Search results for: information security incident management

Authors: Nino Grigolaia

Abstract:

Introduction: The article discusses the experience of the EU in the social field, analyzes the peculiarities of the functioning of the social system in Georgia, and reveals the priority and importance of social policy. Methodology: Different research methods are applied in the presented paper. There are used induction, deduction, analysis, synthesis, analogy, correlation, and statistical observation methodologies in the work. Main Findings: Based on the analysis of social security reforms in Georgia, the main systematic problems are detected, the recommendations on social security system components, integration of the social security field in the unified insurance system, the formation of the national social system, perfection of the legislative, regulatory framework of social protection, adoption of foreign experience are developed in the article. Conclusion: The article concludes that the social protection system in Georgia is at an early stage of development, with the significant impact of factors such as high level of unemployment, low pensions, a large number of families living under the poverty line, and other ones. Accordingly, it is well-established that the study of the social security problem in Georgia is still actual. Based on the analysis, appropriate suggestions in the field of social security are made, and relevant recommendations are proposed.

Keywords: social security, social system, social policy, social security models

Procedia PDF Downloads 130

Authors: Rina Arum Prastyanti

Abstract:

Information technology has changed the ways of transacting and enabling new opportunities in business transactions. Problems to be faced by consumers M Commerce, among others, the consumer will have difficulty accessing the full information about the products on offer and the forms of transactions given the small screen and limited storage capacity, the need to protect children from various forms of excess supply and usage as well as errors in access and disseminate personal data, not to mention the more complex problems as well as problems agreements, dispute resolution that can protect consumers and assurance of security of personal data. It is no less important is the risk of payment and personal information of payment dal am also an important issue that should be on the swatch solution. The purpose of this study is 1) to describe the phenomenon of the use of Mobile Commerce in Indonesia. 2) To determine the form of legal protection for the consumer use of Mobile Commerce. 3) To get the right type of law so as to provide legal protection for consumers Mobile Commerce users. This research is a descriptive qualitative research. Primary and secondary data sources. This research is a normative law. Engineering conducted engineering research library collection or library research. The analysis technique used is deductive analysis techniques. Growing mobile technology and more affordable prices as well as low rates of provider competition also affects the increasing number of mobile users, Indonesia is placed into 4 HP users in the world, the number of mobile phones in Indonesia is estimated at around 250.1 million telephones with a population of 237 556. 363. Indonesian form of legal protection in the use of mobile commerce still a part of the Law No. 11 of 2008 on Information and Electronic Transactions and until now there is no rule of law that specifically regulates mobile commerce. Legal protection model that can be applied to protect consumers of mobile commerce users ensuring that consumers get information about potential security and privacy challenges they may face in m commerce and measures that can be used to limit the risk. Encourage the development of security measures and built security features. To encourage mobile operators to implement data security policies and measures to prevent unauthorized transactions. Provide appropriate methods both time and effectiveness of redress when consumers suffer financial loss.

Keywords: mobile commerce, legal protection, consumer, effectiveness

Procedia PDF Downloads 353

Authors: Djehich Mohamed Yousri

Abstract:

As a result of the destruction and devastation left by the two world wars, the international community worked to establish a global organization based on a contractual basis, in which the Security Council was entrusted with the task of working to maintain international peace and security, and to achieve this, the United Nations Charter assigned the latter a wide authority to adapt everything It would threaten international peace and security, although the examiner of the Charter of the United Nations does not find the slightest definition of the concept of international peace and security, although these two principles are among the basic principles that the Charter stipulated the necessity of achieving, and perhaps this was also what was in the opposite case for them. And by that, we mean cases of a threat to peace, a breach of it, or an act of aggression. These terms were not dealt with in the Charter in explanation and detail, leaving ample room for the Security Council to assess each of these cases separately, and perhaps this is due to the fact that the framers of the Charter intended to set a flexible standard. It does not restrict the authority of the Security Council to carry out the adjustment process on the one hand and, on the other hand, to allow and enable the Security Council to keep pace with new developments and threats to which international peace and security are exposed. There is no doubt that the concept of international peace and security has undergone significant changes during the 70-year period that followed the establishment of the international organization. After the threat to peace and security focused - in the first stage - on cases of war or the threat of war, what distinguishes the post- The new world order is the emergence of other challenges and threats that find their source in economic, social, humanitarian, and environmental instability. Perhaps this is what the member states of the Security Council indicated during the preparation of the Peace Agenda. The expansion of the concept of peace and security is what paved the way for some permanent states to use the Security Council to legitimize and implement their decisions and take the council as a tool to implement their foreign policy and punish states instead of maintaining international peace and security, which prompted some states and jurisprudence to call for the establishment of oversight of the decisions of the Council Security on the one hand, and amending the UN Charter to make it more expressive of the aspirations of the international community, referring to the obstacles that prevent this amendment.

Keywords: peace, security, united nations charter, security council, united nations organization

Procedia PDF Downloads 63

Authors: Nisarg A. Patel, Hiren B. Patel

Abstract:

Quantum cryptography is described as a point-to-point secure key generation technology that has emerged in recent times in providing absolute security. Researchers have started studying new innovative approaches to exploit the security of Quantum Key Distribution (QKD) for a large-scale communication system. A number of approaches and models for utilization of QKD for secure communication have been developed. The uncertainty principle in quantum mechanics created a new paradigm for QKD. One of the approaches for use of QKD involved network fashioned security. The main goal was point-to-point Quantum network that exploited QKD technology for end-to-end network security via high speed QKD. Other approaches and models equipped with QKD in network fashion are introduced in the literature as. A different approach that this paper deals with is using QKD in existing protocols, which are widely used on the Internet to enhance security with main objective of unconditional security. Our work is towards the analysis of the QKD in Mobile ad-hoc network (MANET).

Keywords: cryptography, networking, quantum, encryption and decryption

Procedia PDF Downloads 167

Authors: Yung-Feng Yen, Yun-Ju Lai

Abstract:

Background: Animal studies have shown that alcohol exposure may cause immunosuppression and increase the susceptibility to tuberculosis (TB) infection. However, the temporality of alcohol consumption with subsequent TB development remains unclear. This nationwide population-based cohort study aimed to investigate the impact of alcohol exposure on TB development in Taiwanese adults. Methods: We included 46 196 adult participants from three rounds (2001, 2005, 2009) of the Taiwan National Health Interview Survey. Alcohol consumption was classified into heavy, regular, social, or never alcohol use. Heavy alcohol consumption was defined as intoxication at least once/week. Alcohol consumption and other covariates were collected by in-person interviews at baseline. Incident cases of active TB were identified from the National Health Insurance database. Multivariate logistic regression was used to estimate the association between alcohol consumption and active TB, with adjustment for age, sex, smoking, socioeconomic status, and other covariates. Results: A total of 279 new cases of active TB occurred during the study follow-up period. Heavy (adjusted odds ratio [AOR], 5.21; 95% confident interval [CI], 2.41-11.26) and regular alcohol use (AOR, 1.73; 95% CI, 1.26-2.38) were associated with higher risks of incident TB after adjusting for the subject demographics and comorbidities. Moreover, a strong dose-response effect was observed between increasing alcohol consumption and incident TB (AOR, 2.26; 95% CI, 1.59-3.21; P <.001). Conclusion: Heavy and regular alcohol consumption were associated with higher risks of active TB. Future TB control programs should consider strategies to lower the overall level of alcohol consumption to reduce the TB disease burden.

Keywords: alcohol consumption, tuberculosis, risk factor, cohort study

Procedia PDF Downloads 219

Authors: Dimple Juneja, Aarti Singh, Renu Hooda

Abstract:

Knowledge Query Manipulation Language (KQML) and FIPA ACL are two prime communication languages existing in multi agent systems (MAS). Both languages are more or less similar in terms of semantics (based on speech act theory) and offer cutting edge competition while establishing agent communication across Internet. In contrast to the fact that software agents operating on the internet are required to be more safeguarded from their counter-peer, both protocols lack security performatives. The paper proposes a three tier security interface with few novel security related performatives enhancing the basic architecture of KQML. The three levels are attestation, certification and trust establishment which enforces a tight security and hence reduces the security breeches.

Keywords: multiagent systems, KQML, FIPA ACL, performatives

Procedia PDF Downloads 399

Authors: Eman W. Boghdady, A. R. Shehata, M. A. Azem

Abstract:

Database (DB) security demands permitting authorized users and prohibiting non-authorized users and intruders actions on the DB and the objects inside it. Organizations that are running successfully demand the confidentiality of their DBs. They do not allow the unauthorized access to their data/information. They also demand the assurance that their data is protected against any malicious or accidental modification. DB protection and confidentiality are the security concerns. There are four types of controls to obtain the DB protection, those include: access control, information flow control, inference control, and cryptographic. The cryptographic control is considered as the backbone for DB security, it secures the DB by encryption during storage and communications. Current cryptographic techniques are classified into two types: traditional classical cryptography using standard algorithms (DES, AES, IDEA, etc.) and chaos cryptography using continuous (Chau, Rossler, Lorenz, etc.) or discreet (Logistics, Henon, etc.) algorithms. The important characteristics of chaos are its extreme sensitivity to initial conditions of the system. In this paper, DB-security systems based on chaotic algorithms are described. The Pseudo Random Numbers Generators (PRNGs) from the different chaotic algorithms are implemented using Matlab and their statistical properties are evaluated using NIST and other statistical test-suits. Then, these algorithms are used to secure conventional DB (plaintext), where the statistical properties of the ciphertext are also tested. To increase the complexity of the PRNGs and to let pass all the NIST statistical tests, we propose two hybrid PRNGs: one based on two chaotic Logistic maps and another based on two chaotic Henon maps, where each chaotic algorithm is running side-by-side and starting from random independent initial conditions and parameters (encryption keys). The resulted hybrid PRNGs passed the NIST statistical test suit.

Keywords: algorithms and data structure, DB security, encryption, chaotic algorithms, Matlab, NIST

Procedia PDF Downloads 259

Authors: Jacques Barnard, Magda Huisman, Gunther R. Drevin

Abstract:

Rapid expansion and development in die mobile technology market has created an opportunity for users to participate in location based games. As a consequence of this fast expanding market and new technology, it is important to be aware of the implications this has on security. This paper measures the impact on the security awareness of games’ participants, as well as on that of students at university level with regards to their various stages of input in years of studying and gamer classification. This serves to provide insight into the matter as to discernible differences in the awareness of the security implications concerning these technologies. The data was accumulated via a web questionnaire that was to be completed yearly by students from respective year groups. Results signify a meaningful disparity in security awareness among students completing the varying study years and research. This awareness, however, does not always impact on gamers.

Keywords: gamer classifications, location based games, location based data, security awareness

Procedia PDF Downloads 282

Authors: Rasim M. Alguliyev, Alovsat G. Aliyev, Roza O. Shahverdiyeva

Abstract:

The paper investigated the role and position of high techno-parks, which is one of the priorities of Azerbaijan. The main objectives, functions and features of the establishment of high-techno parks, as well as organization of the activity of the structural elements, which are the parking complex and their interactions were analyzed. The development, organization and management of high techno-parks were studied. The key features and functions of innovative structures’ management were explained. The need for a comprehensive management system for the development of high-techno parks was emphasized and the major problems were analyzed. In addition, the methods were proposed for the development of information systems supporting decision making in systematic and sustainable management of the parks.

Keywords: innovative development, innovation processes, innovation economy, innovation infrastructure, high technology park, efficient management, management decisions, information insurance

Procedia PDF Downloads 454

Authors: Laxmi R. Kasaraneni

Abstract:

The Internet connects all the networks, including the nation’s critical infrastructure that are used extensively by not only a nation’s government and military to protect sensitive information and execute missions, but also the primary infrastructure that provides services that enable modern conveniences such as education, potable water, electricity, natural gas, and financial transactions. It has become the central nervous system for the government, the citizens, and the industries. When it is attacked, the effects can ripple far and wide impacts not only to citizens’ well-being but nation’s economy, civil infrastructure, and national security. As such, these critical services may be targeted by malicious hackers during cyber warfare, it is imperative to not only protect them and mitigate any immediate or potential threats, but to also understand the current or potential impacts beyond the IT networks or the organization. The Nation’s IT infrastructure which is now vital for communication, commerce, and control of our physical infrastructure, is highly vulnerable to attack. While existing technologies can address some vulnerabilities, fundamentally new architectures and technologies are needed to address the larger structural insecurities of an infrastructure developed in a more trusting time when mass cyber attacks were not foreseen. This research is intended to improve the core functions of the Internet and critical-sector information systems by providing a clear path to create a safe, secure, and resilient cyber environment that help stakeholders at all levels of government, and the private sector work together to develop the cybersecurity capabilities that are key to our economy, national security, and public health and safety. This research paper also emphasizes the present and future cyber security threats, the capabilities and goals of cyber attackers, a strategic concept and steps to implement cybersecurity for maximum effectiveness, enabling technologies, some strategic assumptions and critical challenges, and the future of cyberspace.

Keywords: critical challenges, critical infrastructure, cyber security, enabling technologies, national security

Procedia PDF Downloads 285

Authors: Hanen Khaldi

Abstract:

This paper aims to study the impact of international migration on human security in the Southeastern region of Asia, especially after Asian Financial Crisis 1997-98. International migration has impacts on many dimensions of security: the state security (sovereignty and autonomy); international relationships security (conflicts, terrorism, etc); and immigrants security. The paper aims to improve our comprehension of the impact of international migration on immigrant security in the region of Southeast Asia, particularly “vulnerable workers’’ whose number is growing very fast in the region. The literature review carried out on this matter led us to ask the following two question: 1) Did the creation of ASEAN Community matter on the evolution of immigrants in the region? And How governments try to resolve the gap between economic objectifs and security of immigrants in the region? To answer these two questions, the paper is subdivided in three parts: Firstly, we will show how the creation of the ASEAN Community, especially ASEAN Economic Community, had a significant impact on the pattern of evolution of immigration in this region. Secondly, we will paint a portrait illustrating the vulnerability of immigrants in Southeast Asia, particularly unskilled workers. Finally, using the theories of regional integration, we will assess how governments try to ensure the security and safety of the immigrants. Overall, our analysis illustrate the significant change of the official discourse of the leaders of the ASEAN member states, now more conciliator and especially more open to cooperation, as well as the proliferation of meetings and initiatives between these countries to control mobility flows in the region, and the ensure immigrants security.

Keywords: migrant workers, human security, human rights

Procedia PDF Downloads 152

Authors: S. Maddi Muhammed, Paul Davis, John Geraghty, Mabruk Derbesh

Abstract:

This study discusses the probability of using electronic management in higher education institutions in Libya. This could be as sampled by creating an electronic gate at the faculties of Engineering and Computing "Information Technology" at Zaytuna University or any other university in Libya. As we all know, the competitive advantage amongst universities is based on their ability to use information technology efficiently and broadly. Universities today value information technology as part of the quality control and assurance and a ranking criterion for a range of services including e-learning and e-Registration. This could be done by developing email systems, electronic or virtual libraries, electronic cards, and other services provided to all students, faculty or staff. This paper discusses a range of important topics that explain how to apply the gate "E" with the faculties at Zaytuna University, Bani Walid colleges in Libya.

Keywords: e-management, educational institutions (EI), Libya, Zaytuna, information technology

Procedia PDF Downloads 436

Authors: Chupicai Manuel

Abstract:

The purpose of this article is to examine the political economy and history of internal displacement, migration and human security in Zimbabwe from 1800 to present day. The article gives a timeline of major internal displacement, migration trends that took place in Zimbabwe before colonialism, through the colonial period up to the present day and examines the human security context of such periods. In view of the above, a political economy analysis will be employed to examine the different factors that promoted internal displacement and human movements from 1800 to the present day and explore the architecture of human security in Zimbabwe. The ultimate goal of this literature review is to provide a longitudinal analysis of internal displacement, migration and human security regimes that existed in Zimbabwe with the view of promoting social cohesion and nation building.

Keywords: human security, internal displacement, migration, political economy

Procedia PDF Downloads 334

Authors: Panita Wannapiroon, Noppadon Phumeechanya, Sitthichai Laisema

Abstract:

This study is the research and development which is intended to: 1) design the ubiquitous cloud learning management system and: 2) assess the suitability of the design of the ubiquitous cloud learning management system. Its methods are divided into 2 phases. Phase 1 is the design of the ubiquitous cloud learning management system, phase 2 is the assessment of the suitability of the design the samples used in this study are work done by 25 professionals in the field of Ubiquitous cloud learning management systems and information and communication technology in education selected using the purposive sampling method. Data analyzed by arithmetic mean and standard deviation. The results showed that the ubiquitous cloud learning management system consists of 2 main components which are: 1) the ubiquitous cloud learning management system server (u-Cloud LMS Server) including: cloud repository, cloud information resources, social cloud network, cloud context awareness, cloud communication, cloud collaborative tools, and: 2) the mobile client. The result of the system suitability assessment from the professionals is in the highest range.

Keywords: learning management system, cloud computing, ubiquitous learning, ubiquitous learning management system

Procedia PDF Downloads 506

Authors: Grace Omowunmi Soyebi

Abstract:

A computerized medical record system is a collection of medical information about a person that is stored on a computer. One principal problem of most hospitals in rural areas is using the file management system for keeping records. A lot of time is wasted when a patient visits the hospital, probably in an emergency, and the nurse or attendant has to search through voluminous files before the patient's file can be retrieved, this may cause an unexpected to happen to the patient. This Data Mining application is to be designed using a Structured System Analysis and design method which will help in a well-articulated analysis of the existing file management system, feasibility study, and proper documentation of the Design and Implementation of a Computerized medical record system. This Computerized system will replace the file management system and help to quickly retrieve a patient's record with increased data security, access clinical records for decision-making, and reduce the time range at which a patient gets attended to.

Keywords: programming, computing, data, innovation

Procedia PDF Downloads 111

Authors: Alhaji Khuzaima Mohammed Osman, Zaeem Sheikh Abdul Wadudi Haruna

Abstract:

This article aims to explore the crucial link between counter-terrorism efforts and the preservation of human security. As acts of terrorism continue to pose significant threats to societies worldwide, it is imperative to develop effective strategies that mitigate risks while safeguarding the rights and well-being of individuals. This paper discusses key aspects of counter-terrorism and human security, emphasizing the need for a comprehensive approach that integrates intelligence, prevention, response, and resilience-building measures. By highlighting successful case studies and lessons learned, this article provides valuable insights for policymakers, law enforcement agencies, and practitioners in their quest to address terrorism and foster human security.

Keywords: human security, risk mitigation, terrorist activities, civil liberties

Procedia PDF Downloads 73

Authors: Cai Qianyi

Abstract:

In the midst of global digital revolution, the flow of data poses security threats that call China's existing legislative framework for protecting personal information into question. As a preliminary procedure for risk analysis and prevention, the risk assessment of personal data transmission lacks detailed guidelines for support. Existing provisions reveal unclear responsibilities for network operators and weakened rights for data subjects. Furthermore, the regulatory system's weak operability and a lack of industry self-regulation heighten data transmission hazards. This paper aims to compare the regulatory pathways for data information transmission risks between China and Europe from a legal framework and content perspective. It draws on the “Data Protection Impact Assessment Guidelines” to empower multiple stakeholders, including data processors, controllers, and subjects, while also defining obligations. In conclusion, this paper intends to solve China's digital security shortcomings by developing a more mature regulatory framework and industry self-regulation mechanisms, resulting in a win-win situation for personal data protection and the development of the digital economy.

Keywords: personal information data transmission, risk assessment, DPIA, internet service provider, personal information data transimission, risk assessment

Procedia PDF Downloads 44

Authors: Michael J. Hahn

Abstract:

Docker is a powerful tool used by many companies such as PayPal, MetLife, Expedia, Visa, and many others. Docker works by bundling multiple applications, binaries, and libraries together on top of an operating system image called a container. The container runs on a Docker engine that in turn runs on top of a standard operating system. This centralization saves a lot of system resources. In this paper, we will be demonstrating how to bypass Transport Layer Security and execute remote code within Docker containers built on a base image of Alpine Linux version 3.7.0 through the use of .apk files due to flaws in the Alpine Linux package management program. This exploit renders any applications built using Docker with a base image of Alpine Linux vulnerable to unwanted outside forces.

Keywords: cloud, cryptography, Docker, Linux, security

Procedia PDF Downloads 184

Authors: Ando Leppiman, Kati Kõrbe Kaare, Ott Koppel

Abstract:

The growing demand for gas has rekindled a debate on gas security of supply due to supply interruptions, increasing gas prices, transportation and distribution bottlenecks and a growing reliance on imports over longer distances. Security of supply is defined mostly as an infrastructure package to satisfy N-1 criteria. In case of Estonia, Finland, Latvia, and Lithuania all the gas infrastructure is built to supply natural gas only from one single supplier, Russia. In 2012, almost 100% of natural gas to the Eastern Baltic Region was supplied by Gazprom. under such circumstances infrastructure N-1 criteria does not guarantee security of supply. In the Eastern Baltic Region, the assessment of risk of gas supply disruption has been worked out by applying the method of risk scenarios. There are various risks to be tackled in Eastern Baltic States in terms of improving security of supply, such as single supplier risk, physical infrastructure risk, regulatory gap, fair price, and competition. The objective of this paper is to evaluate the energy security of the Eastern Baltic Region within the framework of the European Union’s policies and to make recommendations on how to better guarantee the energy security of the region.

Keywords: security of supply, supply routes for natural gas, energy balance, diversified supply options, common regulative package

Procedia PDF Downloads 245

Authors: Violeta Damjanovic-Behrendt

Abstract:

This paper presents an approach for optimal cyber security decisions to protect instances of a federated Internet of Things (IoT) platform in the cloud. The presented solution implements the repeated Stackelberg Security Game (SSG) and a model called Stochastic Human behaviour model with AttRactiveness and Probability weighting (SHARP). SHARP employs the Subjective Utility Quantal Response (SUQR) for formulating a subjective utility function, which is based on the evaluations of alternative solutions during decision-making. We augment the repeated SSG (including SHARP and SUQR) with a reinforced learning algorithm called Naïve Q-Learning. Naïve Q-Learning belongs to the category of active and model-free Machine Learning (ML) techniques in which the agent (either the defender or the attacker) attempts to find an optimal security solution. In this way, we combine GT and ML algorithms for discovering optimal cyber security policies. The proposed security optimization components will be validated in a collaborative cloud platform that is based on the Industrial Internet Reference Architecture (IIRA) and its recently published security model.

Keywords: security, internet of things, cloud computing, stackelberg game, machine learning, naive q-learning

Procedia PDF Downloads 343

Authors: Emmanuel Ogala

Abstract:

Cloud computing has been envisioned as the next-generation architecture of Information Technology (IT) enterprise. In contrast to traditional solutions where IT services are under physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centres, where the management of the data and services may not be fully trustworthy. This is due to the fact that the systems are opened to the whole world and as people tries to have access into the system, many people also are there trying day-in day-out on having unauthorized access into the system. This research contributes to the improvement of cloud computing security for better operation. The work is motivated by two problems: first, the observed easy access to cloud computing resources and complexity of attacks to vital cloud computing data system NIC requires that dynamic security mechanism evolves to stay capable of preventing illegitimate access. Second; lack of good methodology for performance test and evaluation of biometric security algorithms for securing records in cloud computing environment. The aim of this research was to evaluate the performance of an integrated security system (ISS) for securing exams records in cloud computing environment. In this research, we designed and implemented an ISS consisting of three security mechanisms of biometric (fingerprint), auto-PIN and password into one stream of access control and used for securing examination records in Kogi State University, Anyigba. Conclusively, the system we built has been able to overcome guessing abilities of hackers who guesses people password or pin. We are certain about this because the added security system (fingerprint) needs the presence of the user of the software before a login access can be granted. This is based on the placement of his finger on the fingerprint biometrics scanner for capturing and verification purpose for user’s authenticity confirmation. The study adopted the conceptual of quantitative design. Object oriented and design methodology was adopted. In the analysis and design, PHP, HTML5, CSS, Visual Studio Java Script, and web 2.0 technologies were used to implement the model of ISS for cloud computing environment. Note; PHP, HTML5, CSS were used in conjunction with visual Studio front end engine design tools and MySQL + Access 7.0 were used for the backend engine and Java Script was used for object arrangement and also validation of user input for security check. Finally, the performance of the developed framework was evaluated by comparing with two other existing security systems (Auto-PIN and password) within the school and the results showed that the developed approach (fingerprint) allows overcoming the two main weaknesses of the existing systems and will work perfectly well if fully implemented.

Keywords: performance evaluation, fingerprint, auto-pin, password-based, security systems, cloud computing environment

Procedia PDF Downloads 125

Authors: Maryam M Esfahani

Abstract:

The Internet of Things is a concept that has fundamentally changed the way information technology works and communication environments. This concept, which is referred to as the next revolution in the field of information and communication technology, takes advantage of existing technologies such as wireless sensor networks, RFID, cloud computing, M2M, etc., to the final slogan of providing the possibility of connecting any object anywhere and everywhere. This use of technologies, along with the possibility of providing new services, also inherits their threats, and although the Internet of Things is facing many challenges, it can be said that its most important challenge is security and privacy, and perhaps even a more tangible challenge is privacy. In this article, we will first introduce the definition and concepts related to privacy, and then we will examine some threats against the privacy of the Internet of Things in different layers of a typical architecture. Also, while examining the differences and the relationship between security and privacy, we study different dimensions of privacy, and finally, we review some of the methods and technologies for improving the level of privacy.

Keywords: Iot, privacy, different dimension of privacy, W3model, privacy enhancing technologies

Procedia PDF Downloads 80

Authors: Majda Al Salti

Abstract:

Tourism industry is considered globally as one of the leading industries due to its noticeable contribution to countries' gross domestic product (GDP) and job creation. However, tourism is vulnerable to crisis and disaster that requires its preparedness. With its limited capabilities, there is a need to improve links and the understanding between the tourism industry and the emergency services, thus facilitating future emergency response to any potential incident. This study aims to develop the concept of an integrated emergency management system for the tourism industry. The study used face-to-face semi-structured interviews to evaluate the level of crisis and disaster preparedness of the tourism industry in Oman. The findings suggested that there is a lack of understanding of crisis and disaster management, and hence preparedness level among Oman Tourism Authorities appears to be under-expectation. Therefore, a clear need for tourism sector inter- and intra-integration and collaboration is important in the pre-disaster stage. The need for such integrations can help the tourism industry in Oman to prepare for future incidents as well as identifying its requirements in time of crisis for effective response.

Keywords: tourism, emergency services, crisis, disaster

Procedia PDF Downloads 107

Authors: Vaibhav Barve

Abstract:

Reversible information hiding has drawn a lot of interest as of late. Being reversible, we can restore unique computerized data totally. It is a plan where mystery data is put away in digital media like image, video, audio to maintain a strategic distance from unapproved access and security reason. By and large JPEG bit stream is utilized to store this key data, first JPEG bit stream is encrypted into all around sorted out structure and then this secret information or key data is implanted into this encrypted region by marginally changing the JPEG bit stream. Valuable pixels suitable for information implanting are computed and as indicated by this key subtle elements are implanted. In our proposed framework we are utilizing RC4 algorithm for encrypting JPEG bit stream. Encryption key is acknowledged by framework user which, likewise, will be used at the time of decryption. We are executing enhanced least significant bit supplanting steganography by utilizing genetic algorithm. At first, the quantity of bits that must be installed in a guaranteed coefficient is versatile. By utilizing proper parameters, we can get high capacity while ensuring high security. We are utilizing logistic map for shuffling of bits and utilization GA (Genetic Algorithm) to find right parameters for the logistic map. Information embedding key is utilized at the time of information embedding. By utilizing precise picture encryption and information embedding key, the beneficiary can, without much of a stretch, concentrate the incorporated secure data and totally recoup the first picture and also the original secret information. At the point when the embedding key is truant, the first picture can be recouped pretty nearly with sufficient quality without getting the embedding key of interest.

Keywords: data embedding, decryption, encryption, reversible data hiding, steganography

Procedia PDF Downloads 279

Authors: Grace Omowunmi Soyebi

Abstract:

A computerized medical record system is a collection of medical information about a person that is stored on a computer. One principal problem of most hospitals in rural areas is using the file management system for keeping records. A lot of time is wasted when a patient visits the hospital, probably in an emergency, and the nurse or attendant has to search through voluminous files before the patient's file can be retrieved; this may cause an unexpected to happen to the patient. This data mining application is to be designed using a structured system analysis and design method which will help in a well-articulated analysis of the existing file management system, feasibility study, and proper documentation of the design and implementation of a computerized medical record system. This computerized system will replace the file management system and help to quickly retrieve a patient's record with increased data security, access clinical records for decision-making, and reduce the time range at which a patient gets attended to.

Keywords: programming, data, software development, innovation

Procedia PDF Downloads 72

Authors: Musaab Hasan, Farkhund Iqbal, Patrick C. K. Hung, Benjamin C. M. Fung, Laura Rafferty

Abstract:

In modern societies, the smart cities concept raised simultaneously with the projection towards adopting smart devices. A smart grid is an essential part of any smart city as both consumers and power utility companies benefit from the features provided by the power grid. In addition to advanced features presented by smart grids, there may also be a risk when the grids are exposed to malicious acts such as security attacks performed by terrorists. Considering advanced security measures in the design of smart meters could reduce these risks. This paper presents a security study for smart metering systems with a prototype implementation of the user interfaces for future works.

Keywords: security design, smart city, smart meter, smart grid, smart metering system

Procedia PDF Downloads 316

Authors: Kai Qian, Lixin Tao

Abstract:

Mobile devices such as smartphones are getting more and more popular in our daily lives. The security vulnerability and threat attacks become a very emerging and important research and education topic in computing security discipline. There is a need to have an innovative mobile security hands-on laboratory to provide students with real world relevant mobile threat analysis and protection experience. This paper presents an authentic teaching and learning mobile security approach with smartphone devices which covers most important mobile threats in most aspects of mobile security. Each lab focuses on one type of mobile threats, such as mobile messaging threat, and conveys the threat analysis and protection in multiple ways, including lectures and tutorials, multimedia or app-based demonstration for threats analysis, and mobile app development for threat protections. This authentic learning approach is affordable and easily-adoptable which immerse students in a real world relevant learning environment with real devices. This approach can also be applied to many other mobile related courses such as mobile Java programming, database, network, and any security relevant courses so that can learn concepts and principles better with the hands-on authentic learning experience.

Keywords: mobile computing, Android, network, security, labware

Procedia PDF Downloads 390

Authors: Khadidja Mebarki, Naceur Boussouar, Nabila Ihaddadene, M. Akermi

Abstract:

Food products are particularly sensitive, since they concern the health of the consumer, whether it’s be from the health point of view or commercial, this kind of product must be subjected to rigorous controls, in order to prevent any fraud. Quality and safety are essential for food security, public health and economic development. The strengthening of food security is essential to increase food security which is considered reached when all individuals can at any time access safe and nutritious food they need to lead healthy and active lives. The objective of this project is to initiate a quality approach in the laboratories of the quality control and the repression of fraud. It will be directed towards the application of good laboratory practices, traceability, management of quality documents (quality, procedures and specification manual) and quality audits. And to prepare the ground for a possible accreditation by ISO 17025 standard of BECHAR laboratory’s. The project will take place in four main stages: 1- Preparation of an audit grid; 2- Realization of a quality audit according to the method of 5 M completed by a section on quality documentation; 3- Drafting of an audit report and proposal for recommendations; 4- Implementation of corrective actions on the ground. This last step consisted in the formalization of the cleaning disinfection plan; work on good hygiene practices, establishment of a mapping of processes and flow charts of the different processes of the laboratory, classifying quality documents and formalizing the process of document management. During the period of the study within the laboratory, all facets of the work were almost appreciated, as we participated in the expertise performed in within it.

Keywords: quality, management, ISO 17025 accreditation, GLP

Procedia PDF Downloads 502

Authors: Ahlem Setrallah

Abstract:

Environment has become a phenomenon directly linked to security in recent decades. This security aspect of environment is justified by the challenges that environment problems can have on human life and thus security especially within the scope of human security that is based mainly on the individual rather than on the state. Because Africa is not safe from the global warming and all its consequences on environment, this continent has witnessed many crises related to environment and that have had direct impact on security in Africa. One of those crises is environmental displacement or immigration which was caused by natural disasters like draught, desertification and food shortage to name but a few. This paper aims at shedding light at some important cases in the Africa focusing mainly on the Sahel region. The main research questions that we are trying to answer are the following: 1-What is the relationship between environment and forced immigration in the Sahel region? 2-What is the impact of environmental immigration on Security in the region? 3-How have the states in this region reacted to this crisis? 4-Is the measures taken by those states adequate or not? 5- How to remedy for the limitations of those measures? The paper is based on case study methodology as a way to better understand the relationship between security and environment using library research for data collection and analysis. This paper aims also at presenting some suggesting regarding possible ways of reducing the negative impact of environmental immigration.

Keywords: environment, refugees, Sahel region, security

Procedia PDF Downloads 453

Authors: Tariq Ahamad, Mohammed S. Al-Kahtani, Taisir Eldos

Abstract:

Optical communications technology has made enormous and steady progress for several decades, providing the key resource in our increasingly information-driven society and economy. Much of this progress has been in finding innovative ways to increase the data carrying capacity of a single optical fiber. In this research article we have explored basic issues in terms of security and reliability for secure and reliable information transfer through the fiber infrastructure. Conspicuously, one potentially enormous source of improvement has however been left untapped in these systems: fibers can easily support hundreds of spatial modes, but today’s commercial systems (single-mode or multi-mode) make no attempt to use these as parallel channels for independent signals. Bandwidth, performance, reliability, cost efficiency, resiliency, redundancy, and security are some of the demands placed on telecommunications today. Since its initial development, fiber optic systems have had the advantage of most of these requirements over copper-based and wireless telecommunications solutions. The largest obstacle preventing most businesses from implementing fiber optic systems was cost. With the recent advancements in fiber optic technology and the ever-growing demand for more bandwidth, the cost of installing and maintaining fiber optic systems has been reduced dramatically. With so many advantages, including cost efficiency, there will continue to be an increase of fiber optic systems replacing copper-based communications. This will also lead to an increase in the expertise and the technology needed to tap into fiber optic networks by intruders. As ever before, all technologies have been subject to hacking and criminal manipulation, fiber optics is no exception. Researching fiber optic security vulnerabilities suggests that not everyone who is responsible for their networks security is aware of the different methods that intruders use to hack virtually undetected into fiber optic cables. With millions of miles of fiber optic cables stretching across the globe and carrying information including but certainly not limited to government, military, and personal information, such as, medical records, banking information, driving records, and credit card information; being aware of fiber optic security vulnerabilities is essential and critical. Many articles and research still suggest that fiber optics is expensive, impractical and hard to tap. Others argue that it is not only easily done, but also inexpensive. This paper will briefly discuss the history of fiber optics, explain the basics of fiber optic technologies and then discuss the vulnerabilities in fiber optic systems and how they can be better protected. Knowing the security risks and knowing the options available may save a company a lot embarrassment, time, and most importantly money.

Keywords: in-house networks, fiber optics, security risk, money

Procedia PDF Downloads 410