A Risk Management Approach to the “Insider Threat”

Recent surveys indicate that the financial impact and operating losses due to insider intrusions are increasing. But these studies often disagree on what constitutes an "insider;" indeed, many define it only implicitly. In theory, appropriate selection of, and enforcement of, properly specified security policies should prevent legitimate users from abusing their access to computer systems, information, and other resources. However, even if policies could be expressed precisely, the natural mapping between the natural language expression of a security policy, and the expression of that policy in a form that can be implemented on a computer system or network, creates gaps in enforcement. This paper defines "insider" precisely, in terms of these gaps, and explores an access-based model for analyzing threats that include those usually termed "insider threats." This model enables an organization to order its resources based on the business value for that resource and of the information it contains. By identifying those users with access to high-value resources, we obtain an ordered list of users who can cause the greatest amount of damage. Concurrently with this, we examine psychological indicators in order to determine which users are at the greatest risk of acting inappropriately. We conclude by examining how to merge this model with one of forensic logging and auditing

Towards internet voting in the state of Qatar

Qatar is a small country in the Middle East which has used its oil wealth to invest in the country's infrastructure and education. The technology for Internet voting now exists or can be developed, but are the people of Qatar willing to take part in Internet voting for national elections?. This research identifies the willingness of government and citizens to introduce and participate in Internet voting (I-voting) in Qatar and the barriers that may be encountered when doing so. A secure I voting model for the Qatar government is then proposed that address issues of I-voting which might arise due to the introduction of such new technology. Recommendations are made for the Qatar government to assist in the introduction of I-voting. The research identifies the feasibility of I-voting and the government s readiness and willingness to introduce it. Multiple factors are examined: the voting experience, educational development, telecommunication development, the large number of Internet users, Qatar law which does not bar the use of I-voting and Qatar culture which supports I-voting introduction. It is shown that there is a willingness amongst both the people and the government to introduce I-voting, and there is appropriate accessibility, availability of IT infrastructure, availability of Internet law to protect online consumers and the existence of the e government project. However, many Qataris have concerns of security, privacy, usability, transparency and other issues that would need to be addressed before any voting system could be considered to be a quality system in the eyes of the voters. Also, the need to consider the security threat associated on client-side machines is identified where a lack of user awareness on information security is an important factor. The proposed model attempts to satisfy voting principles, introducing a secure platform for I-voting using best practices and solutions such as the smart card, Public Key Infrastructure (PKI) and digital certificates. The model was reviewed by a number of experts on Information Technology, and the Qatari culture and law who found that the system would, generally, satisfy voting principles, but pointed out the need to consider the scalability of the model, the possible cyber-attacks and the risks associated with voters computers. which could be reduced by enhancing user awareness on security and using secure operating systems or Internet browsers. From these findings, a set of recommendations were proposed to encourage the government to introduce I-voting which consider different aspects of I-voting, including the digital divide, e-literacy, I voting infrastructure, legal aspects, transparency, security and privacy. These recommendations were also reviewed by experts who found them to be both valuable and effective. Since literature on Internet voting in Qatar is sparse, empirical and non-empirical studies were carried out in a variety of surveys, interviews and experiments. The research successfully achieved its aim and objectives and is now being considered by the Qatari Government

Towards Internet Voting in the State of Qatar

Qatar is a small country in the Middle East which has used its oil wealth to invest in the country's infrastructure and education. The technology for Internet voting now exists or can be developed, but are the people of Qatar willing to take part in Internet voting for national elections?. This research identifies the willingness of government and citizens to introduce and participate in Internet voting (I-voting) in Qatar and the barriers that may be encountered when doing so. A secure I voting model for the Qatar government is then proposed that address issues of I-voting which might arise due to the introduction of such new technology. Recommendations are made for the Qatar government to assist in the introduction of I-voting. The research identifies the feasibility of I-voting and the government s readiness and willingness to introduce it. Multiple factors are examined: the voting experience, educational development, telecommunication development, the large number of Internet users, Qatar law which does not bar the use of I-voting and Qatar culture which supports I-voting introduction. It is shown that there is a willingness amongst both the people and the government to introduce I-voting, and there is appropriate accessibility, availability of IT infrastructure, availability of Internet law to protect online consumers and the existence of the e government project. However, many Qataris have concerns of security, privacy, usability, transparency and other issues that would need to be addressed before any voting system could be considered to be a quality system in the eyes of the voters. Also, the need to consider the security threat associated on client-side machines is identified where a lack of user awareness on information security is an important factor. The proposed model attempts to satisfy voting principles, introducing a secure platform for I-voting using best practices and solutions such as the smart card, Public Key Infrastructure (PKI) and digital certificates. The model was reviewed by a number of experts on Information Technology, and the Qatari culture and law who found that the system would, generally, satisfy voting principles, but pointed out the need to consider the scalability of the model, the possible cyber-attacks and the risks associated with voters computers. which could be reduced by enhancing user awareness on security and using secure operating systems or Internet browsers. From these findings, a set of recommendations were proposed to encourage the government to introduce I-voting which consider different aspects of I-voting, including the digital divide, e-literacy, I voting infrastructure, legal aspects, transparency, security and privacy. These recommendations were also reviewed by experts who found them to be both valuable and effective. Since literature on Internet voting in Qatar is sparse, empirical and non-empirical studies were carried out in a variety of surveys, interviews and experiments. The research successfully achieved its aim and objectives and is now being considered by the Qatari Government.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Electronic Voting

This open access book LNCS 13353 constitutes the proceedings of the 7th International Conference on Electronic Voting, E-Vote-ID 2022, held in Bregenz, Austria, in October 2022. The 10 full papers presented were carefully reviewed and selected from 39 submissions. The conference collected the most relevant debates on the development of Electronic Voting, from aspects relating to security and usability through to practical experiences and applications of voting systems, also including legal, social, or political aspects, amongst others

Electronic Voting

This open access book LNCS 13353 constitutes the proceedings of the 7th International Conference on Electronic Voting, E-Vote-ID 2022, held in Bregenz, Austria, in October 2022. The 10 full papers presented were carefully reviewed and selected from 39 submissions. The conference collected the most relevant debates on the development of Electronic Voting, from aspects relating to security and usability through to practical experiences and applications of voting systems, also including legal, social, or political aspects, amongst others

A Cloud-based Intrusion Detection and Prevention System for Mobile Voting in South Africa

Publishe ThesisInformation and Communication Technology (ICT) has given rise to new technologies and solutions that were not possible a few years ago. One of these new technologies is electronic voting, also known as e-voting, which is the use of computerised equipment to cast a vote. One of the subsets of e-voting is mobile voting (m-voting). M-voting is the use of mobile phones to cast a vote outside the restricted electoral boundaries. Mobile phones are pervasive; they offer connection anywhere, at any time. However, utilising a fast-growing medium such as the mobile phone to cast a vote, poses various new security threats and challenges. Mobile phones utilise equivalent software design used by personal computers which makes them vulnerable or exposed to parallel security challenges like viruses, Trojans and worms. In the past, security solutions for mobile phones encountered several restrictions in practice. Several methods were used; however, these methods were developed to allow lightweight intrusion detection software to operate directly on the mobile phone. Nevertheless, such security solutions are bound to fail securing a device from intrusions as they are constrained by the restricted memory, storage, computational resources, and battery power of mobile phones. This study compared and evaluated two intrusion detection systems (IDSs), namely Snort and Suricata, in order to propose a cloud-based intrusion detection and prevention system (CIDPS) for m-voting in South Africa. It employed simulation as the primary research strategy to evaluate the IDSs. A quantitative research method was used to collect and analyse data. The researcher established that as much as Snort has been the preferred intrusion detection and prevention system (IDPS) in the past, Suricata presented more effective and accurate results close to what the researcher anticipated. The results also revealed that, though Suricata was proven effective enough to protect m-voting while saving the computational resources of mobile phones, more work needs to be done to alleviate the false-negative alerts caused by the anomaly detection method. This study adopted Suricata as a suitable cloud-based analysis engine to protect a mobile voting application like XaP

Nation-State Attackers and their Effects on Computer Security

Nation-state intelligence agencies have long attempted to operate in secret, but recent revelations have drawn the attention of security researchers as well as the general public to their operations. The scale, aggressiveness, and untargeted nature of many of these now public operations were not only alarming, but also baffling as many were thought impossible or at best infeasible at scale. The security community has since made many efforts to protect end-users by identifying, analyzing, and mitigating these now known operations. While much-needed, the security community's response has largely been reactionary to the oracled existence of vulnerabilities and the disclosure of specific operations. Nation-State Attackers, however, are dynamic, forward-thinking, and surprisingly agile adversaries who do not rest on their laurels and are continually advancing their efforts to obtain information. Without the ability to conceptualize their actions, understand their perspective, or account for their presence, the security community's advances will become antiquated and unable to defend against the progress of Nation-State Attackers. In this work, we present and discuss a model of Nation-State Attackers that can be used to represent their attributes, behavior patterns, and world view. We use this representation of Nation-State Attackers to show that real-world threat models do not account for such highly privileged attackers, to identify and support technical explanations of known but ambiguous operations, and to identify and analyze vulnerabilities in current systems that are favorable to Nation-State Attackers.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/143907/1/aaspring_1.pd

Final Report of the Cuyahoga County Election Review Panel

The Panel was charged with identifying the deficiencies in the May 2, 2006 Cuyahoga County election, ascertain the causes and contributing factors of those deficiencies and provide recommendations to remedy the deficiencies