Browsing NTNU Open by Author "Tøndel, Inger Anne"
Now showing items 1-12 of 12
-
Access Control in Heterogenous Health Care Systems - A comparison of Role Based Access Control Versus Decision Based Access Control
Stavik, Stig; Magnussen, Gaute (Master thesis, 2006)Role based access control (RBAC) is widely used in health care systems today. Some of the biggest systems in use at Norwegian hospitals utilizes role based integration. The basic concept of RBAC is that users are assigned ... -
Access Control in Heterogenous Health Care Systems: A comparison of Role Based Access Control Versus Decision Based Access Control
Magnussen, Gaute; Stavik, Stig (Master thesis, 2006)Role based access control (RBAC) is widely used in health care systems today. Some of the biggest systems in use at Norwegian hospitals utilizes role based integration. The basic concept of RBAC is that users are assigned ... -
Challenges and Experiences with Applying Microsoft Threat Modeling in Agile Development Projects
Cruzes, Daniela Soares; Jaatun, Martin Gilje; Bernsmed, Karin; Tøndel, Inger Anne (Journal article; Peer reviewed, 2018)The goal of secure software engineering is to create software that keeps performing as intended even when exposed to attacks. Threat modeling is considered to be a key activity, but can be challenging to perform for ... -
Collaborative security risk estimation in agile software development
Tøndel, Inger Anne; Jaatun, Martin Gilje; Cruzes, Daniela Soares; Williams, Laurie (Journal article; Peer reviewed, 2019)Purpose Today, agile software development teams in general do not adopt security risk-assessment practices in an ongoing manner to prioritize security work. Protection Poker is a collaborative and lightweight software ... -
Facing uncertainty in cyber insurance policies
Meland, Per Håkon; Tøndel, Inger Anne; Moe, Marie Elisabeth Gaup; Seehusen, Fredrik (Journal article; Peer reviewed, 2017)Cyber insurance has gained less ground in Europe than in the U.S., but with emerging laws and regulations, the prospect of considerable fines for security breaches is pushing many organisations into this market. A qualitative ... -
Fremtidens fleksible distribusjonsnett - Fleksibel nettdrift, forbrukerfleksibilitet, plusskunder og forretningsmodeller
Sæle, Hanne; Bremdal, Bernt Arild; Tøndel, Inger Anne; Istad, Maren Kristine; Foosnæs, Jan Andor; Nordbø, Per Erik; Kirkeby, Henrik; Høverstad, Boye Annfelt; Mathisen, Geir (Research report, 2016) -
Next generation privacy policy
Lillebo, Ole Kristian (Master thesis, 2011)Privacy policies are commonly used by service providers to notify users what information is collected, how it will be used and with whom it will be shared. These policies are however known to be notoriously long and hard ... -
Personal Health Information on Display: Balancing Needs, Usability and Legislative Requirements
Gjære, Erlend Andreas; Tøndel, Inger Anne; Line, Maria Bartnes; Andresen, Herbjørn; Toussaint, Pieter Jelle (Journal article; Peer reviewed, 2011)Large wall-mounted screens placed at locations where health personnel pass by will assist in self-coordination and improve utilisation of both resources and staff at hospitals. The sensitivity level of the information ... -
Security Threats in Demo Steinkjer. Report from the Telenor-SINTEF collaboration project on Smart Grids
Tøndel, Inger Anne; Jaatun, Martin Gilje; Bartnes, Maria (SINTEF Rapport;A23351, Research report, 2012)This report describes security threats associated with the deployment of an Advanced Metering Infrastructure (AMI) in the Demo Steinkjer demonstration project. The description is based on the first phase of the actual smart ... -
Towards a Conceptual Framework for Security Requirements Work in Agile Software Development
Tøndel, Inger Anne; JAATUN, Martin Gilje (Peer reviewed; Journal article, 2020)Security requirement work plays a key role in achieving cost-effective and adequate security in a software development project. Knowledge about software companies' experiences of security requirement work is important in ... -
Understanding challenges to adoption of the Microsoft Elevation of Privilege game
Tøndel, Inger Anne; Oyetoyan, Tosin Daniel; Jaatun, Martin Gilje; Cruzes, Daniela Soares (Chapter, 2018)The goal of secure software engineering is to create software that keeps performing as intended even when exposed to an active attacker. Threat modelling is considered to be a key activity, but can be challenging to perform ... -
Understanding Challenges to Adoption of the Protection Poker Software Security Game
Tøndel, Inger Anne; Jaatun, Martin Gilje; Cruzes, Daniela Soares; Oyetoyan, Tosin Daniel (Chapter, 2019)Currently, security requirements are often neglected in agile projects. Despite many approaches to agile security requirements engineering in literature, there is little empirical research available on why there is limited ...