PRIVACY ISSUES IN ONLINE SOCIAL NETWORKS: USER BEHAVIORS AND THIRD-PARTY APPLICATIONS

In contemporary society, social networking websites has developed dramatically and became an indispensable component in our daily life. Since it can help create a more feature-rich online social community, third-party service has been widely adopted in online social networks (OSNs). Integrating these third-party sites and applications has not only extended business of both social network server and third party and but also promises to break down the garden walls of social-networking sites. While at the same time it dramatically raises concerns on privacy leakage. This article mainly focuses on the privacy disclosure issues caused by user’s behavior and third-party applications and websites. On the one hand, because of the diversity of usage behaviors, the revelation of personal information varies significantly. A survey is conducted to present empirical and quantitative result. On the other hand, the access mechanism between OSN and third party is not perfect enough. Besides, it could be a potential source of privacy leak that third-party services sometimes act as advertisers and information aggregators of a user\u27s traversals. The relevant reasons and internal and external threats are presented. Finally, possible solutions to reduce the increasing information disclosure are provided. Actions should be taken along three fronts: the government, the users themselves as well as the third parties

Education in IT Security: A Case Study in Banking Industry

The banking industry has been changing incessantlyand facing new combination of risks. Data protection andcorporate security is now one of the major issues in bankingindustry. As the rapid changing on technologies from time totime, the industry should be aware on new technologies in orderto protect information assets and prevent fraud activities. Thispaper begins with literature study of information security issuesand followed by focused-group interviews with five participantswithin the industry and survey analysis of “The global state ofInformation Security survey 2013” which published byPriceWaterhouseCoopers (PWC). Trends and questions werediscussed as well as possible solution. The study suggests that ITsecurity education should be made to different level of staffs suchas executives, professional and general staffs. Besides, thebanking industry should increase company-wide securityawareness and the importance of corporate security which keepthe information and physical assets secure and in a proper way

DATA DRIVEN DETECTION STRATEGY ENGINE FOR BETTER INTRUSION DETECTION ON CLOUD COMPUTING

In this paper, we attempt to base on CIDS framework and initiate a Data Driven Detection Strategy Engine (3DSE), a new thinking on identifying suspected users by adopting Decision Tree and Logistic Regression techniques to mine the usage patterns (from audit log and alert log) of different cloud member. Moreover, according to the analytical mining results, we also propose a danger-coefficient ranking model, which allows system to adopt different security strategies to monitoring users of different security levels. Deploying this engine, cloud system can be automatically trained up and become more efficient and effective on intrusion detection

STRATEGIES IN SECURING THE SOCIAL MEDIA

According to the “Burson-Marsteller (2013) Check-up insight”, Social Media already became a powerful tool for enterprises across the globe, it showed that “the top 225 companies use Twitter, Facebook, YouTube, blogs and for the first time, Google+, 65% of Latin America companies are now active on at least one Social Media platform..” It’s 2010 study showed that “of the Fortune Global 100 companies, 65% have active Twitter accounts, 54% have Facebook fan pages..”. Social Media is no longer used as an option for business, but taken as a weapon for today’s business expansion. Yet, organizations are very cautious about any possible negative impact such as cyber-attack, privacy violation, damage to branding, lack of control over its content, and non-compliance to the companypolicies, etc. In order not to lag behind by competitors, many enterprises are seeking ways to leverage Social Media – as a “double-edged sword”, and seek ways to avoid any business risks. Thus it is vital that a proper enterprise strategy and a risk-plan to be adopted to address those risks. Through the case-study approach, this paper aims to study the possible strategies that organization taking to manage the negative impact in Social Media, to investigate what influence their decisions in choosing the strategies and if there could be a better governance framework to address these issues