Characterization of MOSFET dosimeters for low-dose measurements in maxillofacial anthropomorphic phantoms

Peer reviewe

ITIL as a method against social engineering attacks in IT operations management

Abweichender Titel laut Übersetzung der Verfasserin/des VerfassersZsfassung in engl. SpracheTrotz des kontinuierlichen wissenschaftlichen Diskurses über Information Security sind gerade jene Angriffe noch nicht ausreichend behandelt, die auf menschlichen Aspekten basieren. Dies resultiert primär aus dem bisherigen Fokus, auf der personellen Sicherheitsebene einen wirksamen Schutz gegen Social Engineering aufzubauen. Moderne Informationssicherheitsmodelle zeichnen sich allerdings unter anderem durch einen multi-dimensionalen Ansatz aus. Es ist daher naheliegend, auch gegen Social Engineering ein multi-dimensionales Sicherheitsmodell einzusetzen. Dieses Modell bedingt nicht nur eine Wechselwirkung zwischen den Dimensionen Technik, Mensch und Organisation, sondern auch eine Integration in die Corporate Governance.Diese Arbeit beleuchtet ITIL als ein solches mögliches Rahmenwerk gegen Hacker, die sich Social Engineering Methoden bedienen. Basierend auf beispielhaft dargestellten Prozessen werden Sicherheitsmerkmale in ITIL identifiziert und deren Wirkungsweise gegen Social Engineering diskutiert.Nach der Evaluation der auf ITIL basierenden Sicherheitsmaßnahmen als eine multi-dimensionale Gegenstrategie werden die ITIL Maßnahmen entsprechend ihres Wirkungsbereichs klassifiziert. Daraus ergibt sich ein Management Katalog an Sicherheitsmaßnahmen gegen Social Engineering Angriffe. Abschließend wird gezeigt, dass ITIL als Rahmenwerk gegen Angriffe eines Social Engineers in eine unternehmensweite Information Security Governance integrierbar ist.Despite all progress on the scientific foundations of information system security, human factor attacks are still not sufficiently researched. This is mostly due to the focus to build sufficient security against social engineering attacks based on personnel security measures. Modern information security models rely on multi- dimensional approaches. Countering social engineering attacks more affectively would also demand a multidimensional approach to information security. Such an approach implies an interconnection of the technical, human and organizational domains and the relationship with corporate governance.This paper proposes ITIL to be such a framework against hackers using social engineering techniques. Based on an exemplified described process of a medium sized financial institution, security mechanisms are identified and classified in the ITIL framework, and their effectiveness against social engineering attacks is discussed.After evaluating security measures according to ITIL for their potential to serve as such a multidimensional counter measure, ITIL measures will be classified according to their application area in preventing or counter acting attacks, thus providing a management catalogue of security measures against social engineering attacks. Finally it is shown that ITIL as a framework against hackers using social engineering techniques can be integrated into enterprise wide information security governance.22

Identifying relevant factors for successful implementation into routine practice: expert interviews to inform a heart failure self-care intervention (ACHIEVE study)

Background!#!Adherence to heart failure (HF) self-care behaviours has been found to be effective for alleviating illness symptoms, increasing quality of life and reducing hospital re-admissions and mortality. However, many patients fail to implement on-going self-care into their daily lives. It is therefore crucial to improve the behaviour of HF patients to increase self-care adherence. The aim of this study is to identify relevant factors to successfully implement a complex, theory-based HF self-care intervention into routine practice.!##!Methods!#!We conducted semi-structured interviews to obtain key stakeholders' opinions on previously developed behaviour change techniques for enhancing HF patients' self-care behaviours, in order to optimise implementation of these techniques in an intervention. The interview topic guide was developed based on the Normalisation Process Theory (NPT), a tool that takes into account the feasibility of implementation and the acceptability to stakeholders. Interviews were analysed using thematic analysis and supported by MAXQDA 2020, a software for qualitative research.!##!Results!#!Interview participants included 18 key stakeholders consisting of three crucial groups: clinical experts (n = 7), patients (n = 3) and high calibre policy makers/potential funders (n = 8). The interviews revealed numerous factors to consider for successful implementation of an intervention into routine practice. The findings are presented according to two major categories: (1) themes within the NPT framework and (2) themes beyond the NPT framework. Themes within the NPT component 'Coherence' include three sub-themes: 'understandability', 'value beyond existing interventions' and 'perceived benefits'. The NPT component 'Cognitive participation' revealed two sub-themes: 'time resources' and 'financial sustainability'. Finally, the NPT component 'Collective action' uncovered three sub-themes: 'need for training', 'compatibility with existing practice' and 'influence on roles'. A further two themes were identified beyond the NPT framework, namely: 'structural challenges' and (2) 'role of carers'.!##!Conclusions!#!Factors identified previously by NPT were validated, but stakeholders further identified relevant aspects beyond NPT. Based on these findings, we suggest the existing NPT framework could be expanded to include a fifth component: questions considering specific environmental factors (contextual considerations). Sensitising researchers to these issues at an early stage when designing an intervention can facilitate its later success