Which wheel graphs are determined by their Laplacian spectra?

The wheel graph, denoted by W_n+1, is the graph obtained from the circuit C_n with n vertices by adding a new vertex and joining it to every vertex of C_n. In this paper, the wheel graph W_n+1, except for W₇, is proved to be determined by its Laplacian spectrum, and a graph cospectral with the wheel graph W₇ is given.     

Always connected,but are smart mobile users getting more security savvy? A survey of smart mobile device users

Smart mobile devices are a potential attack vector for cyber criminal activities. Two hundred and fifty smart mobile device owners from the University of South Australia were surveyed. Not surprisingly, it was found that smart mobile device users in the survey generally underestimated the value that their collective identities have to criminals and how these can be sold. For example, participants who reported jail-breaking/rooting their devices were also more likely to exhibit risky behaviour (e.g. downloading and installing applications from unknown providers), and the participants generally had no idea of the value of their collective identities to criminals which can be sold to the highest bidder. In general, the participants did not understand the risks and may not have perceived cyber crime to be a real threat. Findings from the survey and the escalating complexities of the end-user mobile and online environment underscore the need for regular ongoing training programs for basic online security and the promotion of a culture of security among smart mobile device users. For example, targeted education and awareness programmes could be developed to inform or educate smart mobile device users and correct misconceptions or myths in order to bring about changes in attitudes and usage behaviour (e.g. not taking preventative measures such as strong passwords to protect their devices). Such initiatives would enable all end users (including senior University management who use such devices to access privileged corporate data and accounts) to maintain current knowledge of the latest cyber crime activities and the best cyber security protection measures available.     

Which sort orders are interesting?

Sort orders play an important role in query evaluation. Algorithms that rely on sorting are widely used to implement joins, grouping, duplicate elimination and other set operations. The notion of interesting orders has allowed query optimizers to consider plans that could be locally sub-optimal, but produce ordered output beneficial for other operators, and thus be part of a globally optimal plan. However, the number of interesting orders for most operators is factorial in the number of attributes involved. Optimizer implementations use heuristics to prune the number of interesting orders, but the quality of the heuristics is unclear. Increasingly complex decision support queries and increasing use of query-covering indices, which provide multiple alternative sort orders for relations, motivate us to better address the problem of choosing interesting orders. We show that even a simplified version of the problem is NP-hard and provide a 1/2-benefit approximation algorithm for a special case of the problem. We then present principled heuristics for the general case of choosing interesting orders. We have implemented the proposed techniques in a Volcano-style cost-based optimizer, and our performance study shows significant improvements in estimated cost. We also executed our plans on a widely used commercial database system, and on PostgreSQL, and found that actual execution times for our plans were significantly better than for plans generated by those systems in several cases.     

The recent progress of wireless lan security： A short survey

Wireless Local Area Networks （WLAN） has been enthusiastically adopted in our everyday life. However, the current WLAN systems offer very unsatisfactory level of security. Some attacking methods are more dangerous in wireless environment and some additional effort should be used to protect the security of our data in WLAN. So many researchers have been pursuing this goal. This paper presents a brief survey to introduce some of their work in this field and discovers the direction of the technology development.     

What are the trend and core knowledge of information security? A citation and co-citation analysis

Information technology brings business success opportunities, but also causes potential safety hazards to organizations. In response to the increasing academia and industry concerns regarding information security (ISec), this study systematically explored extant ISec research and identified eight core knowledge groups, including (1) intrusion detection, (2) privacy protection, (3) secure machine learning, (4) cryptosystem, (5) data service security, (6) malware analysis, (7) security decision-making, and (8) security management. The detection of research hotspots shows that data service security and risk management garner the most current research attention. Furthermore, we establish a comprehensive ISec framework to help systematically understand and achieve ISec.     

What do we mean by “information security”?

This is really a rather interesting question and, I believe, not one that we bother to ask ourselves nearly often enough. This may be because, suspiciously enough, for many of us it often just means “job security”. More importantly, we really need to consider what is understood by “information security” by the various stakeholders¹ we engage with.     

Do security and privacy policies in B2B and B2C e-commerce differ? A comparative study using content analysis

Security and privacy policies address consumer concerns related to security and privacy in e-commerce websites. As these policies represent only the vendor’s perspective, often there exists a mismatch between the stated and desired policy. Based on transaction cost theory, we speculate that business-to-business (B2B) and business-to-consumer (B2C) e-commerce customers use their transaction cost savings in order to obtain varying levels of security and privacy. These differences are bound to be reflected in the security and privacy policies of e-commerce companies. Therefore, in this paper, we perform a comparative content analysis of the security and privacy policies in B2C and B2B e-commerce. Results show that B2B vendors are more concerned about security than their B2C counterparts, while B2C vendors are anxious about intimacy and restriction privacy. Our findings have important implications for e-commerce consumers and vendors as individual and corporate consumers have varying concerns while transacting online. Individual consumers are concerned about maintaining security and intimacy privacy, whereas corporate users are anxious about regulatory issues. Therefore, B2C vendors should incorporate stringent measures dedicated to confidentiality and protection of consumer data as well as enhance intimacy privacy in their security policies, while their B2B counterparts should focus on enhancing restriction privacy.     

Botnets: To what extent are they a threat to information security?

1. Download : Download high-res image (158KB)
2. Download : Download full-size image

Russian advertisement offering botnet services

The purpose of this article is to examine to what extent botnets pose a threat to information security. In Chapter 1 the terms in the title are defined, and a comprehensive overview of botnets is provided in order to equip the reader with an understanding of the context for the remaining chapters. The motives for using botnets and the methods in which they are used are outlined. The methods of botnet attack are then analysed in terms of their potential impact on information security and a conclusion is drawn that botnets are indeed a threat to information security in general terms.Chapter 2 then goes on to examine the extent of the threat from the three different perspectives of governments, corporate and the general public. The threats from each perspective and their impacts are identified, and each threat type for each perspective is then categorised in terms of probability and potential impact. The extent of the threat of each botnet-related attack from each perspective is then assessed using a model recommended by ISO/IEC 27005:2008, and the conclusion is drawn that the extent of the threat that botnets pose to governments, corporates and the general public is High.In Chapter 3, we look at how law enforcement agencies investigate botnets and the criminals behind them, and establish the challenges they face in doing so. It is clear that law enforcement face an uphill struggle due to technical tricks employed by the botherders to remain untraceable, lack of resources with the necessary skillset, the legal complexity of working with multiple jurisdictions, and procedural delays working with foreign law enforcement agencies. The conclusion is drawn that botnets are here to stay and that for the time being the botherders will have the upper hand.     

Tower cranes survey 2: A decade of non-progress?

Ten years ago the authors carried out a survey on tower cranes in the Birmingham area, and recommended a number of improvements to control layout, warning devices, cabin design and operator training. A later survey enables a comparison to be made, with a review of the application in the intervening decade of the earlier recommendations.     

Out of fear or desire? Toward a better understanding of employees’ motivation to follow IS security policies

Given the significant role of people in the management of security, attention has recently been paid to the issue of how to motivate employees to improve security performance of organizations. However, past work has been dependent on deterrence theory rooted in an extrinsic motivation model to help understand why employees do or do not follow security rules in their organization. We postulated that we could better explain employees’ security-related rule-following behavior with an approach rooted in an intrinsic motivation model. We therefore developed a model of employees’ motivation to comply with IS security policies which incorporated both extrinsic and intrinsic models of human behavior. It was tested with data collected through a survey of 602 employees in the United States. We found that variables rooted in the intrinsic motivation model contributed significantly more to the explained variance of employees’ compliance than did those rooted in the extrinsic motivation model.     

Which social elements are visible in virtual groups? Addressing the categorization of social expressions

Learning is a social process. That is why it is extremely important to understand how students interact socially in online courses and how it affects the learning process. However, social aspects, understood as those expressions or comments that go beyond strictly academic interaction, i.e. the need to carry out group work, are not clearly defined. Researchers have proposed different models of categories to observe or measure social aspects. This paper contributes to this field through addressing the categorization of social expression in online groups through a qualitative research procedure. Specifically, 19 indicators have been identified and organized into 4 categories: formal, attitudinal, emotional and informal. The findings suggest that those indicators related to formal and attitudinal aspects appear more often than emotional and informal ones. Different profiles (Psychology or Computer Engineering) as well as different levels of experience in online learning (beginners or experts) have also been analyzed, concluding that Psychology students turn to social expressions more often than Computer Engineering ones. As students progress in their undergraduate studies, social expressions are perceived and used to the extent that they ease the learning process.     

Do semantic standards lack quality? A survey among 34 semantic standards

The adoption of standards to improve interoperability in the automotive, aerospace, shipbuilding and other sectors could save billions. While interoperability standards have been created for a number of industries, problems persist, suggesting a lack of quality of the standards themselves. The issue of semantic standard quality is not often addressed. In this research we take a closer look at the quality of semantics standards, development processes, and survey the current state of the quality of semantic standards by means of a questionnaire that was sent to standards developers. This survey looked at 34 semantic standards, and it shows that the quality of semantic standards for inter-organizational interoperability can be improved. Improved standards may advance interoperability in networked business. Improvement of semantic standards requires transparency of their quality. Although many semantic standard development organisations already have quality assurance in place, this research shows that they could benefit from a quality measuring instrument.