225,824 research outputs found

    Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems

    Get PDF
    Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644429 and No 780351, MUSA project and ENACT project, respectively. We would also like to acknowledge all the members of the MUSA Consortium and ENACT Consortium for their valuable help

    Management information systems in social safety net programs : a look at accountability and control mechanisms

    Get PDF
    This paper is intended to provide task managers and World Bank Group clients working on Social Safety Net (SSN) programs with practical and systematic ways to use information management practices to mitigate risks by strengthening control and accountability mechanisms. It lays out practices and options to consider in the design and implementation of the Management Information System (MIS), and how to evaluate and mitigate operational risks originating from running a MIS. The findings of the paper are based on the review of several Conditional Cash Transfer (CCT) programs in the Latin American Region and various World Bank publications on CCTs. The paper presents a framework for the implementation of MIS and cross-cutting information management systems that is based on industry standards and information management practices. This framework can be applied both to programs that make use of information and communications technology (ICT) and programs that are paper based. It includes examples of MIS practices that can strengthen control and accountability mechanisms of SSN programs, and presents a roadmap for the design and implementation of an MIS in these programs. The application of the framework is illustrated through case studies from three fictitious countries. The paper concludes with some considerations and recommendations for task managers and government officials in charge of implementing CCTs and other safety nets program, and with a checklist for the implementation and monitoring of MIS.E-Business,Technology Industry,Education for Development (superceded),Labor Policies,Knowledge Economy

    Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services

    Get PDF
    In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is\ud not achievable and the limited resources available should be directed to satisfy the most important ones. We propose to explicitly link security requirements with the organization’s business vision, i.e. to provide business\ud rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements.\ud Furthermore we discuss how to integrate the aforementioned solution concepts into a service level management process for security services, which is an important step in IT Governance. We validate our approach by way of a focus group session

    BOF4WSS : a business-oriented framework for enhancing web services security for e-business

    Get PDF
    When considering Web services' (WS) use for online business-to-business (B2B) collaboration between companies, security is a complicated and very topical issue. This is especially true with regard to reaching a level of security beyond the technological layer, that is supported and trusted by all businesses involved. With appreciation of this fact, our research draws from established development methodologies to develop a new, business-oriented framework (BOF4WSS) to guide e-businesses in defining, and achieving agreed security levels across these collaborating enterprises. The approach envisioned is such that it can be used by businesses-in a joint manner-to manage the comprehensive concern that security in the WS environment has become

    Evaluation of a pilot of legally assisted and supported family dispute resolution in family violence cases

    Get PDF
    Evidence of the prevalence of a history of past and/or current family violence among separated parents, and the presence of ongoing safety concerns for themselves and their children as a result of ongoing contact with the other parent, has created an impetus for the family law system to find more effective ways of dealing with families affected by family violence. In July 2009, the Federal Government announced funding for a pilot program to provide assistance, including family dispute resolution (FDR), to such families. Subsequently, Women’s Legal Service Brisbane (and other consultants) were funded by the Attorney- General’s Department (AGD) to develop a model for coordinated family dispute resolution (CFDR). CFDR is a service for separated families who need assistance to resolve parenting disputes where there has been a history of past and/or current family violence. It is being implemented in five sites/lead agencies across Australia: Perth (Legal Aid Western Australia), Brisbane (Telephone Dispute Resolution Service [TDRS], run by Relationships Australia Queensland), Newcastle (Interrelate), Western Sydney (Unifam) and Hobart (Relationships Australia Tasmania). TDRS made adaptions to the model to accommodate its telephone-based service. The pilot commenced operation at most sites in the final quarter of 2010. Implementation in one location (Brisbane) was delayed until mid-2011 to allow time to finalise the composition of the partnership. This report presents the findings of an evaluation of this process
    • …
    corecore