Human errors and violations in computer and information security: the viewpoint of network administrators and security specialists

This paper describes human errors and violations of end users and network administration in computer and information security. This information is summarized in a conceptual framework for examining the human and organizational factors contributing to computer and information security. This framework includes human error taxonomies to describe the work conditions that contribute adversely to computer and information security, i.e. to security vulnerabilities and breaches. The issue of human error and violation in computer and information security was explored through a series of 16 interviews with network administrators and security specialists. The interviews were audio taped, transcribed, and analyzed by coding specific themes in a node structure. The result is an expanded framework that classifies types of human error and identifies specific human and organizational factors that contribute to computer and information security. Network administrators tended to view errors created by end users as more intentional than unintentional, while errors created by network administrators as more unintentional than intentional. Organizational factors, such as communication, security culture, policy, and organizational structure, were the most frequently cited factors associated with computer and information security.     

Soundscape, sonification, and sound activism

In this article, the author will argue that the act of listening through public soundwalks and other formal and informal exercises builds environmental and social awareness and promotes changes in social and cultural practices. By examining the act of listening as an alternative pathway and comparing the research, writings, and creative work of leaders of the acoustic ecology movement (i.e., R. Murray Schafer, Hildegard Westerkamp, and Bernie Krause), the author hopes to shed light on these potentials. For purposes of comparison, projects that explore the sonification and audification of inaudible signals will be examined, including the work of Christina Kubisch. The process of audification and sonification of these signals will be examined in comparison to soundscape experiences in order to develop a theory of data sonification based on the soundscape. In order to build a community around the urban soundscape, in 2003, the author co-founded the New York Society of Acoustic Ecology. Through this endeavor, she co-created the ongoing NYSoundmap and Sound Seeker projects, which provide some practical research for this article. Thus, by comparing and contrasting theoretical writings with leading listening exercises, public soundwalks, soundscape-related brainstorming sessions, and presenting field recordings in various settings, new methodologies will be documented.     

A moderate constructivist e-learning instructional model evaluated on computer specialists

This paper presents a novel instructional model for e-learning and an evaluation study to determine the effectiveness of this model for teaching Java language programming to information technology specialists working for the Spanish Public Administration. This is a general-purpose model that combines objectivist and constructivist learning theories and is based on the concept of learning objective. The purpose of the evaluation study is to find out whether the results of using this distance learning instructional model to teach this subject are comparable to learning in a traditional face-to-face classroom, with the plus of eliminating travel and maintenance expenses of the public servants attending the course and also saving time. The learners, selected at random to participate in this study, were divided into three groups depending on the type of teaching/learning they received: traditional classroom, distance learning with virtualized course contents and distance learning based on the proposed instructional model. The results indicate that the grades and satisfaction levels were similar for learners taught using the proposed instructional model and learners taught in the traditional classroom. Moreover, they were substantially better than for distance learning with virtualized contents, although the mean course learning time is greater.     

企业计算机信息安全工作的研究

计算机网络信息安全在国民生活中受到越来越多的关注,原因在于：许多重要的信息存储在网络上,一旦这些信息泄露出去将造成无法估量的损失。之所以网络信息会泄露出去,一方面有许多入侵者千方百计想“看”到一些关心的数据或者信息;另一方面网络自身存在安全隐患才使得入侵者得逞。针对这些问题,该文归纳并提出了一些网络信息安全防护的方法和策略。     

Practical computer graphics for scientific users: Philosophy and implementation

The scientific computer user presents a unique challenge to the graphics system designer. If the graphics system is properly designed and implemented, computer graphics becomes a vital research tool for the scientific user. These users' desires and expectations play an important role in every phase of the design process.This paper describes the philosophy of the graphics system at the National Center for Atmospheric Research (NCAR) and its implementation. Details of algorithms are not presented; rather the purpose has been to describe a successful computer graphics system which may serve as a guide for other designers who desire to provide practical computer graphics. This graphics system operates under a batch-mode computer system without using interactive terminals.     

计算机信息技术的应用初探

近几年的数字科技发展的非常快,计算机更是走进行千家万户,人们的生活越来越离不开它,计算机信息为适合社会的不断发展,技术的发展也成为当前科技的发展重心,而且由于社会的需求,也为计算机技术发展提供了一个广大的空间.在此文中,主要对计算机信息向哪个方向发展,以及其在现实中的应用做了系统的研究和分析.     

计算机信息系统安全问题及其解决措施

在信息技术飞速发展的大环境下,计算机信息系统的重要地位逐渐显现,计算机信息系统是保持社会信息化、现代化的大前提,计算机信息系统的安全问题对国家及社会稳定有巨大影响。着重从计算机信息系统的安全状况、策略,影响计算机信息系统安全的因素、问题及其解决方案等几个方面展开论述,凸显出提升计算机信息系统安全的必要性和迫切性。结合计算机信息安全技术特点及适用人群,列出了一系列可能出现的安全问题及其解决方案,让用户在使用信息系统的过程中可以有效规避这些问题。进一步探讨了如何对信息系统安全性进行优化升级。     

A two-stage information criterion for stochastic systems revisited

Two-stage information criteria for model selection are constructed by properly penalizing the maximized likelihood. A well known criterion is due to Hannan and Quinn (HQ). The applicability of HQ to multivariable, non-Gaussian, linear stochastic systems has been established by Hannan and Deistler deriving an asymptotic result for the maximized quasi-likelihood function. The objective of the paper is to provide a new, transparent and structured proof of the latter result, based on explicitly stated known techniques, under conditions only slightly stronger than those used by Hannan and Deistler. The advantage of our approach is that it naturally lends itself to the analysis of other models, such as Markov or Hidden Markov Models.     

The weakest link revisited [information security]

It is a common saying that a chain is only as strong as its weakest link-a phrase information security officers, IT managers, consultants, researchers, journalists, and opinion makers reiterate ad nauseam when referring to an organization's information security posture. Most in the information security community would agree that a security architecture is only as strong as its weakest link. However, they usually cannot agree on what that is, and no expert risks making a definite statement about it. We can argue that a security strategy's weakest component will vary from one organization to in other but perhaps we should compare past perceptions of what a weakest link is to what it could well be in the near future.     

User information satisfaction,job satisfaction and computer background: An exploratory study

The relationships among user information satisfaction (UIS), job satisfaction and the users' computer background were examined. UIS was measured using a modified version of the short-form of UIS, while job satisfaction was measured using the short-form Minnesota satisfaction questionnaire (MSQ). We found that UIS provides a sound indication of job satisfaction. However, none of the user computer-background parameters has any significant effect on UIS and job satisfaction. Data for the study were collected from three large organizations which had similar organizational structure and comparable information systems maturity; people who used computer as part of their jobs were randomly selected to take part in the study. A study with more organizations would yield better results.     

Bologna process revisited: educating information security and malware experts

The Bologna process has resulted in the re- structuring of undergraduate and graduate education across Europe. This paper outlines what these changes mean for acquiring degrees in information security and how various universities have tried to respond to these demands. What is unclear at this stage is how the offering of continuous master degrees at Polytechnic and Applied Science Universities will affect the content and curriculum being taught in computer science and information security in particular. This question must be addressed since polytechnics are more industry focused and less research oriented than their university-counterparts. What seems to be clear at this stage is that continuous type master programs in computer science demand a greater level of mathematical knowledge than specialized masters. Moreover, due to the amount of credits that must be acquired, graduates of these types of programs will bring a deeper knowledge about the specialization such as, information security or malware, they acquired at university. This movement toward greater convergence in post secondary education may not have made things easier for recruiters, who are trying to hire graduates in information security or anti-virus experts. In fact, as this paper shows while the Bologna process may have eliminated the obvious differences, countless intricate and not so obvious differences have been added making it sometimes obscure for a bystander.     

计算机网络信息安全分析与管理

Internet网络已经改变了我们的生活,在我们的工作和生活中已经离不开网络,但是网络中存在的一些安全方面的问题,也给我们带来了很大的困扰.对计算机网络信息进行安全分析和管理,不但关系到我们的日常生活,还会给企业经营、国家以及政府的安全造成严重的困扰.本文主要从计算机网络信息安全以及其安全的现状出发,进行计算机网络信息安全管理办法的探讨,并提出了一些意见和建议,希望能够改善当前我台存在的网络安全问题.     

Self-efficacy beliefs, computer training and psychological well-being among information and communication technology workers

This study examines the factorial structure of self-efficacy and the relationship among different levels of self-efficacy (i.e., generalised, professional and computer) and psychological well-being and training among Information and Communication Technology (ICT) workers. The sample was made up of 496 workers from different occupational sectors using ICT in their jobs and a subsample of these workers who were trained in ICT. Results show that (1) the generalised-specific structure is maintained in the three levels as expected but in fours factors: i.e., generalised self-efficacy, professional self-confidence, achieving professional objectives and computer self-efficacy. (2) There is a negative and significant relationship between self-efficacy and different psychological well-being indicators. (3) Computer attitudes moderated the relationship between computer training (i.e., number of training hours) and professional self-confidence. So far, workers with high positive attitude towards ICT, when number of hours are high, their levels of professional self-confidence increase, but it depends on the number of training hours (i.e. more training hours, more self-confidence). However, workers with low levels of positive attitude towards ICT experimented a decrease in professional self-confidence. In conclusion, training has not a direct influence on self-efficacy but moderated by type of training. Limitations of the study and practical implications of these findings are discussed.     

计算机网络信息存储安全设计

计算机所具有的连接方式因其多样性、应用技术复杂性和网络广泛性以及互相关联性等特征,导致计算机网络信息存储安全问题的出现并且愈发复杂。针对来自各方面的诸多威胁和系统本身的脆弱性,通过建立计算机网络信息的危险控制模型、控制网络信息访问数据、鉴别网络信息用户身份等方法,制定出计算机网络信息存储安全的具体措施,以此来保证存储信息系统的运行安全。     

计算机信息管理在企业中的应用

以往企业的管理和运行主要以人工形式为主,其不但在效率方面具有一定劣势,同时准确率也较低,难以追溯失误的具体环节。而运用信息化的技术手段参与企业的管理工作﹐可明显提高企业运营的自动化水平、工作效率和信息可靠性。因此,有效提高计算机信息管理在企业中的应用水平,能全面推进企业的稳定发展。     

Spatial information displays on a wearable computer

Increasing portability of computing power marks a broad emerging trend in advanced human-computer interaction. Wearable computers, the next generation of portable machines, worn on the body, provide constant access to computing and communications resources. However, wide adoption of wearable computers first requires solving unique interface challenges. One of the most important is how to present and interact with information in a wearable environment. We designed and evaluated three methods for presenting information in a wearable environment. Subjects found spatial displays easier and more effective. Spatial audio and visual cues further enhanced performance     

Interpretation of image information for computer calculations

A model of a digital image as a sequence of its mappings to a sum of invariant and variable representations is proposed. The invariant representation is independent of the changes in the variable representation in certain calculated limits and is interpreted as a virtual carrier of the variable representation (message). The information quantity (natural, intrinsic, and noise) is interpreted sensu stricto with respect to the quantity of the arbitrary digital data of the message transferred by the image. A characteristic application involves the solution of the problem on the embedding of digital information into the image via two independent communication channels. Mikhail V. Kharinov. Born 1953. Graduated from Leningrad State University in 1978. Received candidate’s degree in 1993. Senior researcher at the St. Petersburg Institute of Information Science and Automation, Russian Academy of Sciences. Scientific interests: analysis of numerical information, system of numerical representation, hierarchical data structures, idempotent transformations, unified algorithms for processing of images and audio signals, color transformation of images. Author of 60 papers, including a patent.     

浅析计算机网络信息安全问题及对策

随着IT应用在生活中的日益普及,互联网已经覆盖了175个国家和地区的数亿台计算机,用户数量超过lO亿计算机技术广泛应用于各行各业,向着深度和广度不断地发展,构成了各自的网络,为资源共享、信息交换和分布处理提供了良好的环境,企业上网、政府上网、学校用网以及网上购物等计算机的应用表现了一个网络化的社会已经呈现在我们的面前、因此,在增加网络实用性的同时,系统的脆弱性不可避免的显露了出来,使计算机网络面临严重的安全问题。!