Change search
ReferencesLink to record
Permanent link

Direct link
Auktorisation och ackreditering inom Försvarsmakten: En studie i nyttan av en standardiserad process för att hantera informationssäkerhet
Uppsala University, Disciplinary Domain of Science and Technology, Mathematics and Computer Science, Department of Information Technology, Division of Computing Science.
2011 (Swedish)Independent thesis Advanced level (professional degree), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Information Technology is an essential part of the society today, not least in large organisations dealing with sensitive information. An example of such an organisation is the Swedish Armed Forces which indeed is in the need of ways to ensure information security in their Information Technology systems. The means which is used is an authorisation and accreditation process.

All Information Technology systems go through a life cycle which includes realisation, usage, development and liquidation. In the Swedish Armed Forces the lifecycle is an authorisation process. Each step in the process is followed by an authorisation decision and one of these steps is accreditation. Accreditation is a formal approval to put the system in operation.

The aim of the thesis is to study how large organisations may ensure information security when developing IT and the importance of a standardised process to handle information security. The study has been carried out by comparing the process of the Swedish Armed Forces with other methods to run projects and theories concerning development of IT.

Interviews with Information Security Consultants at Combitech AB along with a study of documentation have been carried out in order to study the process. The theoretical framework has been formed through a literature study of project models and methods for development of IT.

The main result of the thesis is that a standardised process which manage quality, communication, traceability, complexity, aim, operation and liquidation plan, risk assessment as well as use case increases the chance of a successful project and the achievement of information security in development of new IT. High quality in the formation of the security aim and the specification of requirements, along with tests to establish that all requirements are fulfilled, are crucial when it comes to information security.

Place, publisher, year, edition, pages
2011. , 63 p.
Series
UPTEC STS, ISSN 1650-8319 ; STS11007
Keyword [sv]
auktorisation, ackreditering
Identifiers
URN: urn:nbn:se:uu:diva-153267OAI: oai:DiVA.org:uu-153267DiVA: diva2:415933
Uppsok
Technology
Supervisors
Examiners
Available from: 2011-05-12 Created: 2011-05-09 Last updated: 2011-05-12Bibliographically approved

Open Access in DiVA

fulltext(1274 kB)1648 downloads
File information
File name FULLTEXT01.pdfFile size 1274 kBChecksum SHA-512
ae1355d6241f99d194751ed87f2af6d7bdcc3b21c5110bcc4d6131f79896f561e169c66d68a638d26155bf3f82563f56c06196eeec1b7d98ce3ff8a0ddb74514
Type fulltextMimetype application/pdf

By organisation
Division of Computing Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 1648 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 411 hits
ReferencesLink to record
Permanent link

Direct link