Open Access. Powered by Scholars. Published by Universities.®
- Discipline
- Keyword
-
- Conference Proceedings (6)
- Journal Articles (4)
- Authentication Methods (2)
- Information Security (2)
- Password Authentication (2)
-
- Coping strategies (1)
- Counter Terrorism (1)
- Curriculum Development (1)
- Curriculum Models (1)
- Cyber Terrorism (1)
- Cyber attack (1)
- Cyber defense (1)
- Cyber terrorist (1)
- Distributed systems (1)
- Expert Panel Assessment (1)
- Game (1)
- Information Security Curriculum (1)
- Information Security Education (1)
- Multi-Criteria Decision Analysis (MCDA) (1)
- Obsolescence (1)
- Operating Systems (1)
- Software aging (1)
- Workshop (1)
Articles 1 - 10 of 10
Full-Text Articles in Business
Developing And Implementing Information Security Programs: Amcis 2005 Workshop Proposal, Michael E. Whitman, Herbert J. Mattord
Developing And Implementing Information Security Programs: Amcis 2005 Workshop Proposal, Michael E. Whitman, Herbert J. Mattord
Herbert J. Mattord
One of the continuing challenges facing industry is the security and protection of information. Advances in information security have been unable to keep pace with advances in computing in general. One of the recognized ways to combat the threat to information security is education needed to prepare students to create a secure and ethical computing environment.
Assessing Relative Weights Of Authentication Components: An Expert Panel Approach, Herbert J. Mattord, Yair Levy, Steven Furnell
Assessing Relative Weights Of Authentication Components: An Expert Panel Approach, Herbert J. Mattord, Yair Levy, Steven Furnell
Herbert J. Mattord
Organizations rely on password-based authentication methods to control access to many Web-based systems. In a recent study, we developed a benchmarking instrument to assess the authentication methods used in these contexts. Our instrument developed included extensive literature foundation and an expert panel assessment. This paper reports on the development of the instrument and the expert panel assessment. The initial draft of the instrument was derived from literature to assess 1) password strength requirements, 2) password usage methods, and 3) password reset requirements. Following, the criteria within the index were evaluated by an expert panel and the same panel provided opinions …
Transparency In Infosec Design , Herbert Mattord, Michael Whitman
Transparency In Infosec Design , Herbert Mattord, Michael Whitman
Herbert J. Mattord
Information system capabilities continue to expand. In two particular areas, that of the surveillance records and personal data, a public policy debate is underway. This debate regards the relationship between the rights of the individual to freedom from unwanted observation and the rights of the organization to collect and use data for its own legitimate purposes. This discussion encompasses privacy as well as a broader concern with what life could be like in a surveillance-based society. The fundamental question facing information systems designers is whether or not to use the contemporary approach of striving for secrecy, or to look for …
Improving Information Security Through Policy Implementation, Herbert J. Mattord, Michael E. Whitman
Improving Information Security Through Policy Implementation, Herbert J. Mattord, Michael E. Whitman
Herbert J. Mattord
Information security policy is essential to the success of any information security program because it is the primary process used by organizations to influence the performance of personnel in ways that enhance the information security of the organization’s information assets. Whereas computer security can be thought of as the processes and techniques of securing IT hardware, software and data (including networks), information security is a broader concept. The processes of information security are concerned with the protection of the confidentiality, integrity and availability of information within systems comprising hardware, software, networks, data, procedures and personnel. As organizations change through evolution …
Information Security Governance For The Non-Security Business Executive, Michael E. Whitman, Herbert J. Mattord
Information Security Governance For The Non-Security Business Executive, Michael E. Whitman, Herbert J. Mattord
Herbert J. Mattord
Information security is a critical aspect of information systems usage in current organizations. Often relegated to the IT staff, it is in fact the responsibility of senior management to assure the secure use and operation of information assets. Most managers recognize that governance is the responsibility of executive management. The primary objective of governance can be achieved when the members of an organization know what to do, how it should be done, as well as who should do it. The focus on governance has expanded to include information systems and information security. This article offers value to the executive by …
A Draft Model Curriculum For Programs Of Study In Information Security And Assurance, Michael E. Whitman, Herbert J. Mattord
A Draft Model Curriculum For Programs Of Study In Information Security And Assurance, Michael E. Whitman, Herbert J. Mattord
Herbert J. Mattord
With the dramatic increase in threats to information security, there is a clear need for a corresponding increase in the number of information security professional. With a lack of formal curriculum models, many academic institutions are unprepared to implement the courses and laboratories needed to prepare this special class of information technologist. This paper provides an overview of lessons learned in the implementation of both individual courses and a degree concentration in information security. It refers to a more comprehensive document, available on the Web, which includes the methodology used in developing the curriculum, individual course syllabi for recommended components, …
Factors Of Password-Based Authentication, Herbert J. Mattord, Yair Levy, Steven Furnell
Factors Of Password-Based Authentication, Herbert J. Mattord, Yair Levy, Steven Furnell
Herbert J. Mattord
Organizations continue to rely on password-based authentication methods to control access to many Web-based systems. This research study developed a benchmarking instrument intended to assess authentication methods used in Web-based information systems (IS. This approach explored how authentication practices can be measured in three component areas: 1) password strength requirements, 2) password usage methods, and 3) password reset requirements. This report explores the criteria that are required to define these component areas.
Defending Cyber Terrorism - A Game Theoretic Modeling Approach, Tridib Bandyopadhyay, Herbert J. Mattord
Defending Cyber Terrorism - A Game Theoretic Modeling Approach, Tridib Bandyopadhyay, Herbert J. Mattord
Herbert J. Mattord
In this work we attempt to develop a game theoretic model that can indicate the nuances of strategic investments in the face of possible cyber terrorist attacks. First, we briefly review the literature on terrorism. Second, we identify the „cyber‟ factors in terrorism, and how this new mode of attack alters the general scenario. Then, beginning with a naïve counter terrorism model, we incrementally incorporate the factors of cyber terrorism to develop our game theoretic model. Our current work is geared towards developing a model that can adequately incorporate the cyber factors of today‟s networked economy. In this report, we …
The Impact Of Operating System Obsolescence On The Life Cycle Of Distributed Teams, Herbert J. Mattord, Tridib Bandyopadhyay
The Impact Of Operating System Obsolescence On The Life Cycle Of Distributed Teams, Herbert J. Mattord, Tridib Bandyopadhyay
Herbert J. Mattord
Operating System obsolescence is widely considered an important factor when architectural choices are made during the planning phase of systems development and maintenance. In this work, we seek to understand the importance that planners actually ascribe to this attribute in practice, and ask probing questions to the managers, developers, and analysts of systems in industry in the form of a survey. Initial results suggest that obsolescence is neither perceived as a critical factor during planning for systems development, nor is it viewed as a major contributor to the total cost of operation of client/server systems. However, the survey does identify …
Regulatory Compliance In Information Technology And Information Security, Herbert Mattord, Michael Whitman
Regulatory Compliance In Information Technology And Information Security, Herbert Mattord, Michael Whitman
Herbert J. Mattord
No abstract provided.