information security best papers
Attack modeling for information security and survivability
free download
Many engineering disciplines rely on engineering failure data to improve their designs. Unfortunately, this is not the case with information system engineers, who generally do not use security failure data-particularly attack data-to improve the security and survivability of
Information security and privacy in healthcare: current state of research
free download
Information security and privacy in the healthcare sector is an issue of growing importance. The adoption of digital patient records, increased regulation, provider consolidation and the increasing need for information exchange between patients, providers and payers, all point
Corporate governance and information security
free download
The purpose of this paper is to try to create a direct relationship between corporate governance and information security . In doing this the paper tries to make a case why senior management in a company has no choice but to be committed and responsible for
Technical guide to information security testing and assessment
free download
The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 200 Public Law 107-347. NIST is responsible for developing
Information security management best practice based on ISO/IEC 17799
free download
Talks about security trends ecurity matters have become an integral part of daily life, and organizations need to ensure that they are adequately secured. While legislatures enact corporate governance laws, more and more businesses are seeking assurance that their
A study of encryption algorithms (RSA, DES, 3DES and AES) for information security
free download
Encryption is the process of scrambling a message so that only the intended recipient can read it. Encryption can provide a means of securing information. As more and more information is stored on computers or communicated via computers, the need to insure that
Programming languages for information security
free download
The widespread use of computers to archive, process, and exchange information via the Internet has led to explosive growth in e-commerce and on-line services. This increasing connectivity of the web means that more and more businesses, individual users, and
ISO/IEC 27000, 27001 and 27002 for information security management
free download
With the increasing significance of information technology, there is an urgent need for adequate measures of information security . Systematic information security management is one of most important initiatives for IT management. At least since reports about privacy and
A framework for human factors in information security
free download
Any security system, no matter how well designed and implemented, will have to rely on people. The fact that human factors play a crucial part in the majority of accidents is a troubling feature of modern security know-how : We can implement appropriate technical
Information security management system standards: A comparative study of the big five
free download
It cannot be denied that nowadays information is a very important asset for any modern organization. Therefore protecting its security is very important and becoming a top priority for many organizations. Unfortunately there is no single formula that can guarantee 100% of
The need for effective information security awareness
free download
Security awareness is an often-overlooked factor in an information security program. While organizations expand their use of advanced security technology and continuously train their security professionals, very little is used to increase the security awareness among the
Losses, gains, and hyperbolic discounting: An experimental approach to information security attitudes and behavior
free download
Surveys and experiments have uncovered a dichotomy between stated attitudes and actual behavior of individuals facing decisions affecting their privacy and their personal information security . Surveys report that most individuals are concerned about the security of their
Effectiveness of information security awareness methods based on psychological theories
free download
Effective user security awareness campaign can greatly enhance the information assurance posture of an organization. Information security includes organizational aspects, legal aspects, institutionalization and applications of best practices in addition to security
E-learning and information security management
free download
Many e-learning institutions are rushing into adopting ICT without carefully planning and understanding any related security concerns. E-learning is a new method of learning which ultimately depends on the Internet in its execution. The Internet has become the venue for a
Human factors and information security : individual, culture and security environment
free download
The application of information security technologies do not always result in improved security. Human factors play a significant role in computer security; factors such as individual difference, cognitive abilities and personality traits can impact on behaviour. Information
Classification of Security Threats in Information Systems.
free download
Abstract Information systems are frequently exposed to various types of threats which can cause different types of damages that might lead to significant financial losses. Information security damages can range from small losses to entire information system destruction
Implementing information security in the 21st century do you have the balancing factors
free download
JD Nosworthy- Computers security 130.18.86.27 Over the last 10 years or so the focus of selling information security has been towards identifying the needfor information security , obtaining board approval and senior management support. Once this has been sold and the information security policy statement
A framework for comparing different information security risk analysis methodologies
free download
Organisations wanting to conduct information security risk analysis find selecting a methodology problematic. Currently there are numerous risk analysis methodologies available, some of which are qualitative while others are more quantitative in nature. These
E-learning: Incorporating information security governance.
free download
The global society is living in the electronic age where electronic transactions such as e- mail, e-banking, e-commerce and e-learning are becoming more and more prominent. This paper primarily focuses on e-learning and how important it is to ensure that proper
Building an information technology security awareness and training program
free download
Authority This document has been developed by the National Institute of Standards and Technology (NIST) in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 200 Public Law 107-347 CSE PROJECTS