Digital Frugality for Managerial Tasks: Three-way Interaction Effects of Redundancy of Software on Techno-stressors

In this research, we study how non-frugal organizational IT practices can affect employee well-being in completing managerial tasks. Building on the conservation of resource theory, we will examine a three-way interaction effect of the redundancy of required skills, required resources, and obtained results on technology-driven stressors. Data was collected from 357 managers to analyze the proposed three-way interaction effect for techno-overload, techno-complexity, techno- invasion, techno-insecurity, and techno-uncertainty. This article highlights the importance of being frugal – that is, acknowledging and diminishing redundancy among ICT assets and usage within organizations - for reducing technostress among employees

Handling Stateful Firewall Anomalies

Part 4: Access ControlInternational audienceA security policy consists of a set of rules designed to protect an information system. To ensure this protection, the rules must be deployed on security components in a consistent and non-redundant manner. Unfortunately, an empirical approach is often adopted by network administrators, to the detriment of theoretical validation. While the literature on the analysis of configurations of first generation (stateless) firewalls is now rich, this is not the case for second and third generation firewalls, also known as stateful firewalls. In this paper, we address this limitation, and provide solutions to analyze and handle stateful firewall anomalies and misconfiguration

Models of information systems devoted to medical-imaging labs: an experience in the CNR clinical physiology institute

At the end of the 1990s, the SPERIGEST project, supported by the Italian Health Ministry, and fully developed at the Institute of Clinical Physiology, established an operative integrated clinical and healthcare information system. Continuously evolving and dynamically optimising procedures and protocols solve problems of: harmonisation of instrumentation of different brands; management of multimedia data provided by different medical imaging labs; satisfaction of both clinical and research needs; legal and economical requirements; user-friendship of the system. A ten years experience shows positive approach by medical and healthcare operators, coordinated activity, higher efficiency, simplified procedures, major concentration on medical decision-making

DIVERSITY WITH COOPERATION IN DATABASE SCHEMATA: SEMANTIC RELATIVISM

Diversity is an asset, as long as it allows cooperation. In the case of information systems and databases, the data model used is a help or a hindrance for this cooperation of diverse views; this is characterized by the semantic relativism of the model. We first analyze diversity within an information system, where cooperation is made possible by the use of external schemata; semantic relativism of the model of the database schema is the key f,ictor. Then we discuss diversity between different information systenis, where they cooperate through interoperability, by schema integration into federated schemata; semantic relativism of the canonical data model is shown to be determinant

Using Argumentation Logic for Firewall Policy Specification and Analysis

Firewalls are important perimeter security mechanisms that imple-ment an organisation's network security requirements and can be notoriously difficult to configure correctly. Given their widespread use, it is crucial that network administrators have tools to translate their security requirements into firewall configuration rules and ensure that these rules are consistent with each other. In this paper we propose an approach to firewall policy specification and analysis that uses a formal framework for argumentation based preference reasoning. By allowing administrators to define network abstractions (e.g. subnets, protocols etc) security requirements can be specified in a declarative manner using high-level terms. Also it is possible to specify preferences to express the importance of one requirement over another. The use of a formal framework means that the security requirements defined can be automatically analysed for inconsistencies and firewall configurations can be automatically generated. We demonstrate that the technique allows any inconsistency property, including those identified in previous research, to be specified and automatically checked and the use of an argumentation reasoning framework provides administrators with information regarding the causes of the inconsistency

Post-Westgate SWAT : C4ISTAR Architectural Framework for Autonomous Network Integrated Multifaceted Warfighting Solutions Version 1.0 : A Peer-Reviewed Monograph

Police SWAT teams and Military Special Forces face mounting pressure and challenges from adversaries that can only be resolved by way of ever more sophisticated inputs into tactical operations. Lethal Autonomy provides constrained military/security forces with a viable option, but only if implementation has got proper empirically supported foundations. Autonomous weapon systems can be designed and developed to conduct ground, air and naval operations. This monograph offers some insights into the challenges of developing legal, reliable and ethical forms of autonomous weapons, that address the gap between Police or Law Enforcement and Military operations that is growing exponentially small. National adversaries are today in many instances hybrid threats, that manifest criminal and military traits, these often require deployment of hybrid-capability autonomous weapons imbued with the capability to taken on both Military and/or Security objectives. The Westgate Terrorist Attack of 21st September 2013 in the Westlands suburb of Nairobi, Kenya is a very clear manifestation of the hybrid combat scenario that required military response and police investigations against a fighting cell of the Somalia based globally networked Al Shabaab terrorist group.Comment: 52 pages, 6 Figures, over 40 references, reviewed by a reade

A Survey on Enterprise Network Security: Asset Behavioral Monitoring and Distributed Attack Detection

Enterprise networks that host valuable assets and services are popular and frequent targets of distributed network attacks. In order to cope with the ever-increasing threats, industrial and research communities develop systems and methods to monitor the behaviors of their assets and protect them from critical attacks. In this paper, we systematically survey related research articles and industrial systems to highlight the current status of this arms race in enterprise network security. First, we discuss the taxonomy of distributed network attacks on enterprise assets, including distributed denial-of-service (DDoS) and reconnaissance attacks. Second, we review existing methods in monitoring and classifying network behavior of enterprise hosts to verify their benign activities and isolate potential anomalies. Third, state-of-the-art detection methods for distributed network attacks sourced from external attackers are elaborated, highlighting their merits and bottlenecks. Fourth, as programmable networks and machine learning (ML) techniques are increasingly becoming adopted by the community, their current applications in network security are discussed. Finally, we highlight several research gaps on enterprise network security to inspire future research.Comment: Journal paper submitted to Elseive

Aggregating and Deploying Network Access Control Policies

The existence of errors or inconsistencies in the configuration of security components, such as filtering routers and/or firewalls, may lead to weak access control policies -- potentially easy to be evaded by unauthorized parties. We present in this paper a proposal to create, manage, and deploy consistent policies in those components in an efficient way. To do so, we combine two main approaches. The first approach is the use of an aggregation mechanism that yields consistent configurations or signals inconsistencies. Through this mechanism we can fold existing policies of a given system and create a consistent and global set of access control rules -- easy to maintain and manage by using a single syntax. The second approach is the use of a refinement mechanism that guarantees the proper deployment of such a global set of rules into the system, yet free of inconsistencies.Comment: 9 page