Distributed access control and privacy for the internet of me

This article presents an experimental scalable message driven IoT and its security architecture based on Decentralized Information Flow Control. The system uses a gateway that exports SoA (REST) interfaces to the internet simplifying external applications whereas uses DIFC and asynchronous messaging within the home environment.

Internet- den nya barnmorskan? : En enkätstudie om hur gravida kvinnor söker information om graviditet och förlossning via Internet

Bakgrund: Internet används globalt inom många områden och aktuell forskning visar att gravida kvinnor använder Internet till att söka information om graviditet och förlossning. En graviditet innebär många frågor hos kvinnan och kvinnor söker efter information för att få en trygghet och försäkran om att allt är normalt med deras hälsa och barnet i magen. Syfte: Syftet är att undersöka gravida kvinnors informationssökning via Internet avseende graviditet och förlossning. Metod: Beskrivande tvärsnittstudie. Datainsamling skedde via en enkätundersökning och data analyserades med deskriptiv och jämförande ansats. Resultat: Nästan alla kvinnor i undersökningen använde Internet för att söka information om graviditet och förlossning. Kvinnorna söker information om barnets utveckling, kost/näring och graviditetslängd i hög utsträckning. Högutbildade kvinnor har andra kriterier för trovärdighet på hemsidor än kvinnor med lägre utbildning. Slutsats: Barnmorskor bör vara medvetna om gravida kvinnors användning av Internet samt själva skapa sig en uppfattning om informationen som de gravida kvinnorna läser på Internet. Vår studie visar att barnmorskors rekommendation av hemsidor på Internet har stor betydelse för gravida kvinnor.  

Security practice: survey evidence from three countries

Computer security is becoming a global problem. Recent surveys show that there increased concern about security risks such as hackers. There is also an increase in the growth of Internet access around the world. This growth of the Internet has resulted in the development of new businesses such as e-commerce and with the new businesses come new associated security risks such as on-line fraud and hacking. Is it fair to assume the security practices are the same all over the world? The paper tries to look at security practices from a number of different countries perspective and tries to show that security practices are not generic and vary from country to country.

Mobile commerce (mCommerce) security. An appraisal of current issues and trends

Millions of data capable mobile devices are currently in use around the world enabled by the growing acceptance of Internet over wireless networks. However, security mechanisms still remain nascent. Security plays a crucial role in facilitating the level of trust users place on mobile devices and applications. To effectively diffuse the mobile devices in the marketplace, sufficient levels of trust has to be established in the underlying security of mobile devices and applications. This paper is an appraisal of recent issues and emerging trends regarding mobile security, within the context of conducting mobile commerce via mobile networks by individual consumers and businesses.

The pubstro phenomenon : Robin Hoods of the internet

This paper presents a case study of a compromised Web server that was being used to distribute illegal 'warez'. The mechanism by which the server was compromised is discussed as if the way in which it was found. The hacker organisations that engage in these activities are viewed as a Virtual Community and their rules and code of ethics investigated.

Security in the online e-learning environment

This paper addresses the role of security in the collaborative e-learning environment, and in particular, the social aspects of security and the importance of identity. It represents a case study, completed in Nov 2004, which was conducted to test the sense of security that students experienced whilst using the wiki platform as a means of online collaboration in the tertiary education environment. Wikis, fully editable Web sites, are easily accessible, require no software and allow its contributors (in this case students) to feel a sense of responsibility and ownership. A comparison between two wiki studies will be made whereby one group employed user login and the other maintained anonymity throughout the course of the study. The results consider the democratic participation and evolution of the work requirements over time, which in fact ascertains the nonvalidity of administrative identification.

E-business security management for Australian micro SMEs - a case study

Small and Medium Business Enterprises (SMEs) make a significant contribution to the economic viability of the Australian economy. The benefits of performing business in an on-line environment has been realised by Australian SMEs as the use of the Internet for performing business activities both with consumers and other businesses continues to increase. The findings of an empirical study and other evidence available indicate the uptake and advancement of performing e-business activities shall be dependent on two key complementary elements: first, the ability of Australian SMEs to secure their e-business systems; and second, the availability of an approach to recommend a practical e-business security management strategy. This paper presents the results of a case study which applied a previously developed methodology to a micro SME e-business system. The purpose was to validate the ability of the Australian Small to Medium Enterprise E-business Security Methodology (ASME-EBSM) to provide an effective security management strategy for Australian SMEs. The outcome demonstrated that this approach was both feasible and realistic for providing recommendations to secure the e-business activities performed and to protect the micro SME e-business system.

E-business security management for Australian small SMEs - a case study

Small and Medium sized Enterprises (SMEs) play an important role within the Australian economy. There is a strong business case for Australian SMEs to be involved in e-business, which has been realised as the use of the Internet for performing business activities continues to increase. The evidence available indicates the uptake and advancement of performing e-business activities shall be dependent on the ability of Australian SMEs to secure their e-business systems. This paper presents the results of a case study, which applied a previously developed methodology to a small SME e-business system. The purpose was to validate the ability of the Australian Small to Medium Enterprise E-business Security Methodology (ASME-EBSM) to provide an effective security management strategy for Australian SMEs. The outcome demonstrated that this approach was both feasible and realistic for providing recommendations to secure the e-business activities performed and to protect the small SME e-business system.

Social engineering and its impact via the internet

Historically social engineering attacks were limited upon a single organisation or single individual at a time. The impact of the Internet and growth of E-Business has allowed social engineering techniques to be applied at a global level. The paper will discuss how new social engineering techniques are being applied and puts forward a conceptual model to allow an understanding of how social engineering attacks are planned and implemented against E-Business activities.

Security issues within virtual worlds such as second life

The advancement in Internet and bandwidth has resulted in a number of new applications to be developed. An area of advancement has been in the development of virtual worlds, where people can interact together via virtual characters. Virtual World systems have been so complex that virtual lives can be lived, including all aspect of life such as education, commerce, social activities etc. Not surprisingly, the problems that exist in the real world such as theft, fraud, vandalism and terrorism, also exist in the virtual worlds. The more developed these virtual worlds become the greater the breaches of security will be in the virtual as well as the real world.This paper explores and categorises several security issues within the Virtual World of Second Life. It contributes to practice and research by emphasising the importance of security awareness for businesses and the general public in Virtual Worlds.

Information security standards for e-business

The process of buying, selling or interacting with customers via Internet, Tele-sale, Smart card or other computer network is referred to as Electronics Commerce. Whereas online trade has been touting its flexibility, convenience and cost savings, the newest entrant is wireless e-commerce. This form of business offers many attractions; including 24 hours seven days’ open shop–business, vastly reduced fixed cost, and increased profitability. Amazon.com is an example of a successful venture, in e-business. Internet Service providers (ISP/ASP) have a significant influence on the feasibility, security and cost competitiveness of an e-business venture. In the ISP model of services, multiple users and their databases are normally offered on a single hardware, platform sharing the same IP address and Domain name. Clients will require a mechanism, which allows them to update their Web contents and databases frequently even many times daily without intervention of local system Administrator (ISP Admin). The paper overviews few steps to enable corporate clients to update their web content more securely.

Supply chain security: the need for continuous assessment

Ease of Internet accessibility has offered business the opportunity to incorporate this electronic infrastructure technology into establishing electronic-based supply chains. With the improved efficiency that this brings to the management and functionality of the supply chain, there are also security considerations that should be taken into account for protecting the integrity of the electronic supply chain, not only within each business node, but also across the entire supply chain. Such security vulnerabilities can be negated with the implementation of security measures and policies, however these need to be consistent throughout the supply chain and regularly assessed against security benchmarks in order to ensure they meet dequate security standards.

Security protection for critical infrastructure

Understanding and managing information infrastructure (II) security risks is a priority to most organizations dealing with information technology and information warfare (IW) scenarios today (Libicki, 2000). Traditional security risk analysis (SRA) was well suited to these tasks within the paradigm of computer security, where the focus was on securing tangible items such as computing and communications equipment (NCS,1996; Cramer, 1998). With the growth of information interchange and reliance on information infrastructure, the ability to understand where vulnerabilities lie within an organization, regardless of size, has become extremely difficult (NIPC, 1996). To place a value on the information that is owned and used by an organization is virtually an impossible task. The suitability of risk analysis to assist in managing IW and information infrastructure-related security risks is unqualified, however studies have been undertaken to build frameworks and methodologies for modeling information warfare attacks (Molander, Riddile, & Wilson, 1996; Johnson, 1997; Hutchinson & Warren, 2001) which will assist greatly in applying risk analysis concepts and methodologies to the burgeoning information technology security paradigm, information warfare.