Can IT Security be improved with better IT Leadership in the 21st Century University?

Organizations generally are not responding effectively to rising IT security threats because people issues receive inadequate attention. The stark example of IT security is just the latest strategic IT priority demonstrating deficient IT leadership attention to the social dimension of IT. Universities in particular, with their devolved people organization, diverse adoption of IT, and split central/local federated approach to governance and leadership of IT, demand higher levels of interpersonal sophistication and strategic engagement from their IT leaders. An idealized model for IT leaders for the 21st century university is proposed to be developed as a framework for further investigation. The testing of this model in an action research study is proposed.

Security of Two-Party Identity-Based Key Agreement

Identity-based cryptography has become extremely fashionable in the last few years. As a consequence many proposals for identity-based key establishment have emerged, the majority in the two party case. We survey the currently proposed protocols of this type, examining their security and efficiency. Problems with some published protocols are noted.

Marketplace forces and the history of retailing : The cycle of control

This paper traces the history of store (retailer-controlled) and national (manufacture controlled)brands; identifies the key historical characteristics of the past 200 years of marketing history;describes the four main time periods of U.S. retail marketing (1800 - 2000); and comments on the most likely developments within the current phases of brand marketing. Will the future focus on technology and new forms of communications? The Internet exemplifies an unconventional retailing environment, with etailer numbers growing rapidly. The central proposition of this paper is that a "cycle of control" - a pattern of marketing developments within the history of retailing and national marketing communications - Can indicate the success of marketing strategies in the future.

Re-invent yourself: from London intensive care nursing and the Nigerian oil fields to an an academic library in Brisbane; a career change worth making.

A complete change of career forces a seismic shift in every aspect of your life. From day one, you have to face the loss of long held beliefs, behaviours, the known world of self, and security. We came from professions that themselves are poles apart, and many of the challenges we faced entering the profession were the same: juggling full-time work, part time study, and family commitmemts, taking a pay cut, and loss of social life. But over a short period of time we both transitioned to our new profession successfully. so what make our successful transition possible?

Security and legal issues in E-tendering

The Queensland Department of Public Works (QDPW) and the Queensland Department of Main Roads (QDMR) have identified a need for industry e-contracting guidelines in the short to medium term. Each of these organisations conducts tenders and contracts for over $600 million annually. This report considers the security and legal issues relating to the shift from a paper-based tendering system to an electronic tendering system. The research objectives derived from the industry partners include: • a review of current standards and e-tendering systems; • a summary of legal requirements impacting upon e-tendering; • an analysis of the threats and requirements for any e-tendering system; • the identification of outstanding issues; • an evaluation of possible e-tendering architectures; • recommendations for e-tendering systems.

Project diagnostics : assessing the condition of projects and identifying poor health combing forces

In many cases, construction projects do not achieve the objectives that the project participants set for them. If participants could better understand how their project is performing overall, at various stages of its delivery, then the opportunities to achieve project success would almost certainly be greater. This paper documents a method of assessing the status of a project, at a point in its design or construction phase, or after completion. The status is assessed in terms of up to seven (7) key success factors. Any evidence of less than adequate performance in these performance areas is scrutinised to seek out the root causes of why this situation is happening. Using these identified root causes of under performance, general suggestions can then be made as to how to return the project to good health. A software package that assists in assessing the status of the project has been developed. The package is currently being calibrated before commercial release.

The measurement of applied forces during anterior single rod correction of adolescent idiopathic scoliosis

Adolescent idiopathic scoliosis (AIS) is the most common form of spinal deformity in paediatrics, prevalent in approximately 2-4% of the general population. While it is a complex three-dimensional deformity, it is clinically characterised by an abnormal lateral curvature of the spine. The treatment for severe deformity is surgical correction with the use of structural implants. Anterior single rod correction employs a solid rod connected to the anterior spine via vertebral body screws. Correction is achieved by applying compression between adjacent vertebral body screws, before locking each screw onto the rod. Biomechanical complication rates have been reported as high as 20.8%, and include rod breakage, screw pull-out and loss of correction. Currently, the corrective forces applied to the spine are unknown. These forces are important variables to consider in understanding the biomechanics of scoliosis correction. The purpose of this study was to measure these forces intra-operatively during anterior single rod AIS correction.

Security metrics for object-oriented class designs

Measuring quality attributes of object-oriented designs (e.g. maintainability and performance) has been covered by a number of studies. However, these studies have not considered security as much as other quality attributes. Also, most security studies focus at the level of individual program statements. This approach makes it hard and expensive to discover and fix vulnerabilities caused by design errors. In this work, we focus on the security design of an object oriented application and define a number of security metrics. These metrics allow designers to discover and fix security vulnerabilities at an early stage, and help compare the security of various alternative designs. In particular, we propose seven security metrics to measure Data Encapsulation (accessibility) and Cohesion (interactions) of a given object-oriented class from the point of view of potential information flow.

Privacy and security in open and trusted health information systems

The Open and Trusted Health Information Systems (OTHIS) Research Group has formed in response to the health sector’s privacy and security requirements for contemporary Health Information Systems (HIS). Due to recent research developments in trusted computing concepts, it is now both timely and desirable to move electronic HIS towards privacy-aware and security-aware applications. We introduce the OTHIS architecture in this paper. This scheme proposes a feasible and sustainable solution to meeting real-world application security demands using commercial off-the-shelf systems and commodity hardware and software products.

A Proposed Framework for Understanding Information Security Culture and Practices in the Saudi Context

An examination of Information Security (IS) and Information Security Management (ISM) research in Saudi Arabia has shown the need for more rigorous studies focusing on the implementation and adoption processes involved with IS culture and practices. Overall, there is a lack of academic and professional literature about ISM and more specifically IS culture in Saudi Arabia. Therefore, the overall aim of this paper is to identify issues and factors that assist the implementation and the adoption of IS culture and practices within the Saudi environment. The goal of this paper is to identify the important conditions for creating an information security culture in Saudi Arabian organizations. We plan to use this framework to investigate whether security culture has emerged into practices in Saudi Arabian organizations.