Search results
1 – 10 of 279
Robin Mueller, Sebastian Schrittwieser, Peter Fruehwirt, Peter Kieseberg and Edgar Weippl
This paper aims to give an overview on a number of selected applications in comparison to a previous evaluation conducted two years ago, as well as performing an analysis on…
Abstract
Purpose
This paper aims to give an overview on a number of selected applications in comparison to a previous evaluation conducted two years ago, as well as performing an analysis on several new applications. Mobile messaging and VoIP applications for smartphones have seen a massive surge in popularity, which has also sparked the interest in research related to their security and privacy protection, leading to in-depth analyses of specific applications or vulnerabilities.
Design/methodology/approach
The evaluation methods mostly focus on known vulnerabilities in connection with authentication and validation mechanisms but also describe some newly identified attack vectors.
Findings
The results show a positive trend for new applications, which are mostly being developed with security and privacy features, whereas some of the older applications have shown little progress or have even introduced new vulnerabilities. In addition, this paper shows privacy implications of smartphone messaging that are not even solved by today’s most sophisticated “secure” smartphone messaging applications, as well as discusses methods for protecting user privacy during the creation of the user network.
Research limitations/implications
Currently, there is no perfect solution available; thus, further research on this topic needs to be conducted.
Originality/value
In addition to conducting a security evaluation of existing applications together with newly designed messengers that were designed with a security background in mind, several methods for protecting user privacy were discussed. Furthermore, some new attack vectors were discussed.
Details
Keywords
Haider Abbas, Christer Magnusson, Louise Yngstrom and Ahmed Hemani
The purpose of this paper is to address three main problems resulting from uncertainty in information security management: dynamically changing security requirements of an…
Abstract
Purpose
The purpose of this paper is to address three main problems resulting from uncertainty in information security management: dynamically changing security requirements of an organization; externalities caused by a security system; and obsolete evaluation of security concerns.
Design/methodology/approach
In order to address these critical concerns, a framework based on options reasoning borrowed from corporate finance is proposed and adapted to evaluation of security architecture and decision making for handling these issues at organizational level. The adaptation as a methodology is demonstrated by a large case study validating its efficacy.
Findings
The paper shows through three examples that it is possible to have a coherent methodology, building on options theory to deal with uncertainty issues in information security at an organizational level.
Practical implications
To validate the efficacy of the methodology proposed in this paper, it was applied to the Spridnings‐och Hämtningssystem (SHS: dissemination and retrieval system) system. The paper introduces the methodology, presents its application to the SHS system in detail and compares it to the current practice.
Originality/value
This research is relevant to information security management in organizations, particularly issues on changing requirements and evaluation in uncertain circumstances created by progress in technology.
Details
Keywords
Wenhong Zhou, Linxu Dai, Yujie Zhang and Chuanling Wen
In this study, specific measures adopted by the social media platforms in China supporting personal information management are investigated via surveys targeting such platforms…
Abstract
Purpose
In this study, specific measures adopted by the social media platforms in China supporting personal information management are investigated via surveys targeting such platforms. The purpose of this paper is to find out how social media platforms understand information management, and from which aspects and through what specific methods they provide support for information management, which contributes to understanding the issues and strategies associated with personal information management on social media.
Design/methodology/approach
The dimensions and specific contents of the current platform support provided for information management are clearly defined by performing qualitative text analysis based on the content obtained from 11 platform policies published by five representative Chinese social media platforms.
Findings
How social media platforms support personal information management on creation, collection, utilisation, sharing, storage, protection, removal and modification is identified. By analysing the status quo of support provided by the Chinese social media platform, some issues are proposed for discussion. Improved normative management is required to address the coexistence of multivalued information and management risks. However, the user rights are limited because the platform policies tend to be more focused on the perspective of the social media platform. Furthermore, the platform policy contents regarding information management are incomplete, and the applicability of these policies should be improved.
Originality/value
This study seeks to contribute to personal information management on social media from the perspective of platform support. The perspective from the platforms as the service providers supporting information management also helps identify information management challenges and potential strategies. Furthermore, combining with the personal information management perspective, this study provides a background understanding of information management under a social collaborative framework for platforms, authorities, users and memory institutions.
Peer review
The peer review history for this article is available at: https://publons.com/publon/10.1108/OIR-06-2020-0249
Details
Keywords
Jonathan Hunter and Chris Awre
Seeks to assess how new research and progress about how libraries and institutional web sites can adapt a range of distinct search tools using the portlet standards to achieve…
Abstract
Purpose
Seeks to assess how new research and progress about how libraries and institutional web sites can adapt a range of distinct search tools using the portlet standards to achieve improved access.
Design/methodology/approach
Locally integrated web search tools help users to navigate through web sites without needing to go to multiple sites.
Findings
Search tools should be created with delivery via a portlet in mind. Compliance to CREE defined standards suggest good results as proven by several partners. This set of procedures suggests a very good future for locally integrated web search tools.
Originality/value
Examples of experiences with different partners suggest rather remarkable promise for portlet standards that can be applied to searching web sites The CREE project has proven easy adapability and now a significant amount of testing and experience confirms the operations it can perform with the JSR 168 and WSRP portlet standards and other Java‐based tools.
Details
Keywords
A.B. Feroz Khan and Anandharaj G
The purpose of the paper is to analyze the layer wise security issues in IoT and to obtain the effective security mechanism for jamming attack .
Abstract
Purpose
The purpose of the paper is to analyze the layer wise security issues in IoT and to obtain the effective security mechanism for jamming attack .
Design/methodology/approach
In this study, the authors proposed a multi layer security approach for the detection of DDoS in IoT environment, which protects the smart devices from DDoS, this scheme also reduces the computational cost in the network under mobility condition.
Findings
Even though many works have been done for the security of wireless sensor network (WSN), all works have focused on encryption which depends on the key management strategy. In this study, the authors proposed a multilayer approach to analyze the layer wise security issues and also proposed a threshold-based countermeasure (TBC) for replay attack in each layer.
Originality/value
The results indicate that the proposed algorithm lowers the computational costs and energy consumption than in modern schemes. Also, the proposed research work improves the scalability of sensor networks using the TBC.
Details