Social and Human Elements of Information Security

Social Computing ◽

10.4018/978-1-60566-984-7.ch002 ◽

2010 ◽

pp. 21-37

Author(s):

Mahil Carr

Keyword(s):

Information Security ◽

Social Issues ◽

The Other ◽

Technological Solution ◽

Rural Regions ◽

Banking Services ◽

New Approach ◽

Secure Systems ◽

Secure Information

This chapter attempts to understand the human and social factors in information security by bringing together three different universes of discourse – philosophy, human behavior and cognitive science. When these elements are combined they unravel a new approach to the design, implementation and operation of secure information systems. A case study of the design of a technological solution to the problem of extension of banking services to remote rural regions is presented and elaborated to highlight human and social issues in information security. It identifies and examines the concept of the ‘Other’ in information security literature. The final objective is to prevent the ‘Other’ from emerging and damaging secure systems rather than introducing complex lock and key controls.

Download Full-text

Boosting Authentication Security by Building Strong Password and Individualizing Easy to Remember Techniques

Journal of University of Human Development ◽

10.21928/juhd.v2n3y2016.pp520-527 ◽

2016 ◽

Vol 2 (3) ◽

pp. 520

Author(s):

Nooruldeen Nasih Qader

Keyword(s):

Information Security ◽

The Other ◽

Secure Systems ◽

Authentication Mechanism ◽

Other Hand ◽

Similar Strategy ◽

Authentication Security

Newly released researches disclose the need of canceling the incorrect opinion; security by Password (PW) is dead and proves that these believe has been hurtful. Moreover, recommended a campaign prioritize strategies of building PW. Considering the PW features such as costless, maturity and vast experiences, and usability PW continues to be the most used options in Information Security (IS), it is furthermore, consider most challengers to researchers and really needs further boosting. PWs control authentication mechanism of IS, requiring that individuals choose strong PW. The best advice to protect from hackers is randomly generating unique PW for every site and service, to apply this advice we need more techniques of easy to remember and hard to guess. This study proposed a bunch of easy to remember techniques for building a strong PW. Also, it exhibited the importance of similar strategy despite existing of many helpful PW managers. On the other hand, this paper compiled and analyzed today’s data regarding authenticating secure systems via PW. Analyzed data showed some of common weakness in PW selection. Moreover, gathered information and evaluated data indicated the need of boosting PW. Proposed techniques and solutions enable individuals to select appropriate PW easily.

Download Full-text

Developing House of Quality by integrating top roof and side roof matrices and service TRIZ with a case study in banking services

The TQM Journal ◽

10.1108/tqm-10-2012-0075 ◽

2016 ◽

Vol 28 (4) ◽

pp. 597-612 ◽

Cited By ~ 9

Author(s):

Arash Shahin ◽

Elham Bagheri Iraj ◽

Hossein Vaez Shahrestani

Keyword(s):

House Of Quality ◽

Customer Requirements ◽

Correlation Matrices ◽

Banking Services ◽

New Approach ◽

Content Type ◽

Innovative Solution ◽

The Voice ◽

Voice Of Customers

Purpose – The purpose of this paper is to propose an innovative solution for prioritizing “Whats” and “Hows” and resolving contradictions among “Whats” in House of Quality (HoQ). Design/methodology/approach – Prioritization of the influence of the weights in correlation matrices of “Whats” and “Hows” (i.e. top roof and side roof) of HoQ and integration with TRIZ contradiction matrix have been studied. Explained through a case example of banking services, initially, contradictions among requirements of 180 customers have been identified by side roof matrix and then, the 12 by 12 non-technical contradictions matrix of service TRIZ have been used to suggest principles for resolving contradictions. Findings – Findings imply that the use of roof and side roof weights can influence the priorities of “Whats” and “Hows.” Research limitations/implications – Findings may assist researchers and practitioners in resolving ambiguity of the voice of customers, which in turn make the results of HoQ more accurate. Originality/value – A new approach has been proposed in this paper for resolving contradictions of customer requirements by service TRIZ and adjusting priorities of “Whats” and “Hows” in HoQ.

Download Full-text

A Novel Approach For Information Security With Automatic Variable Key Using Fibonacci Q-Matrix

International Journal of Computer and Communication Technology ◽

10.47893/ijcct.2014.1262 ◽

2014 ◽

pp. 296-299

Author(s):

SHALIGRAM PRAJAPAT ◽

AMBER JAIN ◽

R. S. THAKUR

Keyword(s):

Information Security ◽

Communication Channel ◽

Computation Time ◽

Transaction Processing ◽

New Approach ◽

Secure Information ◽

Novel Approach ◽

Symmetric Key ◽

Q Matrix ◽

Increasing Demand

Information security is essential nowadays. Large number of cipher generation and decryption algorithms exists and are being evolved due to increasing demand of users and e-commerce services. In this paper we propose a new approach for secure information transmission over communication channel with key variability concept in symmetric key algorithms using Fibonacci Qmatrix. Proposed approach will not only enhance the security of information but also saves computation time and reduces power requirements that will find it’s suitability for future hand held devices and online transaction processing.

Download Full-text

Information Security Governance Practices and Commitments in Organizations

Advances in Business Information Systems and Analytics - Strategic IT Governance and Performance Frameworks in Large Organizations ◽

10.4018/978-1-5225-7826-0.ch007 ◽

2019 ◽

pp. 280-315

Keyword(s):

Information Security ◽

Participation Rate ◽

Research Literature ◽

The Other ◽

Banking Services ◽

Security Governance ◽

Governmental Organizations ◽

Governance Practices ◽

Information Security Governance ◽

Practical Model

Despite the existence of referential and standards of the security governance, the research literature remains limited regarding the practices of organizations and, on the other hand, the lack of a strategy and practical model to follow in adopting an effective information security governance. This chapter aims to explore the engagement processes and the practices of organizations involved in a strategy of information security governance. The statistical and econometric analysis of data from a survey of 1000 participants (with a participation rate of 83.67%) from large and medium companies belonging to various industries such as retail/wholesale, banking, services, telecom, private and governmental organizations provides a record of current practices in information security governance. The findings allowed the authors to propose a practical framework to evaluate the information security governance in organizations.

Download Full-text

Information Security and Ecosystems in Smart Cities

Smart Cities and Smart Spaces ◽

10.4018/978-1-5225-7030-1.ch043 ◽

2019 ◽

pp. 956-973

Author(s):

Ahmed Bin Touq ◽

Anthony Ijeh

Keyword(s):

Information Security ◽

Smart Cities ◽

Case Study Research ◽

Urban Environments ◽

Interconnected Systems ◽

Secure Information ◽

Communication Processes ◽

Information Assets ◽

The Impact

The purpose of this article is to evaluate the impact of ecosystems on Information Security in Smart Cities using Dubai as a case study. Innovative interconnected systems can affect the integrity of the information used by residents and citizens if not properly secured. The case study research method was used to examine the impact of the Internet of Everything on secure information exchanges. Data collected from the case study was used to assess the smartness of the urban development in managing its communication processes and information assets in a secure and confidential manner. The limitations of the study are found in its focus on one single city. By evaluating processes used to obtain information from interconnected systems, steps can be taken that would help to reduce threats in thriving innovative urban environments. The findings support the theory and perceptions held by management practitioners and information security specialists.

Download Full-text

“Comprehensive Information Technology Security”: A New Approach to Respond Ethical and Social Issues Surrounding Information Security in the 21st Century

IFIP Advances in Information and Communication Technology - Information Security — the Next Decade ◽

10.1007/978-0-387-34873-5_43 ◽

1995 ◽

pp. 590-602 ◽

Cited By ~ 7

Author(s):

Anja Hartmann

Keyword(s):

Information Technology ◽

Information Security ◽

21St Century ◽

Social Issues ◽

New Approach ◽

Information Technology Security ◽

Comprehensive Information

Download Full-text

The management of information security: A South African case study

South African Journal of Business Management ◽

10.4102/sajbm.v34i2.679 ◽

2003 ◽

Vol 34 (2) ◽

pp. 19-29 ◽

Cited By ~ 4

Author(s):

L. C.H. Fourie

Keyword(s):

Information Security ◽

South African ◽

Ad Hoc ◽

Literature Study ◽

Current State ◽

Secure Information ◽

Manufacturing Company ◽

And Control ◽

The Ideal

The growing misuse of information technology and the increased dependence on computer technology and systems heightened the requirements for information security. Unfortunately there often is a feeling of apathy towards information security by management, which leads to an ad hoc approach to information security and resultant information and financial losses.The main objective of the research thus was to determine the current state of information security at a large manufacturing company in South Africa. The methodology entailed a field study of which three sets of structured questionnaires on information security were an important component. Based on a literature study concerning the ideal information security and control situation and the results of the three sets of questionnaires it was possible to determine the gap, problem areas and issues of information security and control at the manufacturing company. The research clearly indicated that numerous areas for improvement exist and therefore proposes a framework for the management of information security. Although a completely secure information system may not be attainable, the valuable information asset can to a large extent be protected through proper management.

Download Full-text

Information Security and Cybersecurity Management: A Case Study with SMEs in Portugal

Journal of Cybersecurity and Privacy ◽

10.3390/jcp1020012 ◽

2021 ◽

Vol 1 (2) ◽

pp. 219-238

Author(s):

Mário Antunes ◽

Marisa Maximiano ◽

Ricardo Gomes ◽

Daniel Pinto

Keyword(s):

Information Security ◽

Security Management ◽

Blind Spot ◽

The Other ◽

Financial Resources ◽

Information Security Management ◽

Business Association ◽

Management Project ◽

Iso 27001

Information security plays a key role in enterprises management, as it deals with the confidentiality, privacy, integrity, and availability of one of their most valuable resources: data and information. Small and Medium-sized enterprises (SME) are seen as a blind spot in information security and cybersecurity management, which is mainly due to their size, regional and familiar scope, and financial resources. This paper presents an information security and cybersecurity management project, in which a methodology based on the well-known ISO-27001:2013 standard was designed and implemented in fifty SMEs that were located in the center region of Portugal. The project was conducted by a business association located at the center of Portugal and mainly participated by SMEs. The Polytechnic of Leiria and an IT auditing/consulting team were the other two entities that participated on the project. The characterisation of the participating enterprises, the ISO-27001:2013 based methodology developed and implemented in SMEs, as well as the results obtained in this case study, are depicted and analysed in the paper. The attained results show a clear benefit to the audited and intervened SMEs, being mainly attested by the increasing of their information security management robustness and collaborators’ cyberawareness.

Download Full-text

Modelling Critical Innovation Factors in Rural Agrifood Industries: A Case Study in Cuenca, Spain

Sustainability ◽

10.3390/su13179514 ◽

2021 ◽

Vol 13 (17) ◽

pp. 9514

Author(s):

Francisco José Gallego ◽

José María Díaz-Puente ◽

Daniel Francisco Quesada ◽

Maddalena Bettoni

Keyword(s):

Rural Development ◽

Rural Areas ◽

Social Issues ◽

Innovation Management ◽

Rural Regions ◽

Specific Knowledge ◽

Sustainable Rural Development ◽

Managerial Skills ◽

Management Of Innovation

The agrifood industry contributes to sustaining the population and the economic growth in rural areas of Spain. Innovation in the agrifood sector has therefore become a necessity as a means of improving the competitiveness of companies and the territory, thus promoting sustainable rural development in areas currently characterised by social issues such as depopulation. Meeting this need requires the generation of specific knowledge on innovation in the rural agrifood industry to strategically steer the business management of innovation. This study aims to contribute to further improving the competitiveness of the agrifood industry through the interrelation of critical innovation factors in small and medium-sized agrifood enterprises, thus shedding light on the innovation environment of differentiated local products in depopulated rural regions. The qualitative Interpretive Structural Modelling (ISM) methodology was used with the participation of entrepreneurs and experts from the sector. The ISM was applied to a case study in Alcarria Conquense, a Spanish region that embodies the current problems of many rural territories. The results show four factors (cooperation, managerial skills, absorptive capacity, and market orientation) are binding variables with a high power of influence and dependence, and a fifth factor, funding, is the most dependent on the others. The work contributes to the literature by revealing the needs and opportunities for a potential strategic planning of rural development that can positively influence the problems of the region through innovation management in this industry.

Download Full-text