225,824 research outputs found
Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems
Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security
assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security
mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps
framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include
the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any)
and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security
level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received
funding from the European Unionâs Horizon 2020 research
and innovation programme under grant agreement No 644429
and No 780351, MUSA project and ENACT project,
respectively. We would also like to acknowledge all the
members of the MUSA Consortium and ENACT Consortium
for their valuable help
Management information systems in social safety net programs : a look at accountability and control mechanisms
This paper is intended to provide task managers and World Bank Group clients working on Social Safety Net (SSN) programs with practical and systematic ways to use information management practices to mitigate risks by strengthening control and accountability mechanisms. It lays out practices and options to consider in the design and implementation of the Management Information System (MIS), and how to evaluate and mitigate operational risks originating from running a MIS. The findings of the paper are based on the review of several Conditional Cash Transfer (CCT) programs in the Latin American Region and various World Bank publications on CCTs. The paper presents a framework for the implementation of MIS and cross-cutting information management systems that is based on industry standards and information management practices. This framework can be applied both to programs that make use of information and communications technology (ICT) and programs that are paper based. It includes examples of MIS practices that can strengthen control and accountability mechanisms of SSN programs, and presents a roadmap for the design and implementation of an MIS in these programs. The application of the framework is illustrated through case studies from three fictitious countries. The paper concludes with some considerations and recommendations for task managers and government officials in charge of implementing CCTs and other safety nets program, and with a checklist for the implementation and monitoring of MIS.E-Business,Technology Industry,Education for Development (superceded),Labor Policies,Knowledge Economy
Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services
In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is\ud
not achievable and the limited resources available should be directed to satisfy the most important ones. We propose to explicitly link security requirements with the organizationâs business vision, i.e. to provide business\ud
rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements.\ud
Furthermore we discuss how to integrate the aforementioned solution concepts into a service level management process for security services, which is an important step in IT Governance. We validate our approach by way of a focus group session
BOF4WSS : a business-oriented framework for enhancing web services security for e-business
When considering Web services' (WS) use for online business-to-business (B2B) collaboration between companies, security is a complicated and very topical issue. This is especially true with regard to reaching a level of security beyond the technological layer, that is supported and trusted by all businesses involved. With appreciation of this fact, our research draws from established development methodologies to develop a new, business-oriented framework (BOF4WSS) to guide e-businesses in defining, and achieving agreed security levels across these collaborating enterprises. The approach envisioned is such that it can be used by businesses-in a joint manner-to manage the comprehensive concern that security in the WS environment has become
Evaluation of a pilot of legally assisted and supported family dispute resolution in family violence cases
Evidence of the prevalence of a history of past and/or current family violence among separated parents, and the presence of ongoing safety concerns for themselves and their children as a result of ongoing contact with the other parent, has created an impetus for the family law system to find more effective ways of dealing with families affected by family violence.
In July 2009, the Federal Government announced funding for a pilot program to provide assistance, including family dispute resolution (FDR), to such families. Subsequently, Womenâs Legal Service Brisbane (and other consultants) were funded by the Attorney- Generalâs Department (AGD) to develop a model for coordinated family dispute resolution (CFDR). CFDR is a service for separated families who need assistance to resolve parenting disputes where there has been a history of past and/or current family violence. It is being implemented in five sites/lead agencies across Australia: Perth (Legal Aid Western Australia), Brisbane (Telephone Dispute Resolution Service [TDRS], run by Relationships Australia Queensland), Newcastle (Interrelate), Western Sydney (Unifam) and Hobart (Relationships Australia Tasmania). TDRS made adaptions to the model to accommodate its telephone-based service.
The pilot commenced operation at most sites in the final quarter of 2010. Implementation in one location (Brisbane) was delayed until mid-2011 to allow time to finalise the composition of the partnership.
This report presents the findings of an evaluation of this process
- âŚ