Title: Doctoral Thesis Title and Author
1Doctoral Thesis Title and Author
- A Systemic-Holistic Approach to Academic
Programmes In IT Security - Presented
- By
- Louise Yngström
- Stockholm University, October 1996
2Overview
- Structural Organization
- Methodology Approach used
- The Systemic-Holistic Model
- Adherence to Research and Reporting Guidelines
- Summary and Conclusion
3Structural Organization
- Comprises of 6 Chapters
- Chapter 1 Problem, Idea Approach
- Chapter 2 Thoughts Background
- Chapter 3 Systemic-Holistic Model
- Chapter 4 Two Educational Programmes
- Chapter 5 Interdisciplinary Holistic
- Chapter 6 Suggestions for further studies
4Structural Organization
- The research Problem
- The Thesis attempts to discuss some of the
problems associated with how to understand the
concept of Security in relation to IT - A problem of language
- Confidentiality, Integrity Availability
- Information vs Data
- IT Security Criteria, etc
5Structural Organization
- Study Rationale
- The reason for undertaking this research was to
try and find the best way to address or define
the aspects of IT Security Centrally, hence to
get rid of the confusions and Misunderstandings
in grasping Security. Also to develop an
Interdisciplinary IT Security Model
6Structural Organization
- Hypothesis
- The subjective models produced through General
Systems Theory and Cybernetics make students
understand IT security banking problems, although
their practical banking experiences are
restricted to being customers
7Structural Organization
- The students, with theoretical and practical
backgrounds from computing, business and
libraries, used the concepts of general systems
and Cybernetics to transform objective models
into subjective models useful also for
understanding problems involved with IT Security.
8Structural Organization
- She used System as an epistemological device to
describe organisms as wholes, and showed that it
could be generalised and applied to wholes of any
kind - Cybernetics is a philosophy and a science
concerned with the control or regulation of
information flow within and between systems,
whether human or machine.
9Methodology Approach used
- Action-oriented and explorative approach
- The work included the design, implementation and
evaluations of courses and programmes, their
content and structure, theory, methodology and
approach. - It is both Qualitative Quantitative
10The Systemic-Holistic Model
- In 1970s Computer Science and Law took
initiative to regulate the development, use,
operation, and management of safe and secure IT
structures
11The Systemic-Holistic Model
- Although both areas were driven by the technical
developments and the new applications made,
developments of regulatory and protective
measurements and mechanisms were initially
conducted in parallel, rather than interactively,
between computer science and law.
12The Systemic-Holistic Model
- The model relies on three main building blocks
- General Systems Theory including Cybernetics
(Ontological Epistemological) - Soft System Methodology (Engineering or hard
systems thinking Systemic or Soft systems
thinking) - Problems Solved by systematic methods
Systemic methods respectively - General Living Systems Theory (Ontological entity)
13The Systemic-Holistic Model
Systemic Module -an epistemological
device -meta-science -criteria for control
Level of abstraction (Design/architecture,
Theory/model, Physical construction
Context Orientation (geographical/space and time
bound system point
Content subject areas (Technical and
Non-technical aspects)
Fig. 1 Overview of the framework and methodology
for Security Informatics - the Systemic-Holistic
Model
14The Systemic-Holistic Model
Information Security
Administrative (Procedural security)
IT Security
ADP (Computer security)
Communications security
Fig. 2 The Definition of Information Security
ITS 1994, p. 7
15The Systemic-Holistic Model
- An interdisciplinary area encompassing theories
and methods for secure handling of information
within organizations or technical systems. The
area also contains the use of information
technology as means for security and safety in
social, socio-technical, and technical
environments ITS 1994, p. 14
Security Informatics was defined as
16The Systemic-Holistic Model
- Schoderbek defined the concept System as
- A set of objects together with relationships
between the objects and between their attributes
related to each other and to their environment so
as to form a whole - Schoderbek et al. 1990 p. 13
17The Systemic-Holistic Model
Inputs
Processes
Outputs
To Environment and other Systems
Feedback Controls
Systems boundary
Fig. 3 An open system Schoderbek et al. 1990 p.
25
18Adherence to Research and Reporting Guidelines
- The author has adhered to the research and
reporting guidelines in that - Clearly defined a problem
- Stated the hypothesis
- Stated the research rationale
- Chapters well organized
- Simple and understandable language
19Adherence to Research and Reporting Guidelines
- Defined all key terminology
- Evidence communicated Visually
- Tables
- Charts
- Graphs, and
- Figures
20Summary and Conclusion
- The Model is based on Cybernetics and general
systems theories - It consists of a framework epistemology Taken
together they are called the Systemic-Holistic
Model. - When in use, it is called the Systemic-Holistic
Approach
21End of Presentation