Suchergebnisse

PurposeThe purpose of this paper is to compare and contrast university governance structures with those of commercial providers of information security education.Design/methodology/approachPolicy analysis methods from social research are used. Professional information security education (and certification) is generally provided by commercial training arms of major IT vendors, independent industry groups and universities. While the "for profit" status of commercial training organisations is recognised, the commercial standing of universities is unclear, since they increasingly charge commercial‐grade (or higher) fees for professional development, especially at the postgraduate level. The independence from commercial interests is one of the main attractions for students to undertake professional education at universities; however, if universities are becoming commercial, at what point and according to which criteria is the veracity of vendor‐supplied training and university education considered equal, or indeed, superior?FindingsThis paper briefly reviews the key drivers of university commercialisation, and discusses the implications for postgraduate education in the very sensitive area of information security, in an Australian context, especially where universities directly compete with private sector interests. The key findings are that universities who wish to offer information security programs in competition with private providers will need to adopt corporate‐style governance policies and procedures, which include industry representation on boards, and ensuring that academic independence is not compromised by deeper vendor relationships.Originality/valueNo other papers have specifically investigated the emerging trends in information security education, in an Australian context, and related these to the necessary changes in governance that will be required for universities to compete on equal terms with corporate providers.

Personal information stored in large government databases is a prime target for criminals because of its potential use in identity theft and associated crime, such as fraud. In 2007-2008, a number of very high-profile cases of data loss within the British Government, its departments and non-departmental bodies raised three pressing issues of public significance: (1) how broad was the loss across agencies; (2) how deep was each loss incident; and (3) what counter-measures (organisational and technical) could be put in place to prevent further loss? This paper provides a chronological review of data loss incidents, and assesses the potential to mitigate risk, given organisational structures and processes, and taking into account current government calls for further medium and long-term acquisition and storage of citizen's private data. The potential use of the "lost" credentials is discussed in the context of identity theft. © 2009 IEEE.

Attribution as a ConceptAbsolute Attribution; Relative Attribution; Relative attribution concepts; Inherent versus Learnt Behaviors; Hiding Behavior; Consistency of Behavior; Relative Attribution Techniques; Authorship Analysis; Limitations and Issues; Research Streams; Conclusions; References; Chapter 4 -- Enhancing Privacy to Defeat Open Source Intelligence; Introduction; Scenario; Requirements and Threats; Preliminaries; The PIEMCP; Formal Security Analysis with CPN; Attack Scenarios; Verification Results; Removing Trusted ARM; Performance Analysis of FSSO-PIEMC

RésuméTout salaire vital doit assurer, au‐delà de la simple subsistance, une certaine qualité de vie, y compris au travail, et une participation véritable à la sphère sociale et organisationnelle, soit la jouissance de potentialités ou «capacités». Toutefois, les liens entre revenu et capacités sont encore mal connus, et les salaires vitaux souvent fixés arbitrairement. En empruntant à la psychologie, aux théories du développement ou encore à la réflexion sur la gestion d'entreprise et les relations professionnelles, les auteurs proposent un outil d'analyse universel mais axé sur le contexte et formulent plusieurs propositions appelées à servir de base aux travaux empiriques nécessaires pour vérifier sa validité.

ResumenEl concepto de salario vital se define por la calidad de vida y de vida laboral, no por la mera subsistencia económica. Implica asimismo verdadera participación social y organizational. En economías en desarrollo, estas claves del «trabajo decente» guardan relación con «las capacidades», que son importantes para los individuos, las organizaciones y la sociedad. Con todo, la relación entre ingresos y capacidades sigue siendo desconocida, y los salarios vitales suelen imponerse por decreto. Los autores elaboran un modelo concéntrico de contingencia integrando las teorías de los estudios de desarrollo, gestión, psicología y relaciones laborales, y formulan proposiciones para ponerlo a prueba empíricamente.