2,794 research outputs found
Digital Frugality for Managerial Tasks: Three-way Interaction Effects of Redundancy of Software on Techno-stressors
In this research, we study how non-frugal organizational IT practices can affect employee well-being in completing managerial tasks. Building on the conservation of resource theory, we will examine a three-way interaction effect of the redundancy of required skills, required resources, and obtained results on technology-driven stressors. Data was collected from 357 managers to analyze the proposed three-way interaction effect for techno-overload, techno-complexity, techno- invasion, techno-insecurity, and techno-uncertainty. This article highlights the importance of being frugal – that is, acknowledging and diminishing redundancy among ICT assets and usage within organizations - for reducing technostress among employees
Handling Stateful Firewall Anomalies
Part 4: Access ControlInternational audienceA security policy consists of a set of rules designed to protect an information system. To ensure this protection, the rules must be deployed on security components in a consistent and non-redundant manner. Unfortunately, an empirical approach is often adopted by network administrators, to the detriment of theoretical validation. While the literature on the analysis of configurations of first generation (stateless) firewalls is now rich, this is not the case for second and third generation firewalls, also known as stateful firewalls. In this paper, we address this limitation, and provide solutions to analyze and handle stateful firewall anomalies and misconfiguration
Models of information systems devoted to medical-imaging labs: an experience in the CNR clinical physiology institute
At the end of the 1990s, the SPERIGEST project, supported by the Italian Health Ministry, and fully developed at the Institute of Clinical Physiology, established an operative integrated clinical and healthcare information system. Continuously evolving and dynamically optimising procedures and protocols solve problems of: harmonisation of instrumentation of different brands; management of multimedia data provided by different medical imaging labs; satisfaction of both clinical and research needs; legal and economical requirements; user-friendship of the system. A ten years experience shows positive approach by medical and healthcare operators, coordinated activity, higher efficiency, simplified procedures, major concentration on medical decision-making
DIVERSITY WITH COOPERATION IN DATABASE SCHEMATA: SEMANTIC RELATIVISM
Diversity is an asset, as long as it allows cooperation. In the case of information systems and databases, the data model used is a help or a hindrance for this cooperation of diverse views; this is characterized by the semantic relativism of the model. We first analyze diversity within an information system, where cooperation is made possible by the use of external schemata; semantic relativism of the model of the database schema is the key f,ictor. Then we discuss diversity between different information systenis, where they cooperate through interoperability, by schema integration into federated schemata; semantic relativism of the canonical data model is shown to be determinant
Using Argumentation Logic for Firewall Policy Specification and Analysis
Firewalls are important perimeter security mechanisms that imple-ment an organisation's network security requirements and can be notoriously difficult to configure correctly. Given their widespread use, it is crucial that network administrators have tools to translate their security requirements into firewall configuration rules and ensure that these rules are consistent with each other. In this paper we propose an approach to firewall policy specification and analysis that uses a formal framework for argumentation based preference reasoning. By allowing administrators to define network abstractions (e.g. subnets, protocols etc) security requirements can be specified in a declarative manner using high-level terms. Also it is possible to specify preferences to express the importance of one requirement over another. The use of a formal framework means that the security requirements defined can be automatically analysed for inconsistencies and firewall configurations can be automatically generated. We demonstrate that the technique allows any inconsistency property, including those identified in previous research, to be specified and automatically checked and the use of an argumentation reasoning framework provides administrators with information regarding the causes of the inconsistency
Post-Westgate SWAT : C4ISTAR Architectural Framework for Autonomous Network Integrated Multifaceted Warfighting Solutions Version 1.0 : A Peer-Reviewed Monograph
Police SWAT teams and Military Special Forces face mounting pressure and
challenges from adversaries that can only be resolved by way of ever more
sophisticated inputs into tactical operations. Lethal Autonomy provides
constrained military/security forces with a viable option, but only if
implementation has got proper empirically supported foundations. Autonomous
weapon systems can be designed and developed to conduct ground, air and naval
operations. This monograph offers some insights into the challenges of
developing legal, reliable and ethical forms of autonomous weapons, that
address the gap between Police or Law Enforcement and Military operations that
is growing exponentially small. National adversaries are today in many
instances hybrid threats, that manifest criminal and military traits, these
often require deployment of hybrid-capability autonomous weapons imbued with
the capability to taken on both Military and/or Security objectives. The
Westgate Terrorist Attack of 21st September 2013 in the Westlands suburb of
Nairobi, Kenya is a very clear manifestation of the hybrid combat scenario that
required military response and police investigations against a fighting cell of
the Somalia based globally networked Al Shabaab terrorist group.Comment: 52 pages, 6 Figures, over 40 references, reviewed by a reade
A Survey on Enterprise Network Security: Asset Behavioral Monitoring and Distributed Attack Detection
Enterprise networks that host valuable assets and services are popular and
frequent targets of distributed network attacks. In order to cope with the
ever-increasing threats, industrial and research communities develop systems
and methods to monitor the behaviors of their assets and protect them from
critical attacks. In this paper, we systematically survey related research
articles and industrial systems to highlight the current status of this arms
race in enterprise network security. First, we discuss the taxonomy of
distributed network attacks on enterprise assets, including distributed
denial-of-service (DDoS) and reconnaissance attacks. Second, we review existing
methods in monitoring and classifying network behavior of enterprise hosts to
verify their benign activities and isolate potential anomalies. Third,
state-of-the-art detection methods for distributed network attacks sourced from
external attackers are elaborated, highlighting their merits and bottlenecks.
Fourth, as programmable networks and machine learning (ML) techniques are
increasingly becoming adopted by the community, their current applications in
network security are discussed. Finally, we highlight several research gaps on
enterprise network security to inspire future research.Comment: Journal paper submitted to Elseive
Aggregating and Deploying Network Access Control Policies
The existence of errors or inconsistencies in the configuration of security
components, such as filtering routers and/or firewalls, may lead to weak access
control policies -- potentially easy to be evaded by unauthorized parties. We
present in this paper a proposal to create, manage, and deploy consistent
policies in those components in an efficient way. To do so, we combine two main
approaches. The first approach is the use of an aggregation mechanism that
yields consistent configurations or signals inconsistencies. Through this
mechanism we can fold existing policies of a given system and create a
consistent and global set of access control rules -- easy to maintain and
manage by using a single syntax. The second approach is the use of a refinement
mechanism that guarantees the proper deployment of such a global set of rules
into the system, yet free of inconsistencies.Comment: 9 page
- …