Publisher: DSV, 1994, 313 pages
ISBN: 91-7153-207-2
Keywords: IT Security, Information Security
The problem of securing information processed, stored and communicated by information technology (IT) systems, is examined using a variety of approaches, including General Systems Theory, sociology, criminology, computer science, and information systems theory.
The General Systems Theory approach is used to develop a model of socio-technical security systems for protecting information handled by IT. This model is then used to focus the analysis of the problem into the four areas of ethics, politics and law, operations and management, and technology.
Ethical attitudes associated with IT and IT abuse behaviour among university students in Sweden and Canada are studied voth longitudinally and comparatively. The longitudinal study indicates that between 1986 and 1991 there were some significant changes in ethical attitudes along with an increase in IT abuse behaviour.
The political and legal study of the problem focuses on the development of national IT systems security evaluation criteria. North American and European criteria are used to analyse 47 crime cases reported to the Swedish police between 1987-1989. It is found that these criteria correspond to a large extent to the IT crime cases.
In the operational and managerial part of the thesis the problem of distributing and maintaining IT system security manuals are discussed and a conceptual model of a hypertext IT security manual is presented.
A client server model for managing audit and accountability information in health care information systems is proposed in the technical part. The model builds on the European Manufacture's Association's security framework. A technical walk through of the model along with a list of protocol service primitives are outlined.
The thesis concludes with a synthesis of the ethical, political and legal, operational and managerial, and technical IT security constraints into a conceptual model of IT security referred to as the Security By Consensus (SBC) model.
There are some gems in here, but you can safely avoid this.
Comments
There are currently no comments
New Comment