In May 2018, the new Dutch Intelligence and Security Services Act 2017 (Wet op de Inlichtingen- en veiligheidsdiensten, Wiv) will enter into force. It replaces the previous 2002 Act and incorporates many reforms to the information gathering powers of the two intelligence and security services as well as to the accountability and oversight mechanisms. Due to the technologyneutral approach, both the civil and the military intelligence services are now authorized to, for example, intercept communications in bulk, hack third parties, decrypt files, store DNA or use any other future innovative technology. Also, the national security legislation extends the possibilities for the indiscriminate collection of data, and for the processing, storage and analysis thereof. The process leading to the law includes substantial criticism from the various stakeholders involved. Upon publication of this report, an official consultative referendum is being organized on the new act. The aim of this policy brief is to provide an international audience with a comprehensive overview of the most relevant aspects of the act and its context. In addition, there is considerable focus on the checks and balances as well as the bottlenecks of the Dutch intelligence gathering reform. The selection of topics is based on the core issues addressed during the parliamentary debate and on the authors’ insights.
DOCUMENT
In today’s world, information security is a trending as well as a crucial topic for both individuals and organizations. Experts believe that nothing can guarantee any system’s security unless humans’ information security behavior is taken under consideration. Opening an e-mail attachment without checking its source, sharing account information with other people and browsing websites without checking its reliability can be considered as common mistakes in information security behavior. This study examines the factors affecting information security behavior by scrutinising its relationship with different variables which are information knowledge sharing, information security organization policy, the intention of attending information security training and self-efficacy. The present study extensively analyses the data collected from a survey of 630 people ranging from students to managers aged between 15 to 79 in order to generalize the Turkish context. The results of reliability measures and confirmatory factor analysis support the scale of the study. The present study’s findings show that there is a positive relationship between the factors mentioned above and information security behavior.
DOCUMENT
In this paper we research the following question: What motivational factors relate, in which degree, to intentions on compliance to ISP and how could these insights be utilized to promote endusers compliance within a given organization? The goal of this research is to provide more insight in the motivational factors applicable to ISP and their influence on end-user behavior, thereby broadening knowledge regarding information systems security behaviors in organizations from the viewpoint of non-malicious abuse and offer a theoretical explanation and empirical support. The outcomes are also useful for practitioners to complement their security training and awareness programs, in the end helping enterprises better effectuate their information security policies. In this study an instrument is developed that can be used in practice to measure an organizational context on the effects of six motivational factors recognized. These applicable motivational factors are determined from literature and subsequently evaluated and refined by subject matter experts. A survey is developed, tested in a pilot, refined and conducted within four organizations. From the statistical analysis, findings are reported and conclusions on the hypothesis are drawn. Recommended Citation Straver, Peter and Ravesteyn, Pascal (2018) "End-users Compliance to the Information Security Policy: A Comparison of Motivational Factors," Communications of the IIMA: Vol. 16 : Iss. 4 , Article 1. Available at: https://scholarworks.lib.csusb.edu/ciima/vol16/iss4/1
MULTIFILE
The CARTS (Collaborative Aerial Robotic Team for Safety and Security) project aims to improve autonomous firefighting operations through an collaborative drone system. The system combines a sensing drone optimized for patrolling and fire detection with an action drone equipped for fire suppression. While current urban safety operations rely on manually operated drones that face significant limitations in speed, accessibility, and coordination, CARTS addresses these challenges by creating a system that enhances operational efficiency through minimal human intervention, while building on previous research with the IFFS drone project. This feasibility study focuses on developing effective coordination between the sensing and action drones, implementing fire detection and localization algorithms, and establishing parameters for autonomous flight planning. Through this innovative collaborative drone approach, we aim to significantly improve both fire detection and suppression capabilities. A critical aspect of the project involves ensuring reliable and safe operation under various environmental conditions. This feasibility study aims to explore the potential of a sensing drone with detection capabilities while investigating coordination mechanisms between the sensing and action drones. We will examine autonomous flight planning approaches and test initial prototypes in controlled environments to assess technical feasibility and safety considerations. If successful, this exploratory work will provide valuable insights for future research into autonomous collaborative drone systems, currently focused on firefighting. This could lead to larger follow-up projects expanding the concept to other safety and security applications.
Today, embedded devices such as banking/transportation cards, car keys, and mobile phones use cryptographic techniques to protect personal information and communication. Such devices are increasingly becoming the targets of attacks trying to capture the underlying secret information, e.g., cryptographic keys. Attacks not targeting the cryptographic algorithm but its implementation are especially devastating and the best-known examples are so-called side-channel and fault injection attacks. Such attacks, often jointly coined as physical (implementation) attacks, are difficult to preclude and if the key (or other data) is recovered the device is useless. To mitigate such attacks, security evaluators use the same techniques as attackers and look for possible weaknesses in order to “fix” them before deployment. Unfortunately, the attackers’ resourcefulness on the one hand and usually a short amount of time the security evaluators have (and human errors factor) on the other hand, makes this not a fair race. Consequently, researchers are looking into possible ways of making security evaluations more reliable and faster. To that end, machine learning techniques showed to be a viable candidate although the challenge is far from solved. Our project aims at the development of automatic frameworks able to assess various potential side-channel and fault injection threats coming from diverse sources. Such systems will enable security evaluators, and above all companies producing chips for security applications, an option to find the potential weaknesses early and to assess the trade-off between making the product more secure versus making the product more implementation-friendly. To this end, we plan to use machine learning techniques coupled with novel techniques not explored before for side-channel and fault analysis. In addition, we will design new techniques specially tailored to improve the performance of this evaluation process. Our research fills the gap between what is known in academia on physical attacks and what is needed in the industry to prevent such attacks. In the end, once our frameworks become operational, they could be also a useful tool for mitigating other types of threats like ransomware or rootkits.
Despite their various appealing features, drones also have some undesirable side-effects. One of them is the psychoacoustic effect that originates from their buzzing noise that causes significant noise pollutions. This has an effect on nature (animals run away) and on humans (noise nuisance and thus stress and health problems). In addition, these buzzing noises contribute to alerting criminals when low-flying drones are deployed for safety and security applications. Therefore, there is an urgent demand from SMEs for practical knowledge and technologies that make existing drones silent, which is the main focus of this project. This project contributes directly to the KET Digital Innovations\Robotics and multiple themes of the top sectors: Agriculture, Water and Food, Health & Care and Safety. The main objective of this project is: Investigate the desirability and possibilities of extremely silent drone technologies for agriculture, public space and safety This is an innovative project and there exist no such drone technology that attempts to reduce the noises coming from drones. The knowledge within this project will be converted into the first proof-of-concepts that makes the technology the first Minimum Viable Product suitable for market evaluations. The partners of this project include WhisperUAV, which has designed the first concept of a silent drone. As a fiber-reinforced 3D composite component printer, Fiberneering plays a crucial role in the (further) development of silent drone technologies into testable prototypes. Sorama is involved as an expert company in the context of mapping the sound fields in and around drones. The University of Twente is involved as a consultant and co-developer, and Research group of mechatronics at Saxion is involved as concept developer, system and user requirement verifier and validator. As an unmanned systems innovation cluster, Space53 will be involved as innovation and networking consultant.
