Information and Computer Security: Volume 28 Issue 3

Towards a maturity model for health-care cloud security (M2HCS)

Opeoluwa Ore Akinsanya, Maria Papadaki, Lingfen Sun

The purpose of this paper is to propose a novel maturity model for health-care cloud security (M²HCS), which focuses on assessing cyber security in cloud-based health-care…

Analyzing the usage of character groups and keyboard patterns in password creation

Joakim Kävrestad, Johan Zaxmy, Marcus Nohlberg

Using passwords to keep account and data safe is very common in modern computing. The purpose of this paper is to look into methods for cracking passwords as a means of increasing…

Mobile users’ information privacy concerns instrument and IoT

C. Bryan Foltz, Laura Foltz

Internet of Things (IoT) presents new privacy dilemmas. While IoT is becoming more common, a model to understand privacy concerns has not been established. The purpose of this…

A Clark-Wilson and ANSI role-based access control model

Tamir Tsegaye, Stephen Flowerday

An electronic health record (EHR) enables clinicians to access and share patient information electronically and has the ultimate goal of improving the delivery of healthcare…

Editorial

Moufida Sadok, Peter Bednar

Comparing the protection and use of online personal information in South Africa and the United Kingdom in line with data protection requirements

Adéle Da Veiga, Ruthea Vorster, Fudong Li, Nathan Clarke, Steven M. Furnell

The purpose of this study was to investigate the difference between South Africa (SA) and the United Kingdom (UK) in terms of data protection compliance with the aim to establish…

Assessing the current state of information security policies in academic organizations

Jake Weidman, Jens Grossklags

Colleges and universities across the USA have seen data breaches and intellectual property theft rise at a heightened rate over the past several years. An integral step in the…

Response biases in policy compliance research

Sebastian Kurowski

The purpose of this study is to use a developed and pre-tested scenario-based measurement instrument for policy compliance and determine whether policy compliance measurements in…

It is not my job: exploring the disconnect between corporate security policies and actual security practices in SMEs

Moufida Sadok, Steven Alter, Peter Bednar

This paper aims to present empirical results exemplifying challenges related to information security faced by small and medium enterprises (SMEs). It uses guidelines based on work…