Search results for: information security audit

Authors: Husnain Mushtaq, Mary Anjum, Muhammad Aleem

Abstract:

The main objective of this paper is used to develop a high security in Automatic Teller Machine (ATM). In these system bankers will collect the mobile numbers from the customers and then provide a code on their mobile number. In most country existing ATM machine use the magnetic card reader. The customer is identifying by inserting an ATM card with magnetic card that hold unique information such as card number and some security limitations. By entering a personal identification number, first the customer is authenticated then will access bank account in order to make cash withdraw or other services provided by the bank. Cases of card fraud are another problem once the user’s bank card is missing and the password is stolen, or simply steal a customer’s card & PIN the criminal will draw all cash in very short time, which will being great financial losses in customer, this type of fraud has increase worldwide. So to resolve this problem we are going to provide the solution using “Mobile SMS code” and ATM “PIN code” in order to improve the verify the security of customers using ATM system and confidence in the banking area.

Keywords: PIN, inquiry, biometric, magnetic strip, iris recognition, face recognition

Procedia PDF Downloads 365

Authors: Juan Jimenez, Erika Yambay, Dayana Pilco, Brayan Parra

Abstract:

This paper presents an investigation of voice signal processing and coding using MATLAB, with the objective of generating a plasma signal on a Tesla coil within a security system. The approach focuses on using advanced voice signal processing techniques to encode and modulate the audio signal, which is then amplified and applied to a Tesla coil. The result is the creation of a striking visual effect of voice-controlled plasma with specific applications in security systems. The article explores the technical aspects of voice signal processing, the generation of the plasma signal, and its relationship to security. The implications and creative potential of this technology are discussed, highlighting its relevance at the forefront of research in signal processing and visual effect generation in the field of security systems.

Keywords: voice signal processing, voice signal coding, MATLAB, plasma signal, Tesla coil, security system, visual effects, audiovisual interaction

Procedia PDF Downloads 93

Authors: Salha Abdullah Ali Al-Shamrani, Maha Muhammad Dhaher Aljuhani, Eman Ali Ahmed Aldhaheri

Abstract:

With the proliferation of Internet of Things (IoT) devices in various industries, there has been a concurrent rise in security vulnerabilities, particularly spoofing attacks. This study explores the potential of blockchain technology in enhancing the security of IoT systems and mitigating these attacks. Blockchain's decentralized and immutable ledger offers significant promise for improving data integrity, transaction transparency, and tamper-proofing. This research develops and implements a blockchain-based IoT architecture and a reference network to simulate real-world scenarios and evaluate a blockchain-integrated intrusion detection system. Performance measures including time delay, security, and resource utilization are used to assess the system's effectiveness, comparing it to conventional IoT networks without blockchain. The results provide valuable insights into the practicality and efficacy of employing blockchain as a security mechanism, shedding light on the trade-offs between speed and security in blockchain deployment for IoT. The study concludes that despite minor increases in time consumption, the security benefits of incorporating blockchain technology into IoT systems outweigh potential drawbacks, demonstrating a significant potential for blockchain in bolstering IoT security.

Keywords: internet of things, spoofing, IoT, access control, blockchain, raspberry pi

Procedia PDF Downloads 74

Authors: Mohd Iskandar Illyas Tan, Zuhra Junaida Mohamad Husny, Farawahida Mohd Yusof

Abstract:

The potentials of Muslim-friendly hospitality services bring huge opportunities to operators (hoteliers, tourist guides, and travel agents), especially among the Muslim countries. In order to provide guidelines that facilitate the operations among these operators, standards and manuals have been developing by the authorities. Among the challenges is the applicability and complexity of the standard to be adopted in the real world. Mobile digital technology can be implemented to overcome those challenges. A prototype has been developed to help operators and authorities to assess their readiness in complying with MS2610:2015. This study analyzes the of mobile digital technology characteristics that are suitable for the user in conducting sharia’ compliant hospitality audit. A focus group study was conducted in the state of Penang, Malaysia that involves operators (hoteliers, tourist guide, and travel agents) as well as agencies (Islamic Tourism Center, Penang Islamic Affairs Department, Malaysian Standard) that involved directly in the implementation of the certification. Both groups were given the 3 weeks to test and provide feedback on the usability of the mobile applications in order to conduct an audit on their readiness towards the Muslim-friendly hospitality services standard developed by the Malaysian Standard. The feedbacks were analyzed and the overall results show that three criteria (ease of use, completeness and fast to complete) show the highest responses among both groups for the mobile application. This study provides the evidence that the mobile application development has huge potentials to be implemented by the Muslim-friendly hospitality services operator and agencies.

Keywords: hospitality, innovation, audit, compliance, mobile application

Procedia PDF Downloads 133

Authors: Egboja Simon Oga

Abstract:

One of the most important keys to the success of a nation is to ensure steady development and national economic self-sufficiency and independence. It is therefore in this regard that this paper is designed to identify food security to be crucial to all nations’ effort toward sustainable national development. Nigeria as a case study employed various effort by the successive government towards food security. Emphasis were placed on the extent to which government has boosted food security situation on the basis of the identified limitations, conclusion was drawn, recommendation/suggestions proffered, that subsidization of the process of farm inputs like fertilizer, improved seeds and agrochemical, education of farmers on modern methods of farming through extension services, improvisation of village-based food storage mechanism and provision of infrastructural facilities in rural areas to facilitate the preservation and easy evacuation of farm produces are necessary.

Keywords: food, governance, development, security

Procedia PDF Downloads 332

Authors: Buse T. Aydin, Enver Ozdemir

Abstract:

An automatic dependent surveillance-broadcast (ADS-B) system has serious security problems. In this study, a double layer authentication scheme between the aircraft and ground station, aircraft to aircraft, ground station to ATC tower is designed to prevent any unauthorized aircrafts from introducing themselves as friends. This method can be used as a solution to the problem of authentication. The method is a combination of classical cryptographic methods and new generation physical layers. The first layer has employed the embedded key of the aircraft. The embedded key is assumed to installed during the construction of the utility. The other layer is a physical attribute (flight path, distance, etc.) between the aircraft and the ATC tower. We create a mathematical model so that two layers’ information is employed and an aircraft is authenticated as a friend or unknown according to the accuracy of the results of the model. The results of the aircraft are compared with the results of the ATC tower and if the values found by the aircraft and ATC tower match within a certain error margin, we mark the aircraft as friend. As a result, the ADS-B messages coming from this authenticated friendly aircraft will be processed. In this method, even if the embedded key is captured by the unknown aircraft, without the information of the second layer, the unknown aircraft can easily be determined. Overall, in this work, we present a reliable system by adding physical layer in the authentication process.

Keywords: ADS-B, authentication, communication with physical layer security, cryptography, identification friend or foe

Procedia PDF Downloads 179

Authors: Karim Abouelmehdi, Loubna Dali, Elmoutaoukkil Abdelmajid, Hoda Elsayed, Eladnani Fatiha, Benihssane Abderahim

Abstract:

The security of cloud services is the concern of cloud service providers. In this paper, we will mention different classifications of cloud attacks referred by specialized organizations. Each agency has its classification of well-defined properties. The purpose is to present a high-level classification of current research in cloud computing security. This classification is organized around attack strategies and corresponding defenses.

Keywords: cloud computing, classification, risk, security

Procedia PDF Downloads 548

Authors: Ambika Prasad Gupta, Harshit Sosan Lakra

Abstract:

Food security is an important issue that has been widely discussed in literature. However, there is a lack of research on the specific food security challenges faced by tribal communities. Tribal food security refers to the ability of indigenous or tribal communities to consistently access and afford an adequate and nutritious supply of food. These communities often have unique cultural, social, and economic contexts that can impact their food security. The study aims to assess the food security status of all thirty-two major tribes, including Particularly Vulnerable Tribal Groups (PVTG) people living in various blocks of Jharkhand State. The methodology of this study focuses on measuring the food security index of indigenous people by developing and redefining a new Tribal Food Security Index (TFSI) as per the indigenous community-level indicators identified by the Global Food Security Index and other indicators relevant to food security. Affordability, availability, quality and safety, and natural resources were the dimensions used to calculate the overall Tribal Food Security Index. A survey was conducted for primary data collection of tribes and PVTGs at the household level in various districts of Jharkhand with a considerable tribal population. The result shows that due to the transition from rural to urban areas, there is a considerable change in TFSI and a decrease in forest dependency of tribal communities. Socioeconomic factors like occupation and household size had a significant correlation with TFSI. Tribal households living in forests have a higher food security index than tribal households residing in urban transition areas. The study also shows that alternative methodology adopted to measure specific community-level food security creates high significant impact than using commonly used indices.

Keywords: indigenous people, tribal food security, particularly vulnerable tribal groups, Jharkhand

Procedia PDF Downloads 81

Authors: John Ayoade

Abstract:

Radio Frequency Identification (RFID) has gained a lot of popularity in all walks of life due to its usefulness and diverse use of the technology in almost every application. However, there have been some security concerns most especially in regards to how authentic readers and tags can confirm their authenticity before confidential data is exchanged between them. In this paper, Kerberos protocol is adopted for the mutual authentication of RFID system components in order to ensure the secure communication between those components and to realize the authenticity of the communicating components.

Keywords: RFID, security, mutual authentication, Kerberos

Procedia PDF Downloads 469

Authors: Jansen Ang, Andrew Neo, Dawn Chia

Abstract:

Border Security is unlike mainstream policing in that officers are essentially in static deployment, working round the clock every day and every hour of the year looking for illegitimate entry of persons and goods. In Singapore, Border Security officers perform multiple functions to ensure the nation’s safety and security. They are responsible for safeguarding the borders of Singapore to prevent threats from entering the country. Being the first line of defence in ensuring the nation’s border security officers are entrusted with the responsibility of screening travellers inbound and outbound of Singapore daily. They examined 99 million arrivals and departures at the various checkpoints in 2014, which is a considerable volume compared to most immigration agencies. The officers’ work scopes also include cargo clearance, protective and security functions of checkpoints. The officers work in very demanding environment which can range from the smog at the land checkpoints to the harshness of the ports at the sea checkpoints. In addition, all immigration checkpoints are located at the boundaries, posing commuting challenges for officers. At the land checkpoints, festive seasons and school breaks are peak periods as given the surge of inbound and outbound travellers at the various checkpoints. Such work provides unique challenges in comparison to other law enforcement duties. This paper assesses the current stressors faced by officers of a border security agency through the conduct of ground observations as well as a perceived stress survey as well as recommendations in combating stressors faced by border security officers. The findings from the field observations and surveys indicate organisational and operational stressors that are unique to border security and recommends interventions in managing these stressors. Understanding these stressors would better inform border security agencies on the interventions needed to enhance the resilience of border security officers.

Keywords: border security, Singapore, stress, operations

Procedia PDF Downloads 326

Authors: Sandhya Armoogum

Abstract:

In distributed systems and in open systems such as the Internet, often mobile code has to run on unknown and potentially hostile hosts. Mobile code such as a mobile agent is vulnerable when executing on remote hosts. The mobile agent may be subjected to various attacks such as tampering, inspection, and replay attack by a malicious host. Much research has been done to provide solutions for various security problems, such as authentication of mobile agent and hosts, integrity and confidentiality of the data carried by the mobile agent. Many of such proposed solutions in literature are not suitable for open systems whereby the mobile code arrives and executes on a host which is not known and trusted by the mobile agent owner. In this paper, we propose the adoption of the reference monitor by hosts in an open system for providing trust and security for mobile code execution. A secure protocol for the distribution of the reference monitor entity is described. This reference monitor entity on the remote host may also provide several security services such as authentication and integrity to the mobile code.

Keywords: security, mobile agents, reference monitor, trust

Procedia PDF Downloads 440

Authors: Prashansa Singh, Manjot Kaur, Rohit Bajaj

Abstract:

The proliferation of wireless sensor networks and Internet of Things (IoT) devices in the quickly changing digital landscape has highlighted the urgent need for strong security solutions that can handle these systems’ limited resources. A key solution to this problem is the emergence of ultralightweight security protocols, which provide strong security features while respecting the strict computational, energy, and memory constraints imposed on these kinds of devices. This in-depth analysis explores the field of ultralightweight security protocols, offering a thorough examination of their evolution, salient features, and the particular security issues they resolve. We carefully examine and contrast different protocols, pointing out their advantages and disadvantages as well as the compromises between resource limitations and security resilience. We also study these protocols’ application domains, including the Internet of Things, RFID systems, and wireless sensor networks, to name a few. In addition, the review highlights recent developments and advancements in the field, pointing out new trends and possible avenues for future research. This paper aims to be a useful resource for researchers, practitioners, and developers, guiding the design and implementation of safe, effective, and scalable systems in the Internet of Things era by providing a comprehensive overview of ultralightweight security protocols.

Keywords: wireless sensor network, machine-to-machine, MQTT broker, server, ultralightweight, TCP/IP

Procedia PDF Downloads 82

Authors: T. R. Sharika, Ashwini Kumar, Kamal Bijlani

Abstract:

Encryption is the process of converting crucial information’s unreadable to unauthorized persons. Image security is an important type of encryption that secures all type of images from cryptanalysis. A stream cipher is a fast symmetric key algorithm which is used to convert plaintext to cipher text. In this paper we are proposing an image encryption algorithm with Discrete Cosine Transform and Stream Ciphers that can improve compression of images and enhanced security. The paper also explains the use of a shuffling algorithm for enhancing securing.

Keywords: decryption, DCT, encryption, RC4 cipher, stream cipher

Procedia PDF Downloads 363

Authors: Pius Babuna, Xiaohua Yang, Roberto Xavier Supe Tulcan, Bian Dehui, Mohammed Takase, Bismarck Yelfogle Guba, Chuanliang Han, Doris Abra Awudi, Meishui Lia

Abstract:

Water inequality, water security, and water governance are fundamental parameters that affect the sustainable use of water resources. Through policy formulation and decision-making, water governance determines both water security and water inequality. Largely, where water inequality exists, water security is undermined through unsustainable water use practices that lead to pollution of water resources, conflicts, hoarding of water, and poor sanitation. Incidentally, the interconnectedness of water governance, water inequality, and water security has not been investigated previously. This study modified the Gini coefficient and used a Logistics Growth of Water Resources (LGWR) Model to access water inequality and water security mathematically, and discussed the connected role of water governance. We tested the validity of both models by calculating the actual water inequality and water security of Ghana. We also discussed the implications of water inequality on water security and the overarching role of water governance. The results show that regional water inequality is widespread in some parts. The Volta region showed the highest water inequality (Gini index of 0.58), while the central region showed the lowest (Gini index of 0.15). Water security is moderately sustainable. The use of water resources is currently stress-free. It was estimated to maintain such status until 2132 ± 18, when Ghana will consume half of the current total water resources of 53.2 billion cubic meters. Effectively, water inequality is a threat to water security, results in poverty, under-development heightens tensions in water use, and causes instability. With proper water governance, water inequality can be eliminated through formulating and implementing approaches that engender equal allocation and sustainable use of water resources.

Keywords: water inequality, water security, water governance, Gini coefficient, moran index, water resources management

Procedia PDF Downloads 134

Authors: Nicula Valentin, Andrei Virginia

Abstract:

Nowadays, the individual plays a central role in the state’s architecture. This is why the subjective dimension of the security represents a key concept in risk assessment. The paper’s scope is to emphasize the discrepancy between expert and lay evaluations of national security hazards, which is caused by key factors like emotions, personal experience, knowledge and media. Therefore, we have chosen to apply, using these two different groups of respondents, the Q-sort method, which reveals individual beliefs, attitudes, preferences hidden behind the subjects’ own way of prioritizing the risks they are confronted with. Our study’s conclusions are meant to unveil significant indicators needed to be taken into consideration by a state’s leadership in order to understand the social perception of national security hazards, to communicate better with the public opinion and prevent or mitigate the overestimation of the severity or probability of these dangers.

Keywords: risk perception, Q-sort method, national security hazards, individual beliefs

Procedia PDF Downloads 309

Authors: Prabir Patel, Eugene Ming Han Lim

Abstract:

Introduction: Current literature shows that postoperative pulmonary complications following abdominal surgery may be reduced by using lower than conventional tidal volumes intraoperatively together with moderate levels of positive end expiratory pressure (PEEP). The recent studies demonstrated significant reduction demonstrated significant reduction in major complications in elective abdominal surgery through the use of lower tidal volumes (6-8 ml/kg predicted body weight), PEEP of 5 cmH20 and recruitment manoeuvres compared to higher ‘conventional’ volumes (10-12 mls/kg PBW) without lung recruitment. Our objective was to retrospectively audit current practice for patients undergoing major abdominal surgery in Sir Charles Gairdner Hospital. Methods: Patients over 18 undergoing elective general surgery lasting more than 3 hours and intubated during the duration of procedure were included in this audit. Data was collected over a 6 month period. Patients who had hepatic surgery, procedures necessitating one-lung ventilation, transplant surgery, documented history of pulmonary or intracranial hypertension were excluded. Results: 58 suitable patients were identified and notes were available for 54 patients. Key findings: Average peak airway pressure was 21cmH20 (+4), average peak airway pressure was less than 30 cmH20 in all patients, and less than 25 cmH20 in 80% of the cases. PEEP was used in 81% of the cases. Where PEEP was used, 75% used PEEP more than or equal to 5 cmH20. Average tidal volume per actual body weight was 7.1 ml/kg (+1.6). Average tidal volume per predicted body weight (PBW) was 8.8 ml/kg (+1.5). Average tidal volume was less than 10 ml/kg PBW in 90% of cases; 6-8 ml/kg PBW in 40% of the cases. There was no recorded use of recruitment manoeuvres in any cases. Conclusions: In the vast majority of patients undergoing prolonged abdominal surgery, a lung protective strategy using moderate levels of PEEP, peak airway pressures of less than 30 cmH20 and tidal volumes of less than 10 cmH20/kg PBW was utilised. A recent randomised control trial demonstrated benefit from utilising even lower volumes (6-8 mls/kg) based on findings in critical care patients, but this was compared to volumes of 10-12 ml/kg. Volumes of 6-8 ml/kg PBW were utilised in 40% of cases in this audit. Although theoretically beneficial, clinical benefit of lower volumes than what is currently practiced in this institution remains to be seen. The incidence of pulmonary complications was much lower than in the other cited studies and a larger data set would be required to investigate any benefit from lower tidal volume ventilation. The volumes used are comparable to results from published local and international data but PEEP utilisation was higher in this audit. Strategies that may potentially be implemented to ensure and maintain best practice include pre-operative recording of predicted body weight, adjustment of default ventilator settings and education/updates of current evidence.

Keywords: anaesthesia, intraoperative ventilation, PEEP, tidal volume

Procedia PDF Downloads 765

Authors: Somayeh Zeinali

Abstract:

A component is generally defined as a piece of executable software with a published interface. Component-based software engineering (CBSE) has become recognized as a new sub-discipline of software engineering. In the component-based software development, components cannot be completely secure and thus easily become vulnerable. Some researchers have investigated this issue and proposed approaches to detect component intrusions or protect distributed components. Software security also refers to the process of creating software that is considered secure.The terms “dependability”, “trustworthiness”, and “survivability” are used interchangeably to describe the properties of software security.

Keywords: component-based software development, component-based software engineering , software security attributes, dependability, component

Procedia PDF Downloads 559

Authors: Bander Alzahrani

Abstract:

Information-centric networking (ICN) using architectures such as Publish-Subscribe Internet Routing Paradigm (PSIRP) is one of the promising candidates for a future Internet, has recently been under the spotlight by the research community to investigate the possibility of redesigning the current Internet architecture to solve many issues such as routing scalability, security, and quality of services issues.. The Bloom filter-based forwarding is a source-routing approach that is used in the PSIRP architecture. This mechanism is vulnerable to brute force attacks which may lead to denial-of-service (DoS) attacks. In this work, we present a new forwarding approach that keeps the advantages of Bloom filter-based forwarding while mitigates attacks on the forwarding mechanism. In practice, we introduce a special type of forwarding nodes called Edge-FW to be placed at the edge of the network. The role of these node is to add an extra security layer by validating and inspecting packets at the edge of the network against brute-force attacks and check whether the packet contains a legitimate forwarding identifier (FId) or not. We leverage Certificateless Aggregate Signature (CLAS) scheme with a small size of 64-bit which is used to sign the FId. Hence, this signature becomes bound to a specific FId. Therefore, malicious nodes that inject packets with random FIds will be easily detected and dropped at the Edge-FW node when the signature verification fails. Our preliminary security analysis suggests that with the proposed approach, the forwarding plane is able to resist attacks such as DoS with very high probability.

Keywords: bloom filter, certificateless aggregate signature, denial-of-service, information centric network

Procedia PDF Downloads 198

Authors: Jong-Won Lee

Abstract:

Since Cloud environment has appeared as the most powerful keyword in the computing industry, the growth in VDI (Virtual Desktop Infrastructure) became remarkable in domestic market. In recent years, with the trend that mobile devices such as smartphones and pads spread so rapidly, the strengths of VDI that allows people to access and perform business on the move along with companies' office needs expedite more rapid spread of VDI. However, although this enhanced accessibility and mobility can bring the enhanced productivity, it sometimes conflicts with the security, so there should be more detailed security solution, which is user authentication. In this paper, mobile OTP (One-Time Password) authentication method is proposed to secure mobile device portability through rapid and secure authentication using mobile devices such as mobile phones or pads, which does not require additional purchase or possession of OTP tokens of users. However, in order to use the service continuously and reliably in the cloud environment, both service provider and user have to prepare for security awareness and security threats, and continuously study the conflicting aspect between the improving user convenience and the security and supplement so that cloud service can provide opportunities to develop as a new growth industry in the future and create a new market in IT industry.

Keywords: cloud, OTP, mobility, security, authentication

Procedia PDF Downloads 351

Authors: Muhammad R. Ahmed, Mohammed Aseeri

Abstract:

Wireless Sensor Network (WSN) consists of low-cost and multi functional resources constrain nodes that communicate at short distances through wireless links. It is open media and underpinned by an application driven technology for information gathering and processing. It can be used for many different applications range from military implementation in the battlefield, environmental monitoring, health sector as well as emergency response of surveillance. With its nature and application scenario, security of WSN had drawn a great attention. It is known to be valuable to variety of attacks for the construction of nodes and distributed network infrastructure. In order to ensure its functionality especially in malicious environments, security mechanisms are essential. Malicious or internal attacker has gained prominence and poses the most challenging attacks to WSN. Many works have been done to secure WSN from internal attacks but most of it relay on either training data set or predefined threshold. Without a fixed security infrastructure a WSN needs to find the internal attacks is a challenge. In this paper we present an internal attack detection method based on maximum entropy model. The final experimental works showed that the proposed algorithm does work well at the designed level.

Keywords: internal attack, wireless sensor network, network security, entropy

Procedia PDF Downloads 455

Authors: Covadonga Mallada Fernández

Abstract:

Economic development and globalization of international markets have created a favourable atmosphere for the emergence of new forms of crime such as money laundering or financing of terrorism, which may contribute to destabilized and damage economic systems. In particular, money laundering have acquired great importance since the 11S attacks, what has caused on the one hand, the establishment and development of preventive measures and, on the other hand, a progressive hardening of penal measures. Since then, the regulations imposed to fight against money laundering have been viewed as key components also in the fight against terrorist financing. Terrorism, at the beginning, was a “national” crime connected with internal problems of the State (for instance the RAF in Germany or ETA in Spain) but in the last 20 years has started to be an international problem that is connected with the defence and security of the States. Therefore, the new strategic concept for the defense and security of NATO has a comprehensive list of security threats to the Alliance, such as terrorism, international instability, money laundering or attacks on cyberspace, among others. With this new concept, money laundering and terrorism has become a priority in the national defense. In this work we will analyze the methods to combat these new threats to the national security. We will study the preventive legislations to combat money laundering and financing of terrorism, the UIF that exchange information between States, and the hawala-Banking.

Keywords: control of financial flows, money laundering, terrorism, financing of terrorism

Procedia PDF Downloads 454

Authors: P. Agnivesh, P. V. Ponambala Moorthi

Abstract:

Evolution of information modelling leads to the visualisation of well-organized built environment. Building Information Modelling (BIM) is considered as evolution in the off-site construction which essentially enhances and controls the present scenario of on-site construction paradigms. Promptness, sustainability and security are considered as the important characteristics of the building information modelling. Projects that uses BIM are tied firmly by technology but distributed organizationally. This allows different team members in the project to associate and integrate the works and work flows. This will in turn improve the efficiency of work breakdown structure. Internationally BIM had been accepted as modern computer aided way of information sharing by construction industry for efficient way of manipulation in order to avoid the on-site misperceptions. Even though, in developing countries like India BIM is in the phase of start and requires lot of mandates and policies to be brought about by the government for its widespread implementations. This paper reviews the current scenario of BIM worldwide and in India and suggests for the improved implementation of building modelling for Indian policy condition.

Keywords: building information modelling, Indian polity, information modelling, information sharing, mandates and policies, sustainability.

Procedia PDF Downloads 375

Authors: Sewe Silvanus Odhiambo

Abstract:

Globally, many governments have publicly recognized private security firms as essential services providers. The private security firms face a lot of challenges, but the COVID-19 situation also has exacerbated them to another level. This paper locates its relevance in the post-coronavirus era. The COVID-19 pandemic has redefined the world operation, which shows a higher impact on the security field. Accordingly, the purpose of the study was to examine the role of corporate governance on the performance of private security firms in a post-covid pandemic era in Kenya. The study employed a descriptive research design, which included a quantitative approach and secondary data. The study was carried in the month of July 2021 from the registered private security firms. After targeting all private security firms, only 54 firms had disclosed their annual report by the time of conducting the study. The results depicted that pandemic has affected the performance of private security firms measures unfavorably. Further, boards of directors show a positive association with security firm performance. The study recommends that there is need board of directors to enhance management’s risk assessments in the midst of COVID-19; ensure that there are business continuity plans; there is organizational resilience; there is need for the development of new digital strategies; enabling the digital workforce in the firms and have effective communication plans with both internal and external stakeholders to deal with uncertainties and develop more post-COVID practices for boards of directors to improve performance of private security firms in Kenya. The practical implications of the study are that the research outcomes might assist regulatory bodies, investors, policymakers, and the security sector in general in their formulation of public and corporate governance strategies concerning future emergency preparedness and responses. This study also provides a unique contribution to the literature of COVID-19 and security firm performance in emerging economies context.

Keywords: COVID-19, corporate governance, firm performance, private security firms

Procedia PDF Downloads 160

Authors: Zzibu Mark Brian

Abstract:

As software systems become increasingly complex, ensuring code security is a growing concern. Traditional vulnerability detection methods often rely on manual code reviews or static analysis tools, which can be time-consuming and prone to errors. This paper presents a distinct approach to enhancing code security by leveraging artificial intelligence (AI) and machine learning (ML) techniques. Our proposed system utilizes a combination of natural language processing (NLP) and deep learning algorithms to identify and classify vulnerabilities in real-world codebases. By analyzing vast amounts of open-source code data, our AI-powered tool learns to recognize patterns and anomalies indicative of security weaknesses. We evaluated our system on a dataset of over 10,000 open-source projects, achieving an accuracy rate of 92% in detecting known vulnerabilities. Furthermore, our tool identified previously unknown vulnerabilities in popular libraries and frameworks, demonstrating its potential for improving software security.

Keywords: AI, machine language, cord security, machine leaning

Procedia PDF Downloads 37

Authors: Dhananjay Singh, M. Abdullah-Al-Wadud

Abstract:

The Internet of Things is a concept of a large scale ecosystem of wireless actuators. The actuators are defined as things in the IoT, those which contribute or produces some data to the ecosystem. However, ubiquitous data collection, data security, privacy preserving, large volume data processing, and intelligent analytics are some of the key challenges into the IoT technologies. In order to solve the security requirements, challenges and threats in the IoT, we have discussed a message authentication mechanism for IoT applications. Finally, we have discussed data encryption mechanism for messages authentication before propagating into IoT networks.

Keywords: Internet of Things (IoT), message authentication, privacy, security

Procedia PDF Downloads 382

Authors: M. Mutemwa

Abstract:

A Cybersecurity Operation Centre (SOC) is a centralized hub for network event monitoring and incident response. SOCs are critical when determining an organization’s cybersecurity posture because they can be used to detect, analyze and report on various malicious activities. For most organizations, a SOC is not part of the initial design and implementation of the Information Technology (IT) environment but rather an afterthought. As a result, it is not natively a plug and play component; therefore, there are integration challenges when a SOC is introduced into an organization. A SOC is an independent hub that needs to be integrated with existing procedures, policies and IT systems of an organization such as the service desk, ticket logging system, reporting, etc. This paper discussed the challenges of integrating a newly developed SOC to an organization’s existing IT environment. Firstly, the paper begins by looking at what data sources should be incorporated into the Security Information and Event Management (SIEM) such as which host machines, servers, network end points, software, applications, web servers, etc. for security posture monitoring. That is which systems need to be monitored first and the order by which the rest of the systems follow. Secondly, the paper also describes how to integrate the organization’s ticket logging system with the SOC SIEM. That is how the cybersecurity related incidents should be logged by both analysts and non-technical employees of an organization. Also the priority matrix for incident types and notifications of incidents. Thirdly, the paper looks at how to communicate awareness campaigns from the SOC and also how to report on incidents that are found inside the SOC. Lastly, the paper looks at how to show value for the large investments that are poured into designing, building and running a SOC.

Keywords: cybersecurity operation centre, incident response, priority matrix, procedures and policies

Procedia PDF Downloads 153

Authors: Maleh Yassine, Ezzati Abdellah

Abstract:

Wireless Sensor Networks (WSNs) are currently used in different industrial and consumer applications, such as earth monitoring, health related applications, natural disaster prevention, and many other areas. Security is one of the major aspects of wireless sensor networks due to the resource limitations of sensor nodes. However, these networks are facing several threats that affect their functioning and their life. In this paper we present security attacks in wireless sensor networks, and we focus on a review and analysis of the recent Intrusion Detection schemes in WSNs.

Keywords: wireless sensor networks, security attack, denial of service, IDS, cluster-based model, signature based IDS, hybrid IDS

Procedia PDF Downloads 385

Authors: Chalee Thammarat

Abstract:

Mobile phones are equipped with increased short-range communication functionality called Near Field Communication (or NFC for short). NFC needs no pairing between devices but suitable for little amounts of data in a very restricted area. A number of researchers presented authentication techniques for NFC communications, however, they still lack necessary authentication, particularly mutual authentication and security qualifications. This paper suggests a new authentication protocol for NFC communication that gives mutual authentication between devices. The mutual authentication is a one of property, of security that protects replay and man-in-the-middle (MitM) attack. The proposed protocols deploy a limited-use offline session key generation and use of distribution technique to increase security and make our protocol lightweight. There are four sub-protocols: NFCAuthv1 is suitable for identification and access control and NFCAuthv2 is suitable for the NFC-enhanced phone by a POS terminal for digital and physical goods and services.

Keywords: cryptographic protocols, NFC, near field communications, security protocols, mutual authentication, network security

Procedia PDF Downloads 430

Authors: Oyekan Kolawole Jamiu

Abstract:

The right to life is a moral principle based on the belief that a human being has the right to life and, in particular, should not be unjustly killed by another human being. However, the most worrisome security challenge in Nigeria which has cut short the lives of innocent Nigerians is the activities of the dreaded terrorist group known as Boko Haram (which means Western Education is a sin). Between 2004 till date, over 15000 people have been gruesomely murdered by this terrorist group. However, despite the facts that suspected terrorists are arrested and paraded almost on a daily basis, cases of terrorism in our courts in Nigeria today have not been expeditiously dealt with by the judiciary. This paper examines the concept of right to life. The right to life is an inherent right for each and every person. From his or her birth; the individual is considered a living being that must be protected. The right to life connotes also right to live and grow in a healthy environment where there is appropriate health care, qualitative education and adequate security of lives and property. The paper also examines the fight against terrorism and the duty of the government to protect right to life of every individual even in the midst of the fight against terrorism. The paper further reviews the Terrorism Act 2011(as amended) and the clogs in the wheel of prosecution of suspected terrorists. The paper concludes that since terrorism is a new security challenge, to prevent conflict of interest, only one security agency should be trained and saddled with the responsibility of prosecuting suspected terrorist, Law should be enacted to compel intelligent gathering and sharing of information among security agencies and in addition, a special court should be established to deal expeditiously with cases of terrorism in Nigeria.

Keywords: terrorism, intelligent gathering, right to life, prosecution

Procedia PDF Downloads 350

Authors: Sindhu Govardhan, Kenneth G. Crowther

Abstract:

Modernisation of the water sector is leading to increased connectivity and integration of emerging technologies with traditional ones, leading to new security risks. The convergence of Information Technology (IT) with Operation Technology (OT) results in solutions that are spread across larger geographic areas, increasingly consist of interconnected Industrial Internet of Things (IIOT) devices and software, rely on the integration of legacy with modern technologies, use of complex supply chain components leading to complex architectures and communication paths. The result is that multiple parties collectively own and operate these emergent technologies, threat actors find new paths to exploit, and traditional cybersecurity controls are inadequate. Our approach is to explicitly identify and draw data flows that cross trust boundaries between owners and operators of various aspects of these emerging and interconnected technologies. On these data flows, we layer potential attack vectors to create a frame of reference for evaluating possible risks against connected technologies. Finally, we identify where existing controls, mitigations, and other remediations exist across industry partners (e.g., suppliers, product vendors, integrators, water utilities, and regulators). From these, we are able to understand potential gaps in security, the roles in the supply chain that are most likely to effectively remediate those security gaps, and test cases to evaluate and strengthen security across these partners. This informs a “shared responsibility” solution that recognises that security is multi-layered and requires collaboration to be successful. This shared responsibility security framework improves visibility, understanding, and control across the entire supply chain, and particularly for those water utilities that are accountable for safe and continuous operations.

Keywords: cyber security, shared responsibility, IIOT, threat modelling

Procedia PDF Downloads 77