Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Publication
- Publication Type
Articles 1 - 8 of 8
Full-Text Articles in Physical Sciences and Mathematics
Profit-Maximizing Firm Investments In Customer Information Security, Yong Yick Lee, Robert J. Kauffman, Ryan Sougstad
Profit-Maximizing Firm Investments In Customer Information Security, Yong Yick Lee, Robert J. Kauffman, Ryan Sougstad
Research Collection School Of Computing and Information Systems
When a customer interacts with a firm, extensive personal information often is gathered without the individual's knowledge. Significant risks are associated with handling this kind of information. Providing protection may reduce the risk of the loss and misuse of private information, but it imposes some costs on both the firm and its customers. Nevertheless, customer information security breaches still may occur. They have several distinguishing characteristics: (1) typically it is hard to quantify monetary damages related to them; (2) customer information security breaches may be caused by intentional attacks, as well as through unintentional organizational and customer behaviors; and (3) …
Securing The Elderly: A Developmental Approach To Hypermedia Based Online Information Security For Senior Novice Computer Users, David M. Cook, Patryk Szewczyk, Krishnun Sansurooah
Securing The Elderly: A Developmental Approach To Hypermedia Based Online Information Security For Senior Novice Computer Users, David M. Cook, Patryk Szewczyk, Krishnun Sansurooah
International Cyber Resilience conference
Whilst security threats to the general public continue to evolve, elderly computer users with limited skill and knowledge are left playing catch-up in an ever-widening gap in fundamental cyber-related comprehension. As a definable cohort, the elderly generally lack awareness of current security threats, and remain under-educated in terms of applying appropriate controls and safeguards to their computers and networking devices. This paper identifies that web-based computer security information sources do not adequately provide helpful information to senior citizen end-users in terms of both design and content. It subsequently demonstrates a solution designed with the elderly, yet novice, end-user in mind. …
Impediment Sensitive-Role Based Access Control, Joseph Frederick Blumberg
Impediment Sensitive-Role Based Access Control, Joseph Frederick Blumberg
Masters Theses, 2010-2019
This paper introduces a variation to the Role Based Access Control (RBAC) model called Impediment Sensitive RBAC (IS-RBAC) to be used for implantable and closely-worn medical devices. The IS-RBAC represents impediments including instrument failures, user failures, and environmental situations. IS-RBAC accommodates the impacts that the three types of impediments convey on two foundation set definitions, namely, the data set and the set of user role assignments. With these new definitions, IS-RBAC model strengthens the weaknesses caused to the protection of data from user and instrument failures and environmental situations, mitigates threats from users with elevated user role privileges, and ultimately …
Vertical Sensitivity For The Information Security Health Rating Of Enterprises, Arcot Desai Narasimhalu, N. Dayasindhu, Raghavan Subramanian
Vertical Sensitivity For The Information Security Health Rating Of Enterprises, Arcot Desai Narasimhalu, N. Dayasindhu, Raghavan Subramanian
Arcot Desai NARASIMHALU
INFOSeMM Maturity model was developed jointly by SMU and Infosys. It is recognized that different industry verticals will have different levels of recommended maturity levels. This paper articulates the need for developing the industry vertical benchmarks.
Rating Information Security Maturity, Arcot Desai Narasimhalu, Dayasindhu Nagarajan
Rating Information Security Maturity, Arcot Desai Narasimhalu, Dayasindhu Nagarajan
Arcot Desai NARASIMHALU
Most CEOs have difficulty relating to the information security investments in their companies. This article presents a summary of a the information security maturity model that the CEOs could use to determine the desired level of investments into information security infrastructure, tools and applications.
Understanding The Management Of Information Security Controls In Practice, Daniel Bachlechner, Ronald Maier, Frank Innerhofer-Oberperfler, Lukas Demetz
Understanding The Management Of Information Security Controls In Practice, Daniel Bachlechner, Ronald Maier, Frank Innerhofer-Oberperfler, Lukas Demetz
Australian Information Security Management Conference
The ever greater reliance on complex information technology environments together with dynamically changing threat scenarios and increasing compliance requirements make an efficient and effective management of information security controls a key concern for most organizations. Good practice collections such as COBIT and ITIL as well as related standards such as the ones belonging to the ISO/IEC 27000 family provide useful starting points for control management. However, neither good practice collections and standards nor scholarly literature explain how the management of controls actually is performed in organizations or how the current state-of-practice can be improved. A series of interviews with information …
Help Or Hindrance: The Practicality Of Applying Security Standards In Healthcare, Patricia A H Williams
Help Or Hindrance: The Practicality Of Applying Security Standards In Healthcare, Patricia A H Williams
Australian Information Security Management Conference
The protection of patient information is now more important as a national e-health system approaches reality in Australia. The major challenge for health care providers is to understand the importance information security whilst also incorporating effective protection into established workflow and daily activity. Why then, when it is difficult for IT and security professionals to navigate through and apply the myriad of information security standards, do we expect small enterprises such as primary health care providers to also be able to do this. This is an onerous and impractical task without significant assistance. In the development of the new Computer …
Are Existing Security Models Suitable For Teleworking?, Peter James
Are Existing Security Models Suitable For Teleworking?, Peter James
Australian Information Security Management Conference
The availability of high performance broadband services from the home will allow a growing number of organisations to offer teleworking as an employee work practice. Teleworking delivers cost savings, improved productivity and provides a recruitment policy to attract and retain personnel. Information security is one of the management considerations necessary before an effective organisational teleworking policy can be implemented. The teleworking computing environment presents a different set of security threats to those present in an office environment. Teleworking requires a security model to provide security policy enforcement to counter the set of security threats present in the teleworking computing environment. …