lnu.sePublications
Change search
Refine search result
1 - 13 of 13
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Magnusson, Lars
    Linnaeus University, Faculty of Technology, Department of Informatics.
    12.3 Informationssäkerhet på 2010-talet2013In: Bonniers IT-managementhandbok / [ed] Tord Schultz, Lars Hornborg, Eva Fredriksson, Stockholm: Bonnier, 2013, 10Chapter in book (Other (popular science, discussion, etc.))
    Abstract [en]

    This article goes through the information security challenges we face in the 2010s, both technically and from a process perspective. Among other things, the importance of audits and regulations is described as well as how to build a security policy.

  • 2. Magnusson, Lars
    A Call for Best-Practice Framework2011In: ISC2 InfoSecurity Professional Magazine, Vol. 2, no 14, p. 32-32Article in journal (Other (popular science, discussion, etc.))
    Abstract [en]

    A discussion piece within (ISC)2 community regarding variation in auditor security configuration standards. Discussing how to conform to a wider standard, so what was approved by one auditor group is not conforming to another auditing group. 

  • 3.
    Magnusson, Lars
    CISSP, Trollhättan, Sweden.
    A New Authentication Paradigm?2012In: ISC2 InfoSecurity Professional Magazine, ISSN -, Vol. 3, no 17, p. 24-24Article in journal (Refereed)
    Abstract [en]

    A discussion piece regarding early 2010 woes and concerns about authentication of cloud service users and the information security aspects of that.  Includes a perspective of authentication  in the view of AT&T Plan 9 Factorum security service. 

  • 4.
    Magnusson, Lars
    Linnaeus University, Faculty of Technology, Department of Informatics.
    Accesskontroll som nyckel till bättre IT-säkerhet2013In: Bonniers IT-managementhandbok / [ed] Tord Schultz, Lars Hornborg, Eva Fredriksson, Stockholm: Bonnier, 2013, 10Chapter in book (Other (popular science, discussion, etc.))
    Abstract [en]

    Modern IT places higher demands on access/authentication processes. This article discusses these in relation to HR's responsibility to signal changes in employment.

  • 5. Magnusson, Lars
    An Internal Gate for a Local Email System1995In: Sys Admin Magazine - The Journal for UNIX Systems Administrators, ISSN 1061-2688, Vol. V4, no 1Article in journal (Other (popular science, discussion, etc.))
    Abstract [en]

    Description of a lightweight solution in connecting pre-1998 MS Mail to Internet 

  • 6. Magnusson, Lars
    Customizing Sendmail1997In: Sys Admin Magazine - The Journal for UNIX Systems Administrators, ISSN 1061-2688, Vol. 7, no 3, p. 61-Article in journal (Other (popular science, discussion, etc.))
    Abstract [en]

    The article discusses some more unique ways to configure Unix mail system, Sendmail.  It includes how to cover up pre-1998 MS Mail addresses as well as Memo and X.400 addresses.

  • 7.
    Magnusson, Lars
    Linnaeus University, Faculty of Technology, Department of Informatics.
    HR Access: a key to better InfoSecurity2013In: ISC2 InfoSecurity Professional Magazine, ISSN -, Vol. 4, no 22, p. 23-23Article in journal (Other (popular science, discussion, etc.))
    Abstract [en]

    As seen in virtually all IT audits, the auditors find active accounts connected to people retired, that left the organization or simply change jobs. Accounts that should be closed. THise article is a discussion about forcing the HR department to give IT better signals of personnel changes, so IT does not need to rely on personal knowledge.  The issue is a key US SOX finding and will be an EU GDPR key finding in GDPR audits.

  • 8. Magnusson, Lars
    Local News: Exploring Web-based Threaded Discussion Server Functionality1996In: Sys Admin Magazine - The Journal for UNIX Systems Administrators, ISSN 1061-2688, Vol. 5, no 10Article in journal (Other (popular science, discussion, etc.))
    Abstract [en]

    A small-scale solution of a threaded web-based bulletin board, using sendmail and a mailbox as FIFO queuer 

  • 9.
    Magnusson, Lars
    et al.
    Linnaeus University, Faculty of Technology, Department of Informatics.
    Elm, Patrik
    Linnaeus University, Faculty of Technology, Department of Informatics.
    Mirijamdotter, Anita
    Linnaeus University, Faculty of Technology, Department of Informatics.
    On System Thinking and Information Security2019In: The OR Society Annual Conference OR61, 3-5 September 2019, Sibson Building, Kent University: Conference Handbook, The Operational Research Society , 2019, p. 161-162, article id OR61A151Conference paper (Refereed)
    Abstract [en]

    Security problems we have to deal with today regarding Internet are created by ourselves. Internet, initially created to handle US Government data traffic, evolved to become communication between different research institutes. The protocols that were used had no security at all. Today we still use this network to almost everything and the complexity has grown tremendously. Compared to when the network initially was created, we now try to protect assets rather than just communicate, divide users according to permission and accessibility, and deal with privacy issues. Basically, everything is depending on the network that initially was created with no security.

    Privacy has been a critical security aspect for the EU, but with the event of the GDPR privacy is both a legal aspect and an auditable ICT concept. GDPR includes topics like: owning your own data, independent of who collected it and where it is stored, and; the right to be forgotten. Each data collector also needs to have a complete data-flow map, describing any privacy data sets in a flow, to make these traceable and ready for audit inspection. Any organization handling EU residents’ data, needs to adhere to proactive Information Security processes. 

    GDPR is based on the principles of Governance, Risk, and Compliance. It is not a purely legal construct; it is a management and strategy issue, not an IT issue. Further examples relate to cloud services with distributed resources, which illustrate the complex problem situation.

    There is a need for a new perspective, moving from systems management to data flow management. We propose a systemic model which illustrate processes and flows within a fractal structure; we build on Beer’s Viable System Model. Such a model enables mapping of complexity and data flows and provide a tool for auditing and, thus, enable meeting the requirements of GDPR.

  • 10.
    Magnusson, Lars
    et al.
    Linnaeus University, Faculty of Technology, Department of Informatics. Tieto Public.
    Elm, Patrik
    Linnaeus University, Faculty of Technology, Department of Informatics.
    Mirijamdotter, Anita
    Linnaeus University, Faculty of Technology, Department of Informatics.
    Towards Secure Data Flow Oriented Multi-Vendor IT Governance Models2017In: UBT 6th Annual International Conference 2017: Leadership and Innovation / [ed] Hajrizi, E., 2017, p. 163-163Conference paper (Refereed)
    Abstract [en]

    Today, still, ICT Governance is being regarded as a departmental concern, not an overall organizational concern. History has shown us that implementation strategies, which are based on departments, results in fractional implementations leading to ad hoc solutions with no central control and stagnation for the in-house ICT strategy. Further, this recently has created an opinion trend; many are talking about the ICT department as being redundant, a dying out breed, which should be replaced by on-demand specialized external services. Clearly, the evermore changing surroundings do force organizations to accelerate the pace of new adaptations within their ICTplans, more vivacious than most organizations currently is able to. This leads to that ICT departments tend to be reactive rather than acting proactively and take the lead in the increased transformation pace in which organizations find themselves. Simultaneously, the monolithic systems of the 1980ies/1990ies is often very dominating in an organization, consume too much of the yearly IT budget, leaving healthy system development behind. These systems were designed before data became an organizational all-encompassing resource; the systems were designed more or less in isolation in regards to the surrounding environment. These solutions make data sharing costly and not at all optimal. Additionally, in strives to adapt to the organization’s evolution, the initial architecture has become disrupted and built up in shreds. Adding to this, on May 25, 2018, an upgraded EU Privacy Regulation on General Data Protection Regulation (GDPR) will be activated. This upgraded privacy regulation includes a substantial strengthening of 1994’s data privacy regulation, which will profoundly affect EU organizations. This regulation will, among other things, limit the right to collect and process personal data and will give the data subject all rights to his/her data sets, independentof where this data is/has been collected and by whom. Such regulation force data collecting and processingorganizations to have total control over any personal data collected and processed. This includes detailedunderstanding of data flows, including who did what and when and under who’s authorization, and how data istransported and stored. Concerning data/information flows, maps are a mandatory part of the system documentation. Thisencompasses all systems, including outsourced such as cloud services.Hence, individual departments cannot any longer claim they “own” data. Further, since mid-2000, we have seen aglobal inter-organizational data integration, independent of organizations, public or private. If this integration ceasesto exist, the result will be a threat to the survival of the organization. Additionally, if the organization fails to providea transparent documentation according to the GDPR, substantial economic risk is at stake. So, the discussion aboutthe ICT departments’ demise is inapt. Anyorganizational change will require costly and time-consuming ICTdevelopment efforts to adapt to the legislation of today’s situation. Further, since data nowadays is interconnectedand transformed at all levels, interacting at multiple intersections all over the organization, and becoming a unifiedbase of all operative decisions, an ICT governance model for the organization is require

  • 11.
    Magnusson, Lars
    et al.
    Linnaeus University, Faculty of Technology, Department of Informatics. Tieto Public.
    Elm, Patrik
    Linnaeus University, Faculty of Technology, Department of Informatics.
    Mirijamdotter, Anita
    Linnaeus University, Faculty of Technology, Department of Informatics.
    Towards secure data flow oriented multi-vendor IT governance models2018In: International Journal of Business and Technology, ISSN 2223-8387, Vol. 6, no 3, p. 1-9, article id 8Article in journal (Refereed)
    Abstract [en]

    Today, still, ICT Governance is being regarded as a departmental concern, not an overall organizational concern. History has shown us that implementation strategies, which are based on departments, results in fractional implementations leading to ad hoc solutions with no central control and stagnation for the in-house ICT strategy. Further, this recently has created an opinion trend; many are talking about the ICT department as being redundant, a dying out breed, which should be replaced by on-demand specialized external services. Clearly, the evermore changing surroundings do force organizations to accelerate the pace of new adaptations within their ICT plans, more vivacious than most organizations currently is able to. This leads to that ICT departments tend to be reactive rather than acting proactively and take the lead in the increased transformation pace in which organizations find themselves. Simultaneously, the monolithic systems of the 1980ies/1990ies is often very dominating in an organization, consume too much of the yearly IT budget, leaving healthy system development behind. These systems were designed before data became an organizational all-encompassing resource; the systems were designed more or less in isolation in regards to the surrounding environment. These solutions make data sharing costly and not at all optimal. Additionally, in strives to adapt to the organization’s evolution, the initial architecture has become disrupted and built up in shreds. Adding to this, on May 25, 2018, an upgraded EU Privacy Regulation on General Data Protection Regulation (GDPR) will be activated. This upgraded privacy regulation includes a substantial strengthening of 1994’s data privacy regulation, which will profoundly affect EU organizations. This regulation will, among other things, limit the right to collect and process personal data and will give the data subject all rights to his/her data sets, independentof where this data is/has been collected and by whom. Such regulation force data collecting and processingorganizations to have total control over any personal data collected and processed. This includes detailedunderstanding of data flows, including who did what and when and under who’s authorization, and how data istransported and stored. Concerning data/information flows, maps are a mandatory part of the system documentation. This encompasses all systems, including outsourced such as cloud services. Hence, individual departments cannot any longer claim they “own” data. Further, since mid-2000, we have seen aglobal inter-organizational data integration, independent of organizations, public or private. If this integration ceasesto exist, the result will be a threat to the survival of the organization. Additionally, if the organization fails to providea transparent documentation according to the GDPR, substantial economic risk is at stake. So, the discussion aboutthe ICT departments’ demise is inapt. Any organizational change will require costly and time-consuming ICTdevelopment efforts to adapt to the legislation of today’s situation. Further, since data nowadays is interconnectedand transformed at all levels, interacting at multiple intersections all over the organization, and becoming a unifiedbase of all operative decisions, an ICT governance model for the organization is required.

  • 12.
    Magnusson, Lars
    et al.
    Linnaeus University, Faculty of Technology, Department of Informatics.
    Iqbal, Sarfraz
    Linnaeus University, Faculty of Technology, Department of Informatics.
    Implications of EU-GDPR in Low-Grade Social, Activist and NGO Settings2017In: Proceedings 6th UBT annual international conference, 27-29 ocktober, Durrës, Albania: International Conference on Computer Science and Communication Engineering & Information Systems and Security / [ed] Edmond Hajrizi, UBT , 2017, p. 91-97Conference paper (Refereed)
    Abstract [en]

    Social support services are becoming popular among the citizens of every country and every age. Though, social support services easily accessible on mobile phones are used in different contexts, ranging from extending your presence and connectivity to friends, family and colleagues to using social media services for being a social activist seeking to help individuals confined in miserable situations such as homeless community, drug addicts or even revolutionists fighting against dictatorships etc. However, a very recent development in the European Parliament’s law (2016/679) on the processing and free movement of personal data in terms of EU-GDPR (General data protection rules) considers the low funded social service development efforts unsafe. This article analyses a case study conducted at a shelter for homeless mothers in the United States to conceptualize the future similar development efforts from low end public activist groups within European union. This article aims to raise awareness on this issue and also puts forth a conceptual model to envision the possibilities of mitigating the risks attached to such development efforts under the light of EU-GDPR which will be implemented in may 2018.

  • 13.
    Magnusson, Lars
    et al.
    Linnaeus University, Faculty of Technology, Department of Informatics.
    Iqbal, Sarfraz
    Linnaeus University, Faculty of Technology, Department of Informatics.
    Implications of EU-GDPR in Low-Grade Social, Activist and NGO Settings2018In: International Journal of Business and Technology, E-ISSN 2223-8387, Vol. 6, no 3, p. 1-7, article id 7Article in journal (Refereed)
    Abstract [en]

    Social support services are becoming popular among the citizens of every country and every age. Though, social support services easily accessible on mobile phones are used in different contexts, ranging from extending your presence and connectivity to friends, family and colleagues to using social media services for being a social activist seeking to help individuals confined in miserable situations such as homeless community, drug addicts or even revolutionists fighting against dictatorships etc. However, a very recent development in the European Parliament’s law (2016/679) on the processing and free movement of personal data in terms of EU-GDPR (General data protection rules) considers the low funded social service development efforts unsafe. This article analyses a case study conducted at a shelter for homeless mothers in the United States to conceptualize the future similar development efforts from low end public activist groups within European union. This article aims to raise awareness on this issue and also puts forth a conceptual model to envision the possibilities of mitigating the risks attached to such development efforts under the light of EU-GDPR which will be implemented in may 2018.

1 - 13 of 13
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf