This report was made for the company HordaGruppen AB to investigate how information security was handled. This report fits in the Master program of Internet Technology at School of Engineering in Jönköping University in Sweden.The question at issue was how you protect your information against different threats. One question was how to make an information security policy and which guidelines you can follow in the Swedish Standard, SS-ISO/IEC 17799:2000.Another question was to investigate the information sources at the company and which threats there are against it.The work begins with a presentation about information security for the chief of information and the chief of quality in the company. The next thing was to do a survey of as thing are at present with a tool from Länsteknikcentrum called ?Infosäkpulsen?.

The ISO standard ISO/IEC 17799/SS-627799-2 is a guidance for organizations to realize their information security goals. In spite of this standard, studies show flaws regarding information security in organizations. In particular flaws regarding overall view, knowledge and clear roles and responsibilities have been observed. The ISIT (Information Security Integrated Three level) model and its guidelines, developed in this thesis, help organizations to identify the required processes and procedures as well as the logical process flow. The thesis is based on theoretical studies and a case study within a multinational company.

The ISO standard ISO/IEC 17799/SS-627799-2 is a guidance for organizations to realize their information security goals. In spite of this standard, studies show flaws regarding information security in organizations. In particular flaws regarding overall view, knowledge and clear roles and responsibilities have been observed. The ISIT (Information Security Integrated Three level) model and its guidelines, developed in this thesis, help organizations to identify the required processes and procedures as well as the logical process flow. The thesis is based on theoretical studies and a case study within a multinational company.

This thesis investigates how Ericsson AB should do to achieve fast and secure handover when roaming in a WLAN. It also provides a security analysis of the system that the wireless access point is part of. The reason for this is that Ericsson is selling an access point called the ABS 2200 aimed at the public hotspot market. The premise was that they wanted a standardized way of handling the roaming issue. At the outset the 802.11F standard looked like a good alternative (in fact the only standardized alternative).

This paper aims to find out how to implement an information security management (ISMS) system that is based on ISO/IEC 27001-standard into a small organization with high employee turnover. The standard employs the PDCA-method as a course of action for implementing the standard. The reason for implementing such a system is to introduce information security to the organization and to maintain it despite the changes in management. The paper based it?s survey on a case study of a student nation in Uppsala, Sweden.

In this essay I analyze the concepts security and security policy from a critical, feministic point of view. The traditional way of thinking security is state-centred and narrow with its military oriented threatening pictures and solutions.I advocate that the two concepts need a more feministic and holistic approach to be able to cope with the threats of our time and include the security for women explicitly.To suggest how this can be done I introduce a model; security-sphere, which should be seen as a way to constructively connect my objections to the existing research with a new approach to security problems. The security-sphere is based on two analytical parts; the private security sub-sphere and the public security sub-sphere, in order to make new images of security problems visible.It is a fact that most of the threats against women specifically, take place in the private sphere where no traditional analytical tools reach in - these threats have not been seen as 'real' security problems. My aim is therefore to integrate these issues into the agenda of security policy..

An ongoing concern within the Intellectual Technological world is the issue of security. There are severe consequences if someone without permission searches a computer for secret information that was left unlocked. In order to prevent this situation from occurring, rules about password lengths or employees bringing personal flash drives into the company should be created and followed.As Internet become a worldwide phenomenon, the use of information technology is growing more than ever. With more use and accessibility to Internet, new threats against companies have also emerged. This report brings up the main issues that a company needs to regulate today.The standard for regulations and proposals for IT-security comes in a document called ISO 17799 and very complicated for those who are not experts in the field.

This bachelor thesis looks at developers knowledge about web security both regarding their own view on their knowledge and their actual knowledge about vulnerabilities and how you mitigate against them. Web developers knowledge regarding web security are becoming more and more important as more applications and services moves to the web and more and more items become connected to the internet. We are doing this by conducting a survey among developers that are currently studying in the field or are working in the field to get a grip on how the knowledge is regarding the most common security concepts. What we saw was that the result varies between the different concepts and many lack much of the knowledge in web security that is getting increasingly more important to have..

This bachelor thesis looks at developers knowledge about web security both regarding their own view on their knowledge and their actual knowledge about vulnerabilities and how you mitigate against them. Web developers knowledge regarding web security are becoming more and more important as more applications and services moves to the web and more and more items become connected to the internet. We are doing this by conducting a survey among developers that are currently studying in the field or are working in the field to get a grip on how the knowledge is regarding the most common security concepts. What we saw was that the result varies between the different concepts and many lack much of the knowledge in web security that is getting increasingly more important to have..

ABSTRACTThe aim of this study is to analyse if the UN today constructs the water issue as a security issue and to argue about in which way the organization in that case does so alternatively why it can be said that the UN doesn?t construct the water issue as a security issue.In order to reach this purpose the following questions will be answered:?Does the UN construct the water issue as a security issue today?-If yes, in which way?-If no, why can it be said that the organisation doesn?t?The methods used are qualitative literature studies of policy documents on water from the UN. The focus is to analyze the ideas about water and to apply my theory on the concept of security, which is Barry Buzan?s framework on security, to these ideas.The main results showed that the UN strongly constructs the water issue as an environmental security issue for environments and species and in relatively strong terms also constructs it as an environmental security issue for civilisations. In rare cases the organisation constructs it as a societal security issue, but the UN doesn?t construct the water issue as a military, political or economic security issue..

The emphasize of this study is to evaluate security issues for home users having a personal computer connected to the Internet. It focus on the usage of advantages and disadvantages when using a firewall while connected to the Internet. The hypothesis is that it gives a better protection to install and use a firewall compared not to do so, due to security flaws in the operating system. The prediction was tested on a home user's personal computer. The testwork was divided into two major tests, each of them performed with, respectively without, a firewall. These major tests were divided into five smaller semi­ tests. The first semi­test without a firewall suffered from a virus or worm attack resulting in loss of data and log files.

Big dangerous Russia, environmental thief or house warmer? The Nord Stream pipelines are a highly debated theme in Europe and the EU. A number of different countries will be subject to the pipelines direct or indirect. This paper aims to figure out what kind of threats and possibilities Denmark, Finland, Sweden and Germany consider to be the consequences with the pipelines.The study takes as a standpoint the area of security studies and the widened of the same. The three standpoints within the security study that will be used are military security, environmental security and energy security.

The emphasize of this study is to evaluate security issues for home users having a personal computer connected to the Internet. It focus on the usage of advantages and disadvantages when using a firewall while connected to the Internet. The hypothesis is that it gives a better protection to install and use a firewall compared not to do so, due to security flaws in the operating system. The prediction was tested on a home user's personal computer. The testwork was divided into two major tests, each of them performed with, respectively without, a firewall.

In this paper we examine what security is to the individual and how the individual creates and maintains security in their work. The purpose of this paper is to study how the creating of security in working life is performed. We conduct six semi-structured qualitative interviews with permanent employees in the private sector and we encode our material using thematic analysis. We analyze our material and illustrate our problem area on the basis of Anthony Giddens's theory of ontological security and give examples of how security and creating of security is performed at the empirical field with previous studies in the research area. Our survey shows that security for the individual at work seems to be about having continuity in everyday life, financial stability, a permanent employment, a challenging and fun job and a family in good health and good living.

This thesis suggests an explanation for how it is possible for individuals living in an unsafe neighborhood to expressa highlevel of security. Araby is the district in Växjö municipality withthe highest level of insecurity. Within the district, there is acategory of individuals in security-measurements showing a high degree of security. Inhabitants living in house in Araby also seem to show a higher level of security than inhabitants in the same accommodation in other neighborhoods in the municipality.The study's purpose is to understand how individuals belonging to an unsafe neighborhood can experience a high degree of security.Qualitative data were collected from an observation in Araby and from interviews with individuals living in house in the district.Previous research has shown that security in the surrounding area depends on several factors, such as disorders, the degree of social control and personal opinions. Thestudy shows how a distinction to places and people in the district can explain the degree of security.