Purpose This paper aims to identify organizations’ information security issues and to explore dynamic, organizational culture and contingency theories to develop an implementable framework for information security systems in human service organizations based soundly in theory and practice. Design/methodology/approach The paper includes a critical review of global information security management issues for HSOs and relevant multi-disciplinary organizational theories to address them. Findings Effective information security management can be particularly challenging to HSO because of their (...) use of volunteer staff in a borderless electronic environment. Organizations’ lack of recognition of the need for staff awareness of information security threats and for training in secure work practices, particularly in terms of maintaining clients’ privacy and confidentiality, is a major issue. The dynamic theory of organizational knowledge creation, organizational culture theory and contingency theory were identified as the most suitable theoretical perspectives to address this issue and underpin an effective information security management framework for HSOs. Research limitations/implications The theory-based framework presented here has not been tested in practice. Such testing will be carried out in further research. Originality/value Currently, there is no framework for information security systems in HSOs. The framework developed here provides a foundation on which HSO can build information security systems specific to their needs. (shrink)

In this critical, feminist account of the management of intersex conditions under 2006's controversial “Disorders of Sex Development” (DSD) treatment model, I argue that like the “Optimal Gender of Rearing” (OGR) treatment model it replaced, DSD aims at securing a cisgendered future for the intersex patient, referring to a normalized trajectory of development across the lifespan in which multiple sexed, gendered, and sexual characteristics remain in “coherent” alignment. I argue this by critically analyzing two ways that intersex management (...) has changed between OGR and DSD: 1) regarding sex‐assignment recommendations for three patient populations and, 2) with the prenatal treatment of pregnant individuals at risk of conceiving a fetus with congenital adrenal hyperplasia with the steroid hormone dexamethasone. I conclude that like OGR before it, DSD also unjustifiably presumes that typical genitalia are necessary for cisgendered development. However, unlike OGR, it appeals to the empirically inadequate, theoretically suspect, and biologically determinist model of gender development known as brain‐organization theory. Given this, I conclude that the treatment of intersex people under DSD continues to be driven by problematically heterosexist and transphobic assumptions regarding the value and normalcy of cisgendered life, while practically and discursively constituting it as such. (shrink)

The main purpose of the study is to determine the key aspects of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents. The methodology includes a set of theoretical methods. Modern government, on the one hand, must take into account the emergence of such a new weapon as cyber, which can break various information systems, can be used in hybrid wars, influence political events, pose a threat to the national (...) security of any state. As a result of the study, key elements of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents were identified. (shrink)

Internet of Things-based environments pose various challenges due to their anytime/anywhere computing, and the efficient cryptographic based key management is one of the major challenges in Internet of Things. The key management life cycle consists of initialization, key generation, key registration, key backup, key update, key recovery, and key revocation. Our contribution in this paper is to summarize the state-of-the-art key management schemes and techniques in different scenarios, such as mobile ad hoc networks, wireless sensor networks, and (...) the Internet of Things environments. Further different issues related specifically to the Internet of Things environment are discussed and the causes and effects pertaining to the security breach for Internet of Things are identified. Furthermore, in this research work, we develop a novel permutation of threshold and identity-based key management schemes for the Internet of Things environment and have proposed future directions to counteract the attacks on confidentiality, integrity, authentication, and availability of security services in the Internet of Things environment and identified the two key management schemes, that is, identity and threshold schemes for Internet of Things, to resolve Internet of Things key management issues and maximum possible security services effective implementation. We evaluate our scheme with the help of mathematical and statistical techniques. (shrink)

The accelerated rates of scientific and technological progress and the intellectualization of the main factors of production play a leading role in ensuring the economic recovery of national economies, in particular in the conditions of the existence of today's post-pandemic consequences. The technological development of the leading countries of economic development poses difficult tasks for other participants in the world economic space to avoid a significant lag, especially in today's post-pandemic society. For the countries of Eastern Europe, this task is (...) complicated not only by political and social tensions, but also by the lack of effective government regulation instruments that could provide support for the high-tech sector as a locomotive for the modernization of the national economy. Moreover, enterprises of the high-tech sector of the economy, being deprived of state support, must independently ensure their functioning by creating a system of economic security. Ensuring safety in a post-pandemic society of such enterprises is characterized by significant differences, which are most related to the need to create safe conditions for the activities of workers - the most valuable resource. The development of enterprises in the high-tech sector of the economy is impossible without taking into account the safety aspects, it requires the intensification of scientific research in this area. The purpose of the article is to form information support for managing the economic security of enterprises in the high-tech sector of the economy in the context of post-pandemic modernization. (shrink)

With the spread of Information and Communication Technologies tools and the Internet, Twenty first century technologies have significantly affected human life, and it has been desired to be obtained continuously. It has become challenging to protect information due to the increase in the methods by which malicious people can get information. As a result, it is crucial to determine people’s awareness levels by revealing the risks and threats to information security. In this context, a study was conducted to show (...) the awareness levels of teachers who come after the family in raising conscious individuals in society. For this purpose, a quantitative research method was adopted for the problem and sub-problems that form the basis of the research. The survey model, one of the research designs used within the framework of the quantitative research method, was used. Information Security Awareness Scale was applied to 394 teachers, and according to the results obtained, it was determined that the information security awareness level of the teachers was moderate. According to the attacks and threats sub-dimension, which includes technical issues, it has been determined that the awareness levels of the teachers are at a medium level. The study results show that female teachers’ information security awareness levels are lower than male teachers. In comparison, the awareness levels of those who received information security awareness training and information technology teachers are higher. (shrink)

Faced with the criticism of the biopolitical control exercised in the COVID-19 pandemic, we defend the importance of a re-examination of the foucauldian reflections so that the critical diagnoses of the present is accompanied by a careful analysis of the fields of force and knowledges in which such controls occur. Bearing in mind the correlation between security mechanisms and the management of insecurities, we argue that in the management of the pandemic by the brazilian executive government, the (...) excesses of power took place more due to the lack of imposing restrictive health measures and obstacles to the control of contagion than through restrictive actions of classical individual freedoms. (shrink)

Promoting Farmer Managed Natural Regeneration (FMNR) aims to increase the productive capacities of farmer households. Under FMNR, farmers select and manage natural regeneration on farmlands and keep them under production. While FMNR contributes to the wealth of farming communities, its contribution to household food security has rarely been researched. We, therefore, used a mixed-methods approach to address the research gap by measuring FMNR’s contribution to food security among farmer households in the Talensi district of Ghana. We adopted the (...) Household Dietary Diversity Score (HDDS) and Food Consumption Score (FCS) to estimate food security status among 243 FMNR farmer households and 243 non-FMNR farmer households. Also, we performed a Chi-square test of independence to compare the frequency of each food group (present vs not present) between FMNR adopters and non-FMNR adopters to establish the relationship between adopting FMNR and consuming the FCS and HDDS food groups. Our results reveal that FMNR farmer households are more food secure than non-FMNR farmer households. The HHDS of the FMNR farmer households was 9.6, which is higher than the target value of 9.1. Conversely, the HHDS of the non-FMNR farmer households was 4.3, which is lower than the target value of 9.1. Up to 86% and 37% of the FMNR farmer households and non-FMNR farmer households fell within acceptable FCS; 15% and 17% of FMNR farmer households and non-FMNR farmer households fell within borderline FCS. While none of the FMNR farmer households fell within poor FCS, 46% of non-FMNR farmer households fell within poor FCS. Adopting FMNR is significantly related to consuming all food groups promoted and benefiting from FMNR practices. The paper recommends enabling farmers in semi-arid environments to practice and invest in FMNR for long-term returns to food security. (shrink)

This paper proposes a roadmap for how privacy leakages from outsourced managed security services using intrusion detection systems can be controlled. The paper first analyses the risk of leaking private or confidential information from signature-based intrusion detection systems. It then discusses how the situation can be improved by developing adequate privacy enforcement methods and privacy leakage metrics in order to control and reduce the leakage of private and confidential information over time. Such metrics should allow for quantifying how much (...) information that is leaking, where these information leakages are, as well as showing what these leakages mean. This includes adding enforcement mechanisms ensuring that operation on sensitive information is transparent and auditable. The data controller or external quality assurance organisations can then verify or certify that the security operation operates in a privacy friendly manner. The roadmap furthermore outlines how privacy-enhanced intrusion detection systems should be implemented by initially providing privacy-enhanced alarm handling and then gradually extending support for privacy enhancing operation to other areas like digital forensics, exchange of threat information and big data analytics based attack detection. (shrink)

Although big-data research has met with multiple controversies in diverse fields, political and security implications of big data in life sciences have received less attention. This paper explores how threats and risks are anticipated and acted on in biobanking, which builds research repositories for biomedical samples and data. Focusing on the biggest harmonisation cluster of biomedical research in Europe, BBMRI-ERIC, the paper analyses different logics of risk in the anticipatory discourse on biobanking. Based on document analysis, interviews with ELSI (...) experts, and field research, three types of framing of risk are reconstructed: data security, privacy, and data misuse. The paper finds that these logics downplay the broader social and political context and reflects on the limits of the practices of anticipatory governance in biobanking. It argues that this regime of governance can make it difficult for biobanks to address possible future challenges, such as access to biomedical data by authorities, pressures for integrating biobank data with other type of personal data, or their use for profiling beyond medical purposes. To address potential controversies and societal implications related to the use of big data in health research and medicine, the paper suggests to expand the vocabulary and practices of anticipatory governance, in the biobanking community and beyond. (shrink)

North Sumatra and West Java in Indonesia, the Andes of Bolivia and Peru, Western Province, the Coast and Machakos in Kenya, were Small Ruminant Collaborative Research Support Program (SR-CRSP) sites in which the role of small ruminants was studied and where technological interventions were designed. In all cases the target groups were poor rural households that could maintain sheep, goats, or South American camelids. The objective was to increase the welfare of families through the use of small ruminant technologies. Access (...) to and control of resources, and intrahousehold dynamics were analyzed to understand if, how, and when, technological interventions help achieve this objective. The way in which the studied villages integrate into the market, the specific role that livestock and other productive enterprises play in the household economy, the risks faced by families in rural areas condition the role of livestock and other resource management technologies. As an asset, small and large stock are gendered, but this is qualified by the alternatives that household members have. Small ruminants under the domain of women, either through production or marketing, are shown to contribute to in-kind consumption or, as liquid assets, to household welfare purchases, in the case of Andean agropastoral households and households in Kenya. Women are also managers of the grazing areas, which are often fallow fields. The research experiences show the relationship between gender, resource management, and the ability to build livestock assets and security, in different houehold production systems. (shrink)

Intensification of entrepreneurial activity in a post-pandemic space requires improved management both at the level of economic security and at the level of the entire enterprise. The expediency of the transition from the extensive type of development of the load management system is substantiated. The scientific approaches to the interpretation of the terms "intensification", "management" and "economic behaviour" are generalized. The attention is focused on the need to create a safe development environment for each enterprise. The (...) expediency of interpreting the term “management intensification” as the influence of a managed subsystem on a managed one with the active use of new technologies and techniques, forms of labour organization, rational use, motivation and development to achieve the objectives is substantiated. The essence of the term “economic behaviour” is considered through the process of development and implementation of managerial decisions, which determine the interaction of the managing and managed subsystems with the subsequent change in the current state and development trends of the entire system. The tasks of security subjects regarding the emergence of new challenges, risks and threats in the face of intensified management of the economic behaviour of enterprises in the post-pandemic conditions of the existence of society are determined. (shrink)

Throughout the history of mankind, energy security has been always seen as a means of protection from disruptions of essential energy systems. The idea of protection from disorders emerged from the process of securing political and military control over energy resources to set up policies and measures on managing risks that affect all elements of energy systems. The various systems placed in a place to achieve energy security are the driving force towards the energy innovations or emerging trends (...) in the energy sector. Our paper discusses energy security status and innovations in the energy sector in European Union (EU). We analyze the recent up-to-date developments of the energy policy and exploitation of energy sources, as well as scrutinize the channels of energy streaming to the EU countries and the risks associated with this energy import. Moreover, we argue that the shift to the low-carbon production of energy and the massive deployment of renewable energy sources (RES) might become the key issue in ensuring the energy security and independency of the EU from its external energy supplies. Both RES, distributed energy resources (DER) and “green energy” that will be based on the energy efficiency and the shift to the alternative energy supply might change the energy security status quo for the EU. (shrink)

In this article, I offer an outline of the papers comprising the special issue. I also provide a brief overview of its topic, namely, the friction between cyber security measures and individual rights. I consider such a friction to be a new and exacerbated version of what Mill called ‘the struggle between liberties and authorities,’ and I claim that the struggle arises because of the involvement of public authorities in the management of the cyber sphere, for technological and (...) state power can put individual rights, such as privacy, anonymity and freedom of speech, under sharp devaluating pressure. Finally, I conclude by stressing the need to reach an ethical balance to fine-tune cyber security measures and individual rights. (shrink)

Managers often ask why their firm should have an ethics program, especially if no one has complained about unethical behavior. The pursuit of business ethics can cost money, they say. It can lose sales to less scrupulous competitors and can drain management time and energy. But as Harvard business professor Francis Aguilar points out, ethics scandals (such as over Beech-Nut's erzatz "apple juice" or Sears's padded car repair bills) can severely damage a firm, with punishing legal penalties, bad publicity, (...) and irreparably injured customer relations. Equally important if less obvious, unethical behavior can undermine a firm's organizational spirit. On the other hand, Aguilar argues, in a well run firm, ethical programs can actually enhance corporate performance, strengthening the company at every level and supercharging employee risk taking and innovation. In Managing Corporate Ethics, Aguilar shows managers how to create ethical programs within their organizations that not only discourage large-scale wrongdoing, but can contribute substantially to the achievement of corporate excellence. Aguilar's program is down-to-earth and comprehensive, and based on his extensive research on highly successful, ethical companies, both large and small. He recommends action on three fronts: first, get senior management to provide effective ethical leadership; second, set up an ethics program that promotes concern for the interests of people affected by the firm's operations and that provides safeguards against corrupting business pressures; and third, staff the company with ethical people and surround the organization with ethical advisors (including legal, financial, accounting, tax, and marketing consultants). To illuminate this three-step program, Aguilar incorporates the lessons learned in his in-depth study of ten prominent firms with proven successful ethics programs--among them Hewlett-Packard, Johnson & Johnson, Nucor Steel, Cray Research, ServiceMaster, and Texas Instruments. He examines Lincoln Electric's attention to compensation and job security to ensure quality products and to reduce the pressure or temptation to act unethically. He shows how General Mills, while pushing product line managers to compete aggressively, uses corporate staff units to guard against illegal or unacceptable claims (testing cake recipes, for example, to see if a product's quality fails under the less-than-perfect conditions of a normal kitchen). And he details how Armstrong World Industries uses pep talks, inspirational stories, role models, and ready access to management to promote ethical standards among employees. Throughout, Aguilar demonstrates convincingly that an ethical program pays dividends: that employees, suppliers, customers, and the community at large know when they are being treated in a positive and constructive manner, and are likely to respond in kind. Packed with real life examples of successful (and failed) ethical programs, Managing Corporate Ethics is a valuable roadmap to an often overlooked source of business success. (shrink)

This research tackled the challenges public secondary schools in Sagbayan District, Bohol, faced regarding records management. The study employed a mixed research design, combining both descriptive-qualitative and descriptive- quantitative methods. The qualitative phase involved conducting in-depth interviews and focus group discussions with relevant stakeholders involved in records management. On the other hand, the quantitative phase utilized survey questionnaires to gather data from relevant stakeholders to determine the acceptability of the proposed MIS among end-users. The first phase findings revealed (...) various challenges in records management faced by the schools, such as inefficient manual record-keeping systems, difficulties in data retrieval, and the risk of data loss due to inadequate backup procedures. These challenges highlighted the need for a comprehensive, technology-driven solution to streamline records management processes and ensure data security. The evaluation results in the second phase showed that the developed Management Information System (MIS) was well-accepted among the end users. The absence of any significant difference in the level of acceptability among the participants further validated the system's suitability for addressing their specific needs. The successful implementation of the MIS proved to be an effective solution to the records management challenges faced by the public secondary schools in Sagbayan District, Bohol. (shrink)

Digitalization has become a cornerstone of competitiveness in the industrial arena, especially in the cases of small lot sizes with many variants in the goods produced. Managers of industrial facilities have to handle the complexity that comes along with Industry 4.0 in diverse dimensions to leverage the potentials of digitalization for their sites. This article describes major drivers of this complexity in current industrial automation to outline the environment of today’s challenges for managers of this technical transition—and shows how managed (...) industrial security services can contribute to stabilize the industrial system. An outlook is given to future automation scenarios as well as the major concepts involved in their protection. (shrink)

In Risk Management, security issues arise from complex relations among objects and agents, their capabilities and vulnerabilities, the events they are involved in, and the value and risk they ensue to the stakeholders at hand. Further, there are patterns involving these relations that crosscut many domains, ranging from information security to public safety. Understanding and forming a shared conceptualization and vocabulary about these notions and their relations is fundamental for modeling the corresponding scenarios, so that proper (...) class='Hi'>security countermeasures can be devised. Ontologies are instruments developed to address these conceptual clarification and terminological systematization issues. Over the years, several ontologies have been proposed in Risk Management and Security Engineering. However, as shown in recent literature, they fall short in many respects, including generality and expressivity - the latter impacting on their interoperability with related models. We propose a Reference Ontology for Security Engineering (ROSE) from a Risk Treatment perspective. Our proposal leverages on two existing Reference Ontologies: the Common Ontology of Value and Risk and a Reference Ontology of Prevention, both of which are grounded on the Unified Foundational Ontology (UFO). ROSE is employed for modeling and analysing some cases, in particular providing clarification to the semantically overloaded notion of Security Mechanism. (shrink)

Purpose This study aims to ascertain the impact of data collecting awareness on perceived information security concerns and information-sharing behavior on social networking sites. Design/methodology/approach Based on communication privacy management theory, the study forecasted the relationship between information-sharing behavior and awareness of data collecting purposes, data collection tactics and perceived security risk using structural equation modeling analysis and one-way ANOVA. The sample size of 521 young social media users in Vietnam, ages 18 to 34, was made up (...) of 26.7% men and 73.3% women. When constructing the questionnaire survey method with lone source respondents, the individual’s unique awareness and experiences with using online social networks (OSNs) were taken into account. Findings The results of the investigation demonstrate a significant relationship between information-sharing and awareness of data collecting, perceptions of information security threats and behavior. Social media users have used OSN privacy settings and paid attention to the sharing restriction because they are concerned about data harvesting. Research limitations/implications This study was conducted among young Vietnamese social media users, reflecting specific characteristics prevalent in the Vietnamese environment, and hence may be invalid in other nations’ circumstances. Practical implications Social media platform providers should improve user connectivity by implementing transparent privacy policies that allow users to choose how their data are used; have clear privacy statements and specific policies governing the use of social media users’ data that respect users’ consent to use their data; and thoroughly communicate how they collect and use user data while promptly detecting any potential vulnerabilities within their systems. Originality/value The authors ascertain that the material presented in this manuscript will not infringe upon any statutory copyright and that the manuscript will not be submitted elsewhere while under Journal of Information, Communication and Ethics in Society review. (shrink)

Enterprise Risk Management involves the process of identification, evaluation, treatment, and communication regarding risks throughout the enterprise. To support the tasks associated with this process, several frameworks and modeling languages have been proposed, such as the Risk and Security Overlay (RSO) of ArchiMate. An ontological investigation of this artifact would reveal its adequacy, capabilities, and limitations w.r.t. the domain of risk and security. Based on that, a language redesign can be proposed as a refinement. Such analysis and (...) redesign have been executed for the risk elements of the RSO grounded in the Common Ontology of Value and Risk. The next step along this line of research is to address the following research problems: What would be the outcome of an ontological analysis of security-related elements of the RSO? That is, can we identify other semantic deficiencies in the RSO through an ontological analysis? Once such an analysis is provided, can we redesign the security elements of the RSO accordingly, in order to produce an improved artifact? Here, with the aid of the Reference Ontology for Security Engineering (ROSE) and the ontological theory of prevention behind it, we address the remaining gap by proceeding with an ontological analysis of the security-related constructs of the RSO. The outcome of this assessment is an ontology-based redesign of the ArchiMate language regarding security modeling. In a nutshell, we report the following contributions: (1) an ontological analysis of the RSO that identifies six limitations concerning security modeling; (2) because of the key role of the notion of prevention in security modeling, the introduction of the ontological theory of prevention in ArchiMate; (3) a well-founded redesign of security elements of ArchiMate; and (4) ontology-based security modeling patterns that are logical consequences of our proposal of redesign due to its underlying ontology of security. As a form of evaluation, we show that our proposal can describe risk treatment options, according to ISO 31000. Finally, besides presenting multiple examples, we proceed with a real-world illustrative application taken from the cybersecurity domain. (shrink)

Connected devices, such as smartphones and tablets, are exposed to a large variety of attacks. Their protection is often challenged by their resource constraints in terms of CPU, memory and energy. Security chains, composed of security functions such as firewalls, intrusion detection systems and data leakage prevention mechanisms, offer new perspectives to protect these devices using software-defined networking and network function virtualization. However, the complexity and dynamics of these chains require new automation techniques to orchestrate them. This chapter (...) describes an automated orchestration methodology for security chains in order to secure connected devices and their applications. This methodology exploits process learning to establish behavioral models and infer security constraints represented as logical predicates. It then generates and merges a set of chains of security functions on the basis of these predicates. These chains are finally compiled into low-level configuration rules and deployed into the network, optimizing for the underlying topology. The benefits and limits of such a methodology combining machine learning and verification techniques are evaluated by a set of experimental results. (shrink)

Moving away from simple data sharing within the science community towards cross-organizational collaboration scenarios significantly increased challenges related to security and privacy. They need to be addressed in order to make cross-organizational applications such as collaborative working environments a business proposition within communities such as eHealth, construction or manufacturing. Increasingly distributed scenarios where many different types of services need to be combined in order to implement semantically enriched business processes demand new approaches to security within such dynamic Virtual (...) Organizations. The allocation of access rights need to be possible in an easy and controlled way in order to allow inexperienced users to maintain the information and ensure compliance e.g. with legal and privacy related regulations. In this paper the focus is how security concepts originating from the Grid domain have been applied for collaborative working environments. The chosen scenarios are a Virtual Laboratory for Infectious Diseases (ViroLab) and different collaborative environments from the engineering domain as defined within the CoSpaces project. The requirements from these scenarios are analyzed and a security model enabling such dynamic, secure and trustworthy collaborations is presented. (shrink)

Purpose: The research explored empirical evidence to assess the impact of cyber security and supply chain risk on digital operations in the UAE pharmaceutical industry. Methodology/Design/Approach: Based on responses from 243 personnel working at 14 pharmaceutical manufacturing companies in Dubai, data were examined for normality, instrument validity and regression analysis. Cyber security and SC risk on digital operations were explored by applying convenient sampling and descriptive and analytical research design. Findings: The findings validated the significant positive association between (...) cyber security and supply chain risk with digital operations. Research implications and Limitations: The research model was developed with three variables evaluated only on the pharmaceutical industry in Dubai. Future research should focus on multiple manufacturing industries by covering a larger geographic area. Practical implications: When suppliers are highly concentrated, customer-focused organisations with uncertain levels of digital transformation could improve their ability to manage supply chain risk by diversifying their clients. Pharmaceutical firms may require a greater focus on technology-based manufacturing firms to build and maintain customer trust. Originality Value: To illustrate how the pharmaceutical industry has explored the relationship between cyber security, supply chain risk and digital operations, the research highlights the significant and convoluted consequences of the relationship model that have not been previously considered. (shrink)

Since the attack on the World Trade Center in New York, and on the Pentagon in the United States, concerns over security issues have been at an all-time high in this country. Both state and federal governments continue to discuss legislation on these issues amid much controversy. One key concern of both employers and employees is the extent that employers, espousing a "need to know" mentality, continue to expand their capability and implementation of surveillance of employees in the workplace. (...) With the technology typically growing faster than the speed of legislation, protective or permissive, the management and legal issues involved in electronic monitoring of employee communications in the workplace, are and well should be on the agenda for discussion of every management and legal team in American business today. Companies have a legitimate right to protect their trade secrets from disclosure by disgruntled employees. Similarly, companies also have a duty to protect their good names and reputations from unauthorized employee communications with outside parties, and even other employees, that may damage them. It is also a prime duty of management to ensure, in their direction of their workforces, that the employees execute their responsibilities by working full time on their stated objectives. In this regard, any management that fails to oversee its workforce to ensure that employees are not expending valuable company time, for which they are being compensated, on personal business, including unauthorized communications, is remiss in its responsibilities to its shareholders. The company may see a reduction of the price of its shares in the marketplace if it does not protect the economic interests of its shareholders. (shrink)

: The market success of managed health plans in the 1990s is bringing to medicine the easy availability of electronically stored information that is characteristic of the securities and consumer credit industries. Protection for medical confidentiality, however, has not kept pace with this information revolution. Employers, the managed care industry, and legal and ethics commentators frequently look to the concept of informed consent to justify particular uses of health information, but the elastic use of informed consent as a way of (...) responding to managed health plans' disclosure of information to third parties fails to address underlying questions involving substantive value choices. (shrink)

We study access control policies based on the says operator by introducing a logical framework called Fibred Security Language (FSL) which is able to deal with features like joint responsibility between sets of principals and to identify them by means of first-order formulas. FSL is based on a multimodal logic methodology. We first discuss the main contributions from the expressiveness point of view, we give semantics for the language both for classical and intuitionistic fragment), we then prove that in (...) order to express well-known properties like ‘speaks-for’ or ‘hand-off’, defined in terms of says, we do not need second-order logic (unlike previous approaches) but a decidable fragment of first-order logic suffices. We propose a model-driven study of the says axiomatization by constraining the Kripke models in order to respect desirable security properties, we study how existing access control logics can be translated into FSL and we give completeness for the logic. (shrink)

Globally, academic integrity and misconduct is a continuing conundrum for education institutions. Whilst the online delivery of education is not new, the onset of Covid-19 with accompanying health and safety limitations and the consequential rapid transition to emergency online delivery of education has, for many, exacerbated the need to focus on emerging potential for new forms of student academic misconduct i.e., e-dishonesty. This paper presents the strategies developed by a higher education institution specializing in university courses for safety and (...) class='Hi'>security professionals in the United Arab Emirates to address academic integrity during Covid-19 and beyond. The fundamental approach draws on lessons learnt from across the education community and focuses on engaging a comprehensive whole of Academy commitment to a high standard of academic integrity. The research investigated the outcomes of the academic integrity interventions in a total student population of 631. The early trending results of the strategies are encouraging, whilst monitoring of the ever-changing academic assessment landscape is pivotal to ensure these early trends are validated and sustained. The strategies developed and deployed by the Academy are replicable and offer a contribution to the demanding and complex challenge of establishing academic integrity within educational institutions across the world. (shrink)

The Common Foreign and Security Policy (CFSP) objectives are an integral part of the overall objectives of the European Union and the policy area has developed from a purely intergovernmental form of cooperation in the days of the European political cooperation to an area in which the member states have increasingly accepted new forms of institutionalization. CFSP decisions are taken by the General Affairs Council, consisting of the ministers for foreign affairs of the member states. In spite of the (...) growing pains in the development of Common Security and Defence Policy (CSDP), the European Union has made significant strides in deploying crisis management operations. However, the issue of defining success of the CSDP is no longer measured in terms of merely launching missions, ensuring mission output, and gathering operational experience. Whenever a common policy does not prove possible, member states are free to pursue their own national foreign policies. (shrink)

Current European innovation and security policies are increasingly channeled into efforts to address the assumed challenges that threaten European societies. A field in which this has become particularly salient is digitized EU border management. Here, the framework of responsible research and innovation (RRI) has recently been used to point to the alleged sensitivity of political actors towards the contingent dimensions of emerging security technologies. RRI, in general, is concerned with societal needs and the engagement and inclusion of (...) various stakeholder groups in the research and innovation processes, aiming to anticipate undesired consequences of and identifying socially acceptable alternatives for emerging technologies. However, RRI has also been criticized as an industry-driven attempt to gain societal legitimacy for new technologies. In this article, we argue that while RRI evokes a space where different actors enter co-creative dialogues, it lays bare the specific challenges of governing security innovation in socially responsible ways. Empirically, we draw on the case study of BODEGA, the first EU funded research project to apply the RRI framework to the field of border security. We show how stakeholders involved in the project represent their work in relation to RRI and the resulting benefits and challenges they face. The paper argues that applying the framework to the field of (border) security lays bare its limitations, namely that RRI itself embodies a political agenda, conceals alternative experiences by those on whom security is enacted upon and that its key propositions of openness and transparency are hardly met in practice due to confidentiality agreements. Our hope is to contribute to work on RRI and emerging debates about how the concept can (or cannot) be contextualized for the field of security—a field that might be more in need than any other to consider the ethical dimension of its activities. (shrink)

The goal of the present research was to identify the mechanism through which job security exerts its different effects on organizational citizenship behaviors among contract and permanent employees from social identity and social exchange perspectives. Our research suggests two distinct, yet related explanatory mechanisms: organizational identification and psychological contract breach, to extend the job security literature by examining whether psychological contract breach and organization identity complement each other and explaining the mechanism of different behaviors response to job (...) class='Hi'>security across employment status. Data were collected from 211 Chinese employees and 61 supervisory ratings of OCBs. Our results showed that relative to psychological contract breach, organizational identification plays a stronger mediating role in the association between job security and OCBs. Evidence from multi-group analyses also suggested employment status moderated the mediation mechanism of organizational identification between job security and OCB. Implications for job security and hybrid employment management are discussed. (shrink)

The relationship of workers to management has traditionally been one of control. However, the introduction of increasingly sophisticated technology as a means of supervision in the modern workplace has dramatically altered the contours of this relationship, giving workers much less privacy and making workers much more visible than previously possible. The purpose of this paper is to examine the current state of technological control of workers and how it has altered the relationship of worker to organization, through the impact (...) upon self as perceived by the worker. (shrink)

Although we are still in the dark when it comes to giving necessary and jointly sufficient criteria for what it takes to be thinking a singular thought, the paradigm cases are just ones where an agent is thinking about some particular object. When we erroneously think that Vulcan is a planet, our thought appears to be singular since it is, after all, about Vulcan. A promising way to explain this is to claim that there is something, a merely hypothetical entity, (...) that is Vulcan. There have been notable supporters for positing hypothetical entities for some time now, but the account of how we create hypothetical entities is still underdeveloped. In fact, we face a puzzle if we assume: (1) hypothetical entities are created by us; (2) we create a given hypothetical entity only when we falsely hypothesize something to be the unique F; (3) we create the hypothetical entity long before we learn that there is no unique F. How can we possibly manage to conditionally and unknowingly create some entity when there is no unique F? In showing how this is possible, it will become clear that we have good reason for preferring a view that posits hypothetical entities over the alternative ways of accounting for our apparently singular thoughts about Vulcan, Pegasus, the Fountain of Youth, and so on. (shrink)

Atomic energy developed from 1940 as a subject shrouded in secrecy. Identified successively as a crucial element in military strategy, national status and export aspirations, the research and development of atomic piles (nuclear chain-reactors) were nurtured at isolated installations. Like monastic orders, new national laboratories managed their specialist workers in occupational environments that were simultaneously cosseted and constrained, defining regional variants of a new state-managed discipline: reactor technology. This paper discusses the significance of security in defining the new subject (...) in the USA, UK and Canada – wartime allies with similar political traditions but distinct trajectories in this field during the Cold War. The intellectual borders and content of the subject developed differently in each country, shaped under the umbrella of secrecy by disparate clusters of expertise, industrial traditions, and national goals. The nascent cadre was contained until the mid 1950s by classified publications and state-sponsored specialist courses. The early context of high security filtered its members and capped enduringly both their professional aspirations and public engagement. (shrink)

In “Risk Based Passenger Screening in Aviation Security: Implications and Variants of a New Paradigm”, Sebastian Weydner-Volkmann describes the current paradigm shift from ‘traditional’ forms of screening to ‘risk based passenger screening’ (RBS) in aviation security. This paradigm shift is put in the context of the wider historical development of risk management approaches. Through a discussion of Michel Foucault, Herfried Münkler and Ulrich Beck, Weydner-Volkmann analyses the shortcomings of such approaches in public security policies, which become (...) especially evident in the aviation security context. As he shows, the turn towards methods of RBS can be seen as an attempt to address a trade-off ‘trilemma’ between the effective provision of security, the implied costs for industry and passengers, and the ethical, legal and societal implications of the screening procedures. In order to analyse foreseeable outcomes of embracing RBS, he differentiates three prototypical variants of the new paradigm on the basis of their main referent and rationale. For each variant, he then subsequently assesses the implications for the ‘trilemma’, after having unveiled the criteria of analysis that will necessarily have to be followed within a serious appraisal of RBS methods. (shrink)

Enterprise Risk Management and security have become a fundamental part of Enterprise Architecture, so several frameworks and modeling languages have been designed to support the activities associated with these areas. Archi- Mate’s Risk and Security Overlay is one of such proposals, endorsed by The Open Group. We investigate the capabilities of the proposed security-related con- structs in ArchiMate with regard to the necessities of enterprise security modeling. Our analysis relies on a well-founded reference ontology of (...) security to uncover ambiguity, missing modeling elements, and other deficiencies of the security mod- eling capabilities in ArchiMate. Based on this ontologically-founded analysis, we propose a redesign of security aspects of ArchiMate to overcome its original limitations. (shrink)

Managed Care Organizations (MCOs) are frequently criticized for their marketing mistakes. Often that criticism is leveled against an implicit benchmark of an ideal competitive market or an ideal system of government provision. But any accurate assessment in the choice of health care organizations always requires a comparative measure of error rates. These are high in the provision of health care, given the inherent uncertainties in both the cost and effectiveness of treatment. But the continuous and rapid evolution of private health (...) care mechanisms is, in the absence of regulation, more likely to secure access and contain costs than any system of government regulation. State regulation is subject to the risk of capture and to the sluggish and acquisitive behavior of state run monopolies. The proposed fixes for the MCOs (rights to specialists, access to physicians outside the network, guaranteed emergency room access) are likely, when imposed from without, to cost more than they are worth. The long-term risk is that markets will fail under regulation, paving the way for greater losses from massive government control of the health care delivery system. (shrink)

The security of the civil aviation network is closely related to flight safety. Security situation prediction is the advanced stage of situational awareness in the civil aviation network. In this article, a prediction approach of security situations for the air traffic management network is proposed on the basis of the wavelet neural network. The proposed approach adopts the wavelet theory and neural network, combining a time-series forecasting method for the prediction of security situations in the (...) civil aviation network. The experimental results show that this approach has the advantages of fast training and high prediction accuracy. (shrink)

The evaluation index system of ecological security of marine ranching is based on the assumption that there is independence among evaluation indexes in the existing studies, which ignores the complex interactive paths of marine ranching as an artificial ecosystem. In this study, the MRES evaluation network model that includes interdependent relationships is established based on the Driver-Pressure-State-Impact-Response model and the analytic network process method. Then, the probabilistic linguistic term sets and analytic network process methods are used to calculate the (...) weights of the evaluation indexes of MRES. The overall evaluation value and the contribution rate of clusters are consequently defined and analyzed to reflect the performance of MRES. Finally, a case study is carried out for evaluating the MRES of marine ranches in Rongcheng by means of the proposed method. The conclusions are summarized as follows: The weights of clusters are ranked as Responses > Impact > Driver > State > Pressure, and “scientific management of fishery resources” is the most important index; the MRES performance of marine ranches in the city of Rongcheng is at the medium security grade on the whole, and all 11 samples are driven by the response. (shrink)

This work presents a system to detect small boats to help tackle the problem of this type of perilous immigration. The proposal makes extensive use of emerging technologies like Unmanned Aerial Vehicles combined with a top-performing algorithm from the field of artificial intelligence known as Deep Learning through Convolutional Neural Networks. The use of this algorithm improves current detection systems based on image processing through the application of filters thanks to the fact that the network learns to distinguish the aforementioned (...) objects through patterns without depending on where they are located. The main result of the proposal has been a classifier that works in real time, allowing the detection of pateras and people, kilometres away from the coast. This could be very useful for Search and Rescue teams in order to plan a rescue before an emergency occurs. Given the high sensitivity of the managed information, the proposed system includes cryptographic protocols to protect the security of communications. (shrink)

Forecasting is an integral part of the planning process and analogously without forecasting we cannot even attempt to understand all the complexity of today’s world, the phenomena and processes that occur in it, the complexity of situations and systems if we do not face the need from their understanding and prediction. Analysing all aspects of forecasting is a very complex and difficult task, as it is characterized by great dynamism, complexity, and specificity. Therefore, the study of forecasting should primarily be (...) based on its full understanding and differentiation from other security management functions to avoid any one-sidedness. Forecast within the framework of this paper primarily has several meanings. First, significant specifics and characteristics of the forecasting are determined. Second, in the context of forecasting, the emphasis is on forecasting and prognosing. Third, theoretical explication refers to establishing the causality of forecasting and planning in order to perceive the dialectical relationship and connection. (shrink)