A methodology of health information security evaluation

With the conversion of paper health records to electronic health records, the health care sector is increasingly relying on technology to maintain the integrity of and update patients’ data. This reliance on technology requires an acute level of protection from technological disasters and/or threats of human error or sabotage. Research has shown there are inadequacies in the installation and use of security controls for health information records and that current methods of security analysis lack the techniques to analyse the technical and social aspects of security. This paper reports on progress towards development of a health information security evaluation methodology based on Unified Modelling Language techniques, and discusses an imminent case study that will be used for validation of the methodology.

Human right to food security in refugee setting: rhetoric versus reality

Despite recent advances in the area of humanitarian responses and the publication and dissemination of various guidelines with regard to nutritional interventions, there is, however a paucity of studies which have examined the human right to food in complex emergencies. 186 countries including those affected by both human made and natural disasters and countries who are donors of humanitarian relief aid adopted the Rome Declaration on Food Security and World Summit plan of Action reaffirming “ the right to adequate food and the fundamental right of everyone to be free from hunger”. The human right to adequate and nutritious food in refugee settings implies that every refugee has physical and economic access to sufficient food to provide the necessary nutrients for effective physical and physiological functions and achieve well being. There are many grounds for believing that the current humanitarian responses to disasters more often violate than respect the human right to adequate and nutritious food. Using elements of household food security as our working framework this paper focuses on the complex ethical and moral questions raised by the conventional humanitarian assistance framework and in particular the issue of human right to food and household food security in refugee settings.

Portable sick leave in the Victorian building industry : managing cumulative employee benefits in the absence of employment security

The trend away from full-time permanent employment raises questions about the relevance of traditional approaches to managing and compensating employees. Employment in the Australian building industry is characterised by short-term, project-based employment. Employers and unions in the industry have adopted alternative compensation models to accommodate the short-term nature of employment, most notably through portable benefit schemes. In 1997, the Victorian building industry extended the range of portable benefits to include sick leave. Empirical evidence suggests a relationship between employee absence behaviour and accrual entitlement models. Research reported here supports this link, and suggests that both employers and employees can benefit from an alternative, portable, approach to accrued entitlements. Employers can benefit because employees may be less likely to take an instrumental approach to their entitlements. Employees benefit because they are able to accrue entitlements for the period they remain in the building industry, irrespective of the extent to which they change jobs.

A security risk management approach for e-commerce

E-commerce security is a complex issue; it is concerned with a number of security risks that can appear at either a technical level or organisational level. This paper uses a systemic framework, the viable system model (VSM) to determine the high level security risks and then uses baseline security methods to determine the lower level security risks.

A security method for healthcare organisations

The use of participational approaches to system design has been debated for a number of years. Within this paper we describe a method that was used to effectively design information systems and implement computer security countermeasures within an health care environment and shown how it was used in a number of environments.

Deception: a tool and curse for security management

With the proliferation of electronic information systems over the last two decades, the integrity of the stored data and its uses have become an essential component of effective organisational functioning. This digitised format, used in input, output, processing, storage, and communication, has given those wishing to deceive new opportunities. This paper examines the nature of deception and its potential as a new security risk in the information age.

Mobile commerce (mCommerce) security. An appraisal of current issues and trends

Millions of data capable mobile devices are currently in use around the world enabled by the growing acceptance of Internet over wireless networks. However, security mechanisms still remain nascent. Security plays a crucial role in facilitating the level of trust users place on mobile devices and applications. To effectively diffuse the mobile devices in the marketplace, sufficient levels of trust has to be established in the underlying security of mobile devices and applications. This paper is an appraisal of recent issues and emerging trends regarding mobile security, within the context of conducting mobile commerce via mobile networks by individual consumers and businesses.

A conceptual approach to information warfare : security risk analysis

With information warfare (IW) becoming a reality, the need for a new security methodology to deal with the new and unique attack threats and vulnerabilities associated with the new information technology security paradigm. With the shift from computer security to information warfare, logical transformation models (LTMS) were looked at as a solution to quantifying information system requirements. The paper will introduce the concepts involved with fourth generational models and it's application to IW. The basic advantages and disadvantages will also be discussed and presented.

A security evaluation criteria for baseline security standards

Recent advances in technology and new software applications are steadily transforming human civilization into what is called the Information Society. This is manifested by the new terminology appearing in our daily activities. E-Business, E-Government, E-Learning, E-Contracting, and E-Voting are just a few of the ever-growing list of new terms that are shaping the Information Society. Nonetheless, as "Information" gains more prominence in our society, the task of securing it against all forms of threats becomes a vital and crucial undertaking. Addressing the various security issues confronting our new Information Society, this volume is divided into 13 parts covering the following topics: Information Security Management; Standards of Information Security; Threats and Attacks to Information; Education and Curriculum for Information Security; Social and Ethical Aspects of Information Security; Information Security Services; Multilateral Security; Applications of Information Security; Infrastructure for Information Security Advanced Topics in Security; Legislation for Information Security; Modeling and Analysis for Information Security; Tools for Information Security. Security in the Information Society: Visions and Perspectives comprises the proceedings of the 17th International Conference on Information Security (SEC2002), which was sponsored by the International Federation for Information Processing (IFIP), and jointly organized by IFIP Technical Committee 11 and the Department of Electronics and Electrical Communications of Cairo University. The conference was held in May 2002 in Cairo, Egypt. This volume is essential reading for scholars, researchers, and practitioners interested inkeeping pace with the ever-growing field of Information Security.