Gender Dimensions in Geo-spatial Security Research: Disciplinary Confrontations

Several EU policy papers have called for an improved dialogue between security policymakers, social science researchers and science and technology researchers working on security (Pullinger, 2006). To increase the understanding of gender dimensions in security, the traditional technological response can be complemented by socio-political knowledge. Gender inequities in the socio-economic and political spheres can be analysed by such a comprehensive socio-political and technological approach. In the field of geo-spatial security research, Hyndman (2004) proposes to bridge a gap between gender studies and geographical analysis of security. In this paper, a workshop is used to illustrate both the potential and the difficulties of such a collaborative and interdisciplinary approach. The workshop aim was to define a geographical and spatial analysis of gender dimensions in security. This paper discusses the gender dimensions in geo-spatial analysis, as well as the pros and cons of an interdisciplinary approach. Integrating the overall complexity of gender dimensions as a spatial component in security monitoring is a promising challenge, but is still to be achieved by the technological community. This paper explains the epistemological and methodological issues and opportunities of this dialogue

Traditional and Non-Traditional Security Issues in Nigeria: A Panoramic View of Contemporary Issues

From the literal depiction of security landscape in Nigeria so far, there is nothing new on the lexicon of security issues except for the perspectives and the methodologies through which Nigerian security watchers and scholars argue and presents some of these enduring threats. As a pillar of difference, this paper applies an inclusive and sustainable approach towards the studies and management of security issues as it presents a panoramic view of burning sectoral security files in Nigeria. On the methodology, the study adopts qualitative descriptive method of analysis. One of the major takeaways from this study is on the argument that the optics of today’s security issues around the globe calls for a collective effort not only in extending but democratizing security studies and management to every component of a given system.  Some of the findings points to historical issues like political co-option of different conservative ethnic and religious entities to forge unity in diversity without deep understanding of its political, economic, and socio-cultural implications and this answers the missing puzzle to the impasse of persistent violent crisis in Nigeria. In conclusion, this paper recommends the need to employ the mix of digital security and hard data in fighting security issues through pinpointing of flashpoints, hotbeds and typologies of security threats available in which state or region per time. This is what the Nigerian state needs to advance its security from the existing negative state to a positive and sustainable state that can guarantee comprehensive development. Keywords: Traditional security, Non-Traditional security, Nigeria, Military, Political, Economic, Societal, Human, and Environmental security Issues

A Semantic Approach to Secure Collaborative Inter-Organizational eBusiness Processes (SSCIOBP)

The information supply chain (ISC) involves the exchange, organization, selection, and synthesis of relevant knowledge and information about production, purchase planning, demand forecasting, and inventory among collaborating business partners in a value chain. Information and knowledge sharing in an ISC occurs in a business process context. Seamless knowledge exchange within and across organizations involved in secure business processes is critically needed to secure and cultivate the information supply chain. Extant literature does not explicitly consider or systematically represent component knowledge, process knowledge and security knowledge for business processes within and across organizations. As a result, organizations engaged in collaborative inter-organizational processes continue to be plagued with issues such as semantic conflict issues, lack of integration of heterogeneous systems, and lack of security knowledge regarding authorized access to resources. Without appropriate security controls, manual interventions lead to unauthorized access to resources. These problems motivate our Semantic Approach to Secure Collaborative Inter-Organizational eBusiness Processes (SSCIOBP). We follow a design science paradigm to identify meta-requirements of SSCIOBP and develop the design artifact. SSCIOBP is evaluated using observational and descriptive evaluation methods following Hevner et al. (2004). We apply our approach to show how the Collaborative Planning Forecasting and Replenishment (CPFR) industry standard models can be enhanced using the proposed design artifact. We apply SSCIOBP to a case study to illustrate its applicability in mapping core business processes of organizations to solve semantic inter-operability issues and systematically incorporate component, process and security knowledge in the design of secure business processes across the information supply chain

What makes an industrial control system security testbed credible and acceptable? Towards a design consideration framework

The convergence of Industrial Control System (ICS) with Information Technologies (IT) coupled with the resulting and widely publicized cyber security incidents have made ICS security and resilience issues of critical concern to operators and governments. The inability to apply traditional IT security practice to ICSs further complicates the challenges of effectively securing critical industrial systems. To investigate these challenges without impacting upon live system operations, testbeds are being widely used as viable options to explore, develop and assess security risks and controls. However, how an ICS testbed is designed, and its attributes, can directly impact not only on its viability but also its credibility and acceptance for use as a whole. Through a systematic review and analysis of ICS security testbed design factors, a novel outline conceptual mapping of design factors for building credibility and acceptance is proposed. These design considerations include: design objectives, implementation approach, architectural component coverage, core operational characteristics, and evaluation approach

Predictive Policing in China: An Authoritarian Dream of Public Security

China’s public security forces are employing more and more technology in their push for an ‘informatization (信息化)’ of their police work. The application of analytical techniques for solving past crimes or preventing future crimes based on big data analysis is thereby a key component of China’s approach for technology-led policing. China’s holistic policy approach for the purpose of maintaining social stability that is encompassing an ever-growing range of societal issues, the vast investments of its police forces in new technologies and its paramount objective of security, that clearly supersedes inter alia concerns of privacy or transparency, may be considered extremely conducive to the establishment of effective predictive policing in China. This paper however argues, that the application of predictive policing in China is heavily flawed as the systemic risks and pitfalls of predictive policing cannot be mitigated but are rather exacerbated by China’s approach towards policing and its criminal justice system. It is therefore to be expected that predictive policing in China will mainly be a more refined tool for the selective suppression of already targeted groups by the police and does not substantially reduce crime or increase overall security

Assessing Food Insecurity in the Hudson Valley Through the Capabilities Lens

In the Hudson Valley Region in Upstate New York there is an existing conundrum in which despite all areas of the region being covered by farmland with an abundance of fresh food available in every county; there are still people going hungry and experiencing food insecurity. Low-income communities as well as low-access communities are disproportionately dealing with the inequities of the Hudson Valley food system. This project looks at past and existing frameworks towards assessing and measuring food security and discusses these approaches in relation to the methodologies being employed by local organizations to assess the prevalence of food insecurity in the region. This project finds that many barriers to food security experienced by communities include lack of sufficient income, high housing costs in conjunction with low wages, lack of transportation in conjunction with locality, access, cultural and language barriers, and race and ethnicity. This project takes a closer look at the application of Amartya Sen’s Capability Approach to food security analysis, by urging policy makers and organizations to look at food security and the food system in a more holistically and integrated way. Many local organizations focus on the availability and access dimensions of food security, while excluding the utilization component, as well as individual capabilities. As agents of one’s own life and future, individual’s make choices on how they want to live based on the lives they choose to value. Capabilities are further dependent on a person’s real freedom or opportunities to achieve the lives they value living without being constrained by systemic forces. Through this analysis we see how many issues pertaining to food security are not solely a problem of the food and agriculture sectors. The capability approach takes this into account. The approach further addresses the quality, utilization, and the social acceptability of food, while acknowledging that human well-being and development needs to be looked at from a more holistic lens as many obstacles to living healthy and fulfilling lives stem from an interconnected web of systemic issues

Enhancement of information security management system by embedding corporate ethical virtue as ethical issues solution

The effectiveness and successful of the Information Security (IS) can be influences by many factors such as the human, process, technology and organizational. Hence, the Information Security Management System (ISMS) is an appropriate approach for handling and managing the information security. However, there are issues of an ethical among human and organizational cultures which affect the successful of the information security. This is because of only focusing on the technical aspect rather than human and organizational solution. The small implementing of the ethics within the information security management leads to leakage of the information in the organization. Thus, the information must be protected by highlight the important of the ethical to make the information valuable assets to the organization. Due to these issues, there are several ethical issues in information security management such as human factor as illegal behaviour and human error, the technology, the process of information security management as accountability and responsibility and also the management and organizational culture factors of information security. In this research, the PDCA is an approach used as the Information Security Management (ISM) which consist of the plan, do, check and act phase. In order to evaluate the enhancement of the ISMS process, the selected Corporate Ethical Virtue (CEV) component is embedded toward the processes as an ethical issues solution. The selected CEV components are Supportability, Clarity, Discussability, Transparency, Sanctionability, Feasibility and Congruency. The proposed of enhancement ISMS process by embedding CEV as an ethical issues solution is validate by the credibility experts

MIGRATING DATA TO THE CLOUD: AN ANALYSIS OF CLOUD STORAGE PRIVACY AND SECURITY ISSUES AND SOLUTIONS

The rise of a digital economy has transformed how individuals do business and carry out daily tasks, including how data is maintained. Because of the vast amount of data that organizations own, cloud storage, a component of the cloud computing paradigm, has emerged as a feasible solution to many businesses\u27 data storage concerns. Despite this, organizations are still cautious about moving all of their data to the cloud due to security concerns, particularly since data management is outsourced to third parties. The aim of this paper is to provide an overview of current challenges in the field of cloud storage privacy and security, with an emphasis on issues related to data confidentiality, integrity, and availability. Using a comprehensive literature study, this research investigates innovative strategies for creating a secure cloud storage environment. The idea of maintaining privacy and data security through the very design of the services, or through the so-called "privacy by design" approach, is explained while avoiding getting into the technical details of how the algorithms and presented solutions work

Model-Based Support for Information Technology Security Decision Making

With the increase in the number and diversity of attacks, a main concern for organizations is to keep their network and systems secure. Existing frameworks to manage Information Technology (IT) security include empirical evaluations, security risk assessments, cost-benefit analyses, and adversary-based evaluations. These techniques are often not easy to apply and their results are usually difficult to convey. This dissertation presents a model to help reasoning about security and to support communication between IT security experts and managers. The model identifies major components of security: threat, user, organization, asset, and emphasizes the human element. Characteristics for each component are determined and cover the attacker's motivations, the user's risk perception, the IT security team expertise, and the depth of protection of the asset. These characteristics are linked through causal influences that can represent positive or negative relationships and be leveraged to rank alternatives through a set of weights. The described formalism allows IT security officers to brainstorm about IT security issues, to evaluate the impacts of alternative solutions on characteristics of security, and ultimately on the level of security, and to communicate their findings to managers. The contributions of this dissertation are three-fold. First, we introduce an approach to develop and validate a model for IT security decision making, given known issues related to this task: difficulties in sharing security data, lack of accepted security metrics, limitation in available information and use of experts. We propose a development and validation process that relies on two sources of information: experts and data. Second, we provide the results of the model development for academic environments. The resulting model is based on extended discussions with the Director of Security at the University of Maryland (UMD), two interviewed experts, fifteen surveyed experts, and empirical data collected at UMD. Finally, we demonstrate the use of the model to justify IT security decisions and present methodological steps towards measuring various characteristics of the model