In the literature it has been argued that individual values play an important role in creation and implementation of internal controls for information systems security. However majority of approaches that help in designing internal control overlook the importance of individual values. In this paper we argue that individual values should form the basis for defining internal control objectives. W...

Supervisory Committee Dr. Issa Traore Supervisor Dr. Kin Fun Li Departmental Member Dr. Stephen W. Neville Departmental Member Weber-Jahnke, J.H. Outside Member Dr. John Mullins Additional Member Due to the dramatic increase in intrusion activities, the definition and evaluation of software security requirements have become important aspects of the development of software services. It is now a ...

Laws and regulations concerning corporate governance dictate that a system of internal control is an essential element in the structure. Information security is a subset of that internal control system. Well formed controls provide assurance that the majority of events will be detected in sufficient time to counter any adverse impact on the organisation, whilst others assist recovery when disas...

To inform the design of security policy, task models of password behaviour were constructed for different user groups – Computer Scientists, Administrative Staff and Students. These models identified internal and external constraints on user behaviour and the goals for password use within each group. Data were drawn from interviews and diaries of password use. Analyses indicated password securi...

To inform the design of security policy, task models of password behaviour were constructed for different user groups – Computer Scientists, Administrative Staff and Students. These models identified internal and external constraints on user behaviour and the goals for password use within each group. Data were drawn from interviews and diaries of password use. Analyses indicated password securi...

Information Security Requirement Harmonizer (shortly, har-monizer) is a software tool that aids information security personnel in organizations to formulate, organize and automatically harmonize various information security requirements from various sources within the development of information security. Various levels of abstraction are represented as the information security development organ...

IPv6 is a network layer protocol of the OSI reference model. IPv6 uses the Neighbor Discovery Protocol (NDP) that works on link local scope of IPv6 network. NDP covers host initialization and address auto configuration that is one of IPv6 advantages and other important functionalities. IPv6 mandates to support Internet Protocol Security (IPSec) for end‐to‐end communication security. However, th...

The Service Oriented Architecture (SOA) became a dominant paradigm for enterprise computing. The web services are the implementation of SOA that works for heterogeneous platforms as they use common Internet protocols for communication and simple text format such as XML for data representation. The basic SOA architecture does not contain any security solution within it and the security is applie...