Search results for: information security agreement
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 13911

Search results for: information security agreement

13611 Mitigating Denial of Service Attacks in Information Centric Networking

Authors: Bander Alzahrani

Abstract:

Information-centric networking (ICN) using architectures such as Publish-Subscribe Internet Routing Paradigm (PSIRP) is one of the promising candidates for a future Internet, has recently been under the spotlight by the research community to investigate the possibility of redesigning the current Internet architecture to solve many issues such as routing scalability, security, and quality of services issues.. The Bloom filter-based forwarding is a source-routing approach that is used in the PSIRP architecture. This mechanism is vulnerable to brute force attacks which may lead to denial-of-service (DoS) attacks. In this work, we present a new forwarding approach that keeps the advantages of Bloom filter-based forwarding while mitigates attacks on the forwarding mechanism. In practice, we introduce a special type of forwarding nodes called Edge-FW to be placed at the edge of the network. The role of these node is to add an extra security layer by validating and inspecting packets at the edge of the network against brute-force attacks and check whether the packet contains a legitimate forwarding identifier (FId) or not. We leverage Certificateless Aggregate Signature (CLAS) scheme with a small size of 64-bit which is used to sign the FId. Hence, this signature becomes bound to a specific FId. Therefore, malicious nodes that inject packets with random FIds will be easily detected and dropped at the Edge-FW node when the signature verification fails. Our preliminary security analysis suggests that with the proposed approach, the forwarding plane is able to resist attacks such as DoS with very high probability.

Keywords: bloom filter, certificateless aggregate signature, denial-of-service, information centric network

Procedia PDF Downloads 183
13610 Influence of Security Attributes in Component-Based Software Development

Authors: Somayeh Zeinali

Abstract:

A component is generally defined as a piece of executable software with a published interface. Component-based software engineering (CBSE) has become recognized as a new sub-discipline of software engineering. In the component-based software development, components cannot be completely secure and thus easily become vulnerable. Some researchers have investigated this issue and proposed approaches to detect component intrusions or protect distributed components. Software security also refers to the process of creating software that is considered secure.The terms “dependability”, “trustworthiness”, and “survivability” are used interchangeably to describe the properties of software security.

Keywords: component-based software development, component-based software engineering , software security attributes, dependability, component

Procedia PDF Downloads 532
13609 Study on the OTP Authentication Method and Security for User Mobility in the Cloud

Authors: Jong-Won Lee

Abstract:

Since Cloud environment has appeared as the most powerful keyword in the computing industry, the growth in VDI (Virtual Desktop Infrastructure) became remarkable in domestic market. In recent years, with the trend that mobile devices such as smartphones and pads spread so rapidly, the strengths of VDI that allows people to access and perform business on the move along with companies' office needs expedite more rapid spread of VDI. However, although this enhanced accessibility and mobility can bring the enhanced productivity, it sometimes conflicts with the security, so there should be more detailed security solution, which is user authentication. In this paper, mobile OTP (One-Time Password) authentication method is proposed to secure mobile device portability through rapid and secure authentication using mobile devices such as mobile phones or pads, which does not require additional purchase or possession of OTP tokens of users. However, in order to use the service continuously and reliably in the cloud environment, both service provider and user have to prepare for security awareness and security threats, and continuously study the conflicting aspect between the improving user convenience and the security and supplement so that cloud service can provide opportunities to develop as a new growth industry in the future and create a new market in IT industry.

Keywords: cloud, OTP, mobility, security, authentication

Procedia PDF Downloads 333
13608 An Entropy Based Novel Algorithm for Internal Attack Detection in Wireless Sensor Network

Authors: Muhammad R. Ahmed, Mohammed Aseeri

Abstract:

Wireless Sensor Network (WSN) consists of low-cost and multi functional resources constrain nodes that communicate at short distances through wireless links. It is open media and underpinned by an application driven technology for information gathering and processing. It can be used for many different applications range from military implementation in the battlefield, environmental monitoring, health sector as well as emergency response of surveillance. With its nature and application scenario, security of WSN had drawn a great attention. It is known to be valuable to variety of attacks for the construction of nodes and distributed network infrastructure. In order to ensure its functionality especially in malicious environments, security mechanisms are essential. Malicious or internal attacker has gained prominence and poses the most challenging attacks to WSN. Many works have been done to secure WSN from internal attacks but most of it relay on either training data set or predefined threshold. Without a fixed security infrastructure a WSN needs to find the internal attacks is a challenge. In this paper we present an internal attack detection method based on maximum entropy model. The final experimental works showed that the proposed algorithm does work well at the designed level.

Keywords: internal attack, wireless sensor network, network security, entropy

Procedia PDF Downloads 433
13607 Money Laundering and Financing of Terrorism

Authors: Covadonga Mallada Fernández

Abstract:

Economic development and globalization of international markets have created a favourable atmosphere for the emergence of new forms of crime such as money laundering or financing of terrorism, which may contribute to destabilized and damage economic systems. In particular, money laundering have acquired great importance since the 11S attacks, what has caused on the one hand, the establishment and development of preventive measures and, on the other hand, a progressive hardening of penal measures. Since then, the regulations imposed to fight against money laundering have been viewed as key components also in the fight against terrorist financing. Terrorism, at the beginning, was a “national” crime connected with internal problems of the State (for instance the RAF in Germany or ETA in Spain) but in the last 20 years has started to be an international problem that is connected with the defence and security of the States. Therefore, the new strategic concept for the defense and security of NATO has a comprehensive list of security threats to the Alliance, such as terrorism, international instability, money laundering or attacks on cyberspace, among others. With this new concept, money laundering and terrorism has become a priority in the national defense. In this work we will analyze the methods to combat these new threats to the national security. We will study the preventive legislations to combat money laundering and financing of terrorism, the UIF that exchange information between States, and the hawala-Banking.

Keywords: control of financial flows, money laundering, terrorism, financing of terrorism

Procedia PDF Downloads 428
13606 Building Information Modelling: A Review to Indian Scenario

Authors: P. Agnivesh, P. V. Ponambala Moorthi

Abstract:

Evolution of information modelling leads to the visualisation of well-organized built environment. Building Information Modelling (BIM) is considered as evolution in the off-site construction which essentially enhances and controls the present scenario of on-site construction paradigms. Promptness, sustainability and security are considered as the important characteristics of the building information modelling. Projects that uses BIM are tied firmly by technology but distributed organizationally. This allows different team members in the project to associate and integrate the works and work flows. This will in turn improve the efficiency of work breakdown structure. Internationally BIM had been accepted as modern computer aided way of information sharing by construction industry for efficient way of manipulation in order to avoid the on-site misperceptions. Even though, in developing countries like India BIM is in the phase of start and requires lot of mandates and policies to be brought about by the government for its widespread implementations. This paper reviews the current scenario of BIM worldwide and in India and suggests for the improved implementation of building modelling for Indian policy condition.

Keywords: building information modelling, Indian polity, information modelling, information sharing, mandates and policies, sustainability.

Procedia PDF Downloads 353
13605 Criminal Laws Associated with Cyber-Medicine and Telemedicine in Current Law Systems in the World

Authors: Shahryar Eslamitabar

Abstract:

Currently, the internet plays an important role in the various scientific, commercial and service practices. Thanks to information and communication technology, the healthcare industry via the internet, generally known as cyber-medicine, can offer professional medical service in a wider geographical area. Having some appealing benefits such as convenience in offering healthcare services, improved accessibility to the services, enhanced information exchange, cost-effectiveness, time-saving, etc. Tele-health has increasingly developed innovative models of healthcare delivery. However, it presents many potential hazards to cyber-patients, inherent in the use of the system. First, there are legal issues associated with the communication and transfer of information on the internet. These include licensure, malpractice, liabilities and jurisdictions as well as privacy, confidentiality and security of personal data as the most important challenge brought about by this system. Additional items of concern are technological and ethical. Although, there are some rules to deal with pitfalls associated with cyber-medicine practices in the USA and some European countries, yet for all developments, it is being practiced in a legal vacuum in many countries. In addition to the domestic legislations to deal with potential problems arisen from the system, it is also imperative that some international or regional agreement should be developed to achieve the harmonization of laws among countries and states. This article discusses some implications posed by the practice of cyber-medicine in the healthcare system according to the experience of some developed countries using a comparative study of laws. It will also review the status of tele-health laws in Iran. Finally, it is intended to pave the way to outline a plan for countries like Iran, with newly-established judicial system for health laws, to develop appropriate regulations through providing some recommendations.

Keywords: tele-health, cyber-medicine, telemedicine, criminal laws, legislations, time-saving

Procedia PDF Downloads 635
13604 Post-Covid 19 Pandemic Economy: Corporate Governance and Performance of Private Security Firms in Kenya

Authors: Sewe Silvanus Odhiambo

Abstract:

Globally, many governments have publicly recognized private security firms as essential services providers. The private security firms face a lot of challenges, but the COVID-19 situation also has exacerbated them to another level. This paper locates its relevance in the post-coronavirus era. The COVID-19 pandemic has redefined the world operation, which shows a higher impact on the security field. Accordingly, the purpose of the study was to examine the role of corporate governance on the performance of private security firms in a post-covid pandemic era in Kenya. The study employed a descriptive research design, which included a quantitative approach and secondary data. The study was carried in the month of July 2021 from the registered private security firms. After targeting all private security firms, only 54 firms had disclosed their annual report by the time of conducting the study. The results depicted that pandemic has affected the performance of private security firms measures unfavorably. Further, boards of directors show a positive association with security firm performance. The study recommends that there is need board of directors to enhance management’s risk assessments in the midst of COVID-19; ensure that there are business continuity plans; there is organizational resilience; there is need for the development of new digital strategies; enabling the digital workforce in the firms and have effective communication plans with both internal and external stakeholders to deal with uncertainties and develop more post-COVID practices for boards of directors to improve performance of private security firms in Kenya. The practical implications of the study are that the research outcomes might assist regulatory bodies, investors, policymakers, and the security sector in general in their formulation of public and corporate governance strategies concerning future emergency preparedness and responses. This study also provides a unique contribution to the literature of COVID-19 and security firm performance in emerging economies context.

Keywords: COVID-19, corporate governance, firm performance, private security firms

Procedia PDF Downloads 136
13603 Integrating a Security Operations Centre with an Organization’s Existing Procedures, Policies and Information Technology Systems

Authors: M. Mutemwa

Abstract:

A Cybersecurity Operation Centre (SOC) is a centralized hub for network event monitoring and incident response. SOCs are critical when determining an organization’s cybersecurity posture because they can be used to detect, analyze and report on various malicious activities. For most organizations, a SOC is not part of the initial design and implementation of the Information Technology (IT) environment but rather an afterthought. As a result, it is not natively a plug and play component; therefore, there are integration challenges when a SOC is introduced into an organization. A SOC is an independent hub that needs to be integrated with existing procedures, policies and IT systems of an organization such as the service desk, ticket logging system, reporting, etc. This paper discussed the challenges of integrating a newly developed SOC to an organization’s existing IT environment. Firstly, the paper begins by looking at what data sources should be incorporated into the Security Information and Event Management (SIEM) such as which host machines, servers, network end points, software, applications, web servers, etc. for security posture monitoring. That is which systems need to be monitored first and the order by which the rest of the systems follow. Secondly, the paper also describes how to integrate the organization’s ticket logging system with the SOC SIEM. That is how the cybersecurity related incidents should be logged by both analysts and non-technical employees of an organization. Also the priority matrix for incident types and notifications of incidents. Thirdly, the paper looks at how to communicate awareness campaigns from the SOC and also how to report on incidents that are found inside the SOC. Lastly, the paper looks at how to show value for the large investments that are poured into designing, building and running a SOC.

Keywords: cybersecurity operation centre, incident response, priority matrix, procedures and policies

Procedia PDF Downloads 132
13602 An Analysis of Privacy and Security for Internet of Things Applications

Authors: Dhananjay Singh, M. Abdullah-Al-Wadud

Abstract:

The Internet of Things is a concept of a large scale ecosystem of wireless actuators. The actuators are defined as things in the IoT, those which contribute or produces some data to the ecosystem. However, ubiquitous data collection, data security, privacy preserving, large volume data processing, and intelligent analytics are some of the key challenges into the IoT technologies. In order to solve the security requirements, challenges and threats in the IoT, we have discussed a message authentication mechanism for IoT applications. Finally, we have discussed data encryption mechanism for messages authentication before propagating into IoT networks.

Keywords: Internet of Things (IoT), message authentication, privacy, security

Procedia PDF Downloads 350
13601 A Review of Security Attacks and Intrusion Detection Schemes in Wireless Sensor Networks: A Survey

Authors: Maleh Yassine, Ezzati Abdellah

Abstract:

Wireless Sensor Networks (WSNs) are currently used in different industrial and consumer applications, such as earth monitoring, health related applications, natural disaster prevention, and many other areas. Security is one of the major aspects of wireless sensor networks due to the resource limitations of sensor nodes. However, these networks are facing several threats that affect their functioning and their life. In this paper we present security attacks in wireless sensor networks, and we focus on a review and analysis of the recent Intrusion Detection schemes in WSNs.

Keywords: wireless sensor networks, security attack, denial of service, IDS, cluster-based model, signature based IDS, hybrid IDS

Procedia PDF Downloads 355
13600 The Issue of Online Fake News and Disinformation: Criminal and Criminological Aspects of Prevention

Authors: Fotios Spyropoulos, Evangelia Androulaki, Vasileios Karagiannopoulos, Aristotelis Kompothrekas, Nikolaos Karagiannis

Abstract:

The problem of 'fake news' and 'hoaxes' has dominated in recent years the field of news, politics, economy, safety, and security as dissemination of false information can intensively affect and mislead public discourse and public opinion. The widespread use of internet and social media platforms can substantially intensify these effects, which often include public fear and insecurity. Misinformation, malinformation, and disinformation have also been blamed for affecting election results in multiple countries, and since then, there have been efforts to tackle the phenomenon both on national and international level. The presentation will focus on methods of prevention of disseminating false information on social media and on the internet and will discuss relevant criminological views. The challenges that have arisen for criminal law will be covered, taking into account the potential need for a multi-national approach required in order to mitigate the extent and negative impact of the fake news phenomenon. Finally, the analysis will include a discussion on the potential usefulness of non-legal modalities of regulation and crime prevention, especially situational and social measures of prevention and the possibility of combining an array of methods to achieve better results on national and international level. This project has received funding from the Hellenic Foundation for Research and Innovation (HFRI) and the General Secretariat for Research and Technology (GSRT), under grant agreement No 80529.

Keywords: cybercrime, disinformation, fake news, prevention

Procedia PDF Downloads 124
13599 NFC Communications with Mutual Authentication Based on Limited-Use Session Keys

Authors: Chalee Thammarat

Abstract:

Mobile phones are equipped with increased short-range communication functionality called Near Field Communication (or NFC for short). NFC needs no pairing between devices but suitable for little amounts of data in a very restricted area. A number of researchers presented authentication techniques for NFC communications, however, they still lack necessary authentication, particularly mutual authentication and security qualifications. This paper suggests a new authentication protocol for NFC communication that gives mutual authentication between devices. The mutual authentication is a one of property, of security that protects replay and man-in-the-middle (MitM) attack. The proposed protocols deploy a limited-use offline session key generation and use of distribution technique to increase security and make our protocol lightweight. There are four sub-protocols: NFCAuthv1 is suitable for identification and access control and NFCAuthv2 is suitable for the NFC-enhanced phone by a POS terminal for digital and physical goods and services.

Keywords: cryptographic protocols, NFC, near field communications, security protocols, mutual authentication, network security

Procedia PDF Downloads 406
13598 Protecting Right to Life and Combating Terrorism through the Instrument of Law in Nigeria

Authors: Oyekan Kolawole Jamiu

Abstract:

The right to life is a moral principle based on the belief that a human being has the right to life and, in particular, should not be unjustly killed by another human being. However, the most worrisome security challenge in Nigeria which has cut short the lives of innocent Nigerians is the activities of the dreaded terrorist group known as Boko Haram (which means Western Education is a sin). Between 2004 till date, over 15000 people have been gruesomely murdered by this terrorist group. However, despite the facts that suspected terrorists are arrested and paraded almost on a daily basis, cases of terrorism in our courts in Nigeria today have not been expeditiously dealt with by the judiciary. This paper examines the concept of right to life. The right to life is an inherent right for each and every person. From his or her birth; the individual is considered a living being that must be protected. The right to life connotes also right to live and grow in a healthy environment where there is appropriate health care, qualitative education and adequate security of lives and property. The paper also examines the fight against terrorism and the duty of the government to protect right to life of every individual even in the midst of the fight against terrorism. The paper further reviews the Terrorism Act 2011(as amended) and the clogs in the wheel of prosecution of suspected terrorists. The paper concludes that since terrorism is a new security challenge, to prevent conflict of interest, only one security agency should be trained and saddled with the responsibility of prosecuting suspected terrorist, Law should be enacted to compel intelligent gathering and sharing of information among security agencies and in addition, a special court should be established to deal expeditiously with cases of terrorism in Nigeria.

Keywords: terrorism, intelligent gathering, right to life, prosecution

Procedia PDF Downloads 325
13597 Partnering with Stakeholders to Secure Digitization of Water

Authors: Sindhu Govardhan, Kenneth G. Crowther

Abstract:

Modernisation of the water sector is leading to increased connectivity and integration of emerging technologies with traditional ones, leading to new security risks. The convergence of Information Technology (IT) with Operation Technology (OT) results in solutions that are spread across larger geographic areas, increasingly consist of interconnected Industrial Internet of Things (IIOT) devices and software, rely on the integration of legacy with modern technologies, use of complex supply chain components leading to complex architectures and communication paths. The result is that multiple parties collectively own and operate these emergent technologies, threat actors find new paths to exploit, and traditional cybersecurity controls are inadequate. Our approach is to explicitly identify and draw data flows that cross trust boundaries between owners and operators of various aspects of these emerging and interconnected technologies. On these data flows, we layer potential attack vectors to create a frame of reference for evaluating possible risks against connected technologies. Finally, we identify where existing controls, mitigations, and other remediations exist across industry partners (e.g., suppliers, product vendors, integrators, water utilities, and regulators). From these, we are able to understand potential gaps in security, the roles in the supply chain that are most likely to effectively remediate those security gaps, and test cases to evaluate and strengthen security across these partners. This informs a “shared responsibility” solution that recognises that security is multi-layered and requires collaboration to be successful. This shared responsibility security framework improves visibility, understanding, and control across the entire supply chain, and particularly for those water utilities that are accountable for safe and continuous operations.

Keywords: cyber security, shared responsibility, IIOT, threat modelling

Procedia PDF Downloads 56
13596 BOFSC: A Blockchain Based Decentralized Framework to Ensure the Transparency of Organic Food Supply Chain

Authors: Mifta Ul Jannat, Raju Ahmed, Al Mamun, Jannatul Ferdaus, Ritu Costa, Milon Biswas

Abstract:

Blockchain is an internet-based invention that is coveted in the permanent, scumbled record for its capacity to openly accept, record, and distribute transactions. In a traditional supply chain, there are no trustworthy participants for an organic product. Yet blockchain engineering may provide confidence, transparency, and traceability. Blockchain varies in how companies get real, checked, and lasting information from their supply chain and lock in customers. In an arrangement of cryptographic squares, Blockchain digitizes each connection by sparing it. No one person may alter the documents, and any alteration within the agreement is clear to all. The coming to the record is tamper proof and unchanging, offering a complete history of the object’s life cycle and minimizing opening for extorting. The primary aim of this analysis is to identify the underlying problem that the customer faces. In this post, we will minimize the allocation of fraud data through the ’Smart Contract’ and include a certificate of quality assurance.

Keywords: blockchain technology, food supply chain, Ethereum, smart contract, quality assurance, trustability, security, transparency

Procedia PDF Downloads 131
13595 The Legal Personality of The Security Council

Authors: Helyeh Doutaghi

Abstract:

The United Nations Security Council (UNSC) is one of the six principal organs of the United Nations. Under the Charter of the United Nations (UN Charter), the UNSC’s primary responsibility is maintaining international peace and security, which it does through establishing and adopting a Security Council resolution. United Nations resolutions are formal expressions of the opinion or will of United Nations organs. However, there have been times when powerful politicians (or governments with great political power) had the first say in situations where the UNSC should have had jurisdiction based on the principle of rule of law, which is the notion that people are governed by the law rather than by officials. This paper will assess the effectiveness of the UNSC by analyzing its actions during the Iran-Iraq war for it has been found that one of the major reasons for the prolongation of the war was a result of the one-sided positions taken by the UNSC and many nations. The UNSC’s success in achieving its primary goal during the war will be discussed, including an examination of the duties and structure of the UNSC by reviewing the articles in the UN Charter; this will include examples of the UNSC’s role in other international disputes as well.

Keywords: UN Security Council, Iran, Iraq, charter, international law

Procedia PDF Downloads 432
13594 Client Hacked Server

Authors: Bagul Abhijeet

Abstract:

Background: Client-Server model is the backbone of today’s internet communication. In which normal user can not have control over particular website or server? By using the same processing model one can have unauthorized access to particular server. In this paper, we discussed about application scenario of hacking for simple website or server consist of unauthorized way to access the server database. This application emerges to autonomously take direct access of simple website or server and retrieve all essential information maintain by administrator. In this system, IP address of server given as input to retrieve user-id and password of server. This leads to breaking administrative security of server and acquires the control of server database. Whereas virus helps to escape from server security by crashing the whole server. Objective: To control malicious attack and preventing all government website, and also find out illegal work to do hackers activity. Results: After implementing different hacking as well as non-hacking techniques, this system hacks simple web sites with normal security credentials. It provides access to server database and allow attacker to perform database operations from client machine. Above Figure shows the experimental result of this application upon different servers and provides satisfactory results as required. Conclusion: In this paper, we have presented a to view to hack the server which include some hacking as well as non-hacking methods. These algorithms and methods provide efficient way to hack server database. By breaking the network security allow to introduce new and better security framework. The terms “Hacking” not only consider for its illegal activities but also it should be use for strengthen our global network.

Keywords: Hacking, Vulnerabilities, Dummy request, Virus, Server monitoring

Procedia PDF Downloads 231
13593 Adult Education for Transformation and Security Challenges in Nigeria

Authors: Asmau Zarma Gogaram

Abstract:

The paper examines adult education and how it can be employed as a strategy for transformation and security challenges in Nigeria. It defines the meaning of adult education and its objectives.The issue of the necessity of employing adult education as a strategy for transformation and security challenges was also examined in the paper.In doing this it discussed the different types of adult education programmes, i.e.continuing education, literacy education, retirement and pre-retirement education and civic education. The paper concluded by stating that if the programmes stated are internalizes and applied they can help to raise awareness. Finally the paper proffered some recommendations one of which was that government should at all levels increase their efforts or promoting acquisition of adult education.

Keywords: adult education, transformation and security challenges, Nigeria, education and human development

Procedia PDF Downloads 492
13592 Saudi Arabia Border Security Informatics: Challenges of a Harsh Environment

Authors: Syed Ahsan, Saleh Alshomrani, Ishtiaq Rasool, Ali Hassan

Abstract:

In this oral presentation, we will provide an overview of the technical and semantic architecture of a desert border security and critical infrastructure protection security system. Modern border security systems are designed to reduce the dependability and intrusion of human operators. To achieve this, different types of sensors are use along with video surveillance technologies. Application of these technologies in a harsh desert environment of Saudi Arabia poses unique challenges. Environmental and geographical factors including high temperatures, desert storms, temperature variations and remoteness adversely affect the reliability of surveillance systems. To successfully implement a reliable, effective system in a harsh desert environment, the following must be achieved: i) Selection of technology including sensors, video cameras, and communication infrastructure that suit desert environments. ii) Reduced power consumption and efficient usage of equipment to increase the battery life of the equipment. iii) A reliable and robust communication network with efficient usage of bandwidth. Also, to reduce the expert bottleneck, an ontology-based intelligent information systems needs to be developed. Domain knowledge unique and peculiar to Saudi Arabia needs to be formalized to develop an expert system that can detect abnormal activities and any intrusion.

Keywords: border security, sensors, abnormal activity detection, ontologies

Procedia PDF Downloads 458
13591 Enhancing Food Security through Cabbage Production by Local Fammers in Nkokobe Municipality

Authors: Sipumle Qapeshu, Bongiwe Mcata, Ajuruchukwu Obi

Abstract:

Subsistence farmers practice farming for survival while commercial farmers produce to feed themselves and larger society with the motive to achieve highest profit. These types of farmers are characterised by growing what they eat, live without making regular purchases in the markets. The main objective of subsistence/peasant farmers is to ensure food security at household level. Cabbage is a crop that has been identified to have vital food nutrient sources like Vitamin A, B and C, protein, calcium, iron and antioxidative compounds beneficial for preventing cancer. This paper, therefore, looks at the potential that cabbage production has in enhancing household food security and also the challenges encountered by these cabbage producers. Primary data was obtained from 50 respondents, and linear regression model was used to analyse the data used. Income was used as food security measure. The results showed that three variables were statistically significant and they are gender (10%), education (5%) and household size (5%). Meaning that these are variables that influenced cabbage production by these households, and it also affects their food security status since income is affected.

Keywords: subsistence farmers, food security, cabbage, farming

Procedia PDF Downloads 272
13590 Enhancing Security and Privacy Protocols in Telehealth: A Comprehensive Approach across IoT/Fog/Cloud Environments

Authors: Yunyong Guo, Man Wang, Bryan Guo, Nathan Guo

Abstract:

This paper introduces an advanced security and privacy model tailored for Telehealth systems, emphasizing end-to-end protection across IoT, Fog, and Cloud components. The proposed model integrates encryption, key management, intrusion detection, and privacy-preserving measures to safeguard patient data. A comprehensive simulation study evaluates the model's effectiveness in scenarios such as unauthorized access, physical breaches, and insider threats. Results indicate notable success in detecting and mitigating threats yet underscore areas for refinement. The study contributes insights into the intricate balance between security and usability in Telehealth environments, setting the stage for continued advancements.

Keywords: cloud, enhancing security, fog, IoT, telehealth

Procedia PDF Downloads 41
13589 Double Layer Security Model for Identification Friend or Foe

Authors: Buse T. Aydın, Enver Ozdemir

Abstract:

In this study, a double layer authentication scheme between the aircraft and the Air Traffic Control (ATC) tower is designed to prevent any unauthorized aircraft from introducing themselves as friends. The method is a combination of classical cryptographic methods and new generation physical layers. The first layer has employed the embedded key of the aircraft. The embedded key is assumed to installed during the construction of the utility. The other layer is a physical attribute (flight path, distance, etc.) between the aircraft and the ATC tower. We create a mathematical model so that two layers’ information is employed and an aircraft is authenticated as a friend or foe according to the accuracy of the results of the model. The results of the aircraft are compared with the results of the ATC tower and if the values found by the aircraft and ATC tower match within a certain error margin, we mark the aircraft as a friend. In this method, even if embedded key is captured by the enemy aircraft, without the information of the second layer, the enemy can easily be determined. Overall, in this work, we present a more reliable system by adding a physical layer in the authentication process.

Keywords: ADS-B, communication with physical layer security, cryptography, identification friend or foe

Procedia PDF Downloads 132
13588 Network User Rules in Universities

Authors: Michel Berthiaume, Daniel Chamberland-Tremblay, Elaine Paiva Mosconi, Jérôme Blanchet-Brisson

Abstract:

This presentation documents the overall failure of North-American universities to build an effective IT Policies communication with their primary users: the students. A sample of 12 universities was selected. A set of indicators based on usability principles to assess the content of IT Policies vas devised. Then, IT Policies were rated according to the indicators and the results analyzed to build an overall picture of the potential of communication problems in policy communication. The initial finding is that network security professionals in Universities have to reach a delicate balance between asset protection, asset valorization and user security awareness.

Keywords: computer security, IT policy, security awareness, network user rules

Procedia PDF Downloads 534
13587 Defense Strategy: Perang Semesta Strategy as a Reliable National Security System of Indonesia

Authors: Erdianta S, Chastiti M. Wulolo, IDK Kerta Widana

Abstract:

Perang Semesta strategy is a national security system used by Republic of Indonesia. It comes from local wisdom, cultural, and hereditary of Indonesia itself. This system involves all people and all nation resources, and it is early prepared by government and conducted totality, integratedly, directly, and continously to enforce a sovereignty of country, teritorial integrity and the safety of the whole nation from threats. This study uses a qualitative content analysis method by studying, recording, and analyzing government policy. The Perang Semesta strategy divided into main, backup, and supporting components. Every component has its function and responsibility in security perspective. So when an attack comes, all people of Indonesia will voluntary to defend the country. Perang Semesta strategy is a national security system which becomes the most reliable strategy toward geography and demography of Indonesia.

Keywords: Indonesia, Perang Semesta strategy, national security, local wisdom

Procedia PDF Downloads 428
13586 Nuclear Materials and Nuclear Security in India: A Brief Overview

Authors: Debalina Ghoshal

Abstract:

Nuclear security is the ‘prevention and detection of, and response to unauthorised removal, sabotage, unauthorised access, illegal transfer or other malicious acts involving nuclear or radiological material or their associated facilities.’ Ever since the end of Cold War, nuclear materials security has remained a concern for global security. However, with the increase in terrorist attacks not just in India especially, security of nuclear materials remains a priority. Therefore, India has made continued efforts to tighten its security on nuclear materials to prevent nuclear theft and radiological terrorism. Nuclear security is different from nuclear safety. Physical security is also a serious concern and India had been careful of the physical security of its nuclear materials. This is more so important since India is expanding its nuclear power capability to generate electricity for economic development. As India targets 60,000 MW of electricity production by 2030, it has a range of reactors to help it achieve its goal. These include indigenous Pressurised Heavy Water Reactors, now standardized at 700 MW per reactor Light Water Reactors, and the indigenous Fast Breeder Reactors that can generate more fuel for the future and enable the country to utilise its abundant thorium resource. Nuclear materials security can be enhanced through two important ways. One is through proliferation resistant technologies and diplomatic efforts to take non proliferation initiatives. The other is by developing technical means to prevent any leakage in nuclear materials in the hands of asymmetric organisations. New Delhi has already implemented IAEA Safeguards on their civilian nuclear installations. Moreover, the IAEA Additional Protocol has also been ratified by India in order to enhance its transparency of nuclear material and strengthen nuclear security. India is a party to the IAEA Conventions on Nuclear Safety and Security, and in particular the 1980 Convention on the Physical Protection of Nuclear Material and its amendment in 2005, Code of Conduct in Safety and Security of Radioactive Sources, 2006 which enables the country to provide for the highest international standards on nuclear and radiological safety and security. India's nuclear security approach is driven by five key components: Governance, Nuclear Security Practice and Culture, Institutions, Technology and International Cooperation. However, there is still scope for further improvements to strengthen nuclear materials and nuclear security. The NTI Report, ‘India’s improvement reflects its first contribution to the IAEA Nuclear Security Fund etc. in the future, India’s nuclear materials security conditions could be further improved by strengthening its laws and regulations for security and control of materials, particularly for control and accounting of materials, mitigating the insider threat, and for the physical security of materials during transport. India’s nuclear materials security conditions also remain adversely affected due to its continued increase in its quantities of nuclear material, and high levels of corruption among public officials.’ This paper would study briefly the progress made by India in nuclear and nuclear material security and the step ahead for India to further strengthen this.

Keywords: India, nuclear security, nuclear materials, non proliferation

Procedia PDF Downloads 328
13585 An Intrusion Detection Systems Based on K-Means, K-Medoids and Support Vector Clustering Using Ensemble

Authors: A. Mohammadpour, Ebrahim Najafi Kajabad, Ghazale Ipakchi

Abstract:

Presently, computer networks’ security rise in importance and many studies have also been conducted in this field. By the penetration of the internet networks in different fields, many things need to be done to provide a secure industrial and non-industrial network. Fire walls, appropriate Intrusion Detection Systems (IDS), encryption protocols for information sending and receiving, and use of authentication certificated are among things, which should be considered for system security. The aim of the present study is to use the outcome of several algorithms, which cause decline in IDS errors, in the way that improves system security and prevents additional overload to the system. Finally, regarding the obtained result we can also detect the amount and percentage of more sub attacks. By running the proposed system, which is based on the use of multi-algorithmic outcome and comparing that by the proposed single algorithmic methods, we observed a 78.64% result in attack detection that is improved by 3.14% than the proposed algorithms.

Keywords: intrusion detection systems, clustering, k-means, k-medoids, SV clustering, ensemble

Procedia PDF Downloads 199
13584 Foreign Artificial Intelligence Investments and National Security Exceptions in International Investment Law

Authors: Ying Zhu

Abstract:

Recent years have witnessed a boom of foreign investments in the field of artificial intelligence (AI). Foreign investments provide critical capital for AI development but also trigger national security concerns of host states. A notable example is an increasing number of cases in which the Committee on Foreign Investment in the United States (CFIUS) has denied Chinese acquisitions of US technology companies on national security grounds. On July 19, 2018, the Congress has reached a deal on the final draft of a new provision to strengthen CFIUS’s authority to review overseas transactions involving sensitive US technology. The question is: how to reconcile the emerging tension between, on the one hand, foreign AI investors’ expectations of a predictable investment environment, and on the other hand, host states’ regulatory power on national security? This paper provides a methodology to reconcile this tension under international investment law. Based on an examination, the national security exception clauses in international investment treaties and the application of national security justification in investor-state arbitration jurisprudence, the paper argues that a traditional interpretation of the national security exception, based on the necessity concept in customary international law, fails to take into account new risks faced by countries, including security concerns over strategic industries such as AI. To overcome this shortage, the paper proposes to incorporate an integrated national security clause in international investment treaties, which includes a two-tier test: a ‘self-judging’ test in the pre-establishment period and a ‘proportionality’ test in the post-establishment period. At the end, the paper drafts a model national security clause for future treaty-drafting practice.

Keywords: foreign investment, artificial intelligence, international investment law, national security exception

Procedia PDF Downloads 126
13583 Security Issues on Smart Grid and Blockchain-Based Secure Smart Energy Management Systems

Authors: Surah Aldakhl, Dafer Alali, Mohamed Zohdy

Abstract:

The next generation of electricity grid infrastructure, known as the "smart grid," integrates smart ICT (information and communication technology) into existing grids in order to alleviate the drawbacks of existing one-way grid systems. Future power systems' efficiency and dependability are anticipated to significantly increase thanks to the Smart Grid, especially given the desire for renewable energy sources. The security of the Smart Grid's cyber infrastructure is a growing concern, though, as a result of the interconnection of significant power plants through communication networks. Since cyber-attacks can destroy energy data, beginning with personal information leaking from grid members, they can result in serious incidents like huge outages and the destruction of power network infrastructure. We shall thus propose a secure smart energy management system based on the Blockchain as a remedy for this problem. The power transmission and distribution system may undergo a transformation as a result of the inclusion of optical fiber sensors and blockchain technology in smart grids. While optical fiber sensors allow real-time monitoring and management of electrical energy flow, Blockchain offers a secure platform to safeguard the smart grid against cyberattacks and unauthorized access. Additionally, this integration makes it possible to see how energy is produced, distributed, and used in real time, increasing transparency. This strategy has advantages in terms of improved security, efficiency, dependability, and flexibility in energy management. An in-depth analysis of the advantages and drawbacks of combining blockchain technology with optical fiber is provided in this paper.

Keywords: smart grids, blockchain, fiber optic sensor, security

Procedia PDF Downloads 88
13582 A Study on Abnormal Behavior Detection in BYOD Environment

Authors: Dongwan Kang, Joohyung Oh, Chaetae Im

Abstract:

Advancement of communication technologies and smart devices in the recent times is leading to changes into the integrated wired and wireless communication environments. Since early days, businesses had started introducing environments for mobile device application to their operations in order to improve productivity (efficiency) and the closed corporate environment gradually shifted to an open structure. Recently, individual user's interest in working environment using mobile devices has increased and a new corporate working environment under the concept of BYOD is drawing attention. BYOD (bring your own device) is a concept where individuals bring in and use their own devices in business activities. Through BYOD, businesses can anticipate improved productivity (efficiency) and also a reduction in the cost of purchasing devices. However, as a result of security threats caused by frequent loss and theft of personal devices and corporate data leaks due to low security, companies are reluctant about adopting BYOD system. In addition, without considerations to diverse devices and connection environments, there are limitations in detecting abnormal behaviors such as information leaks which use the existing network-based security equipment. This study suggests a method to detect abnormal behaviors according to individual behavioral patterns, rather than the existing signature-based malicious behavior detection and discusses applications of this method in BYOD environment.

Keywords: BYOD, security, anomaly behavior detection, security equipment, communication technologies

Procedia PDF Downloads 300