Information Assurance & Security (IAS) is a dynamic domain which changes continuously in response to the evolution of society, business needs and technology. This paper proposes a Reference Model of Information Assurance & Security (RMIAS), which endeavours to address the recent trends in the IAS evolution, namely diversification and deperimetrisation. The model incorporates four dimensions: In...

Wireless Sensor Networks (WSNs) are used in many commercial, military, industrial, research and medical applications. Because of the limited resources of the sensor nodes in the wireless environment, these networks impose special security requirements besides to the security needs in traditional networks. This study presents the security problems in WSNs and discusses the security protocols bas...

RFID tags are increasingly being used in supply chain applications due to their potential in engendering supply chain visibility and reducing tracking errors through instantaneous location of objects as well as the tagged object's immediate ambient conditions. During its life-time, an RFID tag is highly likely to physically pass through different organizations that have disparate information sy...

Health informatics concerns the use of information and information and communication technologies within healthcare. Health informatics and information science need to take account of the unique aspects of health and medicine. The development of information systems and electronic records within health needs to consider the information needs and behaviour of all users. The sensitivity of persona...

Today, software security is an issue with increasing importance. Developers, software designers, end users, and enterprises have their own needs w.r.t. software security. Therefore, when designing software, security should be built in from the beginning, for example, by using security patterns. Utilizing security patterns already improves the security of software in early software development s...

Security measurement of software-intensive systems is an emerging field, rapidly gaining momentum. Well-designed security metrics offer credible and sufficient evidence of security level and performance for security decision-making. In this study, we introduce a novel security metrics feasibility validation approach, consisting of validation criteria and an associated validation process that ta...