Main Nav

ECAR publications range from short, timely research bulletins to major research reports. See descriptions of ECAR research publications. >

Search results

Showing 71 - 80 of 110 Results

Sort by:

Life with HIPAA: A Primer for Higher Education
April 1, 2003

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) includes complex legislation that impacts higher education but was not specifically written with academic institutions in m…

Local IT Security for Colleges, Schools, and Departments: A Higher Education Perspective
December 5, 2006

This bulletin discusses some of the lessons learned by the Emory College, Faculty of Arts and Sciences, in developing its information technology security strategy, as well as what other schools g…

Making Business Sense of Information Security
March 21, 2006

A well-managed security program starts at the top and must provide strong governance, business risk management, auditing, and control processes. This Burton Group study proposes a security techn…

Managing Availability and Performance Risks in the Cloud: Expect the Unexpected
December 7, 2010

We know that the best way to avoid cloud risks is to apply sound risk management strategies before placing applications and IT services in the cloud. Some risks, however, cannot be predetermined …

Managing IT Risk in Higher Education: A Methodology
March 18, 2008

This research bulletin presents a methodology, used successfully at the University of Technology, Sydney (UTS) in Australia, for managing and assessing risks related to information technology sys…

Measuring the Effectiveness of Security Awareness Programs
December 10, 2013

Security awareness is a core component of an information security program. Many information security professionals struggle, however, with delivering security awareness messages and mea…

Most Improved: How Four Institutions Developed Successful IT Security Programs
November 3, 2006

Researchers conducted this in-depth case study to complement the ECAR study, Safeguarding the Tower: IT Security in Higher Education 2006. The case study examines how four higher education instit…

New Directions in Federation
November 16, 2009

Federation technology has become a very important connective technology that enables efficient distributed identity management (IdM) and enhanced convenience for users. The trend toward outsource…

OAuth: ECAR-WG Technology Spotlight
February 20, 2015

OAuth is a specification that allows a third-party site to obtain information about a user from a second site without requiring the user to provide access credentials to the…

OpenID Connect: ECAR-WG Technology Spotlight
April 9, 2015

OpenID Connect is an “interoperable authentication protocol based on the OAuth 2.0 family of specifications” —that is, it uses the standardized message flows that OAuth makes available i…