The NSA is holding a competition for authors of information security focused research papers. See the attached document for details. NSA_paper_compads-12.20
Capella Learner Brian Toevs just completed his dissertation, “THE INFLUENCE OF WRITTEN INFORMATION SECURITY POLICY ON DIGITAL FORENSIC DATA ANALYSIS: A CASE STUDY OF LAW ENFORCEMENT AND PRIVATE INVESTIGATIVE OPERATIONS ”
The purpose of this qualitative case study was to identify factors that lead to procedural errors in digital forensic analysis. The study investigates the analysis phase of the examination of personal computers as part of an overall forensic analysis. The study utilized the case study methodology in order to evaluate the responses of distinct groups of individuals who are active practitioners in law enforcement, military, corporate, and private practice. The results provided a set of factors that should be considered in establishing or validating written security policy for digital forensic analysis. This study also validated the contribution that continuous training linked to formalized procedures significantly reduced the factors that could lead to errors in digital forensic analysis.
Brian Toevs, PhD, MBA
Congratulations Dr. Toevs
Capella Learner Yohannes Tadesse just completed his dissertation, “An Investigation of Influencing Factors for Adopting Federated Identity Authentication in Service-Oriented Architecture (SOA)”
The dissertation explored information technology (IT) decision-makers’ perceptions and the influencing factors that might contribute towards the adoption of new software technology to augment information security implementations within the state government agencies. As part of strategic business decision to adapt enterprise-wide information security framework, the overall competitive advantages of federated identity authentication mechanism could be reflected based on the four factors analyzed. The study took a quantitative research approach and utilized a cross-sectional survey to evaluate the influencing factors with the intent to accept or reject (recommendation – dependent variable) a new technology. As widely as it has been used, this study pursued Technology Acceptance Model (TAM) framework by adding cost-effectiveness (CE) and security-effectiveness (SE) to the existing perceived ease of use (PEOU) and usefulness (PU) influencing factors (independent variables).
The study reviewed several studies that have utilized similar design to investigate the acceptance of technological innovations. This study presented four research questions whereas each question defines the null and alternate hypotheses. Consequently, the purpose of this quantitative study is to assess the influencing factors of why IT decision-makers do not adopt federated identity authentication mechanisms across enterprise-wide IS within the state agencies. For the data analysis, Cronbach alpha coefficient, correlation analysis, and multiple regression analysis were conducted to provide characteristics of sample and statistical findings pertaining to this study. The results from the data analysis indicated that significant relationships of PU, PEOU, and CE were obtained with IT decision-makers’ intention to recommend federated identity authentication technologies. However, SE was not a strong predictor to recommend the use of authentication technology. The implications of this study were to provide IT decision-makers insights about the adoption of authentication technologies and to make informed decisions on future improvement of information security implementations.
Yohannes Tadesse, Ph.D
Password policy has long been a topic of debate in the information security community. Here is an interesting study that suggests that users can be overwhelmed by aggressive policies and may do more harm than good.
Check it out and share your thoughts.