The enterprise information security policy as a strategic business policy within the corporate strategic plan (extended abstract)

Information security has been recognized as a core requirement for corporate governance that is expected to facilitate not only the management of risks, but also as a corporate enabler that supports and contributes to the sustainability of organizational operations. In implementing information security, the enterprise information security policy is the set of principles and strategies that guide the course of action for the security activities and may be represented as a brief statement that defines program goals and sets information security and risk requirements. The enterprise information security policy (alternatively referred to as security policy in this paper) that represents the meta-policy of information security is an element of corporate ICT governance and is derived from the strategic requirements for risk management and corporate governance. Consistent alignment between the security policy and the other corporate business policies and strategies has to be maintained if information security is to be implemented according to evolving business objectives. This alignment may be facilitated by managing security policy alongside other corporate business policies within the strategic management cycle. There are however limitations in current approaches for developing and managing the security policy to facilitate consistent strategic alignment. This paper proposes a conceptual framework for security policy management by presenting propositions to positively affect security policy alignment with business policies and prescribing a security policy management approach that expounds on the propositions.

Protecting your intellectual property and selling it

Intellectual Property - group of rights used to protect literary, artistic and industrial property. Generally separated into the categories of: • Copyright • Trade marks • Designs • Patents But also extends to specific subject matter of plant variety rights and circuit layouts and general information that is confidential such as trade secrets and protection of goodwill and reputation through the action of passing off. New information, be it a new computer program or novel device, developed by an organisation is valuable to it. So too is the organisation name and reputation. While some protection is automatic, like copyright, other protection and rights must be obtained under various legislation. When dealing with employees and third parties, ownership of existing and new rights needs to be clearly established so that rights are not lost. Obligations in relation to the use of certain property and any confidential information must also be clearly established...

Quantum key distribution in the classical authenticated key exchange framework

Key establishment is a crucial primitive for building secure channels in a multi-party setting. Without quantum mechanics, key establishment can only be done under the assumption that some computational problem is hard. Since digital communication can be easily eavesdropped and recorded, it is important to consider the secrecy of information anticipating future algorithmic and computational discoveries which could break the secrecy of past keys, violating the secrecy of the confidential channel. Quantum key distribution (QKD) can be used generate secret keys that are secure against any future algorithmic or computational improvements. QKD protocols still require authentication of classical communication, although existing security proofs of QKD typically assume idealized authentication. It is generally considered folklore that QKD when used with computationally secure authentication is still secure against an unbounded adversary, provided the adversary did not break the authentication during the run of the protocol. We describe a security model for quantum key distribution extending classical authenticated key exchange (AKE) security models. Using our model, we characterize the long-term security of the BB84 QKD protocol with computationally secure authentication against an eventually unbounded adversary. By basing our model on traditional AKE models, we can more readily compare the relative merits of various forms of QKD and existing classical AKE protocols. This comparison illustrates in which types of adversarial environments different quantum and classical key agreement protocols can be secure.

Privacy by design : Does it matter for social networks?

Privacy is an important component of freedom and plays a key role in protecting fundamental human rights. It is becoming increasingly difficult to ignore the fact that without appropriate levels of privacy, a person’s rights are diminished. Users want to protect their privacy - particularly in “privacy invasive” areas such as social networks. However, Social Network users seldom know how to protect their own privacy through online mechanisms. What is required is an emerging concept that provides users legitimate control over their own personal information, whilst preserving and maintaining the advantages of engaging with online services such as Social Networks. This paper reviews “Privacy by Design (PbD)” and shows how it applies to diverse privacy areas. Such an approach will move towards mitigating many of the privacy issues in online information systems and can be a potential pathway for protecting users’ personal information. The research has also posed many questions in need of further investigation for different open source distributed Social Networks. Findings from this research will lead to a novel distributed architecture that provides more transparent and accountable privacy for the users of online information systems.

Criminology, Crime and Politics Before and After 9/11

Criminologists have mostly followed the criminal law in adopting an apolitical concept of crime. They paid limited attention to both political crime and the political power to criminalise. The article traces efforts to redress this since the 1960s. It nevertheless remained a minority concern, mostly of critical criminology. Yet crime has been politicised in various ways by other developments, also examined in the article. The events of 9/11 have crowned the emergence of crime as a strategic security issue posing a challenge to criminology to engage with politically inspired crime and its control.

Democracy, Crime and Justice. Annals of the American Academy of Political and Social Sciences

As a growing number of nations embark on a path to democracy, criminologists have become increasingly interested and engaged in the challenges, concerns, and questions connecting democracy with both crime and criminal justice. Rising levels of violence and street crime, white collar crime and corruption both in countries where democracy is securely in place and where it is struggling, have fuelled a deepening skepticism as to the capacity of democracy to deliver on its promise of security and justice for all citizens. What role does crime and criminal justice play in the future of democracy and for democratic political development on a global level? The editors of this special volume of The Annals realized the importance of collecting research from a broad spectrum of countries and covering a range of problems that affect citizens, politicians, and criminal justice officials. The articles here represent a solid balance between mature democracies like the U.S. and U.K. as well as emerging democracies around the globe – specifically in Latin America, Africa and Eastern Europe. They are based on large and small cross-national samples, regional comparisons, and case studies. Each contribution addresses a seminal question for the future of democratic political development across the globe. What is the role of criminal justice in the process of building democracy and instilling confidence in its institutions? Is there a role for unions in democratizing police forces? What is the impact of widespread disenfranchisement of felons on democratic citizenship and the life of democratic institutions? Under what circumstances do mature democracies adopt punitive sentencing regimes? Addressing sensitive topics such as relations between police and the Muslim communities of Western Europe in the wake of terrorist attacks, this volume also sheds light on the effects of terrorism on mature democracies under increasing pressure to provide security for their citizens. By taking a broad vantage point, this collection of research delves into complex topics such as the relationship between the process of democratization and violent crime waves; the impact of rising crime rates on newly established as well as secure democracies; how crime may endanger the transition to democracy; and how existing practices of criminal justice in mature democracies affect their core values and institutions. The collection of these insightful articles not only begins to fill a gap in criminological research but also addresses issues of critical interest to political scientists as well as other social and behavioral scientists and scholars. Taking a fresh approach to the intersection of crime, criminal justice, and democracy, this volume of The Annals is a must-read for criminologists and political scientists and provides a solid foundation for further interdisciplinary research.

Contemporary State Terrorism: Theory and Practice

This volume aims to 'bring the state back into terrorism studies' and fill the notable gap that currently exists in our understanding of the ways in which states employ terrorism as a political strategy of internal governance or foreign policy. Within this broader context, the volume has a number of specific aims. First, it aims to make the argument that state terrorism is a valid and analytically useful concept which can do much to illuminate our understanding of state repression and governance, and illustrate the varieties of actors, modalities, aims, forms, and outcomes of this form of contemporary political violence. Secondly, by discussing a rich and diverse set of empirical case studies of contemporary state terrorism this volume explores and tests theoretical notions, generates new questions and provides a resource for further research. Thirdly, it contributes to a critical-normative approach to the study of terrorism more broadly and challenges dominant approaches and perspectives which assume that states, particularly Western states, are primarily victims and not perpetrators of terrorism. Given the scarceness of current and past research on state terrorism, this volume will make a genuine contribution to the wider field, particularly in terms of ongoing efforts to generate more critical approaches to the study of political terrorism. This book will be of much interest to students of critical terrorism studies, critical security studies, terrorism and political violence and political theory in general.

The role of markup in the digital humanities

The digital humanities are growing rapidly in response to a rise in Internet use. What humanists mostly work on, and which forms much of the contents of our growing repositories, are digital surrogates of originally analog artefacts. But is the data model upon which many of those surrogates are based – embedded markup – adequate for the task? Or does it in fact inhibit reusability and flexibility? To enhance interoperability of resources and tools, some changes to the standard markup model are needed. Markup could be removed from the text and stored in standoff form. The versions of which many cultural heritage texts are composed could also be represented externally, and computed automatically. These changes would not disrupt existing data representations, which could be imported without significant data loss. They would also enhance automation and ease the increasing burden on the modern digital humanist.