Publication:
Information Technology Security Handbook

Loading...
Thumbnail Image
Files in English
English PDF (2.78 MB)
15,852 downloads
English Text (1.68 MB)
34,650 downloads
Date
2003
ISSN
Published
2003
Editor(s)
Abstract
Informational and Communication Technologies (ICT) plays a fundamental role for social and economic development. Similarly, it is recognized that there cannot be an effective use of ICT in the absence of a safe and trusted ICT environment. Thus, IT security plays a prime role in helping creating the environment needed to set the ground for implementing successful national ICT plans, e-Government or e-Commerce activities, as well as sectoral projects, such as, for example, in the areas of education, health, or finance. IT security is a complex topic and evolves almost as fast as technology does. The authors provide technology-independent best practices, as well as recommendations for particular IT environments. As technology evolves, the accompanying web site (www.infodev-security.net) will provide updates as appropriate, allowing for a constant dissemination of developments in the field of IT security. The book is composed of five parts, each of which can be read independently. After an introduction to general issues of IT security, the book addresses issues relevant specifically to individuals, small and medium organizations, government, and technical administrators. Although most of the research and publications on IT security comes from developed countries, the authors have attempted to provide practical guidance applicable anywhere and to include examples from developing countries.
Link to Data Set
Citation
Sadowsky, George; Dempsey, James X.; Greenberg, Alan; Mack, Barbara J.; Schwartz, Alan. 2003. Information Technology Security Handbook. © World Bank. http://hdl.handle.net/10986/15005 License: CC BY 3.0 IGO.
Associated URLs
Associated content
Report Series
Other publications in this report series
Journal
Journal Volume
Journal Issue
Collections

Related items

Showing items related by metadata.

  • Publication
    E-Development from Excitement to Effectiveness
    (Washington, DC: World Bank, 2005) Schware, Robert; Schware, Robert
    This volume examines a wide range of issues related to e-development, with a focus on the requirements and realities of using ICTs to advance development goals. The report does not attempt to present a comprehensive overview of e-development. Rather, it highlights key issues that have immediate relevance to policy makers in developing nations who make decisions on investments and development goals. It highlights two issues in particular, e-government and e-education, because ICT applications in these areas can lead to significant development outcomes and can also be successfully deployed through public-private partnerships, leveraging limited government funding to achieve greater impact.
  • Publication
    The Private Sector and the Internet
    (World Bank, Washington, DC, 1997-07) Braga, Carlos A. Primo; Fink, Carsten
    The authors look at the rise of the Internet as the main application behind the emerging global information infrastructure. Many now believe that the Internet provides a window into a future in which access to information will be independent of geographic location and interactivity in a multimedia environment will be ubiquitous. The authors review the need for a regulatory framework for the Internet in three critical areas: provision of backbone access, Internet service providers, and information services. They also explore the problem of the appropriability of content, discussing intellectual property rights in the digital era and other remedies to the cost recovery problem. For developing countries, however, the critical bottleneck is still their weak information infrastructure.
  • Publication
    Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers
    (World Bank, Washington, DC, 2004-12) Asian Development Bank; Inter-American Development Bank; World Bank
    The concept of authentication has been around for a long time in many forms. For example due diligence in commerce has traditionally been formalized to determine whether the data presented in commercial propositions are accurate and comprehensive. With the emergence of e-commerce the concept of authentication has encompassed new realities that are a feature of the relatively narrow avenues for information and potentially high risks inherent in an online environment. This paper seeks to provide an understanding about the different ways of assuring authentication. These authentication rules and tools including for example public key infrastructure (PKI) are sometimes meant to set a legal and technological framework for trustworthy electronic transactions, promoting e-procurement, e-commerce, e-business, and e-government. The two considerations of business risk and legal validity are both intrinsic to the concept of authentication. This report explores the issues and solutions affecting the concept of authentication in terms of legislation, management and technology. This report finds that for online authentication things is not always what they may seem and that legislation and technology alone cannot build a trust environment and, if misunderstood, may produce a high risk illusion. It is crucial that the limitations and fallibility of the technology be explicit in its commercial applications and that business risks be managed accordingly.
  • Publication
    Electronic Safety and Soundness : Securing Finance in a New Age
    (Washington, DC: World Bank, 2004-02) Glaessner, Thomas C.; Kellermann, Tom; McNevin, Valerie
    This monograph and its technical annexes identify and discuss four key pillars that are necessary to foster a secure electronic environment and the safety and soundness of financial systems worldwide. Hence, it is intended for those formulating policies in the area of electronic security and those working with financial services providers (such as executives and management). The detailed annexes of this monograph are relevant for chief information and security officers and others who are responsible for securing network systems. First, the monograph defines electronic finance (e-finance) and electronic security (e-security) and explains why these areas require attention. Next, it presents a picture of the emerging global security industry. Then, it develops a risk management framework to assist policymakers and practitioners in understanding the tradeoffs and risks inherent in using an open network infrastructure. It also provides examples of tradeoffs that may arise with respect to technological innovations, privacy, quality of service, and security in the design of an e-security policy framework. Finally, it outlines issues in four critical and interrelated areas that require attention in the building of an adequate e-security infrastructure. These are: (i) the legal, regulatory, and enforcement framework; (ii) external monitoring of e-security practices; (iii) public-private sector cooperation; and (iv) the business case for practicing layered e-security that will improve internal monitoring.
  • Publication
    Republic of Tunisia : Information and Communications Technology Contribution to Growth and Employment Generation, Volume 2. Technical Report
    (Washington, DC, 2002-03) World Bank
    This policy note is the first of two volumes, drafted in conjunction with a more detailed technical report. It was prepared in response to a request by the Government of Tunisia for Bank assistance to formulate an ICT development strategy, in accordance with the targets set in the Government of Tunisia's 10th development plan. The policy note highlights current constraints to ICT sector development and proposes measures to eliminate them. It should be read in conjunction with the broader strategy report (volume two: technical report), which contains complementary data and technical information. The Government objectives were conveyed to the World Bank team in May 2001. The strategy is aimed at bolstering the country's emerging ICT sector and maximizing its ability to compete in local, regional, and global markets. In this context, the major objectives of the ICT strategy are to: (a) maximize the ICT contribution to growth and employment generation; (b) position Tunisia in the global ICT market; and (c) integrate ICT into the Tunisian economy. Indirect issues of the ICT impact on productivity and competitiveness are marginally treated in this note. The report compares the state of ICT development in Tunisia that of other economies, taking into account Tunisia's relative strengths and weaknesses in developing a competitive and robust ICT industry. The report outlines the pillars of a strategy and specifies measures to be implemented by the Government, the private sector, and other stakeholders.

Users also downloaded

Showing related downloaded files

  • Publication
    Green Public Procurement
    (World Bank, Washington, DC, 2021-11-04) World Bank
    This report provides an overview of international experience in the implementation of Green Public Procurement (GPP). It focuses on the institutional framework that is needed to support the mainstreaming of GPP practices across government. The intention is to equip practitioners with a broad understanding of the issues they need to consider in the design and implementation of GPP reforms. The report draws on a wide range of country examples. It provides links to handbooks and tools for practitioners.
  • Publication
    The Day After Tomorrow : A Handbook on the Future of Economic Policy in the Developing World
    (World Bank, 2010) Canuto, Otaviano; Giugale, Marcelo
    Development economists are paid to look into the future. They ask not only how things work today, but also how a new policy, program, or project will make them work tomorrow. They view the world and history as a learning process, past and present are just inputs into thinking about what's coming. It is that appetite for a vision of the future that led us to invite some 40 development economists, most of them from the World Bank's poverty reduction and economic management network, an epicenter of the profession, to tell us what they see on the horizon of their technical disciplines and of their geographic areas of specialization. The timing could not be better. The 2008-09 global financial crises shook the ground under the conventional wisdom that had been held as true for decades. From what the role of governments should be in markets to which countries will be the engines of the world's economy, from what people need to leave poverty to what businesses need to stay competitive, it is all up for reexamination. This synthesis provides an account of what the author heard. It is not meant to be comprehensive. Instead, it picks from each chapter what is new, what is likely to change, and what will be different in the future.
  • Publication
    Social Dimensions of Climate Change : Equity and Vulnerability in a Warming World
    (World Bank, 2010) Norton, Andrew; Mearns, Robin; Mearns, Robin; Norton, Andrew
    Climate change is widely acknowledged as foremost among the formidable challenges facing the international community in the 21st century. It poses challenges to fundamental elements of our understanding of appropriate goals for social and economic policy, such as the connection of prosperity, growth, equity, and sustainable development. This volume seeks to establish an agenda for research and action built on an enhanced understanding of the relationship between climate change and the key social dimensions of vulnerability, social justice, and equity. The volume is organized as follows. This introductory chapter first sets the scene by framing climate change as an issue of social justice at multiple levels, and by highlighting equity and vulnerability as the central organizing themes of an agenda on the social dimensions of climate change. Chapter two leads off with a review of existing theories and frameworks for understanding vulnerability, drawing out implications for pro-poor climate policy. Understanding the multilayered causal structure of vulnerability then can assist in identifying entry points for pro-poor climate policy at multiple levels. Building on such analytical approaches, chapters three and four, respectively, consider the implications of climate change for armed conflict and for migration. Those chapters are followed by a discussion of two of the most important social cleavages that characterize distinct forms of vulnerability to climate change and climate action: gender (chapter five) and ethnicity or indigenous identity (chapter six), in the latter case, focusing on the role of indigenous knowledge in crafting climate response measures in the Latin American and Caribbean region. Chapter seven highlights the important mediating role of local institutions in achieving more equitable, pro-poor outcomes from efforts to support adaptation to climate change. Chapter eight examines the implications of climate change for agrarian societies living in dry-land areas of the developing world, and chapter nine does the same for those living in urban centers. Chapter ten considers the role of social policy instruments in supporting pro-poor adaptation to climate change; and it argues for a focus on 'no-regrets' options that integrate adaptation with existing development approaches, albeit with modifications to take better account of the ways in which climate variables interact with other drivers of vulnerability. Finally, chapter eleven turns to the implications of climate policy and action for forest areas and forest people.
  • Publication
    Financial Inclusion
    (World Bank, Washington, DC, 2023-08-28) Independent Evaluation Group
    This evaluation explores how and with what effect the World Bank Group has supported financial inclusion for the microenterprises, poor households, women, and other excluded groups. Financial inclusion is defined as the use of financial services by individuals and firms. It encompasses financial access—owning an account—and the use of financial services. There has been an impressive growth in account ownership globally, from 55% of adults in 2014 to 71% in 2021, although usage is more limited as some accounts are inactive. Critically, both financial access and the use of financial services remain major challenges for microenterprises, poor households, women, and other excluded groups. The objective of the evaluation is to assess whether the Bank Group has been doing the right things and whether it has been doing things right on financial inclusion. The evaluation captures lessons from the World Bank’s experience supporting financial inclusion for microenterprises, poor households, women, and other excluded groups and updates a 2015 financial inclusion evaluation. The evaluation includes a retrospective look at the drive for universal financial access and examines progress and challenges in women’s access to financial services. The evaluation also assesses the Bank Group’s support for digital financial services as vehicles for financial inclusion. Finally, the report examines the World Bank’s response to COVID-19 as it relates to financial inclusion. The evaluation proposes three recommendations: (i) The World Bank and IFC should further encourage account use by underserved groups, including women and rural poor people, and emphasize this more in their strategies and projects. (ii) The World Bank and IFC should design and implement more comprehensive approaches that address constraints in the enabling environment for DFS to reach underserved and excluded groups. (iii) To enhance learning on what works to increase the beneficial use of financial services at the MPWEG, the World Bank and IFC should collect outcome data across different underserved and excluded groups, initially on a pilot basis.
  • Publication
    Sovereign Debt and the Financial Crisis : Will This Time Be Different?
    (World Bank, 2011) Primo Braga, Carlos A.; Vincelette, Gallina A.
    The financial crisis of 2008 has rekindled interest in sovereign debt crises among policy makers and scholars. History shows that lending booms typically end in busts, with the beneficiaries of debt in the upswing often forced to default or reschedule their debts in the downswing (Sturzenegger and Zettelmeyer 2006). The impact of the first financial crisis of the 21st century on capital flows to developing countries and the signs of stress in debt markets of several European countries in the first half of 2010 raise the inevitable question, Are author about to witness a new generation of sovereign debt crises? This book addresses this question. It adopts an integrated approach by drawing on both theoretical research and experience from professionals involved in technical assistance in this area. It documents recent improvements in macroeconomic policies and debt management practices, which to a large extent explain the resilience of developing and emerging economies, and identifies challenges ahead and areas that require special attention from policy makers.