Conceptualization of Constructs for Shaping Information Security Behavior: Towards a Measurement Instrument

The development of new means to attack information systems by attacking humans accessing the systems has increased the attention given to risks related to human or social aspects of information security. However, the effect of organizational key constructs proposed in organizational and individual behavior literature on information security has not been rigorously examined. Therefore it is important to develop measurement instruments and validate them properly to empirically capture the phenomena with reliable results. In this paper we attempt to conceptualize seven constructs and their sub-dimensions toward developing a measurement instrument. This attempt is carried out through specifying the nature of each construct’s conceptual domain and surveying content domain experts on the relevance, comprehensiveness and clarity of the identified dimensions of the construct. Based on the survey results we provide a set of validated constructs and dimensions that can be used to formally specify future measurement models for investigating how organizations can influence information security behavior

Behavioral detection of cheating in online examination

This thesis relates to studying possibilities of detecting online examination cheating through the measures of human-computer interaction dynamics. The need for and use of online or computer-based examination seems to be growing, while this form of examination gives students a broader spectrum of opportunities including those for cheating, as compared to non-computerized ways of examination. The times are changing, there are many different reasons for examination dishonesty, many ways of performing it, and many ways of coping with it. Given an equilibrium at this level, new ways of violation deserve new ways of prevention, or at least detection. The study focuses on a method of computer-based examination cheating detection based on measures of behavior and machine learning, and tries to link it to a broadly taken concept of academic dishonesty. The detection potential of this method is mainly indicated by cue leakage theory, subjects of which can be handled with use of pattern recognition and anomaly detection theory, all through a behavioral biometrics approach.Validerat; 20101217 (root

Modeling Enterprise Authorization: A Unified Metamodel and Initial Validation

Authorization and its enforcement, access control, have stood at the beginning of the art and science of information security, and remain being crucial pillar of security in the information technology (IT) and enterprises operations. Dozens of different models of access control have been proposed. Although Enterprise Architecture as the discipline strives to support the management of IT, support for modeling access policies in enterprises is often lacking, both in terms of supporting the variety of individual models of access control nowadays used, and in terms of providing a unified ontology capable of flexibly expressing access policies for all or the most of the models. This study summarizes a number of existing models of access control, proposes a unified metamodel mapped to ArchiMate, and illustrates its use on a selection of example scenarios and two business cases

Load balancing of renewable energy: a cyber security analysis

Abstract Background In the coming years, the increase of automation in electricity distribution grids, controlled by ICT, will bring major consequences to the cyber security posture of the grids. Automation plays an especially important role in load balancing of renewable energy where distributed generation is balanced to load in a way that the grid stability is ensured. Threats to the load balancing and the smart grid in general arise from the activities of misbehaving or rouge actors in combination with poor design, implementation, or configuration of the system that makes it vulnerable. It is urgent to conduct an in-depth analysis about the feasibility and imminency of these potential threats ahead of a cyber catastrophy. This paper presents a cyber security evaluation of the ICT part of the smart grid with a focus on load balancing of renewable energy. Method The work builds on a load balancing centered smart grid reference architecture model that is designed as part of the evaluation with the help of SCADA system and smart grid experts. The smart grid load balancing architecture represented by the model is then analyzed using a threat modelling approach that is encapsulated in a tool called securiCAD. Countermeasures are introduced in the model to measure how much each improve the cyber security of the smart grid. Results The analysis shows that the main threat comes from the internet and is directly dependant on the level of internet access office users have coupled with their level of access on the OT zone. Supply chain attacks are also of great concern, i.e. the compromising of the software/hardware vendor with the objective of feeding rogue updates to assets, typically to install a backdoor. The general takeaway defense-wise is that it is of the utmost importance to increase efforts in securing the smart Grid in all the ways possible as they appear to be generally complementary. Discussion The obtained results raise concerns whether the architecture of the smart grid still remains satisfactory in today’s state of the cyberspace and the increased presence and sophistication of cyber threats. There are also concerns whether the proposed security measures, regardless of their evaluated effectiveness, are realistically implementable from both financial and practical point of view. Conclusions There is no silver bullet available to achieve full protection against cyber attacks. The smart grid remains a network of IT/OT machines with dataflows going between them. State-sponsored hackers given enough time and regardless of the defences in place will eventually make their way into a critical infrastructure such as the smart grid. While mitigations will not eliminate the threats, they will increase the cyber resilience of the infrastructure by increasing both its time frame and effectiveness. As such, in a time where usability, efficiency and practicality are at the front of every domain, innovations regarding these aspects should really be carried out with strong security in mind