Learn More
This paper proposes a conceptual model for privacy policies that takes into account privacy requirements arising from different stakeholders, with legal, business and technical backgrounds. Current approaches to privacy management are either high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or low-level,(More)
—Usability is arguably one of the most significant social topics and issues within the field of cybersecurity today. Supported by the need for confidentiality, integrity, availability and other concerns, security features have become standard components of the digital environment which pervade our lives requiring use by novices and experts alike. As(More)
—In a society at the brink of information overload, using a measurement of trustworthiness to focus attention and ultimately reduce risks faced by individuals is an increasingly attractive option in supporting well-conceived decisions. As such, this paper seeks to advance discussions on trustworthiness and decision-making research by critically(More)
The importance of situation awareness systems in crisis-management scenarios cannot be emphasised enough. These systems enable entire disaster situations to be mapped out in a real-time fashion thereby aiding significantly in human decision-making and the necessary positioning, management and deployment of resources. As a result of the core role these(More)
Key management is fundamental to communications security, and for security in pervasive computing sound key management is particularly difficult. However, sound key management itself depends critically on sound authentica-tion. In this paper we review current notions of entity authentication and discuss why we believe these notions are unsuitable for the(More)
The insider threat faced by corporations and governments today is a real and significant problem, and one that has become increasingly difficult to combat as the years have progressed. From a technology standpoint, traditional protective measures such as intrusion detection systems are largely inadequate given the nature of the 'insider' and their(More)
—The importance and value of information cannot be disputed. It is used as basis for menial and mission-critical tasks alike. In a society where information is so easily publicised and freely accessible, however, being able to assess information quality and trustworthiness is paramount. With appreciation of this fact, our paper seeks to navigate these two(More)
We develop the theme of an earlier paper [3], namely that security protocols for pervasive computing frequently need to exploit empirical channels and that the latter can be classified by variants of the Dolev-Yao attacker model. We refine this classification of channels and study three protocols in depth: two from our earlier paper and one new one.
—The threat that insiders pose to businesses, institutions and governmental organisations continues to be of serious concern. Recent industry surveys and academic literature provide unequivocal evidence to support the significance of this threat and its prevalence. Despite this, however, there is still no unifying framework to fully characterise insider(More)