Publication:
Information Technology Security Handbook

cb
Academic Peer Review
Thumbnail Image
Files in English
English PDF (2.78 MB)
15,852 downloads
English Text (1.68 MB)
34,601 downloads
Date
2003
ISSN
Published
2003
Author(s)
Editor(s)
Abstract
Informational and Communication Technologies (ICT) plays a fundamental role for social and economic development. Similarly, it is recognized that there cannot be an effective use of ICT in the absence of a safe and trusted ICT environment. Thus, IT security plays a prime role in helping creating the environment needed to set the ground for implementing successful national ICT plans, e-Government or e-Commerce activities, as well as sectoral projects, such as, for example, in the areas of education, health, or finance. IT security is a complex topic and evolves almost as fast as technology does. The authors provide technology-independent best practices, as well as recommendations for particular IT environments. As technology evolves, the accompanying web site (www.infodev-security.net) will provide updates as appropriate, allowing for a constant dissemination of developments in the field of IT security. The book is composed of five parts, each of which can be read independently. After an introduction to general issues of IT security, the book addresses issues relevant specifically to individuals, small and medium organizations, government, and technical administrators. Although most of the research and publications on IT security comes from developed countries, the authors have attempted to provide practical guidance applicable anywhere and to include examples from developing countries.
Link to Data Set
Citation
Sadowsky, George; Dempsey, James X.; Greenberg, Alan; Mack, Barbara J.; Schwartz, Alan. 2003. Information Technology Security Handbook. © World Bank. http://hdl.handle.net/10986/15005 License: CC BY 3.0 IGO.
URI
https://hdl.handle.net/10986/15005
Associated URLs
Associated content
Report Series
Other publications in this report series
Journal
Journal Volume
Journal Issue
Citations
Collections
Other manuals

Related items

Showing items related by metadata.

  • Publication
    E-Development from Excitement to Effectiveness
    (Washington, DC: World Bank, 2005) Schware, Robert; Schware, Robert
    This volume examines a wide range of issues related to e-development, with a focus on the requirements and realities of using ICTs to advance development goals. The report does not attempt to present a comprehensive overview of e-development. Rather, it highlights key issues that have immediate relevance to policy makers in developing nations who make decisions on investments and development goals. It highlights two issues in particular, e-government and e-education, because ICT applications in these areas can lead to significant development outcomes and can also be successfully deployed through public-private partnerships, leveraging limited government funding to achieve greater impact.
  • Publication
    The Private Sector and the Internet
    (World Bank, Washington, DC, 1997-07) Braga, Carlos A. Primo; Fink, Carsten
    The authors look at the rise of the Internet as the main application behind the emerging global information infrastructure. Many now believe that the Internet provides a window into a future in which access to information will be independent of geographic location and interactivity in a multimedia environment will be ubiquitous. The authors review the need for a regulatory framework for the Internet in three critical areas: provision of backbone access, Internet service providers, and information services. They also explore the problem of the appropriability of content, discussing intellectual property rights in the digital era and other remedies to the cost recovery problem. For developing countries, however, the critical bottleneck is still their weak information infrastructure.
  • Publication
    Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers
    (World Bank, Washington, DC, 2004-12) Asian Development Bank; Inter-American Development Bank; World Bank
    The concept of authentication has been around for a long time in many forms. For example due diligence in commerce has traditionally been formalized to determine whether the data presented in commercial propositions are accurate and comprehensive. With the emergence of e-commerce the concept of authentication has encompassed new realities that are a feature of the relatively narrow avenues for information and potentially high risks inherent in an online environment. This paper seeks to provide an understanding about the different ways of assuring authentication. These authentication rules and tools including for example public key infrastructure (PKI) are sometimes meant to set a legal and technological framework for trustworthy electronic transactions, promoting e-procurement, e-commerce, e-business, and e-government. The two considerations of business risk and legal validity are both intrinsic to the concept of authentication. This report explores the issues and solutions affecting the concept of authentication in terms of legislation, management and technology. This report finds that for online authentication things is not always what they may seem and that legislation and technology alone cannot build a trust environment and, if misunderstood, may produce a high risk illusion. It is crucial that the limitations and fallibility of the technology be explicit in its commercial applications and that business risks be managed accordingly.
  • Publication
    Electronic Safety and Soundness : Securing Finance in a New Age
    (Washington, DC: World Bank, 2004-02) Glaessner, Thomas C.; Kellermann, Tom; McNevin, Valerie
    This monograph and its technical annexes identify and discuss four key pillars that are necessary to foster a secure electronic environment and the safety and soundness of financial systems worldwide. Hence, it is intended for those formulating policies in the area of electronic security and those working with financial services providers (such as executives and management). The detailed annexes of this monograph are relevant for chief information and security officers and others who are responsible for securing network systems. First, the monograph defines electronic finance (e-finance) and electronic security (e-security) and explains why these areas require attention. Next, it presents a picture of the emerging global security industry. Then, it develops a risk management framework to assist policymakers and practitioners in understanding the tradeoffs and risks inherent in using an open network infrastructure. It also provides examples of tradeoffs that may arise with respect to technological innovations, privacy, quality of service, and security in the design of an e-security policy framework. Finally, it outlines issues in four critical and interrelated areas that require attention in the building of an adequate e-security infrastructure. These are: (i) the legal, regulatory, and enforcement framework; (ii) external monitoring of e-security practices; (iii) public-private sector cooperation; and (iv) the business case for practicing layered e-security that will improve internal monitoring.
  • Publication
    Republic of Tunisia : Information and Communications Technology Contribution to Growth and Employment Generation, Volume 2. Technical Report
    (Washington, DC, 2002-03) World Bank
    This policy note is the first of two volumes, drafted in conjunction with a more detailed technical report. It was prepared in response to a request by the Government of Tunisia for Bank assistance to formulate an ICT development strategy, in accordance with the targets set in the Government of Tunisia's 10th development plan. The policy note highlights current constraints to ICT sector development and proposes measures to eliminate them. It should be read in conjunction with the broader strategy report (volume two: technical report), which contains complementary data and technical information. The Government objectives were conveyed to the World Bank team in May 2001. The strategy is aimed at bolstering the country's emerging ICT sector and maximizing its ability to compete in local, regional, and global markets. In this context, the major objectives of the ICT strategy are to: (a) maximize the ICT contribution to growth and employment generation; (b) position Tunisia in the global ICT market; and (c) integrate ICT into the Tunisian economy. Indirect issues of the ICT impact on productivity and competitiveness are marginally treated in this note. The report compares the state of ICT development in Tunisia that of other economies, taking into account Tunisia's relative strengths and weaknesses in developing a competitive and robust ICT industry. The report outlines the pillars of a strategy and specifies measures to be implemented by the Government, the private sector, and other stakeholders.

Users also downloaded

Showing related downloaded files

  • Publication
    Sewing Success? Employment, Wages, and Poverty following the End of the Multi-Fibre Arrangement
    (Washington, DC: World Bank, 2012-03-14) Lopez-Acevedo, Gladys; Robertson, Raymond; Lopez-Acevedo, Gladys; Robertson, Raymond
    The global textile and apparel sector is critically important as an early phase in industrialization for many developing countries and as a provider of employment opportunities to thousands of low-income workers, many of them women. The goal of this book is to explore how the lifting of the Multi-fibre Arrangement/ Agreement on Textiles and Clothing (MFA/ATC) quotas has affected nine countries Bangladesh, Cambodia, Honduras, India, Mexico, Morocco, Pakistan, Sri Lanka, and Vietnam with the broader aim of better understanding the links between globalization and poverty in the developing world. Analyzing how employment, wage premiums, and the structure of the apparel industry have changed after the MFA/ATC can generate important lessons for policy makers for economic development and poverty reduction. This book uses in-depth country case studies as the broad methodological approach. In-depth country studies are important because countries are idiosyncratic: differences in regulatory context, history, location, trade relationships, and policies shape both the apparel sector and how the apparel sector changed after the end of the MFA. In-depth country studies place broader empirical work in context and strengthen the conclusions. The countries in this book were chosen because they represent the diversity of global apparel production, including differences across regions, income levels, trade relationships, and policies. The countries occupy different places in the global value chain that now characterizes apparel production. Not surprisingly, the countries studied in this book represent the diversity of post-MFA experiences. This book highlights four key findings: The first is that employment and export patterns after the MFA/ATC did not necessarily match predictions. This book shows that only about a third of the variation in cross-country changes in exports is explained by wage differences. While wage differences explain some of the production shifts, domestic policies targeting the apparel sector, ownership type, and functional upgrading of the industry also played an important role. Second, changes in exports are usually, but not always, good indicators of what happens to wages and employment. While rising apparel exports correlated with rising wages and employment in the large Asian countries, rising exports coincided with falling employment in Sri Lanka. Third, this book identifies the specific ways that changes in the global apparel market affected worker earnings, thus helping to explain impacts on poverty. Fourth, in terms of policies, the countries that had larger increases in apparel exports were those that promoted apparel sector upgrading; those that did not promote upgrading had smaller increases or even falling exports.
  • Publication
    Digital Progress and Trends Report 2023
    (Washington, DC: World Bank, 2024-03-05) World Bank
    Digitalization is the transformational opportunity of our time. The digital sector has become a powerhouse of innovation, economic growth, and job creation. Value added in the IT services sector grew at 8 percent annually during 2000–22, nearly twice as fast as the global economy. Employment growth in IT services reached 7 percent annually, six times higher than total employment growth. The diffusion and adoption of digital technologies are just as critical as their invention. Digital uptake has accelerated since the COVID-19 pandemic, with 1.5 billion new internet users added from 2018 to 2022. The share of firms investing in digital solutions around the world has more than doubled from 2020 to 2022. Low-income countries, vulnerable populations, and small firms, however, have been falling behind, while transformative digital innovations such as artificial intelligence (AI) have been accelerating in higher-income countries. Although more than 90 percent of the population in high-income countries was online in 2022, only one in four people in low-income countries used the internet, and the speed of their connection was typically only a small fraction of that in wealthier countries. As businesses in technologically advanced countries integrate generative AI into their products and services, less than half of the businesses in many low- and middle-income countries have an internet connection. The growing digital divide is exacerbating the poverty and productivity gaps between richer and poorer economies. The Digital Progress and Trends Report series will track global digitalization progress and highlight policy trends, debates, and implications for low- and middle-income countries. The series adds to the global efforts to study the progress and trends of digitalization in two main ways: · By compiling, curating, and analyzing data from diverse sources to present a comprehensive picture of digitalization in low- and middle-income countries, including in-depth analyses on understudied topics. · By developing insights on policy opportunities, challenges, and debates and reflecting the perspectives of various stakeholders and the World Bank’s operational experiences. This report, the first in the series, aims to inform evidence-based policy making and motivate action among internal and external audiences and stakeholders. The report will bring global attention to high-performing countries that have valuable experience to share as well as to areas where efforts will need to be redoubled.
  • Publication
    World Development Report 2017
    (Washington, DC: World Bank, 2017-01-30) World Bank Group
    Why are carefully designed, sensible policies too often not adopted or implemented? When they are, why do they often fail to generate development outcomes such as security, growth, and equity? And why do some bad policies endure? This book addresses these fundamental questions, which are at the heart of development. Policy making and policy implementation do not occur in a vacuum. Rather, they take place in complex political and social settings, in which individuals and groups with unequal power interact within changing rules as they pursue conflicting interests. The process of these interactions is what this Report calls governance, and the space in which these interactions take place, the policy arena. The capacity of actors to commit and their willingness to cooperate and coordinate to achieve socially desirable goals are what matter for effectiveness. However, who bargains, who is excluded, and what barriers block entry to the policy arena determine the selection and implementation of policies and, consequently, their impact on development outcomes. Exclusion, capture, and clientelism are manifestations of power asymmetries that lead to failures to achieve security, growth, and equity. The distribution of power in society is partly determined by history. Yet, there is room for positive change. This Report reveals that governance can mitigate, even overcome, power asymmetries to bring about more effective policy interventions that achieve sustainable improvements in security, growth, and equity. This happens by shifting the incentives of those with power, reshaping their preferences in favor of good outcomes, and taking into account the interests of previously excluded participants. These changes can come about through bargains among elites and greater citizen engagement, as well as by international actors supporting rules that strengthen coalitions for reform.
  • Publication
    Broadband Strategies Handbook
    (Washington, DC: World Bank, 2012-03-16) Kelly, Tim; Rossotto, Carlo Maria
    The handbook consists of seven chapters and two appendixes that look at how broadband is defined, why it is important, and how its development can be encouraged. Throughout the handbook, broadband is viewed as an ecosystem consisting of supply and demand components, both of which are equally important if the expansion of broadband networks and services is to be successful. In addressing the challenges and opportunities to which broadband gives rise, the handbook discusses the policies and strategies that government officials and others should consider when developing broadband plans, including what legal and regulatory issues to address, what broadband technologies to choose, how to facilitate universal broadband access, and how to generate demand for broadband services and applications. Chapter one, 'building broadband,' introduces the concepts of broadband by defining the term 'broadband' more conventionally (that is, speed or functionality) as well as explaining how this handbook seeks to define the term as broadband comes to be seen as an enabling platform. Chapter two, 'policy approaches to promoting broadband development,' identifies the issues that governments and the private sector will face when developing policies and programs to support broadband development. Chapter three, 'law and regulation in a broadband world,' discusses the key policies and regulatory trends that policy makers and regulators are considering to foster broadband. Chapter four, 'extending universal broadband access and use,' discusses what roles governments should play in promoting universal broadband access when market mechanisms do not meet goals for broadband access and use on their own. Chapter five, 'technologies to support deployment of broadband infrastructure,' focuses on the supply side of the broadband ecosystem. It describes the various wireline and wireless technologies now being used to build out broadband infrastructure, including examples of broadband deployments throughout the world. Chapter six, 'driving demand for broadband networks and services,' recognizes that, although supply-side issues are important, simply building networks do not guarantee that they will be used or used most effectively. Chapter seven, 'global footprints: stories from and for the developing world,' addresses the main challenges that developing countries face in deploying broadband networks, including underdeveloped infrastructure, low income, significant differences between rural and urban areas, constrained inter- and intra-modal competition, and weaknesses in regulatory and legal frameworks.
  • Publication
    Broadband Networks in the Middle East and North Africa : Accelerating High-Speed Internet Access
    (Washington, DC: World Bank, 2014-01-29) Gelvanovska, Natalija; Rogy, Michel; Rossotto, Carlo Maria
    Just as the steam engine was the driving force behind the Industrial Revolution, broadband Internet is today seen as critical to the transition to knowledge-intensive economies across the world. As a general purpose technology, broadband Internet is considered as a fundamental driver of economic growth and social development, releasing the innovative potential and energy of previously disenfranchised members of the population. Many of the countries in the Middle East and North Africa region (MENA) now recognize that broadband Internet is crucial to their efforts to reduce poverty and create job opportunities, especially for their young populations and for women. The report re-emphasizes the important contribution that broadband Internet can make and assesses the status of existing infrastructure in at least 18 MENA countries. While there is significant potential across the region, however, the take-up of broadband Internet has been slow, and the price of broadband service is high in many countries. In large part, this stems from market structures that, too often, reflect the past when telecommunications were treated as a monopoly utility service. The report finds that there are gaps in infrastructure regionally with no connectivity between neighboring countries in some cases. Similarly, there are gaps within countries exacerbating the (digital) divide between rural and urban areas. The report examines the regulatory and market bottlenecks that are hampering the growth of the Internet in these and other MENA countries: the five North African countries (Algeria, Egypt, Morocco, Libya, Tunisia); the six Mashreq countries (the Islamic Republic of Iran, Iraq, Jordan, Lebanon, Syria, and the West Bank and Gaza economy); the six Gulf countries (Bahrain, Kuwait, Oman, Qatar, Saudi Arabia, the United Arab Emirates); and Djibouti and the Republic of Yemen. The report provides policy and regulatory options for increasing effective use of existing fixed and mobile infrastructure as well as alternative infrastructure networks such as power grids and railroads. It explains the benefits of effective cross-sector infrastructure construction frameworks, highlighting the need to adjust market structures to foster competitive behavior among service providers to bring down prices and stimulate the demand for value-added services to drive future broadband development.