Development of organizational internet security policy: a holistic approach

This chapter describes a general framework for developing organizational internet security policy. A model of internet security risks for an internet user organization is proposed. The framework utilizes this model, as well as a holistic approach, to develop the organization's internet security policy. A hierarchy of sub-policies for the internet security policy is also suggested. This chapter presents findings from part of a wider investigation into internet security policy.

Security authentication for on-line internet banking

The advent of Internet Banking has shown the importance of effective method of authenticating a users in a remote environment. There are many different countenances to contemplate when examining Internet based security. One of the most tried and trusted techniques of protecting the safety of systems and data is to control people's access. The foundation for such measures is authentication. Specifically for Internet banking there is a real need for a way to uniquely identify and authenticate users without the possibility of their authenticity being cloned. This paper proposes a framework concerning how to identify security requirements for Internet Banking.

A risk analysis model to reduce computer security risks among healthcare organizations

The paper describes the on-going development of a new computer-based security risk analysis methodology that may be used to determine the computer security requirements of medical computer systems. The methodology has been developed for use within healthcare, with particular emphasis placed upon protecting medical information systems. The paper goes on to describe some of the problems with existing automated risk analysis systems, and how the ODESSA system may overcome the majority of these problems. Examples of security scenarios are also presented.

A security evaluation criteria

Computer security is now recognised as an important consideration in modern business, with a variety of guidelines and standards currently available to enable different business environments to be properly protected. However, financial and operational constraints often exist which influence the practicality of these recommendations. New baseline security methods such as Australian and New Zealand Standard (AS/NZS) 4444 and British Standard (BS) 7799 represent minimal standards which organisations can use to improve their security. The aim of the paper is to look at the effectiveness of baseline security standards through the use of an evaluation criteria, which assesses their effectiveness.

Security practice: survey evidence from three countries

Computer security is becoming a global problem. Recent surveys show that there increased concern about security risks such as hackers. There is also an increase in the growth of Internet access around the world. This growth of the Internet has resulted in the development of new businesses such as e-commerce and with the new businesses come new associated security risks such as on-line fraud and hacking. Is it fair to assume the security practices are the same all over the world? The paper tries to look at security practices from a number of different countries perspective and tries to show that security practices are not generic and vary from country to country.

Counter-terrorism and (in)security : Fallout from the Bali bombing

In the wake of the Bali bombing the Australian government has proposed a number of national security measures that pose a real danger to human security in Australia and the region. These measures include renewed and increased military and intelligence exchanges with Indonesia, and laws that allow the Australian Security Intelligence Organization (ASIO) to detain people without charge or even suspicion in order to gather intelligence. In less emotional times these initiatives would be rejected as contrary to human rights concerns and Australia’s democratic traditions, which include the rule of law and due process protections. In the current climate, however, human rights and civil liberties are apt to be portrayed as unaffordable luxuries.

`Counter-terrorism`, human security and globalisation - from welfare to warfare state?

The continuing erosion of civil liberties in Western democracies, and in particular Australia, as a response to the threat of terrorist attack - the position taken that laws eroding civil liberties will ultimately fail in its attempt to combat terrorist activity while adding to human insecurity and violence - counter-terrorism measures resulting in the militarisation of law enforcement and provoking terrorism - linking counter-terrorism with globalisation.

Security for internet banking: a framework

As a continually growing financial service of electronic commerce, Internet banking requires the development and implementation of a sound security procedure. This involves designing effective methods via which users can
be authenticated in a remote environment. Specifically for Internet banking there is areal need for away uniquely to identify and authenticate users without the possibility of their authenticity being cloned. Some technologies in use have been presented for meeting the security requirements for national, regional and global Internet banking assurance. However, there has been little research conducted particularly on the creation of secure
and trusted pathways. Concentrates on presenting a security framework for Internet banking based on discovering and defining these pathways in terms of adequate authentication mechanisms. Proposes a framework concerning how to identify security requirements for Internet banking such that the
transactions being conducted are secured within their respective environments.