security has two dimensions of subjective (security feeling) and objective. there are preconditions for security feeling in society that one of the preconditions, the existence of security in the society. these levels are linked together and the interaction between these two levels of objective and subjective that security in the society is achieved.therefore, in this article we have tried to e...

The Mobile Offices services based on Bring Your Own Device (BYOD) are getting more popular as the use of smart phone grows rapidly. As the free wireless services are being spread, malicious codes can be spread easily. Therefore, how we will provide security in an environment of free wireless has become an issue. This paper suggests security architecture for the better mobile office security and...

This paper suggests a framework that can be used to identify the security requirements for a specific electronic commerce environment. The first step is to identify all the security requirements applicable to this environment. Next, all participants need to be identified. This is following by breaking down the transactions to different autonomous actions. These actions are then mapped onto the ...

The security of information system is like a chain. Its strength is affected by the weakest knot. Since we can achieve 100% Information Security Management System (ISMS) security, we must cautiously fulfill the certification and accreditation of information security. In this paper, we analyzed, studied the evaluation knowledge and skills required for auditing the certification procedures for th...

Web services security constitutes the technological and managerial procedures applied to the system to ensure the confidentiality, integrity, and availability of information that is exchanged by the Web service. This article explores security issues specific to Web services and illustrates the engineering and testing practices required to ensure security throughout the Web services development ...

The purpose of this document is to express what the engineering community as represented by the IETF expects of Internet Service Providers (ISPs) with respect to security. It is not the intent of this document to define a set of requirements that would be appropriate for all ISPs, but rather to raise awareness among ISPs of the community's expectations, and to provide the community with a frame...

The actor network procedures of Pavlovic and Meadows are a recent graphical formalism developed for describing security ceremonies and for reasoning about their security properties. The present work studies the relations of the actor network procedures (ANP) to the recent psi-calculi framework. Psi-calculi is a parametric formalism where calculi like spior applied-pi are found as instances. Psi...

In this article, the Deputy Commissioner of Social Security for Programs describes the policies and procedures that have been followed in investing the assets of the Social Security trust funds, explores possible alternative investment areas, and counters criticisms of investment results and maturity durations. The author's analysis shows that a departure from the current practice of investing ...

Many organizations and institutions around the globe are moving or planning to move their paper-and-pencil based testing to computer-based testing (CBT). However, this conversion will not be the best option for all kinds of exams and it will require significant resources. These resources may include the preparation of item banks, methods for test delivery, procedures for test administration, an...

The traditional realm of formal methods is off-line verification of formal properties of hardware and software. We report a different approach that uses formal methods (namely the integration of automata modulo theory with decision procedures) on-the-fly, at the time an application is downloaded on a mobile application such as PDA or a smart phone. The idea behind security-by-contract is that a...