The Internet of Things Connectivity Binge: What are the Implications?

Despite wide concern about cyberattacks, outages and privacy violations, most experts believe the Internet of Things will continue to expand successfully the next few years, tying machines to machines and linking people to valuable resources, services and opportunities

Toward optimal multi-objective models of network security: Survey

Information security is an important aspect of a successful business today. However, financial difficulties and budget cuts create a problem of selecting appropriate security measures and keeping networked systems up and running. Economic models proposed in the literature do not address the challenging problem of security countermeasure selection. We have made a classification of security models, which can be used to harden a system in a cost effective manner based on the methodologies used. In addition, we have specified the challenges of the simplified risk assessment approaches used in the economic models and have made recommendations how the challenges can be addressed in order to support decision makers

Towards optimal multi-objective models of network security: survey

Information security is an important aspect of a successful business today. However, financial difficulties and budget cuts create a problem of selecting appropriate security measures and keeping networked systems up and running. Economic models proposed in the literature do not address the challenging problem of security countermeasure selection. We have made a classification of security models, which can be used to harden a system in a cost effective manner based on the methodologies used. In addition, we have specified the challenges of the simplified risk assessment approaches used in the economic models and have made recommendations how the challenges can be addressed in order to support decision makers

What lies beneath? The role of informal and hidden networks in the management of crises

Crisis management research traditionally focuses on the role of formal communication networks in the escalation and management of organisational crises. Here, we consider instead informal and unobservable networks. The paper explores how hidden informal exchanges can impact upon organisational decision-making and performance, particularly around inter-agency working, as knowledge distributed across organisations and shared between organisations is often shared through informal means and not captured effectively through the formal decision-making processes. Early warnings and weak signals about potential risks and crises are therefore often missed. We consider the implications of these dynamics in terms of crisis avoidance and crisis management

A security framework for networked RFID

In the last decade RFID technology has become a major contender for managing large scale logistics operations and generating and distributing the massive amount of data involved in such operations. One of the main obstacles to the widespread deployment and adoption of RFID systems is the security issues inherent in them. This is compounded by a noticeable lack of literature on how to identify the vulnerabilities of a RFID system and then effectively identify and develop counter measures to combat the threats posed by those vulnerabilities. In this chapter, the authors develop a conceptual framework for analysing the threats, attacks, and security requirements pertaining to networked RFID systems. The vulnerabilities of, and the threats to, the system are identified using the threat model. The security framework itself consists of two main concepts: (1) the attack model, which identifies and classifies the possible attacks, and (2) the system model, which identifies the security requirements. The framework gives readers a method with which to analyse the threats any given system faces. Those threats can then be used to identify the attacks possible on that system and get a better understanding of those attacks. It also allows the reader to easily identify all the security requirements of that system and identify how those requirements can be met

The changing nature of risk and risk management: the challenge of borders, uncertainty and resilience

No abstract available

Printers are dangerous

Proceeding of: IEEE 35th International Carnahan Conference on Security Technology, London , UK, 16 - 19 october 2001In the last years, many new intelligent full-featured peripherals that assist information systems have appeared. Those peripherals, such as printers, copiers, PDA organizers, Web cameras, etc. usually have a very friendly way of configuration and management (via http, ftp or telnet servers) and offer more networked services everyday. Their computation, memory and networking capabilities have also increased in the last years. Nowadays, many of them are comparable to workstations and run complete operating systems such as Linux or Solaris. All those factors imply that these devices could represent a real threat to the security of information systems. This problem is even worse because most of those peripherals have been considered inoffensive and not many administrators are aware of their security risks. The most representative example is printers, which have been traditionally considered totally harmless devices. At the present time, that idea is difficult to defend because many security incidents related with networked printers have arisen in the last years. System and security administrators have traditionally focused their efforts in fortifying servers and hosts only, but it seems that this view is not enough for assuring security nowadays.Publicad