Vol. 7 Issue 2
Editorial
This edition of JIW contains papers from authors who are from academia and industry. William Sousan and his colleagues from the KEWI Research Group at the University of Nebraska investigate open source intelligence using a tailored information delivery service system, whilst Andy Luse, Anthony Townsend and Kevin Scheibe from Iowa State University present a new method for secure message transmission. In addition, we have three papers from authors who presented at the 7th European Conference on Information Warfare inPlymouth,UK, in June of this year. The first of these papers by Andrea Cullen and Ian Mann presents an interesting industry/academic perspective on balancing a layered approached in security to counteract social engineering. Linda Finch and Richard Vaughan from General Dynamics UK Limited then propose an engineering ‘ fit for purpose’ security system which seeks to create flexibility in adapting to changing resource and information sharing requirements in the military. Lastly, Chris Flaherty argues that information deception is a core component of three dimensional tactics, which seeks to develop spherical security protection, particularly in the context of terrorist attacks.
As ever, we are seeking quality papers for publication. Whilst, most papers are of an academic nature, we also welcome papers with opinions on relevant topics from knowledgeable persons. Such papers do not require such rigorous analysis by peers. All submissions can be emailed directly to me at trish.williams@ecu.edu.au .
Dr Trish Williams
September, 2008
Table of Contents
Paper 1: Collecting Open Source Intelligence via Tailored Information Delivery Systems
W.L. Sousan, Q.Zhu, R. Nickell, W. Mahoney, P. Hospodka
Paper 2: Software Implementation using Hardware-Based Verification for Secure Content Delivery
A. Luse, A.M. Townsend, K.P. Scheibe
Paper 3: Hacking the Human: Countering the Socially Engineered Attack
A.J. Cullen, I.Mann
Paper 4: Towards Fit for Purpose Security in Military Systems
L. Finch, R. Vaughan
Paper 5: 3D Tactics and Information Deception
C. Flaherty
About the Authors
Andrea Cullen has many years industrial experience as a computer programmer and systems analyst working on projects throughout the UK . Her academic career spans two disciplines: computer science; and management. She is currently a lecturer in computing, teaching operations management, business systems security and e-business. Main areas of research include: e-commerce; e-government; and issues associated with IS security within organisations.
Christopher Flaherty is currently an independent critical infrastructure protection advisor, and regular security and defence conference contributor. Currently living in London, he is a Visiting Fellow in Safety and Risk at the University of New South Wales , where he is co-developing a research group in Counter Terrorism Vulnerability Analysis. He earned his PhD in Philosophy in 2002. Following 2005, he was the network administrator for the Research Network for a Secure Australia and research leader for counter-terrorism. From 2006, he was the security and counter-terrorism R&D manager at Sinclair Knight Merz, and was their research leader for the Building Vulnerability Analysis Project, and more recently, he was the Principal Consultant with Critical Infrastructure Protection Pty Ltd., a role he still has.
Linda Finch is employed by General Dynamics United Kingdom Limited as a Security Research Engineer. She is currently pursuing her Ph.D, sponsored by the organisation, and is affiliated to Cardiff University . Her research interests lie in engineering ‘Fit for Purpose Security’ through the synthesis of security policy, control mechanism and architecture, where the security profile of a system may be dynamically modified in accordance with changes detected in the external environment.
Peter Hospodka completed his B.S. in Computer Science from the University of Nebraska at Omaha in 2006, and completed his M.S. in Computer Science also at the University of Nebraska at Omaha in 2008. He is a software engineer with interests directed towards Artificial Intelligence and its applications, with a focus in developing Web applications.
Andy Luse is a PhD candidate in Computer Engineering and Human Computer Interaction at Iowa State University . His research interests include network and computer security, visualization for network and computer security, and user interface design and usability. He is a member of the Association for Computing Machinery, the Institute of Electrical and Electronics Engineers, and the Association for Information Systems.
Anthony M. Townsend, Ph.D. is the Accenture Faculty Fellow and Associate Professor of MIS at Iowa State University . He received his MS and Ph.D. from Virginia Polytechnic Institute and State University and conducts research in collaborative systems and virtual teams. He has published in MIS Quarterly, Information Systems Research, the Communications of the ACM, along with a number of other venues. He is currently conducting research in a variety of collaborative systems designed to enhance a variety of organizational processes, including security.
Richard Vaughan is a senior network research engineer at General Dynamics UK Ltd where is engaged in projects related to tactical networking and routing. He also maintains a keen research interest in security, QoS, and embedded systems.
Qiuming Zhu is a professor of computer science at the University of Nebraska at Omaha . He received his Ph.D. in computer and systems engineering from Rensselaer Polytechnic Institute in 1986, was a postdoctoral Research fellow in the Center for Computer Aids for Industrial Productivity at the Rutgers University, and was an assistant professor of computer science and engineering at the Oakland University from 1986 to 1990. His research interests include digital image processing and computer vision, pattern recognition, neural networks, multi-agent software systems, and artificial intelligence applications in science and engineering.
William R. Mahoney received his B.A. and B.S. degrees from Southern Illinois University, and his M.A. and Ph.D. degrees from the University of Nebraska . He is an Assistant Professor and Graduate Faculty at the University of Nebraska at Omaha Peter Kiewit Institute. His primary research interests include language compilers, hardware and instruction set design, and code generation and optimization. Prior to the Kiewit Institute Dr. Mahoney worked for 20+ years in the computer design industry, specifically in the areas of embedded computing and real-time operating systems.
Ian Mann MBA BEng is a Senior Systems Consultant with ECSC Ltd. He is a certified security specialist (CISSP) and a CESG Listed Advisor (CLAS) with GCHQ, holding security clearance. In addition, Ian is a Payment Card Industry Qualified Security Assessor (PCI QSA). He has been commissioned by Gower Publishing to write ‘Hacking the Human – Social Engineering Techniques and Countermeasures’ Management and a former Director of the Australian Institute of Computer Ethics.
Ryan Nickell is presently pursing his Master’s degree in Computer Science at the University of Nebraska, Omaha . His research interests include natural language processing, web applications, and the semantic web.
Kevin P. Scheibe is an Assistant Professor of Management Information Systems at Iowa State University . His research interests include IT privacy and security, supply chain risk, spatial decision support systems, wireless telecommunications, and IT outsourcing. He is a member of the Association for Information Systems and the Decision Sciences Institute. Dr. Scheibe has published in journals such as European Journal of Operations Research, Decision Support Systems, Journal of Information Privacy and Security, Computers and Electronics in Agriculture and Computers in Human Behavior. He received a PhD. from Virginia Polytechnic Institute and State University .
William Sousan holds a Bachelor and Master of Science degree in Computer Science and is currently a PhD student at the University of Nebraska at Omaha . His interests are semantic web, web intelligence, ontologies, knowledge modelling, and information retrieval and extraction. He presently is employed as a software engineer of embedded systems for TSI in Omaha, Nebraska .