The information security policy unpacked:a critical study of the content of university policies

Ensuring the security of corporate information, that is increasingly stored, processed and disseminated using information and communications technologies [ICTs], has become an extremely complex and challenging activity. This is a particularly important concern for knowledge-intensive organisations, such as universities, as the effective conduct of their core teaching and research activities is becoming ever more reliant on the availability, integrity and accuracy of computer-based information resources. One increasingly important mechanism for reducing the occurrence of security breaches, and in so doing, protecting corporate information, is through the formulation and application of a formal information security policy (InSPy). Whilst a great deal has now been written about the importance and role of the information security policy, and approaches to its formulation and dissemination, there is relatively little empirical material that explicitly addresses the structure or content of security policies. The broad aim of the study, reported in this paper, is to fill this gap in the literature by critically examining the structure and content of authentic information security policies, rather than simply making general prescriptions about what they ought to contain. Having established the structure and key features of the reviewed policies, the paper critically explores the underlying conceptualisation of information security embedded in the policies. There are two important conclusions to be drawn from this study: (1) the wide diversity of disparate policies and standards in use is unlikely to foster a coherent approach to security management; and (2) the range of specific issues explicitly covered in university policies is surprisingly low, and reflects a highly techno-centric view of information security management.

Shifting borders of European Union internal security:technology, externalisation and accountability

This edited volume analyzes recent key developments in EU border management. In light of the refugee crises in the Mediterranean and the responses on the part of EU member states, this volume presents an in-depth reflection on European border practices and their political, social and economic consequences. Approaching borders as concepts in flux, the authors identify three main trends: the rise of security technologies such as the EUROSUR system, the continued externalization of EU security governance such as border mission training in third states, and the unfolding dynamics of accountability. The contributions show that internal security cooperation in Europe is far from consolidated, since both political oversight mechanisms and the definition of borders remain in flux. This edited volume makes a timely and interdisciplinary contribution to the ongoing academic and political debate on the future of open borders and legitimate security governance in Europe. It offers a valuable resource for scholars in the fields of international security and migration studies, as well as for practitioners dealing with border management mechanisms.

Concentration of the UK stock market

During 1999 and 2000 a large number of articles appeared in the financial press which argued that the concentration of the FTSE 100 had increased. Many of these reports suggested that stock market volatility in the UK had risen, because the concentration of its stock markets had increased. This study undertakes a comprehensive measurement of stock market concentration using the FTSE 100 index. We find that during 1999, 2000 and 2001 stock market concentration was noticeably higher than at any other time since the index was introduced. When we measure the volatility of the FTSE 100 index we do not find an association between concentration and its volatility. When we examine the variances and covariance’s of the FTSE 100 constituents we find that security volatility appears to be positively related to concentration changes but concentration and the size of security covariances appear to be negatively related. We simulate the variance of four versions of the FTSE 100 index; in each version of the index the weighting structure reflects either an equally weighted index, or one with levels of low, intermediate or high concentration. We find that moving from low to high concentration has very little impact on the volatility of the index. To complete the study we estimate the minimum variance portfolio for the FTSE 100, we then compare concentration levels of this index to those formed on the basis of market weighting. We find that realised FTSE index weightings are higher than for the minimum variance index.

The microstructure of the Irish stock market

This is the first paper to examine the microstructure of the Irish Stock Market empirically and is motivated by the adoption, on June 7th of Xetra the modern pan European auction trading system. Prior to this the exchange utilized an antiquated floor based system. This change was an important event for the market as a rich literature exists to suggest that the trading system exerts a strong influence over the behavior of security returns. We apply the ICSS algorithm of Inclan and Tiao (1994) to discover whether the change to the trading system caused a shift in unconditional volatility at the time Xetra was introduced. Because the trading mechanism can influence volatility in a number of ways we also estimate the partial adjustment coefficients of the Amihud and Mendelson (1987) model prior and subsequent to the introduction of Xetra. Although we find no evidence of volatility changes associated with the introduction of Xetra we do find evidence of an increase in the speed of adjustment (JEL: G15).

The external dimension of the EU’s fight against organized crime:the search for coherence between rhetoric and practice

SSince the external dimension of the European Union’s Justice and Home Affairs (JHA) began to be considered, a substantial amount of literature has been dedicated to discussing how the EU is cooperating with non-member states in order to counter problems such as terrorism, organized crime and illegal migration. According to the EU, the degree of security interconnectedness has become so relevant that threats can only be adequately controlled if there is effective concerted regional action. This reasoning has led the EU to develop a number of instruments, which have resulted in the exporting of certain elements of its JHA policies, either through negotiation or socialization. Although the literature has explored how this transfer has been applied to the field of terrorism and immigration, very little has been written on the externalisation of knowledge, practice and norms in the area of organized crime. This article proposes to bridge this gap by looking at EU practice in the development of the external dimension of organized crime policies, through the theoretical lens of the EU governance framework.

Private security beyond private military and security companies:exploring diversity within private-public collaborations and its consequences for security governance

The aim of this special issue is to widen the existing debates on security privatization by looking at how and why an increasing number of private actors beyond private military and/or security companies (PMSCs) have come to perform various security related functions. While PMSCs produce security for profit, most other private sector actors make profit by selling goods and services that were originally not connected with security in the traditional understanding of the term. However, due to the continuous introduction of new legal and technical regulations by public authorities, many non- security related private businesses nowadays have to perform at least some security functions. Little research, however, has been done thus far, both in terms of security practices of non- security related private businesses and their impact on security governance. This introduction explains how this special issue contributes to closing this glaring gap by 1) extending the conceptual and theoretical arguments in the existing body of literature; and 2) offering a range of original case studies on the specific roles of non- security related private companies of all sizes, areas of businesses, and geographic origin.

Volatility changes caused by the trading system:a Markov switching application

An expanding literature exists to suggest that the trading mechanism can influence the volatility of security returns. This study adds to this literature by examining the impact that the introduction of SETS, on the London Stock Exchange, had on the volatility of security returns. Using a Markov switching regime change model security volatility is categorized as being in a regime of either high or low volatility. It is shown that prior to the introduction of SETS securities tended to be in a low volatility regime. At the time SETS was introduced securities moved to a high volatility regime. This suggests that volatility increased when SETS was introduced.

Die Behandlung englischen Kulturgutes im Wiener fin de siècle:am Beispiel von Hugo von Hofmannsthal, Hermann Bahr und Peter Altenberg

This study explores the fascination which English culture represented in turn-of-the-century Vienna. The writers that are going to be discussed are the renowned Anglophile Hugo von Hofmannsthal, the more ambivalent Hermann Bahr and the idealizing, but Janus-faced Peter Altenberg. With the more widely known poet, prose writer and playwright, Hofmannsthal, individual aspects of his engagement with English culture have already been well researched; the same, however, cannot be said in the case of Hermann Bahr, whose extensive literary oeuvre has now largely been forgotten, and who has, instead, come to be valued as a prominent figure in the culture life of modernist Vienna, and Peter Altenberg, whose literary fame rests mainly on his prose poems and who, a legend in his life-time, has in recent years also increasingly attracted research interest as a phenomenon and ‘embodiment’ of the culture of his time: while their engagement with French literature, for example, has long received its due share of attention, their debt to English culture has, until now, been neglected. This thesis, therefore, sets out to explore Hofmannsthal’s, Bahr’s and Altenberg’s perception and portrayal of English civilization – ranging from English character and stereotypes, to what they saw as the principles of British society; it goes on to investigate the impulses they derive from Pre-Raphaelite art (Rossetti, Burne-Jones, Whistler) and the art and crafts-movement centred around William Morris, as well as their inspiration by the art criticism of John Ruskin and Walter Horatio Pater. In English literature one of the focal points will be their reading and evaluation of aestheticism as it was reflected in the life and writings of the Dubliner Oscar Wilde, who was perceived, by these Austrian authors, as a predominant figure of London’s cultural life. Similarly, they regarded his compatriot George Bernard Shaw as a key player in turn-of-the-century English (and European) culture. Hermann Bhar largely identified with him. Hofmannsthal, on the other hand, while having some reservations, acknowledged his importance and achievements, whereas Peter Altenberg saw in Shaw a model to reassure him, as his writings were becoming more openly didactic and even more miniaturistic than they had already been. He turned to Shaw, too, to explain and justify his new goal of making his texts more intelligent to a wider circle of readers.

Watermarking biomedical time series data

This thesis addresses the problem of information hiding in low dimensional digital data focussing on issues of privacy and security in Electronic Patient Health Records (EPHRs). The thesis proposes a new security protocol based on data hiding techniques for EPHRs. This thesis contends that embedding of sensitive patient information inside the EPHR is the most appropriate solution currently available to resolve the issues of security in EPHRs. Watermarking techniques are applied to one-dimensional time series data such as the electroencephalogram (EEG) to show that they add a level of confidence (in terms of privacy and security) in an individual’s diverse bio-profile (the digital fingerprint of an individual’s medical history), ensure belief that the data being analysed does indeed belong to the correct person, and also that it is not being accessed by unauthorised personnel. Embedding information inside single channel biomedical time series data is more difficult than the standard application for images due to the reduced redundancy. A data hiding approach which has an in built capability to protect against illegal data snooping is developed. The capability of this secure method is enhanced by embedding not just a single message but multiple messages into an example one-dimensional EEG signal. Embedding multiple messages of similar characteristics, for example identities of clinicians accessing the medical record helps in creating a log of access while embedding multiple messages of dissimilar characteristics into an EPHR enhances confidence in the use of the EPHR. The novel method of embedding multiple messages of both similar and dissimilar characteristics into a single channel EEG demonstrated in this thesis shows how this embedding of data boosts the implementation and use of the EPHR securely.

Ensuring efficiency and robustness in MANET

This paper introduces a joint load balancing and hotspot mitigation protocol for mobile ad-hoc network (MANET) termed by us as 'load_energy balance + hotspot mitigation protocol (LEB+HM)'. We argue that although ad-hoc wireless networks have limited network resources - bandwidth and power, prone to frequent link/node failures and have high security risk; existing ad hoc routing protocols do not put emphasis on maintaining robust link/node, efficient use of network resources and on maintaining the security of the network. Typical route selection metrics used by existing ad hoc routing protocols are shortest hop, shortest delay, and loop avoidance. These routing philosophy have the tendency to cause traffic concentration on certain regions or nodes, leading to heavy contention, congestion and resource exhaustion which in turn may result in increased end-to-end delay, packet loss and faster battery power depletion, degrading the overall performance of the network. Also in most existing on-demand ad hoc routing protocols intermediate nodes are allowed to send route reply RREP to source in response to a route request RREQ. In such situation a malicious node can send a false optimal route to the source so that data packets sent will be directed to or through it, and tamper with them as wish. It is therefore desirable to adopt routing schemes which can dynamically disperse traffic load, able to detect and remove any possible bottlenecks and provide some form of security to the network. In this paper we propose a combine adaptive load_energy balancing and hotspot mitigation scheme that aims at evenly distributing network traffic load and energy, mitigate against any possible occurrence of hotspot and provide some form of security to the network. This combine approach is expected to yield high reliability, availability and robustness, that best suits any dynamic and scalable ad hoc network environment. Dynamic source routing (DSR) was use as our underlying protocol for the implementation of our algorithm. Simulation comparison of our protocol to that of original DSR shows that our protocol has reduced node/link failure, even distribution of battery energy, and better network service efficiency.

Plant closures, precariousness and policy responses:revisiting MG Rover 10 years on

With automotive plants being closed in Australia and western Europe, this article reflects on the employment status of ex-MG Rover (MGR) workers following the closure of the Longbridge plant in 2005. In particular, it draws on Standing's typology of labour market insecurity and uses a mixed-methods approach including an analysis of a longitudinal survey of some 200 ex-MGR workers, and in-depth interviews with ex-workers and policy-makers. While the policy response to the closure saw significant successes in terms of the great majority of workers successfully adjusting into re-employment, and with positive findings in terms of re-training and education, the paper finds significant challenges in terms of security of employment, income, job quality and representation at work years after closure. In particular, the paper posits that the general lack of attention to employment security at the macrolevel effectively undermined elements of a positive policy response over the longer run. This in turn suggests longer-term policy measures are required to address aspects of precariousness at work.

Contagion in cybersecurity attacks

Systems security is essential for the efficient operation of all organizations. Indeed, most large firms employ a designated ‘Chief Information Security Officer’ to coordinate the operational aspects of the organization’s information security. Part of this role is in planning investment responses to information security threats against the firm’s corporate network infrastructure. To this end, we develop and estimate a vector equation system of threats to 10 important IP services, using industry standard SANS data on threats to various components of a firm’s information system over the period January 2003 – February 2011. Our results reveal strong evidence of contagion between such attacks, with attacks on ssh and Secure Web Server indicating increased attack activity on other ports. Security managers who ignore such contagious inter-relationships may underestimate the underlying risk to their systems’ defence of security attributes, such as sensitivity and criticality, and thus delay appropriate information security investments.