Open Access. Powered by Scholars. Published by Universities.®
![Digital Commons Network](http://assets.bepress.com/20200205/img/dcn/DCsunburst.png)
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Institution
- Publication
- Publication Type
Articles 1 - 19 of 19
Full-Text Articles in Physical Sciences and Mathematics
Managing Wireless Security Risks In Medical Services, Brian Cusack, Akar Kyaw
Managing Wireless Security Risks In Medical Services, Brian Cusack, Akar Kyaw
Australian eHealth Informatics and Security Conference
Medical systems are designed for a range of end users from different professional skill groups and people who carry the devices in and on their bodies. Open, accurate, and efficient communication is the priority for medical systems and consequently strong protection costs are traded against the utility benefits for open systems. In this paper we assess the vulnerabilities created by the professional and end user expectations, and theorise ways to mitigate wireless security vulnerabilities. The benefits of wireless medical services are great in terms of efficiencies, mobility, and information management. These benefits may be realised by treating the vulnerabilities and …
Security Of Electronic Health Records In A Resource Limited Setting: The Case Of Smart-Care Electronic Health Record In Zambia, Keith Mweebo
Security Of Electronic Health Records In A Resource Limited Setting: The Case Of Smart-Care Electronic Health Record In Zambia, Keith Mweebo
Australian eHealth Informatics and Security Conference
This paper presents a case study of security issues related to the operationalization of smart-care, an electronic medical record (EMR) used to manage Human Immunodeficiency Virus (HIV) health information in Zambia. The aim of the smart-care program is to link up services and improve access to health information, by providing a reliable way to collect, store, retrieve and analyse health data in a secure way. As health professionals gain improved access to patient health information electronically, there is need to ensure this information is secured, and that patient privacy and confidentiality is maintained. During the initial stages of the program …
Chatter: Classifying Malware Families Using System Event Ordering, Aziz Mohaisen, Andrew G. West, Allison Mankin, Omar Alrawi
Chatter: Classifying Malware Families Using System Event Ordering, Aziz Mohaisen, Andrew G. West, Allison Mankin, Omar Alrawi
Andrew G. West
Using runtime execution artifacts to identify malware and its associated "family" is an established technique in the security domain. Many papers in the literature rely on explicit features derived from network, file system, or registry interaction. While effective, use of these fine-granularity data points makes these techniques computationally expensive. Moreover, the signatures and heuristics this analysis produces are often circumvented by subsequent malware authors.
To this end we propose CHATTER, a system that is concerned only with the order in which high-level system events take place. Individual events are mapped onto an alphabet and execution traces are captured via terse …
Ios Device Forensics, Lauren Drish
Ios Device Forensics, Lauren Drish
All Capstone Projects
Many people today have an iPhone, iPad or iPod. Not many would realize that valuable information is stored on these devices. When a crime occurs, an iOS Device could hold key information to help solve said crime that criminals are not aware are present on the device. This can include GPS information as well as application history on the device itself.
The project I wish to do and complete is to create a class where students can learn the about iOS Forensics. Student will be able to learn the basics of an iDevice, as well as how to work with …
Security Policies That Make Sense For Complex Systems: Comprehensible Formalism For The System Consumer, Rhonda R. Henning
Security Policies That Make Sense For Complex Systems: Comprehensible Formalism For The System Consumer, Rhonda R. Henning
CCE Theses and Dissertations
Information Systems today rarely are contained within a single user workstation, server, or networked environment. Data can be transparently accessed from any location, and maintained across various network infrastructures. Cloud computing paradigms commoditize the hardware and software environments and allow an enterprise to lease computing resources by the hour, minute, or number of instances required to complete a processing task. An access control policy mediates access requests between authorized users of an information system and the system's resources. Access control policies are defined at any given level of abstraction, such as the file, directory, system, or network, and can be …
Mapping The Consensual Knowledge Of Security Risk Management Experts, David J. Brooks
Mapping The Consensual Knowledge Of Security Risk Management Experts, David J. Brooks
David J Brooks Dr.
The security industry comprises of diverse and multidisciplined practitioners, originating from many disciplines. It has been suggested that the industry has an undefined knowledge structure, although security experts contain a rich knowledge structure. There has also been limited research mapping security expert knowledge structure, reducing the ability of tertiary educators to provide industry focused teaching and learning. The study utilized multidimensional scaling (MDS) and expert interviews to map the consensual knowledge structure of security experts in their understanding of security risk. Security risk concepts were extracted and critiqued from West Australian university courses. Linguistic analysis categorised the more utilized security …
Capturing And Analyzing Network Traffic From Common Mobile Devices For Security And Privacy, Billy Overton
Capturing And Analyzing Network Traffic From Common Mobile Devices For Security And Privacy, Billy Overton
Undergraduate Honors Theses
Mobile devices such as tablets and smartphones are becoming more common, and they are holding more information. This includes private information such as contacts, financial data, and passwords. At the same time these devices have network capability with access to the Internet being a prime feature. Little research has been done in observing the network traffic produced by these mobile devices. To determine if private information was being transmitted without user knowledge, the mobile capture lab and a set of procedures have been created to observe, capture and analyze the network traffic produced by mobile devices. The effectiveness of the …
On The Privacy Concerns Of Url Query Strings, Andrew G. West, Adam J. Aviv
On The Privacy Concerns Of Url Query Strings, Andrew G. West, Adam J. Aviv
Andrew G. West
URLs often utilize query strings (i.e., key-value pairs appended to the URL path) as a means to pass session parameters and form data. Often times these arguments are not privacy sensitive but are necessary to render the web page. However, query strings may also contain tracking mechanisms, user names, email addresses, and other information that users may not wish to reveal. In isolation such URLs are not particularly problematic, but the growth of Web 2.0 platforms such as social networks and micro-blogging means URLs (often copy-pasted from web browsers) are increasingly being publicly broadcast.
This position paper argues that the …
Mobile Banking Security Using Gps And Ldpc Codes, Matthew Francis Moccaro
Mobile Banking Security Using Gps And Ldpc Codes, Matthew Francis Moccaro
Graduate Theses and Dissertations
Mobile Banking is becoming a major part of our world's financial system. Being able to manage one's finances on a mobile device can provide services that can make users more productive. It can also serve as a means of financial freedom to those who are unable to access physical banking facilities due to distance, or other problems. However, with such freedom also comes the need for security. A person's financial information is one of the most targeted groups of information by attackers. To secure these mobile freedoms, this paper presents a system to secure mobile banking procedures using global positioning …
Two-Bit Pattern Analysis For Quantitative Information Flow, Ziyuan Meng
Two-Bit Pattern Analysis For Quantitative Information Flow, Ziyuan Meng
FIU Electronic Theses and Dissertations
Protecting confidential information from improper disclosure is a fundamental security goal. While encryption and access control are important tools for ensuring confidentiality, they cannot prevent an authorized system from leaking confidential information to its publicly observable outputs, whether inadvertently or maliciously. Hence, secure information flow aims to provide end-to-end control of information flow. Unfortunately, the traditionally-adopted policy of noninterference, which forbids all improper leakage, is often too restrictive. Theories of quantitative information flow address this issue by quantifying the amount of confidential information leaked by a system, with the goal of showing that it is intuitively “small” enough to be …
How Many Credit Card Frauds Must We Endure Before Security Improves?, Maritza Martinez
How Many Credit Card Frauds Must We Endure Before Security Improves?, Maritza Martinez
UCF Forum
Yes, it can happen to you…
Evidentiary Power And Propriety Of Digital Identifiers And The Impact On Privacy Rights In The United States, Michael Losavio, Deborah Keeling
Evidentiary Power And Propriety Of Digital Identifiers And The Impact On Privacy Rights In The United States, Michael Losavio, Deborah Keeling
Journal of Digital Forensics, Security and Law
Media and network systems capture and store data about electronic activity in new, sometimes unprecedented ways; computational systems make for new means of analysis and knowledge development. These new forms offer new, powerful tactical tools for investigations of electronic malfeasance under traditional legal regulation of state power, particular that of Fourth Amendment limitations on police searches and seizures under the U.S. Constitution. But autonomy, identity and authenticity concerns with electronic data raise issues of public policy, privacy and proper police oversight of civil society. We examine those issues and their implications for digital and computational forensics
The Bad Guys Are Using It, Are You?, Hong-Eng Koh
The Bad Guys Are Using It, Are You?, Hong-Eng Koh
Australian Security and Intelligence Conference
From Occupy Wall Street to 2011 England riots to Arab Spring to Mumbai 26/11 to the ethnic cleansing rumors in India and increasingly used by pedophiles, social media is a very powerful tool for pedophiles, troublemakers, criminals and even terrorists to target individuals and even to go against the establishment. On the other hand, social media can save lives in a disaster, and its a natural extension of community policing or engagement. Community engagement is a must-have strategy for any public safety and security agency. However, this strategy requires the removal of stovepipe processes and systems within an agency, allowing …
I Remember Richelieu: Is Anything Secure Anymore?, Michael G. Crowley, Michael N. Johnstone
I Remember Richelieu: Is Anything Secure Anymore?, Michael G. Crowley, Michael N. Johnstone
Australian Security and Intelligence Conference
Petraeus-gate, hacked nude celebrity photos in the cloud and the recent use of a search and seizure warrant in the United States of America to seek production of customer email contents on an extraterritorial server raises important issues for the supposably safe storage of data on the World Wide Web. Not only may there be nowhere to hide in cyberspace but nothing in cyberspace may be private. This paper explores the legal and technical issues raised by the these matters with emphasis on the courts decision “In the Matter of a Warrant to Search a Certain E-Mail Account Controlled and …
7th Australian Security And Intelligence Conference, 2014, Edith Cowan University: Conference Details, Security Research Institute, Edith Cowan University, Security Research Institute, Edith Cowan University
7th Australian Security And Intelligence Conference, 2014, Edith Cowan University: Conference Details, Security Research Institute, Edith Cowan University, Security Research Institute, Edith Cowan University
Australian Security and Intelligence Conference
No abstract provided.
Authentication And Authorisation In Entrusted Unions, Ayed F. Dhouha, Jan Camenisch, Tanya Ignatenko, Michael N. Johnstone, Paul Koster, Brigitta Lange, Milan Petkovic, Dieter Sommer, John Zic
Authentication And Authorisation In Entrusted Unions, Ayed F. Dhouha, Jan Camenisch, Tanya Ignatenko, Michael N. Johnstone, Paul Koster, Brigitta Lange, Milan Petkovic, Dieter Sommer, John Zic
Australian Information Security Management Conference
This paper reports on the status of a project whose aim is to implement and demonstrate in a real-life environment an integrated eAuthentication and eAuthorisation framework to enable trusted collaborations and delivery of services across different organisational/governmental jurisdictions. This aim will be achieved by designing a framework with assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption to address the security and confidentiality requirements of large distributed infrastructures. The framework supports collaborative secure distributed storage, secure data processing and management in both the cloud and offline scenarios and is intended to be deployed and tested in two …
Evaluating The Security Vulenerabilities Of The Ip6to4 Tunnelling Mechanism, Brian Cusack, Raymond Lutui
Evaluating The Security Vulenerabilities Of The Ip6to4 Tunnelling Mechanism, Brian Cusack, Raymond Lutui
Australian Information Security Management Conference
The two versions of Internet Protocol (IP) rely on mechanisms that will convert one protocol to the other and vice versa. Version 4 is still prevalent in the Internet backbone and version 6 in most private networks. In this research we focus on the automatic tunnelling mechanism that provides the encapsulation at one end of the transition tunnel and the de-encapsulation at the other end dependant on the direction of transition. In our research we asked: How secure is the automatic tunnelling mechanism? It is a simple question but important given the number of times transition may occur in any …
Securing Identity Information With Image Watermarks, Brian Cusack, Reza Khaleghparas
Securing Identity Information With Image Watermarks, Brian Cusack, Reza Khaleghparas
Australian Information Security Management Conference
In this paper, we describe the requirements for embedding watermarks in images used for identity verification and demonstrate a proof of concept in security sciences. The watermarking application is designed for verifying the rightful ownership of a driving license or similar identity object. The tool we built and tested embeds and extracts watermarks that contain verification information of the rightful owner. We used the human finger print of the rightful owner as the watermark. Such information protection mechanisms add an extra layer of security to the information system and improve verification of identification attributes by providing strong security. The issues …
The Impact Of Social Constructivism On Erp Systems Security: A Critical Social Review, Kennedy Njenga
The Impact Of Social Constructivism On Erp Systems Security: A Critical Social Review, Kennedy Njenga
Australian Information Security Management Conference
Little is understood about the effects of social constructivism that shapes conflicting concerns regarding Enterprise Resource Planning (ERP) security and usability during implementation. This work looks at social constructivism as produced and reproduced by stakeholders in the ERP systems implementation phase. Social constructivism is characterised by the embedded trade-off for usability, espoused by end-user and security, espoused by developers. Social constructivism was conceptualised qualitatively from a selected case study. Critical Social Theory (CST) was used as the theoretical lens. Stakeholders concerned with ERP security aspects in the implementation phase were interviewed and data transcribed and interpreted. Hermeneutical interpretation was applied …