Computers & Security (February)

EEn......Page 1 TOC......Page 2 From the Editor-in-Chief - What infosec changes are likely to result from the recent US election?......Page 3 Update in the war against cybercrime......Page 5 More compromises of personal and financial information occur......Page 8 Number of pieces of compromised personal data approaches 100 million......Page 10 SWIFT under fire for providing customer transaction information to the US......Page 11 E-voting problems persist......Page 12 FBI asks ISPs to capture users’ activities......Page 13 New UK computer crime-related legislation passes......Page 14 Preamble......Page 16 Previous models......Page 17 Threat agents......Page 18 Denial of service......Page 19 System parameter override/modification......Page 20 Risk-based approach......Page 21 Retention of data......Page 22 Multi-factor authentication......Page 23 Hardware integrity......Page 24 Compliance checking......Page 25 References......Page 26 Information security redefined......Page 28 Information security stakeholders......Page 29 Information lifecycle......Page 30 Human protective measures......Page 31 Lifecycle approach advantages......Page 32 Decoding digital rights management......Page 33 IFIP workshop - Information security culture......Page 36 Introduction......Page 37 Application of value-focused thinking......Page 38 Results......Page 40 Effective and efficient use of electronic communication resources......Page 41 Maximize acceptance of responsibility for actions......Page 42 References......Page 43 Introduction......Page 45 Step 2: getting technical management backing (technical departments are the custodians of ICT in an organisation)......Page 46 Step 3: address the ICT security problem as a special project (forming a provisional ICT security task force)......Page 47 Step 5: getting management’s attention and backing (the management as a whole buy into the idea as well)......Page 48 Step 7: conduct awareness-raising sessions among users (with some feedback from steps 1–6)......Page 50 Step 8: carry out risk assessment and analysis......Page 51 Step 10: develop countermeasures......Page 52 Discussion......Page 54 References......Page 55 Introduction......Page 57 The basis of truth and rationality......Page 58 Motivation......Page 59 Stability versus change/innovation/personal growth......Page 60 Control, coordination and responsibility......Page 61 Conclusion......Page 62 References......Page 63 Introduction......Page 64 CyberCIEGE......Page 65 Development and Testing of CyberCIEGE......Page 66 The game engine as illustrated with a simple scenario......Page 67 Elements of scenario design......Page 68 Current policies for IA training and awareness......Page 69 Requirements analysis......Page 70 Other scenarios......Page 71 Acknowledgments......Page 72 References......Page 73 Introduction......Page 74 General considerations......Page 75 Carronade evolution......Page 76 Phishing email construction......Page 77 Sensitive information......Page 78 Distribution by class......Page 79 References......Page 80 Introduction......Page 82 Data matrix......Page 83 Random projection......Page 84 PPC over vertically partitioned data......Page 85 PPC over centralized data......Page 86 How secure is the DRBT?......Page 87 Methodology......Page 88 Measuring the effectiveness of the DRBT over centralized data......Page 89 Measuring the effectiveness of the DRBT over vertically partitioned data......Page 90 Data partitioning techniques......Page 91 Conclusions......Page 92 References......Page 93 Introduction......Page 95 Notations......Page 96 Security discussions......Page 97 References......Page 98 Refereed papers - Guide for Authors......Page 99 Events......Page 101