Search results

Information security management has been placed on a firmer footing with the publication of standards by national bodies. These standards provide an opportunity for security managers to gain senior management recognition of the importance of procedures and mechanisms to enhance information security. They may also place demands on security managers to provide convincing demonstration of conformance to the standards. The risk data repository (RDR) computer model described in this paper was developed to manage organisational information security data and facilitate risk analysis studies. The RDR provides a form of computer documentation that can assist the security officer to maintain a continuous record of the organisational information security scenario and facilitate system security development, business continuity planning and standards conformance audits.

States that traditional information security models address only the micro view of how to maintain a secure environment by controlling the flows of information within protection systems and the access to controlled data items. Argues that these models do not aim to, and cannot, reflect the information security level of an organization. Describes an information security model using a hypertext approach. The model aims to prepare a macro view of the current information security situation in order to provide an overview of the information security risk to a wider audience in an organization. An administrative information system has been analysed to demonstrate the hypertext information security model.

This paper aims to design a compact scheme of behavioural biometric-based user authentication, develop an adaptive mechanism that selects an appropriate classifier in an adaptive way and conduct a study to explore the effect of this mechanism.

As a study, the proposed adaptive mechanism was implemented using a cost-based metric, which enables mobile phones to adopt a less costly classifier in an adaptive way to build the user normal-behaviour model and detect behavioural anomalies.

The user study with 50 participants indicates that our proposed mechanism can positively affect the authentication performance by maintaining the authentication accuracy at a relatively high and stable level.

The authentication accuracy can be further improved by incorporating other appropriate classifiers (e.g. neural networks) and considering other touch-gesture-related features (e.g. the speed of a touch).

This work explores the effect of adaptive mechanism on behavioural biometric-based user authentication. The results should be of interest for software developers and security specialists in deciding whether to implement such a mechanism for enhancing authentication performance on mobile phones.

The user study with 50 participants indicates that this mechanism can positively affect the authentication performance by maintaining the authentication accuracy at a relatively high and stable level. To the best of our knowledge, our work is an early work discussing the implementation of an adaptive mechanism on a mobile phone.