June 6, 2001By: Respickius Casmir1 Doctoral Thesis Title and Author A Systemic-Holistic Approach to...
-
Upload
ami-french -
Category
Documents
-
view
212 -
download
0
Transcript of June 6, 2001By: Respickius Casmir1 Doctoral Thesis Title and Author A Systemic-Holistic Approach to...
June 6, 2001 By: Respickius Casmir 1
Doctoral Thesis Title and Author
A Systemic-Holistic Approach to Academic Programmes In IT
Security
PresentedBy
Louise YngströmStockholm University, October 1996
June 6, 2001 By: Respickius Casmir 2
Overview
• Structural Organization
• Methodology & Approach used
• The Systemic-Holistic Model
• Adherence to Research and Reporting Guidelines
• Summary and Conclusion
June 6, 2001 By: Respickius Casmir 3
Structural Organization
• Comprises of 6 Chapters
• Chapter 1: Problem, Idea & Approach
• Chapter 2: Thoughts & Background
• Chapter 3: Systemic-Holistic Model
• Chapter 4: Two Educational Programmes
• Chapter 5: Interdisciplinary & Holistic
• Chapter 6: Suggestions for further studies
June 6, 2001 By: Respickius Casmir 4
Structural Organization
The research Problem
• The Thesis attempts to discuss some of the problems associated with how to understand the concept of Security in relation to IT– A problem of language– Confidentiality, Integrity & Availability– Information vs Data– IT Security Criteria, etc
June 6, 2001 By: Respickius Casmir 5
Structural Organization
Study Rationale
The reason for undertaking this research was to try and find the best way to address or define the aspects of IT Security Centrally, hence to get rid of the confusions and Misunderstandings in grasping Security. Also to develop an Interdisciplinary IT Security Model
June 6, 2001 By: Respickius Casmir 6
Structural Organization
Hypothesis
“The subjective models produced through General Systems Theory and Cybernetics make students understand IT security banking problems, although their practical banking experiences are restricted to being customers”
June 6, 2001 By: Respickius Casmir 7
Structural Organization
The students, with theoretical and practical backgrounds from computing, business and libraries, used the concepts of general systems and Cybernetics to transform objective models into subjective models useful also for understanding problems involved with IT Security.
June 6, 2001 By: Respickius Casmir 8
Structural Organization
• She used “System” as an epistemological device to describe organisms as wholes, and showed that it could be generalised and applied to wholes of any kind
• Cybernetics is a philosophy and a science concerned with the control or regulation of information flow within and between systems, whether human or machine.
June 6, 2001 By: Respickius Casmir 9
Methodology & Approach used
Action-oriented and explorative approach
• The work included the design, implementation and evaluations of courses and programmes, their content and structure, theory, methodology and approach.
• It is both Qualitative & Quantitative
June 6, 2001 By: Respickius Casmir 10
The Systemic-Holistic Model
• In 1970’s Computer Science and Law took initiative to regulate the development, use, operation, and management of safe and secure IT structures
June 6, 2001 By: Respickius Casmir 11
The Systemic-Holistic Model
• Although both areas were driven by the technical developments and the new applications made, developments of regulatory and protective measurements and mechanisms were initially conducted in parallel, rather than interactively, between computer science and law.
June 6, 2001 By: Respickius Casmir 12
The Systemic-Holistic Model
The model relies on three main building blocks:
• General Systems Theory including Cybernetics (Ontological & Epistemological)
• Soft System Methodology (Engineering or hard systems thinking & Systemic or Soft systems thinking) - Problems Solved by systematic methods & Systemic methods respectively
• General Living Systems Theory (Ontological entity)
June 6, 2001 By: Respickius Casmir 13
The Systemic-Holistic Model
Context Orientation (geographical/space and time bound “system point”
Level of abstraction (Design/architecture, Theory/model, Physical construction
Content subject areas (Technical and Non-technical aspects)
Fig. 1: Overview of the framework and methodology for Security Informatics - the Systemic-Holistic Model
Systemic Module-an epistemological device-meta-science-criteria for control
June 6, 2001 By: Respickius Casmir 14
The Systemic-Holistic Model
Information Security
Administrative(Procedural security)
IT Security
ADP(Computer security)
Communications security
Fig. 2: The Definition of Information Security [ITS 1994, p. 7]
June 6, 2001 By: Respickius Casmir 15
The Systemic-Holistic Model
An interdisciplinary area encompassing theories and methods for secure handling of information within organizations or technical systems. The area also contains the use of information technology as means for security and safety in social, socio-technical, and technical environments [ITS 1994, p. 14] Security Informatics was defined
as:
June 6, 2001 By: Respickius Casmir 16
The Systemic-Holistic Model
Schoderbek defined the concept “System” as
“A set of objects together with relationships between the objects and between their attributes related to each other and to their environment so as to form a whole”
[Schoderbek et al. 1990 p. 13]
June 6, 2001 By: Respickius Casmir 17
The Systemic-Holistic Model
Inputs Processes Outputs
Feedback Controls
To Environment and other Systems
System’s boundary
Fig. 3: An open system [Schoderbek et al. 1990 p. 25]
June 6, 2001 By: Respickius Casmir 18
Adherence to Research and Reporting Guidelines
The author has adhered to the research and reporting guidelines in that:
• Clearly defined a problem
• Stated the hypothesis
• Stated the research rationale
• Chapters well organized
• Simple and understandable language
June 6, 2001 By: Respickius Casmir 19
Adherence to Research and Reporting Guidelines
• Defined all key terminology
• Evidence communicated Visually– Tables– Charts– Graphs, and– Figures
June 6, 2001 By: Respickius Casmir 20
Summary and Conclusion
• The Model is based on Cybernetics and general systems theories
• It consists of a framework & epistemology Taken together they are called the “Systemic-Holistic Model.
• When in use, it is called the “Systemic-Holistic Approach”
June 6, 2001 By: Respickius Casmir 21
End of Presentation
Thank you all!