Information Security Innovation

The increasing demand for online and real-time interaction with IT infrastructures by end users is facilitated by the proliferation of user-centric devices such as laptops, iPods, iPads, and smartphones. This trend is furthermore propounded by the plethora of apps downloadable to end user devices mostly within mobile-cum-cloud environments. It is clear that there are many evidences of innovation with regard to end user devices and apps. Unfortunately, little, if any, information security innovation took place over the past number of years with regard to the consumption of security services by end users. This creates the need for innovative security solutions that are human-centric and flexible. This chapter presents a framework for consuming loosely coupled (but interoperable) cloud-based security services by a variety of end users in an efficient and flexible manner using their mobile devices.

Download Full-text

Importance of Information Security and Strategies to Prevent Data Breaches in Mobile Devices

Advances in Business Strategy and Competitive Advantage - Improving Business Performance Through Innovation in the Digital Economy ◽

10.4018/978-1-7998-1005-6.ch015 ◽

2020 ◽

pp. 215-225

Author(s):

Maulik Desai ◽

Swati Jaiswal

Keyword(s):

Operating System ◽

Information Security ◽

Mobile Phone ◽

Mobile Devices ◽

Cell Phone ◽

End User ◽

Shoulder Surfing ◽

A Cell ◽

Encryption Algorithms ◽

E Mail

Mobile devices have upgraded from normal java-based phones whose basic functionality was calling, messaging, and storing contact information to a more adaptive operating system like Symbian, iOS, and Android, which have smart features like e-mail, audio player, camera, etc. Gradually, everyone started relying more and more on these mobile devices. This led to an increase in the number of cell phone hackers. Common ways that a hacker gets access to your phone is via phishing, shoulder surfing, piggybacking, etc. There are countermeasures to this like bookmarking your most visited sites, using VPN, using encryption algorithms. Data theft and identity theft are a new concern for today's user; this chapter is to educate the end user of different ways in which their privacy can be invaded via a mobile phone. This chapter will help the researchers to know the mindset of a cell phone hacker and what are the potential damages that can be caused by them and strategies to prevent them.

Download Full-text

Importance of Information Security and Strategies to Prevent Data Breaches in Mobile Devices

Research Anthology on Securing Mobile Technologies and Applications ◽

10.4018/978-1-7998-8545-0.ch025 ◽

2021 ◽

pp. 454-464

Author(s):

Maulik Desai ◽

Swati Jaiswal

Keyword(s):

Operating System ◽

Information Security ◽

Mobile Phone ◽

Mobile Devices ◽

Cell Phone ◽

End User ◽

Shoulder Surfing ◽

A Cell ◽

Encryption Algorithms ◽

E Mail

Mobile devices have upgraded from normal java-based phones whose basic functionality was calling, messaging, and storing contact information to a more adaptive operating system like Symbian, iOS, and Android, which have smart features like e-mail, audio player, camera, etc. Gradually, everyone started relying more and more on these mobile devices. This led to an increase in the number of cell phone hackers. Common ways that a hacker gets access to your phone is via phishing, shoulder surfing, piggybacking, etc. There are countermeasures to this like bookmarking your most visited sites, using VPN, using encryption algorithms. Data theft and identity theft are a new concern for today's user; this chapter is to educate the end user of different ways in which their privacy can be invaded via a mobile phone. This chapter will help the researchers to know the mindset of a cell phone hacker and what are the potential damages that can be caused by them and strategies to prevent them.

Download Full-text

Do doctors care? Validating a tool for the assessment of health information security in Spanish-speaking countries (Preprint)

10.2196/preprints.18753 ◽

2020 ◽

Author(s):

Jorge Andres Delgado-Ron ◽

Daniel Simancas-Racines

Keyword(s):

Social Media ◽

Information Security ◽

Mobile Devices ◽

Media Use ◽

Medical Doctors ◽

Spanish Translation ◽

Social Media Use ◽

Attitudes And Practices ◽

Human Aspects ◽

Password Management

BACKGROUND Healthcare has increased its use of information technology over the last few years. A trend followed higher usage of Electronic Health Record in low-and-middle-income countries where doctors use non-medical applications and websites for healthcare-related tasks. Information security awareness and practices are essential to reduce the risk of breaches. OBJECTIVE To assess the internal reliability of the Spanish translation of three areas of the Human Aspects of Information Security Questionnaire (HAIS-Q), and to assess the knowledge, attitudes, and practices of medical doctors around information security. METHODS This is a cross-sectional descriptive study designed as a questionnaire-based. We used focus areas (Password management, social media use, and mobile devices use) from the Human Aspects of Information Security Questionnaire (HAIS-Q). Medical doctors in Ecuador answered an online survey between December 2017 and January 2018. RESULTS A total of 434 health professionals (response rate: 0.65) completed all the questions in our study. Scores were 37.4 (SD 5.9) for Password Management, 35.4 (SD 5.0) for Social Media Use and 35.9 (SD 5.7) for Mobile Devices. Cronbach’s alpha coefficient (α) was 0.78 (95% CI: 0.75, 0.81) for password management, 0.73 (95%CI: 0.69, 0.77) for mobile devices and 0.77 (95% CI: 0.73, 0.78) for Social Media Use. CONCLUSIONS Our study shows that three components of the Spanish translation of the HAIS-Q questionnaire were internally reliable when applied in medical doctors. Medical doctors with eagerness to receive infosec training scored higher in social media use and mobile device use categories.

Download Full-text

The impact of end-userś participation (cancer patients) during the optimization process

European Journal of Public Health ◽

10.1093/eurpub/ckaa165.1437 ◽

2020 ◽

Vol 30 (Supplement_5) ◽

Author(s):

S Houwaart

Keyword(s):

End Users ◽

Public Health Care ◽

Optimization Process ◽

Patient Organization ◽

End User ◽

The Public ◽

Patient Organizations ◽

Crucial Information ◽

The Individual ◽

The Impact

Abstract End-user (e.g. patients or the public) testing of information material is becoming more common in the German public health care system. However, including the end-user (in this case patients) in an optimisation process and thus enabling a close collaboration while developing PIMs is still rare. This is surprising, given the fact that patients provide the exact perspective one is trying to address. Within the isPO project, a patient organization is included as a legal project partner to act as the patient representative and provide the patient's perspective. As such, the patient organization was included in the PHR approach as part of the PIM-optimisation team. During the optimisation process, the patients gave practical insights into the procedures of diagnosing and treating different types of cancer as well as into the patient's changing priorities and challenges at different time points. This was crucial information for the envisioned application of the individual PIMs and their hierarchical overview. Moreover, the developed PIM-checklist enabled the patients to give detailed feedback to the PIMs. With their experience of being in the exact situation in which the PIMs will be applied, their recommendations, especially on the wording and layout of the materials, have been a valuable contribution to the PIM optimisation process. In this part of the seminar, we will take a closer look at the following skill building aspects: What is gained from including patients as end-users in the development and optimization of PIM?How can we reach patients to contribute to a PIM optimization process? Which requirements and prerequisites do patients have to provide to successfully work on an optimisation team?How to compromise and weigh opinions when different ideas occur? Altogether, this part will construct a structured path of productive patient involvement and help to overcome uncertainties regarding a collaboration with patient organizations.

Download Full-text

Detecting Colluding Inter-App Communication in Mobile Environment

Applied Sciences ◽

10.3390/app10238351 ◽

2020 ◽

Vol 10 (23) ◽

pp. 8351

Author(s):

Rosangela Casolare ◽

Fabio Martinelli ◽

Francesco Mercaldo ◽

Antonella Santone

Keyword(s):

Model Checking ◽

Mobile Devices ◽

Private Information ◽

End Users ◽

Home Automation ◽

Mobile Environment ◽

Data Support ◽

Bank Transfer ◽

Android Applications

The increase in computing capabilities of mobile devices has, in the last few years, made possible a plethora of complex operations performed from smartphones and tablets end users, for instance, from a bank transfer to the full management of home automation. Clearly, in this context, the detection of malicious applications is a critical and challenging task, especially considering that the user is often totally unaware of the behavior of the applications installed on their device. In this paper, we propose a method to detect inter-app communication i.e., a colluding communication between different applications with data support to silently exfiltrate sensitive and private information. We based the proposed method on model checking, by representing Android applications in terms of automata and by proposing a set of logic properties to reduce the number of comparisons and a set of logic properties automatically generated for detecting colluding applications. We evaluated the proposed method on a set of 1092 Android applications, including different colluding attacks, by obtaining an accuracy of 1, showing the effectiveness of the proposed method.

Download Full-text

Enhancing End-User Roles in Information Security: Exploring the Setting, Situation, and Identity

Computers & Security ◽

10.1016/j.cose.2021.102340 ◽

2021 ◽

pp. 102340

Author(s):

Obi Ogbanufe

Keyword(s):

Information Security ◽

End User

Download Full-text

Modelling End-User Behavior and Behavioral Change in Smart Grids. An Application of the Model of Frame Selection

Energies ◽

10.3390/en13246674 ◽

2020 ◽

Vol 13 (24) ◽

pp. 6674

Author(s):

Sebastian Hoffmann ◽

Fabian Adelt ◽

Johannes Weyer

Keyword(s):

Smart Grids ◽

Online Survey ◽

End Users ◽

Influential Factors ◽

System Stability ◽

End User ◽

Frame Selection ◽

Model Of Frame Selection ◽

Modes Of Governance ◽

Strong Control

This paper presents an agent-based model (ABM) for residential end-users, which is part of a larger, interdisciplinary co-simulation framework that helps to investigate the performance of future power distribution grids (i.e., smart grid scenarios). Different modes of governance (strong, soft and self-organization) as well as end-users’ heterogeneous behavior represent key influential factors. Feedback was implemented as a measure to foster grid-beneficial behavior, which encompasses a range of monetary and non-monetary incentives (e.g., via social comparison). The model of frame selection (MFS) serves as theoretical background for modelling end-users’ decision-making. Additionally, we conducted an online survey to ground the end-user sub-model on empirical data. Despite these empirical and theoretical foundations, the model presented should be viewed as a conceptual framework, which requires further data collection. Using an example scenario, representing a lowly populated residential area (167 households) with a high share of photovoltaic systems (30%), different modes of governance were compared with regard to their suitability for improving system stability (measured in cumulated load). Both soft and strong control were able to decrease overall fluctuations as well as the mean cumulated load (by approx. 10%, based on weekly observation). However, we argue that soft control could be sufficient and more societally desirable.

Download Full-text

Authentication System for Biometric Applications Using Mobile Devices

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.457-458.1224 ◽

2013 ◽

Vol 457-458 ◽

pp. 1224-1227

Author(s):

Jian Feng Hu ◽

Zhen Dong Mu

Keyword(s):

Information Security ◽

Mobile Devices ◽

Information Exchange ◽

Mobile Platform ◽

Eeg Signal ◽

Information Protection ◽

Security Research ◽

Authentication System ◽

Identification Tool

Mobile equipment has now become a new platform for information exchange, spend a lot of information exchange, how to effectively protect the mobile platform information security? Research has shown that, EEG signal can be used as identification tool, the user's information protection and good, this paper to protect the information security of mobile devices to research how to use EEG; the EEG signal is feasible for mobile equipment identification.

Download Full-text

Designing User-Centric Information Security Management Systems in Financial Services Organisations

2020 IEEE 6th International Conference on Collaboration and Internet Computing (CIC) ◽

10.1109/cic50333.2020.9492732 ◽

2020 ◽

Author(s):

Ivano Bongiovanni

Keyword(s):

Information Security ◽

Financial Services ◽

Security Management ◽

Management Systems ◽

Information Security Management ◽

User Centric

Download Full-text