1 - 4 of 4
ItemThe Need for Information Sharing and Analysis Organizations to Combat Attacks on States and Community Public and Private Networks( 2019-01-08)An ever increasing number of attacks are being reported on various city and state computer systems and networks worldwide. These attacks have resulted in the disruption of city operations or the release of personal information. Cities and states need to protect their systems but frequently plans to do so are lacking and the ability to respond to cybersecurity events is non-existent. This is especially true for smaller communities that do not have the budget to hire full-time security personnel or contract for security services. A critical step that states and communities can take is the establishment of a state or community Information Sharing and Analysis Organization (ISAO). This paper will describe how a state or community can use the creation of an ISAO to jumpstart various aspects of its cybersecurity program, incorporating a number of established programs in a single initiative.
ItemA Proxy Voting Scheme Ensuring Participation Privacy and Receipt-Freeness( 2019-01-08)Proxy voting is a form of voting meant to support the voters who want to delegate their voting right to a trusted entity, the so-called proxy. Depending on the form of proxy voting, the proxy is either authorized to cast a ballot for the voting option that the voter chooses, or to vote according to her own wishes, if the voter is not sure how to vote and wants to delegate the decision making in the election. While the first form of proxy voting has been applied to traditional elections in order to support the voters who are unable to physically get to a polling station, the second form has been a topic of research in Internet voting. Recently, an Internet voting scheme has been proposed, that extends the well-known Helios scheme towards the functionality of proxy voting. This scheme, however, also has the drawbacks of Helios regarding participation privacy and receipt-freeness. As such, the information whether any voter participated in the election either by casting a direct vote or delegating their vote can be deduced from the published information. The scheme furthermore allows both the voters and the proxies to create receipts that prove casting a ballot for a specific candidate, as well as allows the voters to create receipts that prove delegating to a specific proxy. In this work we use the idea of dummy ballots, proposed in another extension of Helios to extend the proxy voting scheme towards participation privacy and receipt-freeness.
ItemInvesting in Cyber Defense: A Value-Focused Analysis of Investment Decisions for Microgrids( 2019-01-08)To mitigate disruptions to commercial power grids, and to achieve operational efficiencies by managing energy use, many organizations are fielding smaller, local, self-contained microgrids. The computer control systems that operate the microgrids create new vulnerabilities to a rapidly-escalating array of cyber attacks. This creates a tension between the need to improve energy assurance and efficiency through microgrids, and the need to protect against cyber attacks that can disrupt and damage the organization's energy systems. Through a series of interviews with subject matter experts and end-users, this exploratory study surfaces the decision-makers' important values in this decision space and develops a network of those values to guide decision-makers to make better decisions in balancing these competing needs.