Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Publication
- Publication Type
Articles 1 - 8 of 8
Full-Text Articles in Physical Sciences and Mathematics
An Information Security Governance Framework For Australian Primary Care Health Providers, Donald C. Mcdermid, Rachel J. Mahncke, Patricia A H Williams
An Information Security Governance Framework For Australian Primary Care Health Providers, Donald C. Mcdermid, Rachel J. Mahncke, Patricia A H Williams
Australian Information Security Management Conference
The competitive nature of business and society means that the protection of information, and governance of the information security function, is increasingly important. This paper introduces the notion of a governance framework for information security for health providers. It refines the idea of an IT Balanced Scorecard into a scorecard process for use in governing information security for primary care health providers, where IT and security skills may be limited. The approach amends and justifies the four main elements of the scorecard process. The existence of a governance framework specifically tailored for the needs of primary care practice is a …
An Analytical Study Of It Security Governance And Its Adoption On Australian Organisations, Tanveer A. Zia
An Analytical Study Of It Security Governance And Its Adoption On Australian Organisations, Tanveer A. Zia
Australian Information Security Management Conference
Contemporary organisations are at infancy stages of adopting IT governance processes in Australia. Organisations who have adopted these processes underestimate the security processes within the governance framework. If the security processes are designed, they are often flawed with operational level implementation. This study investigates IT security governance broadly and in Australian organisations specifically. The objective of this study is to bring the local organisations in alignment with international standards and frameworks in terms of integration of information security, IT audits, risks and control measures. A survey of selected organisations is completed and results are presented in this paper identifying the …
Prism: The Development Of An Online Repository For Information Security Education Resources, Vincent Garramone
Prism: The Development Of An Online Repository For Information Security Education Resources, Vincent Garramone
Regis University Student Publications (comprehensive collection)
The goal of this study was to develop, implement and evaluate an online system that would allow intuitive sharing and retrieval of information security (IS) education materials, and a corresponding taxonomic system relevant to common contexts in which IS concepts are taught. After determining initial requirements, popular open-source content management systems were evaluated. The most suitable solution was customized, and implemented as the Public Repository for Information Security Material (PRISM) website. An initial organizational taxonomy was developed, and the repository was populated with resources from several sources. Evaluations of PRISM suggest that core functionalities have been suitably designed and implemented, …
A Call To Is Educators To Respond To The Voices Of Women In Information Security, Amy B. Woszczynski, Sherri Shade
A Call To Is Educators To Respond To The Voices Of Women In Information Security, Amy B. Woszczynski, Sherri Shade
Faculty and Research Publications
Much prior research has examined the dearth of women in the IT industry. The purpose of this study is to examine the perceptions of women in IT within the context of information security and assurance. This paper describes results from a study of a relatively new career path to see if there are female-friendly opportunities that have not existed in previous IT career paths. Research methodology focuses on a qualitative analysis of in-depth interviews with women who are self-described information security professionals. A primary goal of the study is to understand the perceptions of women in information security and determine …
Time-Bound Hierarchical Key Assignment: An Overview, Wen Tao Zhu, Robert H. Deng, Jianying Zhou, Feng Bao
Time-Bound Hierarchical Key Assignment: An Overview, Wen Tao Zhu, Robert H. Deng, Jianying Zhou, Feng Bao
Research Collection School Of Computing and Information Systems
The access privileges in distributed systems can be effectively organized as a partial-order hierarchy that consists of distinct security classes, and the access rights are often designated with certain temporal restrictions. The time-bound hierarchical key assignment problem is to assign distinct cryptographic keys to distinct security classes according to their privileges so that users from a higher class can use their class key to derive the keys of lower classes, and these keys are time-variant with respect to sequentially allocated temporal units called time slots. In this paper, we present the involved principle, survey the state of the art, and …
Collaborative Risk Method For Information Security Management Practices: A Case Context Within Turkey, Bilge Karabacak, Sevgi Ozkan
Collaborative Risk Method For Information Security Management Practices: A Case Context Within Turkey, Bilge Karabacak, Sevgi Ozkan
All Faculty and Staff Scholarship
In this case study, a collaborative risk method for information security management has been analyzed considering the common problems encountered during the implementation of ISO standards in eight Turkish public organizations. This proposed risk method has been applied within different public organizations and it has been demonstrated to be effective and problem-free. The fundamental issue is that there is no legislation that regulates the information security liabilities of the public organizations in Turkey. The findings and lessons learned presented in this case provide useful insights for practitioners when implementing information security management projects in other international public sector organizations.
A Collaborative Process Based Risk Analysis For Information Security Management Systems, Bilge Karabacak, Sevgi Ozkan
A Collaborative Process Based Risk Analysis For Information Security Management Systems, Bilge Karabacak, Sevgi Ozkan
All Faculty and Staff Scholarship
Today, many organizations quote intent for ISO/IEC 27001:2005 certification. Also, some organizations are en route to certification or already certified. Certification process requires performing a risk analysis in the specified scope. Risk analysis is a challenging process especially when the topic is information security. Today, a number of methods and tools are available for information security risk analysis. The hard task is to use the best fit for the certification. In this work we have proposed a process based risk analysis method which is suitable for ISO/IEC 27001:2005 certifications. Our risk analysis method allows the participation of staff to the …
An Analysis Of Information Security Awareness Within Home And Work Environments, Shuhaili Talib, Nathan Clarke, Steven Furnell
An Analysis Of Information Security Awareness Within Home And Work Environments, Shuhaili Talib, Nathan Clarke, Steven Furnell
Research outputs pre 2011
As technology such as the Internet, computers and mobile devices become ubiquitous throughout society, the need to ensure our information remains secure is imperative. Unfortunately, it has long been understood that good security cannot be achieved through technical means alone and a solid understanding of the issues and how to protect yourself is required from users. Whilst many initiatives, programs and strategies have been proposed to improve the level of information security awareness, most have been directed at organizations, with a few national programs focused upon home users. Given people's use of technology is primarily focused upon those two areas: …