Engineering Commons^™

Society Dilemma Of Computer Technology Management In Today's World, Iwasan D. Kejawa Ed.D

School of Computing: Faculty Publications

Abstract - Is it true that some of the inhabitants of the world’s today are still hesitant in using computers? Research has shown that today many people are still against the use of computers. Computer technology management can be said to be obliterated by security problems. Research shows that some people in society feel reluctant or afraid to use computers because of errors and exposure of their privacy and their sophistication, which sometimes are caused by computer hackers and malfunction of the computers. The dilemma of not utilizing computer technology at all or, to its utmost, by certain people in …

Project Insight: A Granular Approach To Enterprise Cybersecurity, Sunna Quazi, Adam Baca, Sam Darsche

SMU Data Science Review

In this paper, we disambiguate risky activity corporate users are propagating with their software in real time by creating an enterprise security visualization solution for system administrators. The current problem in this domain is the lag in cyber intelligence that inhibits preventative security measure execution. This is partially due to the overemphasis of network activity, which is a nonfinite dataset and is difficult to comprehensively ingest with analytics. We address these concerns by elaborating on the beta of a software called "Insight" created by Felix Security. The overall solution leverages endpoint data along with preexisting whitelist/blacklist designations to unambiguously communicate …

Disrupting Complex Systems With Emerging Technologies: A Study On United States Airport Operations, Emily J. Grone

Honors Theses and Capstones

The number of United States domestic commercial flight passengers are growing every year, which means the number of people checking-in, dropping off their bags, and going through TSA within airports is equally growing. With the increasing number of passengers and aging airports, there are several areas of pain points within airports where passengers hit a bottleneck due to the current systems that airports have in place. There are three main areas that we are going to reference. First the check-in process, where customers have to get their tickets, input identification information, and check-in for their flight. Second, baggage-drop off, where …

Social Engineering Knowledge Measured As A Security Countermeasure, Christopher Artejus Sanders

Theses and Dissertations

Social Engineering has become a significant threat to the security of business, government, and academic institutions. As vulnerabilities to social engineering attacks increase, organizations must incorporate risk mitigation strategies to their portfolios of Information Systems Security Countermeasures (ISSC). The goal is to implement mitigation strategies that balance the cost of implementation, the privacy of employees, and the resulting expected costs of social engineering attacks. In this paper we develop an analytical model that calculates the total cost of protection, including the trade-off between the cost of implementing protection strategies and the resulting expected cost of social engineering attacks. We use …

Pedagogical Resources For Industrial Control Systems Security: Design, Implementation, Conveyance, And Evaluation, Guillermo A. Francia Iii, Greg Randall, Jay Snellen

Journal of Cybersecurity Education, Research and Practice

Industrial Control Systems (ICS), which are pervasive in our nation’s critical infrastructures, are becoming increasingly at risk and vulnerable to internal and external threats. It is imperative that the future workforce be educated and trained on the security of such systems. However, it is equally important that careful and deliberate considerations must be exercised in designing and implementing the educational and training activities that pertain to ICS. To that end, we designed and implemented pedagogical materials and tools to facilitate the teaching and learning processes in the area of ICS security. In this paper, we describe those resources, the professional …

Emergent Ai, Social Robots And The Law: Security, Privacy And Policy Issues, Ramesh Subramanian

Journal of International Technology and Information Management

The rapid growth of AI systems has implications on a wide variety of fields. It can prove to be a boon to disparate fields such as healthcare, education, global logistics and transportation, to name a few. However, these systems will also bring forth far-reaching changes in employment, economy and security. As AI systems gain acceptance and become more commonplace, certain critical questions arise: What are the legal and security ramifications of the use of these new technologies? Who can use them, and under what circumstances? What is the safety of these systems? Should their commercialization be regulated? What are the …

Nuclear Security Culture And Batan’S Assessment: Batan’S Experience, Anhar R. Antariksawan

International Journal of Nuclear Security

Organizations should increase safety to minimize the harmful effects of nuclear materials. Additionally, organizations should take measures to protect security culture within the organization itself. This paper covers the National Nuclear Energy Agency of Indonesia’s (BATAN’s) promotion of nuclear security culture and self- assessment projects, which is based on the International Atomic Energy Agency’s (IAEA) methodology.

Qualitative Collective Case Study Of Targeted Violence Preparedness At Institutions Of Higher Education, Tim Gunter

Doctoral Dissertations and Projects

An increase in targeted violence incidents (TVIs), primarily active shooter events, at institutions of higher education (IHEs) has exposed gaps in campus security plan preparation and exercises. The purpose of this qualitative collective case study was to discover barriers to and best practices of universities and colleges conducting security preparedness activities for TVIs. The theory that guided this study was vested interest theory which predicts how attitudes will influence behavior in a commitment to preparedness fundamentals. The setting for this study was two institutions of higher education along the East Coast of the United States. Data collection techniques included site …

The Utility Of Table-Top Exercises In Teaching Nuclear Security, Christopher Hobbs, Luca Lentini, Matthew Moran

International Journal of Nuclear Security

In the emerging field of nuclear security, those responsible for education and training are constantly seeking to identify and engage with tools and approaches that provide for a constructive learning environment. In this context, this paper explores the nature and value of Tabletop exercises (TTX) and how they can be applied in the nuclear security context. On the one hand, the paper dissects the key components of the TTX and considers the broader pedagogical benefits of this teaching method. On the other hand, the paper draws lessons from the authors’ experience of running TTXs as part of nuclear security professional …

An Exploration Of Mobile Device Security Artifacts At Institutions Of Higher Education, Amita Goyal Chin, Diania Mcrae, Beth H. Jones, Mark A. Harris

Journal of International Technology and Information Management

The explosive growth and rapid proliferation of smartphones and other mobile

devices that access data over communication networks has necessitated advocating

and implementing security constraints for the purpose of abetting safe computing.

Remote data access using mobile devices is particularly popular among students at

institutions of higher education. To ensure safe harbor for constituents, it is

imperative for colleges and universities to establish, disseminate, and enforce

mobile device security artifacts, where artifacts is defined as policies, procedures,

guidelines or other documented or undocumented protocols. The purpose of this

study is to explore the existence of, specific content of, and the …

Supporting Business Privacy Protection In Wireless Sensor Networks, Nan Feng, Zhiqi Hao, Sibo Yang, Harris Wu

Information Technology & Decision Sciences Faculty Publications

With the pervasive use of wireless sensor networks (WSNs) within commercial environments, business privacy leakage due to the exposure of sensitive information transmitted in a WSN has become a major issue for enterprises. We examine business privacy protection in the application of WSNs. We propose a business privacy-protection system (BPS) that is modeled as a hierarchical profile in order to filter sensitive information with respect to enterprise-specified privacy requirements. The BPS aims at solving a tradeoff between metrics that are defined to estimate the utility of information and the business privacy risk. We design profile, risk assessment, and filtration agents …

Slides: Ag Water Sharing: Legal Challenges And Considerations, Peter D. Nichols

Innovations in Managing Western Water: New Approaches for Balancing Environmental, Social and Economic Outcomes (Martz Summer Conference, June 11-12)

Presenter: Peter D. Nichols, Esq., Partner, Berg, Hill, Greenleaf and Ruscitti, Boulder, CO

25 slides

The Future Of National And International Security On The Internet, Maurice Dawson, Marwan Omar, Jonathan Abramson, Dustin Bessette

Maurice Dawson

Hyperconnectivity is a growing trend that is driving cyber security experts to develop new security architectures for multiple platforms such as mobile devices, laptops, and even wearable displays. The futures of national and international security rely on complex countermeasures to ensure that a proper security posture is maintained during this state of hyperconnectivity. To protect these systems from exploitation of vulnerabilities it is essential to understand current and future threats to include the laws that drive their need to be secured. Examined within this chapter are the potential security-related threats with the use of social media, mobile devices, virtual worlds, …

Social Implications Of Wearable Computing And Augmediated Reality In Every Day Life (Ieee Symposium On Technology And Society, Istas13), Katina Michael

Associate Professor Katina Michael

It was in July 2012 that Steve Mann and I corresponded on the possibility of hosting a conference on wearable computing in Toronto, Canada. Steve had just returned home from a family holiday to France and publicly blogged about an unfortunate incident that had happened to him while away. On 17th July 2012 he posted: “Physical assault by McDonald’s for wearing Digital Eye Glass”. We both knew the timing was right for such an event that was not just a technical engineering or applied orientation on the theme of smart worlds, but an event that would grapple with the dichotomies …

Privacy Issues And Solutions In Social Network Sites, Xi Chen, Katina Michael

Associate Professor Katina Michael

The boom of the internet and the explosion of new technologies have brought with them new challenges and thus new connotations of privacy. Clearly, when people deal with e-government and e-business, they do not only need the right to be let alone, but also to be let in secret. Not only do they need freedom of movement, but also to be assured of the secrecy of their information. Solove [6] has critiqued traditional definitions of privacy and argued that they do not address privacy issues created by new online technologies. Austin [7] also asserts: “[w]e do need to sharpen and …

Book Review: Handbook On Securing Cyber-Physical Critical Infrastructure: Foundations And Challenges (Written By Sajal K. Das, Krishna Kant, Nan Zhang), Katina Michael

Professor Katina Michael

This 800+ page handbook is divided into eight parts and contains thirty chapters, ideal for either an advanced undergraduate or graduate course in security. At the heart of this handbook is how we might go about managing both physical and cyber infrastructures, as they continue to become embedded and enmeshed, through advanced control systems, and new computing and communications paradigms.

Book Review Of Hacking: The Next Generation (Written By Nitesh Dhanjani, Billy Rios & Brett Hardin), Katina Michael

Professor Katina Michael

Hacking: The Next Generation demonstrates just how hackers continue to exploit “back doors”. New ways of working and new ways of communicating have meant that the number of attack vectors continue to rise rapidly. This provides hackers with a greater number of opportunities to penetrate systems using blended approaches while organizations struggle to come up to speed with the latest technology developments and commensurate security capabilities. Dealing with anticipated threats is a lot harder than dealing with known threats.

Book Review: Securing The Cloud: Cloud Computer Security Techniques And Tactics, Katina Michael

Associate Professor Katina Michael

With so much buzz around Cloud Computing, books like this one written by Winkler are much in demand. Winkler’s experience in the computing business shines through and as readers we are spoiled with a great deal of useful strategic information- a jam packed almost 300 page volume on securing the cloud.

Book Review: Security Risk Management: Building An Information Security Risk Management Program From The Ground Up, Katina Michael

Associate Professor Katina Michael

In an age of outsourcing tasks that are not considered to be a core competency of the business, organisations have often relied on external consultants for matters pertaining to security. In actual fact, most companies could have utilized existing skill-sets in-house to produce a security risk management program, if only they knew what steps to take, and how to go about it all. Evan Wheeler in his book on information security risk management does just that- he equips professionals tasked with security, with the thinking required to create a program that is more preoccupied with the complex strategic-level questions than …

A Web Application For Financial Trading Simulation, Li-Chiou Chen, Lixin Tao, Padma Kadiyala

Cornerstone 3 Reports : Interdisciplinary Informatics

No abstract provided.

Event Study Method For Validating Agent-Based Trading Simulations, Shih-Fen Cheng

Research Collection School Of Computing and Information Systems

In this paper, we introduce how one can validate an event-centric trading simulation platform that is built with multi-agent technology. The issue of validation is extremely important for agent-based simulations, but unfortunately, so far there is no one universal method that would work in all domains. The primary contribution of this paper is a novel combination of event-centric simulation design and event study approach for market dynamics generation and validation. In our event-centric design, the simulation is progressed by announcing news events that affect market prices. Upon receiving these events, event-aware software agents would adjust their views on the market …

A Secure On-Line Credit Card Transaction Method Based On Kerberos Authentication Protocol, Jung Eun Kim

UNLV Theses, Dissertations, Professional Papers, and Capstones

Nowadays, electronic payment system is an essential part of modern business. Credit cards or debit cards have been widely used for on-site or remote transactions, greatly reducing the need for inconvenient cash transactions. However, there have been a huge number of incidents of credit card frauds over the Internet due to the security weakness of electronic payment system. A number of solutions have been proposed in the past to prevent this problem, but most of them were inconvenient and did not satisfy the needs of cardholders and merchants at the same time.

In this thesis, we present a new secure …

More Secure Passwords, Scott Magruder, Stanley X. Lewis Jr

Journal of International Technology and Information Management

Passwords are often the first line of defense against hackers trying to logon to a user’s account. Due to this, the password that a user selects for protection of their account is critical. These passwords must be “good” passwords that are not easily cracked. However, how does the network administrator enforce this? A simple change to the login process can make the passwords chosen by users much more secure. A description of this simple process is given in this paper. The normal login process is described. A description of the how hackers attempt to crack passwords is given. The simple …

Improving The Judicial System To Handle Computer Crime, Gerald V. Post, Albert Kagan

Journal of International Technology and Information Management

This paper asked professionals in the legal system to evaluate the current state and effectiveness of laws to identify and deter computer crime. Responses were evaluated with a formal structural equation model. The results generally show that legal professionals believe potential jurors have minimal knowledge of computer crime issues. More importantly, they also believe that judges have little knowledge or experience. A similar lack of knowledge by defense attorneys indicates that it could be difficult for a person accused of computer related infractions to find adequate representation. On the other hand, more experienced participants do not believe computer laws present …

The Role Of Quantitative Analysis In The Information Security Systems Development Lifecycle, Stephen R. Rosenkranz, Michael E. Busing, Faye P. Teer, Karen A. Forcht

Journal of International Technology and Information Management

Today’s numerous Quantitative Analysis (QA) tools have been successfully utilized to solve business problems in diverse applications. However, the application of QA tools in solving information security problems has been sparse. Devising the means and ways to use QA tools in resolving industry-wide security problems has the potential to yield enormous global economic benefit. The purpose of this paper is to explore the use of QA tools as a means of improving the processes involved in the Information Security Systems Development Lifecycle (SecSDL). Information security professionals use the SecSDL as a guide for formulating a comprehensive information security program. The …