Information and Computer Security: Volume 23 Issue 4

A framework to assist email users in the identification of phishing attacks

André Lötter, Lynn Futcher

The purpose of this paper is to propose a framework to address the problem that email users are not well-informed or assisted by their email clients in identifying…

Privacy as a secondary goal problem: an experiment examining control

Thomas Hughes-Roberts

The purpose of this paper is to report on results of an investigation into the impact of adding privacy salient information (defined through the theory of planned…

Reengineering the user: privacy concerns about personal data on smartphones

Matina Tsavli, Pavlos S. Efraimidis, Vasilios Katos, Lilian Mitrou

This paper aims to discuss the privacy and security concerns that have risen from the permissions model in the Android operating system, along with two shortcomings that…

Exploring the relationship between student mobile information security awareness and behavioural intent

Bukelwa Ngoqo, Stephen V. Flowerday

The purpose of this paper was to analyse existing theories from the social sciences to gain a better understanding of factors which contribute to student mobile phone…

Investigating the possibility to use differentiated authentication based on risk profiling to secure online banking

Martin Butler, Rika Butler

The purpose of this paper was to determine factors that could be used to create different authentication requirements for diverse online banking customers based on their…

Engaging stakeholders during late stage security design with assumption personas

Shamal Faily

This paper aims to present an approach where assumption personas are used to engage stakeholders in the elicitation and specification of security requirements at a late…