Computers & Security (February)

EEn......Page 1
TOC......Page 2
From the Editor-in-Chief - What infosec changes are likely to result from the recent US election?......Page 3
Update in the war against cybercrime......Page 5
More compromises of personal and financial information occur......Page 8
Number of pieces of compromised personal data approaches 100 million......Page 10
SWIFT under fire for providing customer transaction information to the US......Page 11
E-voting problems persist......Page 12
FBI asks ISPs to capture users’ activities......Page 13
New UK computer crime-related legislation passes......Page 14
Preamble......Page 16
Previous models......Page 17
Threat agents......Page 18
Denial of service......Page 19
System parameter override/modification......Page 20
Risk-based approach......Page 21
Retention of data......Page 22
Multi-factor authentication......Page 23
Hardware integrity......Page 24
Compliance checking......Page 25
References......Page 26
Information security redefined......Page 28
Information security stakeholders......Page 29
Information lifecycle......Page 30
Human protective measures......Page 31
Lifecycle approach advantages......Page 32
Decoding digital rights management......Page 33
IFIP workshop - Information security culture......Page 36
Introduction......Page 37
Application of value-focused thinking......Page 38
Results......Page 40
Effective and efficient use of electronic communication resources......Page 41
Maximize acceptance of responsibility for actions......Page 42
References......Page 43
Introduction......Page 45
Step 2: getting technical management backing (technical departments are the custodians of ICT in an organisation)......Page 46
Step 3: address the ICT security problem as a special project (forming a provisional ICT security task force)......Page 47
Step 5: getting management’s attention and backing (the management as a whole buy into the idea as well)......Page 48
Step 7: conduct awareness-raising sessions among users (with some feedback from steps 1–6)......Page 50
Step 8: carry out risk assessment and analysis......Page 51
Step 10: develop countermeasures......Page 52
Discussion......Page 54
References......Page 55
Introduction......Page 57
The basis of truth and rationality......Page 58
Motivation......Page 59
Stability versus change/innovation/personal growth......Page 60
Control, coordination and responsibility......Page 61
Conclusion......Page 62
References......Page 63
Introduction......Page 64
CyberCIEGE......Page 65
Development and Testing of CyberCIEGE......Page 66
The game engine as illustrated with a simple scenario......Page 67
Elements of scenario design......Page 68
Current policies for IA training and awareness......Page 69
Requirements analysis......Page 70
Other scenarios......Page 71
Acknowledgments......Page 72
References......Page 73
Introduction......Page 74
General considerations......Page 75
Carronade evolution......Page 76
Phishing email construction......Page 77
Sensitive information......Page 78
Distribution by class......Page 79
References......Page 80
Introduction......Page 82
Data matrix......Page 83
Random projection......Page 84
PPC over vertically partitioned data......Page 85
PPC over centralized data......Page 86
How secure is the DRBT?......Page 87
Methodology......Page 88
Measuring the effectiveness of the DRBT over centralized data......Page 89
Measuring the effectiveness of the DRBT over vertically partitioned data......Page 90
Data partitioning techniques......Page 91
Conclusions......Page 92
References......Page 93
Introduction......Page 95
Notations......Page 96
Security discussions......Page 97
References......Page 98
Refereed papers - Guide for Authors......Page 99
Events......Page 101