Search results

The cultural imperative for public buildings in countries like Australia to maintain their intrinsic “openness” – physically and symbolically – faces particular challenges in the context of current global terrorism concerns. Building regulations and counter-terrorism guidelines coexist uneasily, with implications for both public amenity and safety. This is particularly evident in the context of current approaches to hostile vehicle (HV) mitigation.

Based on a review of comparative literature, this multidisciplinary project assimilates design aesthetics and security expertise to assess the advantages and limitations of current counter-terrorism design approaches in Australia, the UK and the USA. The research focusses on public buildings of high cultural symbolic value (e.g. concert halls) in the context of HV mitigation.

Two key recommendations emerge. The first presents the benefits of adopting a layered security strategy tailored to a building's security and symbolic profile mix. The second proposes enhancements to the existing counter-terrorism guidelines based on a model that accounts for both symbolic value and openness.

The research presents new strategies for urban design and security stakeholders to balance openness and security in the design of publicly accessible buildings. While existing research addresses the challenges of terrorism in the design of public space, a literature (and practice) gap exists in Australia, the UK and the USA regarding current approaches to the design of public buildings. Using Australia as a case study, the findings will inform government and industry practitioners seeking more complementary approaches to public amenity and safety in comparable counter-security design contexts globally.

Internet has changed radically in the way people interact in the virtual world, in their careers or social relationships. IoT technology has added a new vision to this process by enabling connections between smart objects and humans, and also between smart objects themselves, which leads to anything, anytime, anywhere, and any media communications. IoT allows objects to physically see, hear, think, and perform tasks by making them talk to each other, share information and coordinate decisions. To enable the vision of IoT, it utilizes technologies such as ubiquitous computing, context awareness, RFID, WSN, embedded devices, CPS, communication technologies, and internet protocols. IoT is considered to be the future internet, which is significantly different from the Internet we use today. The purpose of this paper is to provide up-to-date literature on trends of IoT research which is driven by the need for convergence of several interdisciplinary technologies and new applications.

A comprehensive IoT literature review has been performed in this paper as a survey. The survey starts by providing an overview of IoT concepts, visions and evolutions. IoT architectures are also explored. Then, the most important components of IoT are discussed including a thorough discussion of IoT operating systems such as Tiny OS, Contiki OS, FreeRTOS, and RIOT. A review of IoT applications is also presented in this paper and finally, IoT challenges that can be recently encountered by researchers are introduced.

Studies of IoT literature and projects show the disproportionate importance of technology in IoT projects, which are often driven by technological interventions rather than innovation in the business model. There are a number of serious concerns about the dangers of IoT growth, particularly in the areas of privacy and security; hence, industry and government began addressing these concerns. At the end, what makes IoT exciting is that we do not yet know the exact use cases which would have the ability to significantly influence our lives.

This survey provides a comprehensive literature review on IoT techniques, operating systems and trends.

The purpose of this transcendental phenomenological qualitative research study is to understand the essence of what it is like to be an information systems professional working in the USA while managing and defending against social engineering attacks on an organization. The findings add to the information system (IS) body of literature by uncovering commonly shared attitudes, motivations, experiences and beliefs held by IS professionals who are responsible for protecting their company from social engineering attacks.

This is a qualitative, transcendental phenomenological study that was developed to gain a deeper understanding about the essence of what it is like to be an IS professional defending a US business against social engineering attacks. This research design is used when sharing the experiences of study participants is more important than presenting the interpretations of the researcher. To target participants from the industries identified as regularly targeted by social engineers, purposive sampling was used in conjunction with the snowball sampling technique to find additional participants until saturation was reached.

Ten themes emerged from the data analysis: (1) foster a security culture, (2) prevention means education, (3) layered security means better protection, (4) prepare, defend and move on, (5) wide-ranging responsibilities, (6) laying the pipes, (7) all hands on deck, (8) continuous improvement, (9) attacks will never be eliminated and (10) moving pieces makes it harder. The ten themes, together, reveal the essence of the shared experiences of the participants with the phenomenon.

Understanding how to defend an enterprise from social engineering attacks is an international issue with implications for businesses and IS professionals across the world. The findings revealed that to prevent social engineer attacks, all employees – IS and non-IS professionals alike – must be unified in their desire to protect the organization. This means IS professionals and organizational leadership must establish a strong security culture, not only through layered technology and electronic controls but also through open communication between all departments and continuously engaging, training and reinforcing social engineering education, policies, procedures and practices with all employees.

The purpose of the paper is to analyze the layer wise security issues in IoT and to obtain the effective security mechanism for jamming attack .

In this study, the authors proposed a multi layer security approach for the detection of DDoS in IoT environment, which protects the smart devices from DDoS, this scheme also reduces the computational cost in the network under mobility condition.

Even though many works have been done for the security of wireless sensor network (WSN), all works have focused on encryption which depends on the key management strategy. In this study, the authors proposed a multilayer approach to analyze the layer wise security issues and also proposed a threshold-based countermeasure (TBC) for replay attack in each layer.

The results indicate that the proposed algorithm lowers the computational costs and energy consumption than in modern schemes. Also, the proposed research work improves the scalability of sensor networks using the TBC.

Internet of Things (IoT) is a challenging and promising system concept and requires new types of architectures and protocols compared to traditional networks. Security is an extremely critical issue for IoT that needs to be addressed efficiently. Heterogeneity being an inherent characteristic of IoT gives rise to many security issues that need to be addressed from the perspective of new architectures such as software defined networking, cryptographic algorithms, federated cloud and edge computing.

The paper analyzes the IoT security from three perspectives: three-layer security architecture, security issues at each layer and security countermeasures. The paper reviews the current state of the art, protocols and technologies used at each layer of security architecture. The paper focuses on various types of attacks that occur at each layer and provides the various approaches used to countermeasure such type of attacks.

The data exchanged between the different devices or applications in the IoT environment are quite sensitive; thus, the security aspect plays a key role and needs to be addressed efficiently. This indicates the urgent needs of developing general security policy and standards for IoT products. The efficient security architecture needs to be imposed but not at the cost of efficiency and scalability. The paper provides empirical insights about how the different security threats at each layer can be mitigated.

The paper fulfills the need of having an extensive and elaborated survey in the field of IoT security, along with suggesting the countermeasures to mitigate the threats occurring at each level of IoT protocol stack.

This paper aims to examine the influence of organization factors on the effectiveness of implementing BS7799, an information security management (ISM) standard.

Based on literature review, a research model was formulated by extracting the antecedents of ISM, and an empirical study was conducted to show how the organizational factors influence organizations in carrying out BS7799.

The study result revealed that there were significant impacts of organizational factors, including IT competence of business managers, environment uncertainty, industry type, and organization size, on the effectiveness of implementing ISM.

The sample is limited to the organizational factors in Taiwan. It is suggested to replicate this study in other countries to reconfirm the result before adopting its general implications. Owing to the highly intrusive nature of ISM surveys, a cautious approach with rapport and trust is a key success factor in conducting empirical studies on ISM.

IT competence is conducive to ISM implementation through subjective norms, leadership, belief, and behavior of ISM activities. Environmental uncertainty positively influences the need for greater innovation, which increases the dependence on IT, and therefore makes the effectiveness of ISM more desirable. Companies in an industry sensitive to security threats should pay more attentions to ISM practice. Corporate executives should also realize the size difference for adopting appropriate ISM strategies.

A research model was proposed to study the impacts of organizational factors on ISM, after a broad survey on related researches. The validated model and its corresponding study results can be referenced by enterprise managers and decision makers to make favorable tactics for achieving their goals of ISM.

Purpose: Small and medium enterprises (SMEs) are the most significant contributors to maximum employment generation, the gross domestic product (GDP) of many countries, and the overall global economy. It is also evident that cyber threats are becoming a big challenge for SMEs, which is directly impacting global economy.

Methodology: Existing research inputs were accessed to understand current cyber threats for SMEs and their cybersecurity posture. Additionally, this research has collected the latest insights by taking direct inputs from SMEs and conducting a well-designed research survey. It has provided a few direct inputs to designing solutions for the SME segment. For analysis and recommendations, cybersecurity best practices and core cybersecurity concepts are considered at the centre of the solution.

Findings: Implementing existing cybersecurity standards or frameworks is not easy for SMEs, as they generally have limited resources and different priorities for their business when it comes to the implementation of any cybersecurity controls. Currently, many cybersecurity standards are not able to support the implementation of business domain-specific controls.

Practical implications: Along with the research findings shared in this chapter, as a resolution to the problems faced by SMEs, the authors will propose a new framework as a solution. This framework is designed using core concepts of cybersecurity such as confidentiality, integrity, and availability (CIA triad) as well as defence in depth (DiD) mechanisms in each layer of organisation. The authors will also share a high-level idea about how reliable artificial intelligence-based software can help identify recommended controls for particular SMEs.

Internet of things (IoT) involves the connection of various devices. IoT’s application ranges from wearables: Smart Home Application, Health Care, Smart Offices, Smart Cities, Agriculture, and Industrial Automation. While the number of connected devices grows by the day, so does the number of security risks and vulnerabilities that these devices face. Billions of the connected devices collect and transmit huge volumes of data making Data Security one of the most pressing technical concerns in IoT. Smart Office is one of the increasing IoT applications and Data Security has become today one of the most challenging areas in its application. It is important to identify data security threats. This chapter therefore presents a review of IoT Smart Office Data Security Threats based on existing research done.

Blockchain technologies have pervaded modern crowdfunding and capital sourcing through a variety of financial instruments implemented as smart contracts. Smart contracts provide a unique mechanism not only to create a unique one-of-a-type financial instrument, but also to enable unique innovations atop existing financial instruments due to underlying efficiencies. The smartness comes from the flexibility that programs provide which can create extremely unique financial instruments that are often complex to implement, yet easy to create, maintain through versioning, trade and destroy. The purpose of this paper is to describe the security token architecture as an application of smart contracts. Further, the author illustrates the implementation and design of a commonly used financial instrument known as Simple Agreement for Future Equity (SAFE) using the security token architecture proposed and smart contract functionality. The author then models the transaction using relational algebra, and, models the utility maximization. The author shows how on account of reduced information asymmetry between the investors and SAFE users (i.e. startups) utility is positive when smart contract-based security tokens are deployed for each state in the SAFE contract.

Using an existing well-adopted instrument called a SAFE contract, the author illustrates the architecture of a smart contract-based security token system. The author illustrates how different components of a SAFE contract can be implemented as a smart contract and discusses the advantages and disadvantages of applying blockchain-based smart contracts to design SAFE instruments. The author deploys two methods: a state space diagram to explain state transitions and a utility model to explain the utilities.

The key findings of this research study are the design of a security token architecture, which can be used to convert any the physical or contract-based financial instrument to a smart contract that runs on the blockchain. However, there are limitations to the implementation of the same which can be overcome. The model illustrates the positive utilities derived for all economic actors, i.e. the contractors, the utility providers, etc., in the market.

This paper is an original paper. For the very first time, the author explored the architecture of a security token system. Using a well-known financial instrument, namely the SAFE, the author describes various components, e.g. the four contracts that form SAFE and then model the utilities for the system.

Examines the Internet’s potential for becoming an information highway. Defines the information highway and the Internet. Describes the characteristics of an information highway. The concept of an information highway puts some requirements on the infrastructure. The users of an information highway, who are located in the residential and business environment, have their share of requirements as well, but they focus on the requirements put forward by the services or applications they will use on an information highway. Checks whether the Internet has implemented these properties and how, or if work is going on to develop them. The framework for this discussion is the TCP/IP reference model. Places some emphasis on the IP next generation protocol, IP version 6 (IPv6). Provides an overview showing all the properties with an indication of how well the posed requirements are met. Concludes that the Internet certainly has potential for becoming an information highway.