Logo des Repositoriums

Auflistung nach Schlagwort "standards"

1 - 4 von 4
  • Textdokument
    Forensic-related Application Security Controls for RHEL in Critical Infrastructure
    (INFORMATIK 2017, 2017) Bajramovic, Edita; Lainer, Andreas
    Industrial cyber security is an avid area of research. Incident response and forensic investigations are complex activities. Due to the complexity of critical infrastructures, such as Nuclear Power Plants (NPPs), preparation is vital. Manual approaches still tend to be favored mainly because of (physical) safety assurances. The tasks and actions required and the outcomes to expect need to be documented. Application Security Controls (ASCs) are a good way to document forensic controls for which an extended model is proposed. However, ASCs must be tested further on forensic applicability and there are also considerable alternatives. In terms of possible additional security measures and to apply the gained insights, one exemplary operational Instrumentation & Control (I&C) server system is analyzed in order to derive recommendations.
  • Zeitschriftenartikel
    Informationstechnologie, Governance und Compliance
    (Wirtschaftsinformatik: Vol. 50, No. 5, 2008) Teubner, Alexander; Feller, Tom
    In dem Beitrag werden die Ergebnisse einer Web-Recherche zu den Themen Governance und Compliance in Zusammenhang mit dem Einsatz von Informationstechnologie vorgestellt. Hierbei zeigt sich, dass die Informationstechnologie eine doppelte Rolle einnimmt. Sie tritt zum einen als Instrument zur Realisierung der betrieblichen Governance und Compliance in Erscheinung. Zum anderen ist die IT auch ein wesentlicher Gegenstand von Governance und Compliance, sodass sich die eigenständigen Arbeitsfelder „IT-Governance“ und „IT-Compliance“ etabliert haben. Da zwischen Governance und Compliance enge Bezüge bestehen, wird in der Praxis oft auf eine klare Positionierung verzichtet. Dies gilt für die Beratungsangebote von IT-Dienstleistern ebenso wie für das Angebot von Softwarewerkzeugen. Letztere werden i. d. R. unspezifisch als Governance-Risk-Compliance-Software bezeichnet. Die duale Rolle der IT und vor allem die unpräzise und tendenziell inflationäre Verwendung der Begriffe „Governance“ und „Compliance“ erschweren die thematische Ordnung von Inhalten auf dem Word Wide Web erheblich.AbstractThe paper presents the results of a World Wide Web research on the relationships between information technology (IT) on the one hand and governance and compliance on the other. The research sheds light on two different roles IT can take up in governance and compliance. Firstly, IT is used as an instrument or tool in support of implementing governance and compliance in organizations. Secondly, IT is an important concern in governance and assurance of compliance in organizations, resulting in IT-governance and IT-compliance as issues of their own. Since the domains of governance and compliance overlap in some respect, both areas are not always properly distinguished. This can especially be observed in offerings of IT consulting firms and in the positioning of products of software developers and vendors which are often vaguely labeled as “Governance, Risk and Compliance (GRC) Software”. An imprecise and somewhat inflationary use of the terms governance and compliance impedes a systematic analysis of the field.
  • Zeitschriftenartikel
    RefModPM: A Conceptual Reference Model for Project Management Information Systems
    (Wirtschaftsinformatik: Vol. 50, No. 2, 2008) Ahlemann, Frederik; Riempp, Gerold
    Project management information systems have changed considerably in the last decade. Today they go far beyond traditional scheduling as well as resource management. These systems have become comprehensive information systems (IS) that support the entire life cycle of projects, project programmes and project portfolios. In this context, project-oriented organizations face a new challenge: the design, implementation and operation of such information systems has become increasingly complex, since numerous processes have to be considered, diverse stakeholder interests taken into account and corresponding software systems selected. The reference model for project management IS (RefModPM) presented here addresses these challenges and aims to support corresponding implementation projects. This article introduces RefModPM by discussing its construction process and evaluation, as well as providing an overview of its architecture and presenting one part of the reference model in detail.ZusammenfassungDer Artikel stellt ein konzeptionelles Informationssystem-Referenzmodell für das Projektmanagement vor (RefModPM). Hierzu wird zunächst auf den Konstruktions- und Evaluationsprozess eingegangen, in dessen Rahmen RefModPM entwickelt wurde. Dann erfolgt eine überblicksartige Vorstellung der Referenzmodellarchitektur. Abschließend wird ein Modellausschnitt im Detail diskutiert.
  • Konferenzbeitrag
    Unobtrusive fall detection and prevention: Extending from a prototype test to a pilot trial
    (INFORMATIK 2012, 2012) Rau, Henriette; Grieger, Jacob; Marzahl, Christian; Penndorf, Peter; Staemmler, Martin
    Fall detection based on images is rated obtrusive and costly. This paper presents an unobtrusive fall detection system, which allows a nearly invisible positioning under furniture and cost-efficient integration and scalability in retirement homes via WLAN. The system classifies events using image analysis and notifies the caregiver if an alarming event occurred. It was successfully tested in a nursing and a retirement home and refined based on the experiences made.