3D Face tracking and gaze estimation using a monocular camera

Estimating a user’s gaze direction, one of the main novel user interaction technologies, will eventually be used for numerous applications where current methods are becoming less effective. In this paper, a new method is presented for estimating the gaze direction using Canonical Correlation Analysis (CCA), which finds a linear relationship between two datasets defining the face pose and the corresponding facial appearance changes. Afterwards, iris tracking is performed by blob detection using a 4-connected component labeling algorithm. Finally, a gaze vector is calculated based on gathered eye properties. Results obtained from datasets and real-time input confirm the robustness of this metho

Persistent issues in encryption software: A heuristic and cognitive walkthrough

The support information accompanying security software can be difficult to understand by end-users, who have little knowledge in cyber security. One mechanism for ensuring the integrity and confidentiality of information is encryption software. Unfortunately, software usability issues can hinder an end-user’s capability to properly utilise the security features effectively. To date there has been little research in investigating the usability of encryption software and proposing solutions for improving them. This research paper analysed the usability of encryption software targeting end-users. The research identified several issues that could impede the ability of a novice end-user to adequately utilise the encryption software. A set of proposed recommendations are suggested to improve encryption software which could be empirically verified through further research

Network Security Devices and Protocols Using State Model Diagrams

Network security is concerned with protecting sensitive information, limiting unauthorised access, and reinforcing network performance. An important factor in network security is encryption. Internet Security Protocol (IPSec) is the de facto open standard for encryption and replaces the older Cisco Encryption Technology (CET). Both encryption protocols are typically implemented and managed using the text based Command Line Interface (CLI). A graphical user interface (GUI) is available; however, it is not routinely used. Regardless of whether the CLI or GUI is used, both encryption suites are complex to implement and manage. State Model Diagrams (SMDs) were developed and successfully used as the pedagogical foundation of internetworking technologies. SMDs integrate pertinent output from devices and protocol finite state information. SMDs are modular and hierarchical models thereby providing top down deconstruction as a cascaded structure. In terms of ease of use, hyperlinks may be used to navigate between different state tables and diagrams. Moreover, as hierarchical model characteristics allow technical detail to be presented and integrated to assist in managing devices. In this paper, SMDs were used to evaluate CET and IPSec via experiments in order to determine their potential value as network management tool

A Socio-Technical Approach to Information Security

The main objective of this paper is to present a preliminary socio-technical information security (STInfoSec) framework for the development of online information security applications that addresses both social and technical aspects of information security design. The paper looks at theoretical aspects related to a view of information security as a soci0-technical system in the context of online banking. The STInfoSec framework investigates usability and security requirements for an improved online banking system that seeks to improve the adoption and continued use of the service. The STInfoSec framework proposes 12 usable security design principles that assist in addressing security and usability requirements in online applications such as online banking. The framework seeks to influence the behaviour of designers of online information security applications by incorporating principles that consider the end user behaviour of such applications. The validation of the framework is beyond the scope of this paper

The Impact Of Information Richness On Information Security Awareness Training Effectiveness

In recent years, rapid progress in the use of the internet has resulted in huge losses in many organizations due to lax security. As a result, information security awareness is becoming an important issue to anyone using theInternet. To reduce losses, organizations have made information security awareness a top priority. The threemain barriers to information security awareness are: (1) general security awareness, (2) employees’ computerskills, and (3) organizational budgets. Online learning appears a feasible alternative to providing information security awareness and countering these three barriers. Research has identified three levels of security awareness: perception, comprehension and projection. This paper reports on a laboratory experiment thatinvestigates the impacts of hypermedia, multimedia and hypertext to increase information security awareness among the three awareness levels in an online training environment. The results indicate that: (1) learners who have the better understanding at the perception and comprehension levels can improve understanding at the projection level; (2) learners with text material perform better at the perception level; and (3) learners withmultimedia material perform better at the comprehension level and projection level. The results could be used by educators and training designers to create meaningful information security awareness material

Addressing Organisational, Individual and Technological Aspects and Challenges in Information Security Management: Applying a Framework for a Case Study

This study investigates information security management challenges in a large organisation. The aim of this study is to apply the Technological-Organisational-Individual (TOI) Framework in this organisation to determine to what extent current security management practices are informed by findings of relevant literature and standards on information security incorporated in the framework. The TOI framework is used to map factors influencing security behavior to current practices applied by the organisation and to analyse them. Conclusions suggest that some factors that play a critical role in information security management are not adequately covered. This study also aims to provide recommendations to security managers on how to address these factors to implement security management practices that can improve ISP compliance, and inform literature on any additional security management practices. Further, this study includes insights into how organisations may exploit key strengths in applying information security management to achieve good security behaviour among their employees and take an adaptive approach to changing conditions, such as teleworking

Towards a Heuristic Model for Usable and Secure Online Banking

The main purpose of this paper is to propose a heuristic model for usable and secure online banking. The model is based on identified heuristics that contribute to the design of usable security in the context of online banking security. Little research has focused on the balance between usability and security in online banking authentication mechanisms when evaluating the effectiveness of security systems. Nielsen’s ten usability principles are still fundamentally important in designing usable secure systems, as indicated by the analysis of heuristics developed from recent studies. Online banking users are vulnerable to numerous old and new sophisticated online security threats that are increasingly being developed and targeting this unsuspecting group of users. An investigation into this aspect of security design can certainly benefit both the online banking users and online banking merchants, and foster a secure and usable banking environment. In this paper, a heuristic model for usable online banking security is developed, based on security design principles found in literature. Using data collected from users of online banking in South Africa through a questionnaire and banking security personnel interviews, we envisaged refining the identified heuristics and developing a checklist for each heuristic used, for heuristic evaluation by field experts

The Role of Heuristics in Information Security Decision Making

Inadvertent human errors (e.g., clicking on phishing emails or falling for a spoofed website) have been the primary cause of security breaches in recent years. To understand the root cause of these errors and examine practical solutions for users to overcome them, we applied the theory of bounded rationality and explored the role of heuristics (i.e., short mental processes) in security decision making. Interviews with 27 participants revealed that users rely on various heuristics to simplify their decision making in the information security context. Specifically, users rely on experts’ comments (i.e., expertise heuristic), information at hand, such as recent events (i.e., availability heuristic), and security-representative visual cues (i.e., representativeness heuristic). Findings also showed the use of other heuristics, including affect, brand, and anchoring, to a lesser degree. The results have practical and theoretical significance. In particular, they extend the literature by integrating bounded rationality concepts and elaborating “how” users simplify their security decision making by relying on cognitive heuristics

E-Restaurant

Food & Beverage Dine-in Ordering System is actually to transform the labor-intensive way of taking an order in restaurants in Malaysia to a computerized system. The objectives of the system are to minimize the number of employee and the cost of labor. As well ofminimizing the cost and employee, it will also help to avoid probable to make mistake since it is a machine and it will be done by the customers itself. As technology changes, everything in Malaysia have been changed according to the latest technology but not for the ordering system. The methodology that will be use throughout the project is Rapid Application Development (RAD) method. There are 4 phases in using RAD method which are; Requirement Planning, User Design, Construction and Cut Over. The final phase will be implementing after the system has been finish

The Desingn and Implementation of the Management Information System for Software Parkp

某市软件投资发展有限公司是某市软件园的运营管理单位，承担了培植和发展软件企业、为某市软件产业发展和软件企业成长提供专业化服务、积极促进某市软件业高速发展等重大任务。但公司目前的管理方式仍以手工为主，园区的管理数据主要通过Excel和Word记录，部门及人员间使用电子邮件传递信息，造成了诸如：程序繁琐，查找不便；信息格式不统一，各部门之间信息无法有效共享，数据重复输入与存储；信息更新不及时，传递渠道不畅，无法实现企业服务的透明化管理等问题，严重制约了企业的发展。 论文在分析某市软件投资发展有限公司信息管理现况的基础上，提出了一个基于日常办公和业务发展需求的管理信息系统解决方案。由于用户在系统开...As the operations management unit of certain city Software Park,Software Investment Development Co., Ltd. takes charge of many major tasks, including cultivating and promoting software enterprises, providing specific services for the city software industry’s development, and speeding the development of software industry in the city actively, etc. However, the company’s current management is still ...学位：工程硕士院系专业：软件学院_工程硕士(软件工程)学号：X200923051