The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Recruitment and selection of new employees rank to the important processes of human potential management and development. Especially the process of employee selection prepares proper conditions for a successful work performance and decides on a future progress-ability of the organizations. In a unique sector of private security, the precise realization of employee selection can solve one of the most...
This article presents a data audit system, which confirms that proper use of data is performed on the iKaaS platform (intelligent Knowledge as a Service) platform. The proposed data audit system can alleviate ambiguous anxiety of data owner about unauthorized use by providing measures to understand that illegal use of data cannot occur. This achievement is expected to support the construction of the...
The upcoming General Data Protection Regulation is quickly becoming of great concern to organizations which process personal data of European citizens. It is however nontrivial to translate these legal requirements into privacy friendly designs. One recently proposed approach to make 'privacy by design' more practical is privacy design strategies. This paper improves the strategy definitions and suggests...
The implementation of cloud computing embraces remarkable potential for small and medium-sized enterprises (SMEs) as it permits them to reduce the costs as well as improve scalability and flexibility. In order to choose a suitable cloud service, it is essential to carefully classify non-functional and functional requirements. In this regard, the features affecting legal requirements as well as IT...
The decision to adopt a new technology in an organization is a complex task because of several Non-Functional Requirements (NFR) e.g., availability, interoperability, and presence of several alternatives, e.g., service providers can offer multiple packages. To support such a decision and to select the best alternative a Trade-off based Adoption Methodology for Cloud-based Infrastructure and Services...
Information systems security (ISS) is crucial in all and each of the services provided by organizations. Among the security measures, policies assume a central role in literature. However, there is a reduced number of empirical studies about the implementation of ISS policies and which are the critical success factors for its implementation. This paper contributes to mitigate this flaw by presenting...
Personal Health Records (PHR) open new opportunities for enhancing delivery of standard health care services and health information to general population and supporting individuals to take more active role in health management and decision making processes. However, while utilization of PHR as part of a health management process brings much more flexibility, and advanced options to individuals, it...
In this paper we discuss our experience of implementation of Data Loss Prevention (DLP) system at our University. The DLP system helps to analyze, control, monitor, block and protect data at the University. With the help of the DLP system and encryption we are able to protect and control the confidential data about our users, HR data, intellectual ownership data, legal and financial documentation,...
Efforts to understand what goes on in the mind of an insider have taken a back seat to developing technical controls, yet insider threat incidents persist. We examine insider threat incidents with malicious intent and propose an explanation through a relationship between Dark Triad personality traits and the insider threat. Although Dark Triad personality traits have emerged in insider threat cases...
Cloud computing is dominating European countries' Information and Communication Technology (ICT) agenda. Although the European cloud market is mostly mature, there are still challenges to overcome. Norway is one of the European countries facing such challenges, despite it is a developed country in terms of quality of life and ICT development. This paper identifies the current state of cloud computing...
Civil aviation remains an attracting target for criminals and the obligation to protect civil aviation against acts of unlawful interference must cope with increasingly sophisticated threats, many of a technological nature. The development of complex systems, by their nature interoperable, in an increasingly global and supranational environment, requires a methodological approach of the security governance...
Laws and regulations must be considered in the requirements engineering process to help ensure legal compliance when developing software or engineering systems. To incorporate legal compliance considerations into the requirements engineering process, we introduce a preliminary extension of the SQUARE methodology, called L-SQUARE. In this paper, we develop L-SQUARE by discussing legal compliance concerns...
In this paper we propose an approach for enhanced data protection in the cloud, based upon accountability governance. Specifically, the relationships between accountability, risk and trust are analyzed in order to suggest characteristics and means to address data governance issues involved when organizations or individuals adopt cloud computing. This analysis takes into account insights from a variety...
Organizations often suffer harm from individuals who bear them no malice but whose actions unintentionally expose the organizations to risk in some way. This paper examines initial findings from research on such cases, referred to as unintentional insider threat (UIT). The goal of this paper is to inform government and industry stakeholders about the problem and its possible causes and mitigation...
Accountability has emerged as a critical concept related to data protection in cloud ecosystems. It is necessary to maintain chains of accountability across cloud ecosystems. This is to enhance the confidence in the trust that cloud actors have while operating in the cloud. This paper is concerned with accountability in the cloud. It presents a conceptual model, consisting of attributes, practices...
The disagreements among states that occurred in December 2012 at the World Conference on International Telecommunications in Dubai (WCIT-12) about appropriate revisions to the International Telecommunications Regulations (ITRs) highlighted the controversy over what the appropriate role of the International Telecommunications Union (ITU) ought to be in the age of the Internet. Some have argued that...
E-health is becoming more important in today's technological world. Healthcare is increasingly being supported by IT applications such as the emergence of cloud computing. But what are the challenges when using cloud computing in e-health?
This paper presents a comprehensive study on the challenges and issues of security in cloud computing. We first look into the impacts of the distinctive characteristics of cloud computing, namely, multi-tenancy, elasticity and third party control, upon the security requirements. Then, we analyze the cloud security requirements in terms of the fundamental issues, i.e., confidentiality, integrity, availability,...
The development of cloud computing services is speeding up the rate in which the organizations outsource their computational services or sell their idle computational resources. Even though migrating to the cloud remains a tempting trend from a financial perspective, there are several other aspects that must be taken into account by companies before they decide to do so. One of the most important...
In recent years, there have been many events about personal information disclosure. Almost everyday our personal data are threatened by the hackers and virus. This article systemically analyzes the ways by which the personal information is threatened and discusses about the ethics of personal information security; consequently proposes the measures to improve the personal information ethics and information...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.