. Paper 4 (SecSLA: A Proactive and Secure Service Level Agreement Framework for Cloud Services) identifies the necessary cloud security and privacy controls that need to be addressed in the contractual agreements, i.e. service level agreements (SLAs), between CPs and their customers. Papers five, six, seven, and eight (Chapters 6 – 9) focus on addressing and reducing the risk issues resulting from poor assessment to the adoption of cloud services and the factors that influence such as migration. The investigation of cloud-specific information security risk management and migration readiness frameworks, detailed in Paper 5 (An Effective Risk Management Framework for Cloud Computing Services) and Paper 6 (Information Security, Privacy, and Compliance Readiness Model) was achieved through extensive consideration of all possible factors obtained from different studies. An analysis of the results indicates that several key factors, including risk tolerance, can significantly influence the migration decision to cloud technology. An additional issue found during this research in assessing the readiness of an organization to move to the cloud is the necessity to ensure that the cloud service provider is actually with information security, privacy, and compliance (ISPC) requirements. This investigation is extended in Paper 7 (A Practical Life Cycle Approach for Cloud based Information Security) to include the six phases of creating proactive cloud information security systems beginning with initial design, through the development, implementation, operations and maintenance. The inherent difficulty in identifying ISPC compliant cloud technology is resolved by employing a tracking method, namely the eligibility and verification system presented in Paper 8 (Cloud Services Information Security and Privacy Eligibility and Verification System). Finally, Paper 9 (A Case Study of Migration to a Compliant Cloud Technology) describes the actual implementation of the proposed frameworks and models to help the decision making process faced by the Saudi financial agency in migrating their IT services to the cloud. Together these models and frameworks suggest that the threats and risks associated with cloud services are continuously changing and more importantly, increasing in complexity and sophistication. They contribute to making stronger cloud based information security, privacy, and compliance technological frameworks. The outcomes obtained significantly contribute to best practices in ensuring information security controls are addressed, monitoring, enforced, and compliant with relevant regulations. / Graduate / 0984 / 0790 / fahd333@gmail.com Cloud Computing Intrusion Prevention Cyber Attacks/Threats Security Operations Centre (SOC) Service Level Agreement (SLA) Cloud Security Services Cloud Governance Cloud Compliance Cloud Forensics Cloud Community Risk Management Eligibility and Verification Trust Monitoring Virtualization

Search results