Publication:
Information Technology Security Handbook

cb
Academic Peer Review
Thumbnail Image
Files in English
English PDF (2.78 MB)
15,874 downloads
English Text (1.68 MB)
34,745 downloads
Published
2003
ISSN
Date
2013-08-12
Author(s)
Editor(s)
Abstract
Informational and Communication Technologies (ICT) plays a fundamental role for social and economic development. Similarly, it is recognized that there cannot be an effective use of ICT in the absence of a safe and trusted ICT environment. Thus, IT security plays a prime role in helping creating the environment needed to set the ground for implementing successful national ICT plans, e-Government or e-Commerce activities, as well as sectoral projects, such as, for example, in the areas of education, health, or finance. IT security is a complex topic and evolves almost as fast as technology does. The authors provide technology-independent best practices, as well as recommendations for particular IT environments. As technology evolves, the accompanying web site (www.infodev-security.net) will provide updates as appropriate, allowing for a constant dissemination of developments in the field of IT security. The book is composed of five parts, each of which can be read independently. After an introduction to general issues of IT security, the book addresses issues relevant specifically to individuals, small and medium organizations, government, and technical administrators. Although most of the research and publications on IT security comes from developed countries, the authors have attempted to provide practical guidance applicable anywhere and to include examples from developing countries.
Link to Data Set
Citation
Sadowsky, George; Dempsey, James X.; Greenberg, Alan; Mack, Barbara J.; Schwartz, Alan. 2003. Information Technology Security Handbook. © World Bank. http://hdl.handle.net/10986/15005 License: CC BY 3.0 IGO.
Digital Object Identifier
https://doi.org/10.1596/0-9747888-0-5
URI
https://hdl.handle.net/10986/15005
Associated URLs
Associated content
Report Series
Other publications in this report series
Journal
Journal Volume
Journal Issue
Collections
Other manuals

Related items

Showing items related by metadata.

  • Publication
    E-Development from Excitement to Effectiveness
    (Washington, DC: World Bank, 2005) Schware, Robert; Schware, Robert
    This volume examines a wide range of issues related to e-development, with a focus on the requirements and realities of using ICTs to advance development goals. The report does not attempt to present a comprehensive overview of e-development. Rather, it highlights key issues that have immediate relevance to policy makers in developing nations who make decisions on investments and development goals. It highlights two issues in particular, e-government and e-education, because ICT applications in these areas can lead to significant development outcomes and can also be successfully deployed through public-private partnerships, leveraging limited government funding to achieve greater impact.
  • Publication
    The Private Sector and the Internet
    (World Bank, Washington, DC, 1997-07) Braga, Carlos A. Primo; Fink, Carsten
    The authors look at the rise of the Internet as the main application behind the emerging global information infrastructure. Many now believe that the Internet provides a window into a future in which access to information will be independent of geographic location and interactivity in a multimedia environment will be ubiquitous. The authors review the need for a regulatory framework for the Internet in three critical areas: provision of backbone access, Internet service providers, and information services. They also explore the problem of the appropriability of content, discussing intellectual property rights in the digital era and other remedies to the cost recovery problem. For developing countries, however, the critical bottleneck is still their weak information infrastructure.
  • Publication
    Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers
    (World Bank, Washington, DC, 2004-12) Asian Development Bank; Inter-American Development Bank; World Bank
    The concept of authentication has been around for a long time in many forms. For example due diligence in commerce has traditionally been formalized to determine whether the data presented in commercial propositions are accurate and comprehensive. With the emergence of e-commerce the concept of authentication has encompassed new realities that are a feature of the relatively narrow avenues for information and potentially high risks inherent in an online environment. This paper seeks to provide an understanding about the different ways of assuring authentication. These authentication rules and tools including for example public key infrastructure (PKI) are sometimes meant to set a legal and technological framework for trustworthy electronic transactions, promoting e-procurement, e-commerce, e-business, and e-government. The two considerations of business risk and legal validity are both intrinsic to the concept of authentication. This report explores the issues and solutions affecting the concept of authentication in terms of legislation, management and technology. This report finds that for online authentication things is not always what they may seem and that legislation and technology alone cannot build a trust environment and, if misunderstood, may produce a high risk illusion. It is crucial that the limitations and fallibility of the technology be explicit in its commercial applications and that business risks be managed accordingly.
  • Publication
    Electronic Safety and Soundness : Securing Finance in a New Age
    (Washington, DC: World Bank, 2004-02) Glaessner, Thomas C.; Kellermann, Tom; McNevin, Valerie
    This monograph and its technical annexes identify and discuss four key pillars that are necessary to foster a secure electronic environment and the safety and soundness of financial systems worldwide. Hence, it is intended for those formulating policies in the area of electronic security and those working with financial services providers (such as executives and management). The detailed annexes of this monograph are relevant for chief information and security officers and others who are responsible for securing network systems. First, the monograph defines electronic finance (e-finance) and electronic security (e-security) and explains why these areas require attention. Next, it presents a picture of the emerging global security industry. Then, it develops a risk management framework to assist policymakers and practitioners in understanding the tradeoffs and risks inherent in using an open network infrastructure. It also provides examples of tradeoffs that may arise with respect to technological innovations, privacy, quality of service, and security in the design of an e-security policy framework. Finally, it outlines issues in four critical and interrelated areas that require attention in the building of an adequate e-security infrastructure. These are: (i) the legal, regulatory, and enforcement framework; (ii) external monitoring of e-security practices; (iii) public-private sector cooperation; and (iv) the business case for practicing layered e-security that will improve internal monitoring.
  • Publication
    Republic of Tunisia : Information and Communications Technology Contribution to Growth and Employment Generation, Volume 2. Technical Report
    (Washington, DC, 2002-03) World Bank
    This policy note is the first of two volumes, drafted in conjunction with a more detailed technical report. It was prepared in response to a request by the Government of Tunisia for Bank assistance to formulate an ICT development strategy, in accordance with the targets set in the Government of Tunisia's 10th development plan. The policy note highlights current constraints to ICT sector development and proposes measures to eliminate them. It should be read in conjunction with the broader strategy report (volume two: technical report), which contains complementary data and technical information. The Government objectives were conveyed to the World Bank team in May 2001. The strategy is aimed at bolstering the country's emerging ICT sector and maximizing its ability to compete in local, regional, and global markets. In this context, the major objectives of the ICT strategy are to: (a) maximize the ICT contribution to growth and employment generation; (b) position Tunisia in the global ICT market; and (c) integrate ICT into the Tunisian economy. Indirect issues of the ICT impact on productivity and competitiveness are marginally treated in this note. The report compares the state of ICT development in Tunisia that of other economies, taking into account Tunisia's relative strengths and weaknesses in developing a competitive and robust ICT industry. The report outlines the pillars of a strategy and specifies measures to be implemented by the Government, the private sector, and other stakeholders.

Users also downloaded

Showing related downloaded files

  • Publication
    Building State Capacity in Africa : New Approaches, Emerging Lessons
    (Washington, DC: World Bank, 2004-09) Levy, Brian; Kpundeh, Sahr; Levy, Brian; Kpundeh, Sahr
    In recent years, a number of African governments, sometimes working in partnership with the Bank, and other development partners, have moved forward with new-style programs to build public sector capacity. This book aims to share some of the lessons for the design, and implementation of public sector capacity building, emerging from this new generation of operational practice. Their experiences are reviewed, and some major challenges for the African public sector are identified for how can African states: be innovative in the reform process, harness the energies of the local elites, learn from past reformers, and, harness political will as a partner in the reform process. It addresses topics such as the relationship between governance and economic development, public expenditure and accountability, anticorruption reform, decentralization, political structures, and, the delivery of public services.
  • Publication
    Sovereign Debt and the Financial Crisis : Will This Time Be Different?
    (World Bank, 2011) Primo Braga, Carlos A.; Vincelette, Gallina A.
    The financial crisis of 2008 has rekindled interest in sovereign debt crises among policy makers and scholars. History shows that lending booms typically end in busts, with the beneficiaries of debt in the upswing often forced to default or reschedule their debts in the downswing (Sturzenegger and Zettelmeyer 2006). The impact of the first financial crisis of the 21st century on capital flows to developing countries and the signs of stress in debt markets of several European countries in the first half of 2010 raise the inevitable question, Are author about to witness a new generation of sovereign debt crises? This book addresses this question. It adopts an integrated approach by drawing on both theoretical research and experience from professionals involved in technical assistance in this area. It documents recent improvements in macroeconomic policies and debt management practices, which to a large extent explain the resilience of developing and emerging economies, and identifies challenges ahead and areas that require special attention from policy makers.
  • Publication
    The Day After Tomorrow : A Handbook on the Future of Economic Policy in the Developing World
    (World Bank, 2010) Canuto, Otaviano; Giugale, Marcelo
    Development economists are paid to look into the future. They ask not only how things work today, but also how a new policy, program, or project will make them work tomorrow. They view the world and history as a learning process, past and present are just inputs into thinking about what's coming. It is that appetite for a vision of the future that led us to invite some 40 development economists, most of them from the World Bank's poverty reduction and economic management network, an epicenter of the profession, to tell us what they see on the horizon of their technical disciplines and of their geographic areas of specialization. The timing could not be better. The 2008-09 global financial crises shook the ground under the conventional wisdom that had been held as true for decades. From what the role of governments should be in markets to which countries will be the engines of the world's economy, from what people need to leave poverty to what businesses need to stay competitive, it is all up for reexamination. This synthesis provides an account of what the author heard. It is not meant to be comprehensive. Instead, it picks from each chapter what is new, what is likely to change, and what will be different in the future.
  • Publication
    License to Drill
    (Washington, DC: World Bank, 2018-06-22) Votava, Cari L.; Hauch, Jeanne M.; Clementucci, Francesco
    Natural resources have the transformational potential to support economic and political stability as well as contribute to national prosperity and economic development. However, in countries dependent upon natural resource sectors, poor management of these sectors often contributes to corruption, illicit financial flows (IFFs) and thus, poverty. Adequate transparency and accountability in regulatory management of these sectors is a challenge for resource rich countries. Poor licensing decisions in natural resource management can open a pandora’s box of corruption risks. This manual provides methods and options based on good practices to improve transparency, accountability, and integrity in the regulatory licensing process and integrity due diligence. The manual borrows models from the Basel Core Principle ‘fit and proper’ concept, and provides options for conducting effective (a) beneficial ownership; (b) criminal/legal; and (c) conflicts of interest checks, with a goal of integrating these into the regulatory licensing process. The manual also identifies common legal framework defects that can facilitate corruption risks, and offers options based on principles of regulatory integrity to reduce these risks. The good practices identified can help countries allocate limited financial resources in conducting thorough background checks in a cost-effective manner, as well as meet EITI’s requirements for public disclosure of beneficial owners and politically exposed persons. These strategies for reducing opportunities for corruption in extractive sectors can help reduce IFFs that can sap resources from the economy and inhibit a country’s ability to achieve the Sustainable Development Goals.
  • Publication
    Growing Old in an Older Brazil : Implications of Population Ageing on Growth, Poverty, Public Finance, and Service Delivery
    (World Bank, 2011-09-07) Jorgensen, Ole Hagen; Gragnolati, Michele; Rocha, Romero; Fruttero, Anna
    This chapter introduces the main issues associated with population aging, many of which will be investigated in detail throughout the volume. The next section describes the demographic transformation that Brazil has been experiencing and highlights its specific features, including a very rapid population aging process in the next few decades. Then the main economic framework behind this work, the life cycle theory according to which individuals' economic behavior varies according to their age, is discussed. The section after that introduces the first and second demographic dividends associated with the changing population age structure that accompanies the demographic transition of any country. Next covered is how poverty is linked to the life cycle in Brazil and the role of public transfers in reducing poverty among different age groups, followed by an investigation of how public expenditures vary across age groups and generations and what makes Brazil distinct from comparable OECD (Organization for Economic Co-operation and Development) and Latin American countries. Concluding the chapter are the main findings of the report.