Organizational computer security policy: the reality

Computer security issues are normally addressed from a technical perspective. Increasingly, however, organizations and computer specialists are coming to realise that applying more technology as the basis of an answer to a problem that derives from technology cannot, in the long term, be a viable solution. This paper shows how it is important that other considerations are taken into account, such as business and management requirements, and practical user issues. In order for this approach to make any progress, we must first establish the current situation in ordinary organizations. This paper describes key results from research carried out to determine the status of computer security in organizations today.     

Perception of safe robot idle time in virtual reality and real industrial environments

The main objective of this study was to investigate human perception of safe idle time of an industrial robot in a virtual reality environment. Studying operators' perception of robot operational characteristics such as safe robot idle time can help develop hazard prevention strategies, and ultimately improve robot safety. Results of data collected from 32 participants showed that robot size and speed had significant effects on the perception of safe robot idle time. This study also examined operators' perceived acceptability level for the robot speed, perceived level of hazard of robot motion, perceived chance of error, and self-reported mental workload. Results of this study were compared to the findings of Rahimi, M., Karwowski, W. [1990. Human perception of robot safe speed and idle time. Behaviour & Information Technology 9(5), 381–389], in which their experiment was conducted in a real industrial environment. This study demonstrated the feasibility of testing human perception of dynamic moving objects in a virtual reality environment. The virtual reality technology is believed to be capable of modeling a complex machinery system such as a robotic system.Relevance to industry: Human perception of the operational characteristics of industrial robots is an important concern for robot safety since misperception can cause robot operators to err, which in turn can cause injuries and fatalities. Through this study we (1) understand human perception, safety behavior, and decision making in a robotic system and (2) demonstrate the capability of modeling a complex machinery system using virtual reality technology. Our experiments designed to study human perception of safe robot idle time could lead to safety interventions and guidelines or hazard prevention strategy development.     

Perception of job security in a process of technological change: its influence on psychological well-being

The main objective of this study was to investigate the perception that workers have of technological change and its relation with psychological variables. The hypotheses investigated are based on the existence of the perception of technological change as a threat to job security and how this affects levels of anxiety, general stress and depression. The study was carried out in two departments of a car component factory: Engine Dept.-1 and Engine Dept.-2, outstanding for the different degrees to which technological innovation had been implemented. As procedure, a questionnaire made up of different scales was administered to a sample of 148 workers. Analysis of variance (ANOVA) and multivariate analysis of variance (MANOVA) was used as the fundamental statistical instrument. The results indicate that some variables (studies, department type, occupational category, technology type) significantly affect the perception that workers have of technology in relation to job security. The significant relation between technological perception and psychological well-being is also confirmed (F (4, 124) = 0.17, p = 0.00) although no significant differences were found in stress. In conclusion, the results indicate the importance of modifying workers' perceptions of technology in order to prevent problems of psychological well-being.     

Perception of job security in a process of technological change: Its influence on psychological well-being

The main objective of this study was to investigate the perception that workers have of technological change and its relation with psychological variables. The hypotheses investigated are based on the existence of the perception of technological change as a threat to job security and how this affects levels of anxiety, general stress and depression. The study was carried out in two departments of a car component factory: Engine Dept.-1 and Engine Dept.-2, outstanding for the different degrees to which technological innovation had been implemented. As procedure, a questionnaire made up of different scales was administered to a sample of 148 workers. Analysis of variance (ANOVA) and multivariate analysis of variance (MANOVA) was used as the fundamental statistical instrument. The results indicate that some variables (studies, department type, occupational category, technology type) significantly affect the perception that workers have of technology in relation to job security. The significant relation between technological perception and psychological well-being is also confirmed (F (4, 124) = 0.17, p = 0.00) although no significant differences were found in stress. In conclusion, the results indicate the importance of modifying workers' perceptions of technology in order to prevent problems of psychological well-being.     

Cobol: perception and reality

The authors list the perceptions they have uncovered and counter them with the reality of Cobol. Some of the perceptions are: Cobol is a mainframe language-it has been available on PCs since their inception; Cobol stopped evolving in the 1970s, stopped growing in popularity in the 1980s, and stopped being used to develop client-server and Web-based applications in the 1990s; and Cobol is not an object-oriented language, when, in fact, it has objects galore     

增强现实中基于位置安全性的LBS位置隐私保护方法

为了解决基于位置的服务(LBS)和增强现实(AR)技术快速发展带来的用户位置隐私泄露的隐患,分析了现有的位置隐私保护方法的优缺点,提出基于位置安全性的位置隐私保护方法。将区域安全度和伪装区域引入该方法中,将提示某区域是否需要保护这一度量标准定义为区域安全度,非安全区域(即需要给予保护的区域)的区域安全度设置为1,安全区域(即不需要保护的区域)设置为0,通过扩大区域安全度和识别等级来计算位置安全度。实验结果表明,该方法与未引入位置安全性的方法相比降低了平均定位误差,提高了平均安全性,从而有效地保护了用户的位置隐私,提高了LBS的服务质量。     

Three views of virtual reality: nonimmersive virtual reality

Nonimmersive virtual reality (VR), which places the user in a 3D environment that can be directly manipulated with a conventional graphics workstation using a monitor, a keyboard; and a mouse, is discussed. The scene is displayed with the same 3D depth cues used in immersive VR: perspective view, hidden-surface elimination, color, texture, lighting, shading and shadows. As in immersive VR, animation and simulation are interactively controlled in response to the user's direct manipulation. Much of the technology used to support immersive and nonimmersive VR is the same. They use the same 3D modeling and rendering and many of the same interaction techniques. The advantages and applications of nonimmersive VR systems are discussed. Immersive and nonimmersive VR systems are compared and hybrid possibilities are reviewed     

Augmented reality and ubiquitous computing: the hidden potentialities of augmented reality

The aim of this paper was to highlight the augmented reality’s potentialities, depicting its main characteristics and focusing attention on what its goal should be in order to have a new technology completely different from those that already exist. From a technological point of view, augmented reality is still in its infancy and so even the general idea of what a good augmented reality should be is still uncertain. Commonly, augmented reality is identified as opposed to the virtual reality because augmented reality merges digital information with the real environment. However, there is another technology, with a different history, which has this same basic goal: ubiquitous computing. The absence of a clear distinction between ubiquitous computing and augmented reality makes it difficult to identify what these two technologies should pursue. I will analyse the main aspects of ubiquitous computing and augmented reality from a phenomenological point of view in order to highlight the main differences and to shed light on the real potentialities of augmented reality, focusing attention on what its goal should be.     

Managing network security: Time-based security

Over the last few years, computing has changed to an almost purely networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programmes has increasingly become a function of our ability to make prudent management decisions about organizational activities. This series of articles takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

一种基于虚拟现实技术的化工安全实时干预机理仿真平台

本文基于灾害机理模型,采用面向对象的设计模式,应用多线程计算技术,并对灾害事故渲染模型进行简化,最终设计并实现了一种基于虚拟现实技术的化工安全实时干预仿真平台。平台的仿真结果表明,该平台具有良好的可视化交互界面,并且能够方便地实现对灾害仿真的实时干预,这些优良的特性使得基于仿真平台的化工安全教育演练更加真实有效。     

Digital evidence: dream and reality

Digital evidence is inherently weak. New evidence-gathering technologies-digital black boxes-must be developed and deployed to support investigations of irreproducible events such as digitally signing a document or electronically casting a ballot.     

Process definition: theory and reality

The approach taken by General Electric Aerospace to define the process it uses to develop and maintain software is outlined. It is shown that two major issues in process definition are deciding what information to include and what form of graphical representation to use. The lessons learned in developing and implementing this approach are discussed     

Managing network security: Simulating network security

Computing operates in an almost universally networked environment, but the technical aspects of information protection have not kept up. As a result, the success of information security programmes has increasingly become a function of our ability to make prudent management decisions about organizational activities. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Warchalking and Bluejacking: Myth or reality

When speaking about wireless security, I get asked many questions. Some revolve around technical solutions to problems people are facing. For instance, one individual recently asked me my opinion on the ease at which an attacker can break an md5-based EAP method (my answer? If the md5 EAP method is not encapsulated in an encrypted tunnel such as that provided in PEAP, a dedicated attacker could easily spoof an md5-based authentication process).     

Information security breaches and IT security investments: Impacts on competitors

In current business climate, a firm’s information systems security is no longer independent from the industry’s broader security environment. A question arises, then, whether stock market values reflect the interdependence of security breaches and investments. In this paper, we used the event study methodology to investigate how a firm’s security breaches and IT security investments influence its competitors. We collected and reviewed 118 information security breaches and 98 IT security investment announcements from 2010 to 2017. We found substantial evidence supporting our hypothesis that information security breaches do, indeed, have a competition effect: when one firm is breached, its competitors have opportunities to absorb market power. For the IT security investment announcements, however, we observed the positive externalities, or contagion effect, in play: market investors feel that the security investments made by one firm increase the security level of the entire network, and hence, competitors also get benefits. Additionally, we found that the competition effect was higher when the breaches occurred after the preceding security investments than when there were no preceding investments before the breaches.