Learn More
—Usability is arguably one of the most significant social topics and issues within the field of cybersecurity today. Supported by the need for confidentiality, integrity, availability and other concerns, security features have become standard components of the digital environment which pervade our lives requiring use by novices and experts alike. As(More)
This paper proposes a conceptual model for privacy policies that takes into account privacy requirements arising from different stakeholders, with legal, business and technical backgrounds. Current approaches to privacy management are either high-level, enforcing privacy of personal data using legal compliance, risk and impact assessments, or low-level,(More)
  • Irfan Zakiuddin, Sadie Creese, Bill Roscoe, Michael Goldsmith
  • 2002
The pervasive computing paradigm foresees communicating and computational devices embedded in all parts of our environment, from our physical selves, to our homes, our offices, our streets and so forth. What will security mean in this New World of ubiquitous computing? In this position paper we outline our current thinking on the new issues and problems in(More)
—In a society at the brink of information overload, using a measurement of trustworthiness to focus attention and ultimately reduce risks faced by individuals is an increasingly attractive option in supporting well-conceived decisions. As such, this paper seeks to advance discussions on trustworthiness and decision-making research by critically(More)
Key management is fundamental to communications security, and for security in pervasive computing sound key management is particularly difficult. However, sound key management itself depends critically on sound authentica-tion. In this paper we review current notions of entity authentication and discuss why we believe these notions are unsuitable for the(More)
The importance of situation awareness systems in crisis-management scenarios cannot be emphasised enough. These systems enable entire disaster situations to be mapped out in a real-time fashion thereby aiding significantly in human decision-making and the necessary positioning, management and deployment of resources. As a result of the core role these(More)
We develop the theme of an earlier paper [3], namely that security protocols for pervasive computing frequently need to exploit empirical channels and that the latter can be classified by variants of the Dolev-Yao attacker model. We refine this classification of channels and study three protocols in depth: two from our earlier paper and one new one.
— In this paper we describe where current risk controls (as documented in ISO27001/27002) for mitigating information security risks are likely to be inadequate for use in the cloud. Such an analysis could provide a rationale for prioritizing protection research, and the work presented here is part of a larger exercise designed to identify the potential for(More)
The insider threat faced by corporations and governments today is a real and significant problem, and one that has become increasingly difficult to combat as the years have progressed. From a technology standpoint, traditional protective measures such as intrusion detection systems are largely inadequate given the nature of the 'insider' and their(More)