Change search
Refine search result
1 - 19 of 19
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Abbas, Haider
    et al.
    KTH, School of ICT, Electronic Systems.
    Magnusson, Christer
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Hemani, Ahmed
    ICT/Materialfysik.
    Addressing Dynamic Issues in Information Security Management2011In: Information Management & Computer Security, ISSN 0968-5227, E-ISSN 1758-5805, Vol. 19, no 1, p. 5-24Article in journal (Refereed)
    Abstract [en]

    The paper addresses three main problems resulting from uncertainty in information security management: i)dynamically changing security requirements of an organization ii) externalities caused by a security system and iii)obsolete evaluation of security concerns. A framework based on options reasoning borrowed from corporate finance is proposed and adapted to evaluation of security architecture and decision-making for handling these issues at organizational level. The adaptation as methodology is demonstrated by a large case study validating its efficacy.

  • 2. Abbas, Haider
    et al.
    Magnusson, Christer
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Hemani, Ahmed
    Architectural Description of an Automated System for Uncertainty Issues Management in Information Security2010In: International Journal of computer Science and Information Security, ISSN 1947-5500, Vol. 8, no 3, p. 59-67Article in journal (Refereed)
    Abstract [en]

    Information technology evolves at a faster pace giving organizations a limited scope to comprehend and effectively react to steady flux nature of its progress. Consequently the rapid technological progression raises various concerns for the IT system of an organization i.e. existing hardware/software obsoleteness, uncertain system behavior, interoperability of various components/method, sudden changes in IT security requirements and expiration of security evaluations. These issues are continuous and critical in their nature that create uncertainty in IT infrastructure and threaten the IT security measures of an organization. In this research, Options theory is devised to address uncertainty issues in IT security management and the concepts have been developed/validated through real cases on SHS (Spridnings-och-Hämtningssystem) and ESAM (E-society) systems. AUMSIS (Automated Uncertainty Management System in Information Security) is the ultimate objective of this research which provides an automated system for uncertainty management in information security. The paper presents the architectural description of AUMSIS, its various components, information flow, storage and information processing details using options valuation techniques. It also presents heterogeneous information retrieval problems and their solution. The architecture is validated with examples from SHS system

  • 3.
    Bakari, Jabiri Kuwe
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Tarimo, Charles N
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Magnusson, Christer
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences. Säkerhetsinformatik.
    Operationalisiation of ICT Security Policy and Mechanisms in an organisation2007Conference paper (Other academic)
  • 4.
    Davidson, Alan
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Oja, Rein
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    A Swedish IT forensics course – expert opinions2009In: International Journal of Electronic Security and Digital Forensics, ISSN 1751-911X, E-ISSN 1751-9128, Vol. 2, no 3, p. 322-333Article in journal (Refereed)
    Abstract [en]

    There is mounting pressure for institutes of higher education to fill society's need for qualified IT forensics practitioners. Despite that pressure, it is not clear how that need should be filled, for whom, and by whom. There are many published texts available on which one might base a course, though they are primarily written for English speaking countries. Given the differences in legal practices in different countries, and forensic's dependency on legal procedures, it is not clear how applicable such texts are to Swedish education in the subject. This paper summarises some of the ongoing work at the Department of Computer and Systems Sciences at Stockholm University where we seek to define what the primary elements of a Swedish IT forensics education should be. Interviews conducted with specialists in IT law and IT forensics indicate that there are discrepancies between how representatives from on the one hand the public legal system and on the other private enterprise view the need and the subject matter.

  • 5.
    Dayarathna, Rasika
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Attitudes toward Privacy amongst Young International Academics2006In: Innovations for a Knowledge Economy: Proceedings of the 8 th International Information Technology Conference IITC2006 Colombo Sri Lanka, 2006, p. 66-72Conference paper (Refereed)
    Abstract [en]

    Article 17 and 25 of the EU Directive 95/46/EC, on the protection of individuals with regard to the processing of personal data and on the free movement of such data, state that the nature of the data should be taken into account in determining the appropriate level of security for processing and transferring personal data. Except Article 8, which mentions special category of personal data called sensitive data, the directive is silent on the nature of the data. The main objective of this study was to identify the relationship between the level of protection required for the personal data and the nature of the data. Another aspect of this study was to identify under what circumstances individuals were willing to compromise their information privacy. A survey was conducted among young academics in the field of information and communication technology. The participants demanded a higher level of protection for their bank account details, credit and debit card transaction details, income tax details, medical reports on serious illnesses, credit report details and general medical reports. On the other hand, age, both academic and professional qualifications, marital status, hobbies and occupations were considered as low privacy concerned items. Other interesting finding was that the participants prefer to compromise their privacy for public safety and health care rather than compromise their privacy for national security. A large number of participants were not willing to compromise their privacy for research activities. More than one third of the participants were willing to pay for privacy enhancing technologies while one third of the participants were willing to compromise their privacy for short term financial benefits. Even though article 8 of the EU Directive 95/46/EC imposes strict rules for processing sensitive data, the participants did not demand much protection for such data. This study shows the importance of introducing sector specific guidelines for personal data protection. It also highlights the demand for more user friendly privacy enhancing technologies and more privacy awareness among the future driving forces of the Information Technology.

  • 6.
    Karokola, Geoffrey Rwezaura
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Kowalski, Stewart
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Evaluating A Framework for Securing e-Government Services: A Case of TanzaniaManuscript (preprint) (Other academic)
  • 7.
    Karokola, Geoffrey Rwezaura
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Kowalski, Stewart
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Secure e-Government services: Protection Profile for Electronic Voting - A Case of Tanzania2012In: IST-Africa 2012 Conference Proceedings / [ed] Paul Cunningham and Miriam Cunningham, IIMC International Information Management Corporation , 2012Conference paper (Refereed)
  • 8.
    Karokola, Geoffrey Rwezaura
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Kowalski, Stewart
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Secure e-Government Services: Towards A Framework for Integrating IT Security Services into e-Government Maturity Models2011In: Proceedings of the IEEE/10th ISSA 2011 Conference on Information Security, IEEE/HAISA2011 , 2011, p. 1-9Conference paper (Refereed)
    Abstract [en]

    e-Government maturity models (eGMMs) lack security services (technical and socio/non-technical) in its critical maturity stages. The paper proposes a comprehensive framework for integrating IT security services into eGMM critical stages. The proposed framework is a result of integrating information security maturity model (ISMM) critical levels into e-government maturity model (eGMM) critical stages. The research utilizes Soft Systems Methodology (SSM) of scientific inquiry adopted from Checkland and Scholes. The paper contributes to the theoretical and empirical knowledge in the following ways: firstly, it introduces a new approach that shows how government’s can progressively secure their e-government services; secondly, it outlines the security requirements (technical and non-technical) for critical maturity stages of eGMM; and thirdly, it enhances awareness and understanding to the governments and stakeholders such as practitioners, experts and citizens on the importance of security requirements being clearly defined within eGMM critical stages.

  • 9.
    Karokola, Geoffrey Rwezaura
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Kowalski, Stewart
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Towards An Information Security Maturity Model for Secure e-Government Services: A Stakeholders View2011In: Proceedings of the 5th International Symposium on Human Aspects of Information Security & Assurance, HAISA , 2011, p. 58-73Conference paper (Refereed)
    Abstract [en]

    The paper proposes a comprehensive information security maturity model (ISMM) that addresses both technical and socio/non-technical security aspects. The model is intended for securing e-government services (implementation and service delivery) in an emerging and increasing security risk environment. The paper applied inductive approach that utilizes extensive literature review and survey study approaches. A total of eight existing ISMMs were selected and critically analyzed. Models were then categorized into security awareness, evaluation and management orientations. Based on the model’s strengths – three models were selected to undergo further analyses and then they were synthesized. Each of the three selected models was either from the security awareness, evaluation or management orientations category. To affirm the findings – a survey study was conducted into six government organizations located in Tanzania. The study was structured to a large extent by the security controls adopted from the Security By Consensus (SBC) model. Finally, an ISMM with five critical maturity levels was proposed. The maturity levels were: undefined, defined, managed, controlled and optimized. The papers main contribution is the proposed model that addresses both technical and non-technical security services within the critical maturity levels. Additionally, the paper enhances awareness and understanding on the needs for security services be an integral part of e-government services to stakeholders.

  • 10.
    Karokola, Geoffrey Rwezaura
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    State of e-Government Development in the Developing World: Case of Tanzania - Security View2009In: Proceedings of the 5rh International Conference on e-Government(ICEG 2009), Boston USA. October 2009, 2009, p. 91-100Conference paper (Refereed)
  • 11.
    Karokola, Geoffrey
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Kowalski, Stewart
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Secure e-Government Services: A Comparative Analysis of e- Government Maturity Models for the Developing Regions - The need for Security Services2012In: The International Journal of Electronic Government Research, ISSN 1548-3886, Vol. 8, no 1, p. 1-25Article in journal (Refereed)
    Abstract [en]

    E-Government offers many benefits to government agencies, citizens and the business community. However,e-Government services are prone to current and emerging security challenges posing potential threats tocritical information assets. Securing it appears to be a major challenge facing governments globally. Basedon the international security standards – the paper thoroughly investigates and analyzes eleven e-governmentmaturity models (eGMMs) for security services. Further, it attempts to establish a common frame of referencefor eGMM critical stages. The study utilizes the Soft Systems Methodology (SSM) of scientific inquiry/learning cycle adopted from Checkland and Scholes. The findings show that security services (technical andnon-technical) are lacking in eGMMs – implying that eGMMs were designed to measure more quantity ofoffered e-government services than the quality of security services. Therefore, as a step towards achievingsecure e-government services the paper proposes a common frame of reference for eGMM with five criticalstages. These stages will later be extended to include the required security services.

  • 12.
    Magnusson, Christer
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Bakari, Jabiri Kuwe
    Wahlgren, Gunnar
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    ICT Risk Management Drivers - a Comparative Study of Sweden, USA, India, and Tanzania2007In: Proceedings of the CRiSIS 2007 International Conference on Risk and Security of Internet and Systems, 2007Conference paper (Refereed)
  • 13.
    Monfelt, Yngve
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Pilemalm, Sofie
    Swedish Defennce Research Agency, Division of Information Syatems, Linköping.
    Hallberg, Jonas
    Swedish Defennce Research Agency, Division of Informaton Systems, Linköpng.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    The 14 layered framework for including social and organisational aspects in security management2011In: Information Management & Computer Security, ISSN 0968-5227, E-ISSN 1758-5805, Vol. 19, no 2, p. 124-133Article in journal (Refereed)
    Abstract [en]

    Purpose – The purpose of this paper is to describe the controlled information security project which is designed to investigate, assess and provide tools to improve the information security status in organizations with a focus on public agencies. A central question for the project is how information security issues are communicated within organizations, specifically underlining that communication is control in a cybernetic sense. Design/methodology/approach – The research method applied can be expressed as applied general systems theory combined with design science. The project is carried out in a number of steps: to design modelling techniques and metrics for information security issues in organizations; to collect data from Swedish governmental agencies; to use the modelling techniques to model communication of information security in organizations from different perspectives; to apply metrics on the data in order to assess information security levels in the agencies; to identify gaps; and to identify needs for improvement. Findings – The motivation for the research is that communication of information security issues within organizations tend to be insufficient and the mental connections between IT-security and information security work are weak, which prohibits the organization from learning and adapting in its security work. An entity's authority depends on its ability to control and manage the variety in the 14 layers. The general control objectives needed were implied based on the information security management standard. Originality/value – The paper focuses on mind to mind communication conditions and how to adapt mechanistic systems.

  • 14.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences. Säkerhetsinformatik.
    Citizen Identity registration system and Unique Citizen identity number2007Report (Other (popular science, discussion, etc.))
  • 15.
    Yngström, Louise
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences. Säkerhetsinformatik.
    Making ICT Security Readiness Possible - The Case of Tanzania in the Sub-Saharan Region2007In: 5th CEENEt Workshop on Network management: The Challenges for Secure Research and Education Networking in the Developing Countries, 2007Conference paper (Other academic)
  • 16.
    Yngström, Louise
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    Abbas, Haider
    Hemani, Ahmed
    Magnusson, Christer
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
    A Structured approach for Internalizing Externalities Caused by IT Security Mechanisms2010In: 2nd Int. Workshop on Education Technology and Computer Science, 2010Conference paper (Refereed)
  • 17.
    Yngström, Louise
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences. Säkerhetsinformatik.
    Armstrong, Helen
    Resubmit my Information Security Thesis? - You must be joking!2007In: IFIP International Federation for Information Processing, 2007Conference paper (Other academic)
    Abstract [en]

    This paper presents a model for use by students and supervisors embarking upon higher degrees by research with specific application to information security. The model details a set of questions to be asked in preparing for the research in order to ensure a well planned and cohesive research project and written thesis

  • 18.
    Yngström, Louise
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences. Säkerhetsinformatik.
    Melin Wenström, A.
    Widell, I.
    Citizen Identity Registration System and Unique Citizen Identification Number - fact-finding mission2007Report (Other (popular science, discussion, etc.))
  • 19.
    Yngström, Louise
    et al.
    Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences. Säkerhetsinformatik.
    Wills, Christopher
    Systemic Holistic Approach to ICT security2007In: Information and Communication Systems Security, 2007Chapter in book (Other academic)
1 - 19 of 19
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf