Open Access. Powered by Scholars. Published by Universities.®
Physical Sciences and Mathematics Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 6 of 6
Full-Text Articles in Physical Sciences and Mathematics
Information Security Disclosure: A Victorian Case Study, Ian Rosewall, Matthew Warren
Information Security Disclosure: A Victorian Case Study, Ian Rosewall, Matthew Warren
Australian Information Security Management Conference
This paper will focus upon the impact of Generation Y and their attitudes to security. The paper will be based around discussing the findings of a recent report by the Office of Police Integrity (OPI) on “Information Security and the Victoria Police State Surveillance Unit”. Issues that will be discussed include the context of Generation Y and how they contribute to the case study, their attitudes, or their perceived attitudes to security of information. A discussion of the OPI report itself, and the issues that have arisen. A brief overview of the key findings within this report and the implications …
Threat Modelling With Stride And Uml, Michael N. Johnstone
Threat Modelling With Stride And Uml, Michael N. Johnstone
Australian Information Security Management Conference
Threat modelling as part of risk analysis is seen as an essential part of secure systems development. Microsoft’s Security Development Lifecycle (SDL) is a well-known software development method that places security at the forefront of product initiation, design and implementation. As part of SDL, threat modelling produces data flow diagrams (DFDs) as key artefacts and uses those diagrams as mappings with STRIDE to identify threats. This paper uses a standard case study to illustrate the effects of using an alternative process model (UML activity diagrams) with STRIDE and suggests that using a more modern process diagram can generate a more …
Wikileaks: The Truth Or Not, Ian Rosewall, Matthew J. Warren
Wikileaks: The Truth Or Not, Ian Rosewall, Matthew J. Warren
Australian Information Warfare and Security Conference
We live in the Information Age, an age where information is shared in a global context and in real time. The issue is whether all information should be disclosed. In the ‘Information Age’ do secrets still exist? Another major issue is whether groups of vigilantes are the ones who should be disclosing this information, should these vigilante groups be trusted? This paper will focus upon the impact of Wikileaks and the problem of Information disclosure especially when that information is confidential. It will identify cases for discussion. In the main these cases will be of a military flavour.
Micro-Blogging In The Workplace, Chia Yao Lee, Matthew Warren
Micro-Blogging In The Workplace, Chia Yao Lee, Matthew Warren
Australian Information Security Management Conference
Micro-blogging services such as Twitter, Yammer, Plurk and Google Buzz have generated substantial interest among members of the business community in recent years. Many CEOs, managers and front-line employees have embraced micro-blogs as a tool for interacting with colleagues, employees, customers, suppliers and investors. Micro-blogs are considered a more informal channel than emails and official websites, and thus present a different set of challenges to businesses. As a positional paper, this paper uses a case study of a bogus Twitter account to emphasise security and ethical issues relating to (i) Trust, Accuracy and Authenticity of Information, (ii) Privacy and Confidentiality, …
The Economics Of Developing Security Embedded Software, Craig S. Wright, Tanveer A. Zia
The Economics Of Developing Security Embedded Software, Craig S. Wright, Tanveer A. Zia
Australian Information Security Management Conference
Market models for software vulnerabilities have been disparaged in the past citing how these do little to lower the risk of insecure software. In this paper we argue that the market models proposed are flawed and not the concept of a market itself. A well-defined software risk derivative market would improve the information exchange for both the software user and vendor removing the often touted imperfect information state that is said to believe the software industry. In this way, users could have a rational means of accurately judging software risks and costs and as such the vendor could optimally apply …
A Distributed And Cooperative User Authentication Framework, C.G. Hocking, Steven Furnell, Nathan Clarke, P L Reynolds
A Distributed And Cooperative User Authentication Framework, C.G. Hocking, Steven Furnell, Nathan Clarke, P L Reynolds
Research outputs pre 2011
As the requirement for companies and individuals to protect information and personal details comes more into focus, the implementation of security that goes beyond the ubiquitous password or Personal Identification Number (PIN) is paramount. With the ever growing number of us utilizing more than one device simultaneously, the problem and need is compounded. This paper proposes a novel approach to security that leverages the collective confidence of user identity held by the multiplicity of devices present at any given time. User identity confidence is reinforced by sharing established credentials between devices, enabling them to make informed judgments on their own …