Papers by Stewart Kowalski
AHFE international, 2023
In this paper we present our ongoing research where we are attempting to integrate sustainable de... more In this paper we present our ongoing research where we are attempting to integrate sustainable development issues into a megagame designed to teach cybersecurity. There are several serious games that have been developed to teach and inform individuals about sustainability issues but none that deal specifically with both cybersecurity and sustainability issues. A Megagame is a multiplayer game with between 30-40 players who play in teams of 3-5 players that take on specific roles in dealing with complex problems that cover subject matters ranging from science fiction and heroic fantasy to political, economic, historical, and even cyber conflicts. We have built and tested a megagame entitled CS -Technopoly using the socio-technical framework of sustainability proposed by Geels and integrated it further with the Security by Consensus Model proposed by Kowalski. The intended learning objectives of the game, such as teaching adversarial and sustainable systems thinking by exposing the students to cyber threat intelligence reports and cyber security investments decision making, were tested by performing semi-structured interviews of a stratified sample of the participants. Preliminary results from 11 interviews from the two first trials of CS Technopoly indicate that the participating security experts found that C.S. Technopoly would be a useful tool for team building and improving collaboration between security departments and upper strategic management
In this early stage paper we present a draft of an IT Security Risk Escalation Capability Maturit... more In this early stage paper we present a draft of an IT Security Risk Escalation Capability Maturity Model. This model is used to develop a new approach to IT Security Risk Management where IT Security Risk Management is placed as a recurring activity at all levels of the organization including the strategic, tactical and operational levels. To construct this model we combined ISO 27005 framework for IT Security Risk Management with NIST Multitier framework and take elements from the ISAC IT Risk framework. We end our paper with an outline of our current plans to evaluate this escalation maturity model by using expert groups to rank outcomes of response to similar IT incidents by different organization that have been ranked according to this maturity model. In this way we hope to establish if there are correlations as to the maturity level of an organization and how well it responds to an IT incident.
Information Security, May 12, 1993
This paper presents a socio-technical security model for security systems that include both the s... more This paper presents a socio-technical security model for security systems that include both the system being defended and the attacking system. We first model security as a ratio or function of the states that an attacker can produce over the states that defend can control. We then sub divided the control states of a defending systems using the security value chain and socio technical system security model. The paper then presents two attempts to validate the acceptance of the defense model using cross culture surveys of individuals from over 20 different countries indicate culture variation in security modeling. An example of how an attacker can model an attack strategy is given at the end of the paper. The paper concludes with a discussion of how the modeling can be new research in modeling criminal organization using effective based operations methodology.
International Conference on Communications, 2013
The ISO27005 is an international standard that gives recommendation on IT Security Risk Managemen... more The ISO27005 is an international standard that gives recommendation on IT Security Risk Management Methods. In this short paper we outline a criteria framework to analysis 7 of the major IT security risk methodology used. This framework can be used by organizations to select the appropriated methodology to fit their organizations risk posture and risk environment.
Information security (IS) has been categorized as protecting the confidentiality, integrity, avai... more Information security (IS) has been categorized as protecting the confidentiality, integrity, availability, authentication and accountability of information. There is a gap between what companies and institutions plan to do while developing their internal IS-related policies and what it should be done according to a system perspective in this area. Our task as researchers is to bridge this gap by offering potential solutions. The aim of our work is to promote the usage of a socio-technical systems (STS) approach to support the emerging role of systems thinking in cyber security education using simulation as a supporting tool for the learning. Meanwhile, new trends in cyber security curricula suggest an important shift towards new thinking approaches to be used, such as systems thinking.
PubMed, Feb 1, 1994
The paper starts off by first briefly discussing the necessary ethical, legal and administrative/... more The paper starts off by first briefly discussing the necessary ethical, legal and administrative/management controls that are required before the mechanisms of accountability controls can be implemented in automated clinical patient record systems. After these social aspects are discussed the technical aspects of the ALS are outlined. The security concepts of the ECMA framework are reviewed and used to explain the technical design of the ALS. A walk-through of the server in a typical patient record transaction is used to explain the operations of the server. The paper concludes with a general discussion of the usefulness of accountability mechanisms in making security in health care information work in practice.
Computers & Security, May 1, 1991
This report is an a&is of the 1989 12th U.S. Nitional Compu_ter Security Conference using the SII... more This report is an a&is of the 1989 12th U.S. Nitional Compu_ter Security Conference using the SIIS project's cybernetic analysis methodology SBC. The papers presented at the conference are classified using the SBC static classification scheme. Once the papers are classified the SBC dynamic classification scheme is used to chart trends and tendencies in the computer security problems and solutions.
This paper presents a Framework for adaptive information security systems for securing informatio... more This paper presents a Framework for adaptive information security systems for securing information systems. Information systems today are vulnerable and not adaptive to the dynamic environments because initial development of these systems focused on computer technology and communications protocol only. Most research in information security does not consider culture of users, system environments and does not pay enough attention to the enemies of information systems. As a result, users serve technology instead of technology serving users. We apply the Systemic-Holistic Approach, the living systems theory, the Immune system, Systems theory, Cybernetics, and Socio-Technical systems to provide adaptability features, to consider culture of users and system environments in developing and designing information security systems. We apply sociotechnical measures to secure the weak links in information security systems that have been created by culture of users. This security framework will help researchers and designers consider not only communication protocols and technology but also values of people like culture, legal, and traditions; environments where information systems run; and adaptive features in information security systems.
Simulation Modelling Practice and Theory, Apr 1, 2022
This paper is largely based on a state of the art report covering the information security (IS) m... more This paper is largely based on a state of the art report covering the information security (IS) metrics area produced as part of the Controlled Information Security (COINS) research project funded by the Swedish Civil Contingencies Agency (MSB) and the comprehensive literature review conducted while compiling the report. The report's findings are summarized and some of the key issues discovered in the course of the literature review are reflected upon. Additionally, the paper describes a conceptual systemic scheme/model for the research process, while explaining its relevance to the subject area, that may help with resolution of the outlined issues in future research in the area. The paper is written principally with a management/governance (rather than engineering) perspective in mind.
Many developing nations are looking to IT infrastructure investments as means to reach sustainabl... more Many developing nations are looking to IT infrastructure investments as means to reach sustainable economic growth. They strive to automate various processes in anticipation to improve production and quality of service to meet millennium development goals and cope with globalization needs. This has led to the automation of critical systems. It is therefore imperative that the security of such critical
Communications in computer and information science, 2017
Thirty-two Swedish teacher responded to online survey of their qualitative judge of an Informatio... more Thirty-two Swedish teacher responded to online survey of their qualitative judge of an Information Security teaching package to be used in Swedish K-12 classrooms. Self-reported results of Transactional analysis questionnaire indicate that are significant correlations between ego state and how the material is perceived, where teachers having the dominant ego state Parent and Adult have a better opinion regarding the material than teachers having the dominant ego state Child. Also, Parent and Adult consider the material motivating while Child considers it authoritative.
Users of social networks appear to want and need to share information online without necessarily ... more Users of social networks appear to want and need to share information online without necessarily thinking about the security consequences. Hackers and attackers have understood the potential vulnerabilities in social networks. This paper describes an architecture for adaptive information security systems, which could be applied to provide security services in social networks. The problem with most security architectures is that they do not provide adaptive security measures to environments and to culture of users. In addition, most security architectures provide technical security measures but fail to provide socio-technical measures. The enemies of ICT use both technical and social measures to attack ICT systems. This paper presents a security architecture that provides adaptive security measures and socio-technical measures in social networks.
International journal of e-entrepreneurship and innovation, Oct 1, 2013
Creating sufficiently large annotated resources for supervised machine learning, and doing so for... more Creating sufficiently large annotated resources for supervised machine learning, and doing so for every problem and every domain, is prohibitively expensive. Techniques that leverage large amounts of unlabeled data, which are often readily available, may decrease the amount of data that needs to be annotated to obtain a certain level of performance, as well as improve performance when large annotated resources are indeed available. Here, the development of one such method is presented, where semantic features are generated by exploiting the available annotations to learn prototypical (vector) representations of each named entity class in semantic space, constructed by employing a model of distributional semantics (random indexing) over a large, unannotated, in-domain corpus. Binary features that describe whether a given word belongs to a specific named entity class are provided to the learning algorithm; the feature values are determined by calculating the (cosine) distance in semantic space to each of the learned prototype vectors and ascertaining whether they are below or above a given threshold, set to optimize Fβ-score. The proposed method is evaluated empirically in a series of experiments, where the case is health-record deidentification, a task that involves identifying protected health information (PHI) in text. It is shown that a conditional random fields model with access to the generated semantic features, in addition to a set of orthographic and syntactic features, significantly outperforms, in terms of F1-score, a baseline model without access to the semantic features. Moreover, the quality of the features is further improved by employing a number of slightly different models of distributional semantics in an ensemble. Finally, the way in which the features are generated allows one to optimize them for various Fβ-scores, giving some degree of control to trade off precision and recall. Methods that are able to improve performance on named entity recognition tasks by exploiting large amounts of unlabeled data may substantially reduce costs involved in creating annotated resources for every domain and every problem.
Uploads
Papers by Stewart Kowalski