| 1. |
- Kävrestad, Joakim, 1989-, et al.
(författare)
-
Constructing secure and memorable passwords
- 2020
-
Ingår i: Information and Computer Security. - : Emerald Group Publishing Limited. - 2056-4961. ; 28:5, s. 701-717
-
Tidskriftsartikel (refereegranskat)abstract
- Purpose Using authentication to secure data and accounts has grown to be a natural part of computing. Even if several authentication methods are in existence, using passwords remain the most common type of authentication. As long and complex passwords are encouraged by research studies and practitioners alike, computer users design passwords using strategies that enable them to remember their passwords. This paper aims to find strategies that allow for the generation of passwords that are both memorable and computationally secure. Design/methodology/approach The study began with a literature review that was used to identify cognitive password creation strategies that facilitate the creation of passwords that are easy to remember. Using an action-based approach, attack models were created for the resulting creation strategies. The attack models were then used to calculate the entropy for passwords created with different strategies and related to a theoretical cracking time. Findings The result of this study suggests that using phrases with four or more words as passwords will generate passwords that are easy to remember and hard to attack. Originality/value This paper considers passwords from a socio-technical approach and provides insight into how passwords that are easy to remember and hard to crack can be generated. The results can be directly used to create password guidelines and training material that enables users to create usable and secure passwords.
|
|
| 2. |
|
|
| 3. |
|
|
| 4. |
|
|
| 5. |
|
|
| 6. |
- Cervantes Mori, Milagros D., et al.
(författare)
-
Success factors and challenges in digital forensics for law enforcement in Sweden
- 2021
-
Ingår i: Proceedings of the 7th International Workshop on Socio-Technical Perspective in IS Development (STPIS 2021). - : CEUR-WS. ; , s. 100-116
-
Konferensbidrag (refereegranskat)abstract
- The widespread use of communication and digital technology has affected the number of devices requiring analysis in criminal investigations. Additionally, the increase in storage volume, the diversity of digital devices, and the use of cloud environments introduce more complexities to the digital forensic domain. This work aims to supply a taxonomy of the main challenges and success factors faced in the digital forensic domain in law enforcement. The chosen method for this research is a systematic literature review of studies with topics related to success factors and challenges in digital forensics for law enforcement. The candidate studies were 1,428 peer-reviewed scientific articles published between 2015 and 2021. A total of twenty-eight primary studies were analyzed by applying thematic coding. Furthermore, a survey of digital forensic practitioners from the Swedish Police was held to triangulate the results achieved with the systematic literature review.
|
|
| 7. |
- Hedberg, David, et al.
(författare)
-
Cybersecurity in modern cars : awareness and readiness of auto workshops
- 2024
-
Ingår i: Information and Computer Security. - : Emerald Publishing. - 2056-4961.
-
Tidskriftsartikel (refereegranskat)abstract
- Purpose: This study aims to explore auto mechanics awareness of repairs and maintenance related to the car’s cybersecurity and provide insights into challenges based on current practice. Design/methodology/approach: This study is based on an empirical study consisting of semistructured interviews with representatives from both branded and independent auto workshops. The data was analyzed using thematic analysis. A version of the capability maturity model was introduced to the respondents as a self-evaluation of their cybersecurity awareness. Findings: Cybersecurity was not found to be part of the current auto workshop work culture, and that there is a gap between independent workshops and branded workshops. Specifically, in how they function, approach problems and the tools and support available to them to resolve (particularly regarding previously unknown) issues. Research limitations/implications: Only auto workshop managers in Sweden were interviewed for this study. This role was picked because it is the most likely to have come in contact with cybersecurity-related issues. They may also have discussed the topic with mechanics, manufacturers or other auto workshops – thus providing a broader view of potential issues or challenges. Practical implications: The challenges identified in this study offers actionable advice to car manufacturers, branded workshops and independent workshops. The goal is to further cooperation, improve knowledge sharing and avoid unnecessary safety or security issues. Originality/value: As cars become smarter, they also become potential targets for cyberattacks, which in turn poses potential threats to human safety. However, research on auto workshops, which has previously ensured that cars are road safe, has received little research attention with regards to the role cybersecurity can play in repairs and maintenance. Insights from auto workshops can therefore shed light upon the unique challenges and issues tied to the cybersecurity of cars, and how they are kept up-to-date and road safe in the digital era.
|
|
| 8. |
- Hedberg, David, et al.
(författare)
-
Cyberthreats in Modern Cars : Responsibility and Readiness of Auto Workshops
- 2023
-
Ingår i: Human Aspects of Information Security and Assurance. - Cham : Springer. - 9783031385292 - 9783031385322 - 9783031385308 ; , s. 275-284
-
Konferensbidrag (refereegranskat)abstract
- Modern cars are becoming increasingly smarter and connected. Today, cars often contain features ranging from controlling service functions through a mobile application to remote road assistance. However, as cars become smarter, they also become potential targets for cyberattacks, and a potential threat to human safety. Traditionally, handing in a car to an auto workshop for repairs and maintenance have ensured that the car is road safe. But, to what extent are auto mechanics aware of repairs and maintenance related to the car’s cybersecurity? Based on interviews with eight auto workshop specialists in Sweden, using the capability maturity model as lens to capture the readiness maturity, the following study looks at experiences with cybersecurity related to cars, what current tools are used, and procedures to deal with a cyberattack against cars in their workshop. It was found that auto workshops are potential targets, with limited solutions existing today, and that cyber security is not a part of the current culture. It was also found that there is a gap between independent workshops and branded workshops in how they function and in what manner they approach problems and issues. Specifically, for new issues (i.e., previously unencountered issues), branded workshops relied more on the manufacturer than independent workshops who were left to use whatever solution they could figure out by their own means, which sometimes may be akin to hacking the car’s systems.
|
|
| 9. |
|
|
| 10. |
|
|
