Publication:
Information Technology Security Handbook

cb
Academic Peer Review
Thumbnail Image
Files in English
English PDF (2.78 MB)
15,861 downloads
English Text (1.68 MB)
34,686 downloads
Published
2003
ISSN
Date
2013-08-12
Author(s)
Editor(s)
Abstract
Informational and Communication Technologies (ICT) plays a fundamental role for social and economic development. Similarly, it is recognized that there cannot be an effective use of ICT in the absence of a safe and trusted ICT environment. Thus, IT security plays a prime role in helping creating the environment needed to set the ground for implementing successful national ICT plans, e-Government or e-Commerce activities, as well as sectoral projects, such as, for example, in the areas of education, health, or finance. IT security is a complex topic and evolves almost as fast as technology does. The authors provide technology-independent best practices, as well as recommendations for particular IT environments. As technology evolves, the accompanying web site (www.infodev-security.net) will provide updates as appropriate, allowing for a constant dissemination of developments in the field of IT security. The book is composed of five parts, each of which can be read independently. After an introduction to general issues of IT security, the book addresses issues relevant specifically to individuals, small and medium organizations, government, and technical administrators. Although most of the research and publications on IT security comes from developed countries, the authors have attempted to provide practical guidance applicable anywhere and to include examples from developing countries.
Link to Data Set
Citation
Sadowsky, George; Dempsey, James X.; Greenberg, Alan; Mack, Barbara J.; Schwartz, Alan. 2003. Information Technology Security Handbook. © World Bank. http://hdl.handle.net/10986/15005 License: CC BY 3.0 IGO.
URI
https://hdl.handle.net/10986/15005
Associated URLs
Associated content
Report Series
Other publications in this report series
Journal
Journal Volume
Journal Issue
Citations
Collections
Other manuals

Related items

Showing items related by metadata.

  • Publication
    E-Development from Excitement to Effectiveness
    (Washington, DC: World Bank, 2005) Schware, Robert; Schware, Robert
    This volume examines a wide range of issues related to e-development, with a focus on the requirements and realities of using ICTs to advance development goals. The report does not attempt to present a comprehensive overview of e-development. Rather, it highlights key issues that have immediate relevance to policy makers in developing nations who make decisions on investments and development goals. It highlights two issues in particular, e-government and e-education, because ICT applications in these areas can lead to significant development outcomes and can also be successfully deployed through public-private partnerships, leveraging limited government funding to achieve greater impact.
  • Publication
    The Private Sector and the Internet
    (World Bank, Washington, DC, 1997-07) Braga, Carlos A. Primo; Fink, Carsten
    The authors look at the rise of the Internet as the main application behind the emerging global information infrastructure. Many now believe that the Internet provides a window into a future in which access to information will be independent of geographic location and interactivity in a multimedia environment will be ubiquitous. The authors review the need for a regulatory framework for the Internet in three critical areas: provision of backbone access, Internet service providers, and information services. They also explore the problem of the appropriability of content, discussing intellectual property rights in the digital era and other remedies to the cost recovery problem. For developing countries, however, the critical bottleneck is still their weak information infrastructure.
  • Publication
    Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers
    (World Bank, Washington, DC, 2004-12) Asian Development Bank; Inter-American Development Bank; World Bank
    The concept of authentication has been around for a long time in many forms. For example due diligence in commerce has traditionally been formalized to determine whether the data presented in commercial propositions are accurate and comprehensive. With the emergence of e-commerce the concept of authentication has encompassed new realities that are a feature of the relatively narrow avenues for information and potentially high risks inherent in an online environment. This paper seeks to provide an understanding about the different ways of assuring authentication. These authentication rules and tools including for example public key infrastructure (PKI) are sometimes meant to set a legal and technological framework for trustworthy electronic transactions, promoting e-procurement, e-commerce, e-business, and e-government. The two considerations of business risk and legal validity are both intrinsic to the concept of authentication. This report explores the issues and solutions affecting the concept of authentication in terms of legislation, management and technology. This report finds that for online authentication things is not always what they may seem and that legislation and technology alone cannot build a trust environment and, if misunderstood, may produce a high risk illusion. It is crucial that the limitations and fallibility of the technology be explicit in its commercial applications and that business risks be managed accordingly.
  • Publication
    Electronic Safety and Soundness : Securing Finance in a New Age
    (Washington, DC: World Bank, 2004-02) Glaessner, Thomas C.; Kellermann, Tom; McNevin, Valerie
    This monograph and its technical annexes identify and discuss four key pillars that are necessary to foster a secure electronic environment and the safety and soundness of financial systems worldwide. Hence, it is intended for those formulating policies in the area of electronic security and those working with financial services providers (such as executives and management). The detailed annexes of this monograph are relevant for chief information and security officers and others who are responsible for securing network systems. First, the monograph defines electronic finance (e-finance) and electronic security (e-security) and explains why these areas require attention. Next, it presents a picture of the emerging global security industry. Then, it develops a risk management framework to assist policymakers and practitioners in understanding the tradeoffs and risks inherent in using an open network infrastructure. It also provides examples of tradeoffs that may arise with respect to technological innovations, privacy, quality of service, and security in the design of an e-security policy framework. Finally, it outlines issues in four critical and interrelated areas that require attention in the building of an adequate e-security infrastructure. These are: (i) the legal, regulatory, and enforcement framework; (ii) external monitoring of e-security practices; (iii) public-private sector cooperation; and (iv) the business case for practicing layered e-security that will improve internal monitoring.
  • Publication
    Republic of Tunisia : Information and Communications Technology Contribution to Growth and Employment Generation, Volume 2. Technical Report
    (Washington, DC, 2002-03) World Bank
    This policy note is the first of two volumes, drafted in conjunction with a more detailed technical report. It was prepared in response to a request by the Government of Tunisia for Bank assistance to formulate an ICT development strategy, in accordance with the targets set in the Government of Tunisia's 10th development plan. The policy note highlights current constraints to ICT sector development and proposes measures to eliminate them. It should be read in conjunction with the broader strategy report (volume two: technical report), which contains complementary data and technical information. The Government objectives were conveyed to the World Bank team in May 2001. The strategy is aimed at bolstering the country's emerging ICT sector and maximizing its ability to compete in local, regional, and global markets. In this context, the major objectives of the ICT strategy are to: (a) maximize the ICT contribution to growth and employment generation; (b) position Tunisia in the global ICT market; and (c) integrate ICT into the Tunisian economy. Indirect issues of the ICT impact on productivity and competitiveness are marginally treated in this note. The report compares the state of ICT development in Tunisia that of other economies, taking into account Tunisia's relative strengths and weaknesses in developing a competitive and robust ICT industry. The report outlines the pillars of a strategy and specifies measures to be implemented by the Government, the private sector, and other stakeholders.

Users also downloaded

Showing related downloaded files

  • Publication
    Financial Inclusion
    (World Bank, Washington, DC, 2023-08-28) Independent Evaluation Group
    This evaluation explores how and with what effect the World Bank Group has supported financial inclusion for the microenterprises, poor households, women, and other excluded groups. Financial inclusion is defined as the use of financial services by individuals and firms. It encompasses financial access—owning an account—and the use of financial services. There has been an impressive growth in account ownership globally, from 55% of adults in 2014 to 71% in 2021, although usage is more limited as some accounts are inactive. Critically, both financial access and the use of financial services remain major challenges for microenterprises, poor households, women, and other excluded groups. The objective of the evaluation is to assess whether the Bank Group has been doing the right things and whether it has been doing things right on financial inclusion. The evaluation captures lessons from the World Bank’s experience supporting financial inclusion for microenterprises, poor households, women, and other excluded groups and updates a 2015 financial inclusion evaluation. The evaluation includes a retrospective look at the drive for universal financial access and examines progress and challenges in women’s access to financial services. The evaluation also assesses the Bank Group’s support for digital financial services as vehicles for financial inclusion. Finally, the report examines the World Bank’s response to COVID-19 as it relates to financial inclusion. The evaluation proposes three recommendations: (i) The World Bank and IFC should further encourage account use by underserved groups, including women and rural poor people, and emphasize this more in their strategies and projects. (ii) The World Bank and IFC should design and implement more comprehensive approaches that address constraints in the enabling environment for DFS to reach underserved and excluded groups. (iii) To enhance learning on what works to increase the beneficial use of financial services at the MPWEG, the World Bank and IFC should collect outcome data across different underserved and excluded groups, initially on a pilot basis.
  • Publication
    Ensuring Quality to Gain Access to Global Markets
    (Washington, DC: World Bank; Braunschweig, Germany: Physikalisch-Technische Bundesanstalt, 2019-03-12) Kellermann, Martin
    In a modern world with rapidly growing international trade, countries compete less on the availability of natural resources, geographical advantages, and lower labor costs and more on factors related to a firm’s ability to enter and compete in new markets. One such factor is the ability to demonstrate the quality and safety of goods and services expected by consumers and to confirm compliance with international standards. To ensure such compliance, a sound quality infrastructure (QI) ecosystem is essential. Jointly developed by the World Bank Group and the National Metrology Institute of Germany, Ensuring Quality to Gain Access to Global Markets: A Reform Toolkit is designed to help development partners and governments analyze a country’s QI ecosystem, provide recommendations to design and implement reforms, and enhance the capacity of QI institutions. The toolkit’s 12 modules provide a systematic, holistic knowledge resource—supported by practical case studies and examples—for QI diagnostics, reform interventions and approaches, and monitoring and evaluation. Related diagnostic tools are also available online at http://www.worldbank.org/qi and https://www.ptb.de/qitoolkit.
  • Publication
    Sovereign Debt and the Financial Crisis : Will This Time Be Different?
    (World Bank, 2011) Primo Braga, Carlos A.; Vincelette, Gallina A.
    The financial crisis of 2008 has rekindled interest in sovereign debt crises among policy makers and scholars. History shows that lending booms typically end in busts, with the beneficiaries of debt in the upswing often forced to default or reschedule their debts in the downswing (Sturzenegger and Zettelmeyer 2006). The impact of the first financial crisis of the 21st century on capital flows to developing countries and the signs of stress in debt markets of several European countries in the first half of 2010 raise the inevitable question, Are author about to witness a new generation of sovereign debt crises? This book addresses this question. It adopts an integrated approach by drawing on both theoretical research and experience from professionals involved in technical assistance in this area. It documents recent improvements in macroeconomic policies and debt management practices, which to a large extent explain the resilience of developing and emerging economies, and identifies challenges ahead and areas that require special attention from policy makers.
  • Publication
    Growing Old in an Older Brazil : Implications of Population Ageing on Growth, Poverty, Public Finance, and Service Delivery
    (World Bank, 2011-09-07) Jorgensen, Ole Hagen; Gragnolati, Michele; Rocha, Romero; Fruttero, Anna
    This chapter introduces the main issues associated with population aging, many of which will be investigated in detail throughout the volume. The next section describes the demographic transformation that Brazil has been experiencing and highlights its specific features, including a very rapid population aging process in the next few decades. Then the main economic framework behind this work, the life cycle theory according to which individuals' economic behavior varies according to their age, is discussed. The section after that introduces the first and second demographic dividends associated with the changing population age structure that accompanies the demographic transition of any country. Next covered is how poverty is linked to the life cycle in Brazil and the role of public transfers in reducing poverty among different age groups, followed by an investigation of how public expenditures vary across age groups and generations and what makes Brazil distinct from comparable OECD (Organization for Economic Co-operation and Development) and Latin American countries. Concluding the chapter are the main findings of the report.
  • Publication
    Promoting Social Cohesion through Education : Case Studies and Tools for Using Textbooks and Curricula
    (Washington, DC: World Bank, 2006) Roberts-Schweitzer, Eluned; Greaney, Vincent; Duer, Kreszentia
    Since 2003, the Civic Engagement, Empowerment, and Respect for Diversity (CEERD) program of the World Bank Institute has included a program on Education and Respect for Diversity. The program consists of a series of initiatives to promote tolerance and respect for diversity through curriculum and textbook reform and pre- and in-service teacher training. To date it has focused on ways in which Bank-financed programs can help education systems to address the needs of all students and to promote social cohesion. Activities have included information dissemination, through workshops and papers, as well as financing for pilot programs in Colombia, the Lao People's Democratic Republic, Nigeria, Romania, and Sri Lanka. These pilots are designed to put in place strategies that can be scaled up either in the pilot country or in other programs.