Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Publication
- Publication Type
Articles 1 - 10 of 10
Full-Text Articles in Physical Sciences and Mathematics
Core Elements In Information Security Accountability In The Cloud, Zahir Al-Rashdi, Martin Dick, Ian Storey
Core Elements In Information Security Accountability In The Cloud, Zahir Al-Rashdi, Martin Dick, Ian Storey
Australian Information Security Management Conference
This paper proposes 9 core elements of information security accountability in the area of cloud computing. The core elements were determined via a series of 18 case studies with Omani government organisations that were actively using and/or providing cloud computing. 36 interviews were conducted and then analysed using a grounded theory methodology As a result of the analysis, responsibility, transparency, assurance, remediation, accountability support environment, flexible change process, collaboration, mechanisms and commitment to external criteria. The research also found that the emphasis on specific core elements is context-dependent and that there was considerable variation in emphasis amongst the case study …
Loyalty Cards And The Problem Of Captcha: 2nd Tier Security And Usability Issues For Senior Citizens, David M. Cook, Apoorv Kumar, Charwina Unmar-Satiah
Loyalty Cards And The Problem Of Captcha: 2nd Tier Security And Usability Issues For Senior Citizens, David M. Cook, Apoorv Kumar, Charwina Unmar-Satiah
Australian Information Security Management Conference
Information Security often works in antipathy to access and useability in communities of older citizens. Whilst security features are required to prevent the disclosure of information, some security tools have a deleterious effect upon users, resulting in insecure practices. Security becomes unfit for purpose where users prefer to abandon applications and online benefits in favour of non-digital authentication and verification requirements. For some, the ability to read letters and symbols from a distorted image is a decidedly more difficult task than for others, and the resulting level of security from CAPTCHA tests is not consistent from person to person. This …
Secure Portable Execution And Storage Environments: A Capability To Improve Security For Remote Working, Peter James
Secure Portable Execution And Storage Environments: A Capability To Improve Security For Remote Working, Peter James
Theses: Doctorates and Masters
Remote working is a practice that provides economic benefits to both the employing organisation and the individual. However, evidence suggests that organisations implementing remote working have limited appreciation of the security risks, particularly those impacting upon the confidentiality and integrity of information and also on the integrity and availability of the remote worker’s computing environment. Other research suggests that an organisation that does appreciate these risks may veto remote working, resulting in a loss of economic benefits. With the implementation of high speed broadband, remote working is forecast to grow and therefore it is appropriate that improved approaches to managing …
A Rapidly Moving Target: Conformance With E-Health Standards For Mobile Computing, Patricia A.H. Williams, Vincent B. Mccauley
A Rapidly Moving Target: Conformance With E-Health Standards For Mobile Computing, Patricia A.H. Williams, Vincent B. Mccauley
Australian eHealth Informatics and Security Conference
The rapid adoption and evolution of mobile applications in health is posing significant challenges in terms of standards development, standards adoption, patient safety, and patient privacy. This is a complex continuum to navigate. There are many competing demands from the standards development process, to the use by clinicians and patients. In between there are compliance and conformance measures to be defined to ensure patient safety, effective use with integration into clinical workflow, and the protection of data and patient privacy involved in data collection and exchange. The result is a composite and intricate mixture of stakeholders, legislation, and policy together …
Information Security Management: Factors That Influence Security Investments In Smes, Zhi Xian Ng, Atif Ahmad, Sean B. Maynard
Information Security Management: Factors That Influence Security Investments In Smes, Zhi Xian Ng, Atif Ahmad, Sean B. Maynard
Australian Information Security Management Conference
In the modern information economy, the security of information is critically important to organizations. Information‐security risk assessments (ISRAs) allow organizations to identify key information assets and security risks so security expenditure can be directed cost‐effectively. Unfortunately conducting ISRAs requires special expertise and tends to be complex and costly for small to medium sized organizations (SMEs). Therefore, it remains unclear in practice, and unknown in literature, how SMEs address information security imperatives without the benefit of an ISRA process. This research makes a contribution to theory in security management by identifying the factors that influence key decision-makers in SMEs to address …
Utilizing The Rfid Lock Command Against Multiple Targets, Christopher Bolan
Utilizing The Rfid Lock Command Against Multiple Targets, Christopher Bolan
Research outputs 2012
An unlocked Electronic Product Code (EPC) tag allows for issuance of most commands without the need for any authorization. This means that a system with unlocked tags would allow any attacker to modify tag data at will, whilst also opening the door to a range of other misuse. One possible avenue of active misuse against unlocked tags would be to issue LockID commands and ‘permanently’ lock some or all of a system‘s RFID tags. As this attack is simply an issuance of a valid command it fits firmly in the category of an active misuse and could also be considered …
User Reaction Towards End User License Agreements On Android Smartphones, Hamish Cotton, Christopher Bolan
User Reaction Towards End User License Agreements On Android Smartphones, Hamish Cotton, Christopher Bolan
Research outputs 2012
Smartphones are increasingly recognized as the most popular computing platform, forming an integral part of the way users interact with the online world. Accompanied with the advent of user-installed content, End User License Agreements have surfaced mirroring issues previously arising on more traditional platforms. This survey conducted in Perth, Western Australia looked at user behavior when viewing and accepting EULAs on smartphone devices. The results show that a majority of users do not read such agreements citing issues of readability and length.
Making Information Security Acceptable To The User , Andrew Jones, Thomas Martin
Making Information Security Acceptable To The User , Andrew Jones, Thomas Martin
International Cyber Resilience conference
The security of information that is processed and stored in Information and Communications Technology systems is an ongoing problem that, as yet, has not been satisfactorily resolved. Software developers, system architects and managers all aspire to use technology to provide improvements in the protection of information that is processed and stored on these systems. However, they are working in an environment where the threats to the information, the technologies in use and the uses to which the technologies are being employed are changing at a pace which is faster than can be effectively addressed. This paper looks at the underlying …
The Derivation Of A Conceptual Model For It Security Outsourcing, W D. Wilde, M J. Warren, W Hutchinson
The Derivation Of A Conceptual Model For It Security Outsourcing, W D. Wilde, M J. Warren, W Hutchinson
Australian Information Security Management Conference
IT security outsourcing is the establishment of a contractual relationship between an organization with an outside vendor which assumes responsibility for the organisation’s security functions. Outsourcing in IS has had a variable history of success and the complexity of the decision making process leads to a substantial degree of uncertainty. This is especially so in the realm of IS security since the protection of both hardware and software systems is placed in the hands of an external provider. This paper is a fuller and more comprehensive paper of a previous paper outlining the effectiveness of the decision making process by …
The Awareness And Perception Of Spyware Amongst Home Pc Computer Users, M Jaeger, N L. Clarke
The Awareness And Perception Of Spyware Amongst Home Pc Computer Users, M Jaeger, N L. Clarke
Australian Information Warfare and Security Conference
Spyware is a major threat to personal computer based data confidentiality, with criminal elements utilising it as a positive moneymaking device by theft of personal data from security unconscious home internet users. This paper examines the level of understanding and awareness of home computer users to Spyware. An anonymous survey was distributed via email invitation with 205 completed surveys. From an analysis of the survey it was found that the majority of respondents do understand what Spyware is, however, there was found to be a lack of understanding of computer security in defending against Spyware, with 20% of survey respondents …