Search results for: security systems

Authors: Amani A. Saad, Ahmed A. El-Farag, El-Sayed A. Helali

Abstract:

Cloud computing is an important and promising field in the recent decade. Cloud computing allows sharing resources, services and information among the people of the whole world. Although the advantages of using clouds are great, but there are many risks in a cloud. The data security is the most important and critical problem of cloud computing. In this research a new security model for cloud computing is proposed for ensuring secure communication system, hiding information from other users and saving the user's times. In this proposed model Blowfish encryption algorithm is used for exchanging information or data, and SHA-2 cryptographic hash algorithm is used for data integrity. For user authentication process a user-name and password is used, the password uses SHA-2 for one way encryption. The proposed system shows an improvement of the processing time of uploading and downloading files on the cloud in secure form.

Keywords: cloud Ccomputing, data security, SAAS, PAAS, IAAS, Blowfish

Procedia PDF Downloads 452

Authors: Sikhumbuzo Zondi, Serges A. Kamga

Abstract:

Human security and human rights are mutually reinforcing concepts given that human security addresses questions related to human conditions such as the safety of individuals and the protection of individual rights and civil liberties. It does this by suggesting that the proper referent for security should be the individual and not the nation-state, due to the individual’s vulnerability to threats such as malnutrition and poverty, conflicts, exploitation and marginalization, despotism and climate change. Due to the primacy of the individual, human security comfortably expand to the notion of social justice, given that for far too-long, many individuals around the world have been denied of their basic human rights through racial discrimination, unfair labour and segregation policies and as a result encountered widespread social, environmental and economic injustices which are evident in the current structural division of the world between the developed north and the underdeveloped or developing south. In light of this view, ensuring freedom from want and freedom from fear, for all individuals is arguably the sound route to addressing and remedying the global ills of our time and a way to promoting human rights for all. The promotion of human security provides an important part of human/societal progress because inclusive security facilitates development and human rights protection, while insecurity reduces people’s growth and investment prospects and prolongs historical injustices. Therefore, this paper seeks to show that human security and human rights complements one another and that this correlation provides the necessary mechanisms for addressing and remedying the historical injustices that still affect most of the world’s population. It will look at linkages between human security and the individual right to equality and freedom from discrimination, right to life, liberty, and personal security; development; own property; adequate living standard; education; desirable work and to join trade unions; participate in government and in free elections; social security and equality before the law. The paper considers these human rights and liberties as vital for securing the core values of human life while at the same addressing socio-economic injustices that still persist in the contemporary world. The paper will be a desktop study using qualitative research methods on two case studies in Africa namely Cameroun and South Africa.

Keywords: justice, human security, human rights, injustices

Procedia PDF Downloads 149

Authors: Zunjarrao Kadam, Vikas Minchekar

Abstract:

The facial recognition is an important task in criminal investigation procedure. The security guards-constantly watching the persons-can help to identify the suspected accused. The forensic psychologists are tackled such cases in the criminal justice system. The security personnel may loss their ability to correctly identify the persons due to constant stress while performing the duty. The present study aimed at to identify the effect of experimentally induced stress on facial recognition ability of security personnel’s. For this study 50, security guards from Sangli, Miraj & Jaysingpur city of the Maharashtra States of India were recruited in the experimental study. The randomized two group design was employed to carry out the research. In the initial condition twenty identity card size photographs were shown to both groups. Afterward, artificial stress was induced in the experimental group through the difficultpuzzle-solvingtask in a limited period. In the second condition, both groups were presented earlier photographs with another additional thirty new photographs. The subjects were asked to recognize the photographs which are shown earliest. The analyzed data revealed that control group has ahighest mean score of facial recognition than experimental group. The results were discussed in the present research.

Keywords: experimentally induced stress, facial recognition, cognition, security personnel

Procedia PDF Downloads 237

Authors: Michael Okeke, Andrew Blyth

Abstract:

Supervisory Control And Data Acquisition (SCADA) as the state of the art Industrial Control Systems (ICS) are used in many different critical infrastructures, from smart home to energy systems and from locomotives train system to planes. Security of SCADA systems is vital since many lives depend on it for daily activities and deviation from normal operation could be disastrous to the environment as well as lives. This paper describes how No-Trust-Zone (NTZ) architecture could be incorporated into SCADA Systems in order to reduce the chances of malicious intent. The architecture is made up of two distinctive parts which are; the field devices such as; sensors, PLCs pumps, and actuators. The second part of the architecture is designed following lambda architecture, which is made up of a detection algorithm based on Particle Swarm Optimization (PSO) and Hadoop framework for data processing and storage. Apache Spark will be a part of the lambda architecture for real-time analysis of packets for anomalies detection.

Keywords: industrial control system (ics, no-trust-zone (ntz), particle swarm optimisation (pso), supervisory control and data acquisition (scada), swarm intelligence (SI)

Procedia PDF Downloads 319

Authors: Alban Igwe, Ijeoma Kalu, Alloy Ezirim

Abstract:

Food insecurity is a global problem, and the search for food security has assumed a central stage in the global development agenda as the United Nations currently placed zero hunger as a goal number in its sustainable development goals. Nigeria currently ranks 107th out of 113 countries in the global food security index (GFSI), a metric that defines a country's ability to furnish its citizens with food and nutrients for healthy living. Paradoxically, Nigeria is a global leader in food production, ranking 1st in yam (over 70% of global output), beans (over 41% of global output), cassava (20% of global output) and shea nuts, where it commands 53% of global output. Furthermore, it ranks 2nd in millet, sweet potatoes, and cashew nuts. It is Africa's largest producer of rice. So, it is apparent that Nigeria's food insecurity woes must relate to a factor other than food production. We investigated the nexus between food security and downstream supply chain losses in the yam industry with secondary data from the Food and Agricultural Organization (FAOSTAT) and the National Bureau of Statics for the decade 2012-2021. In analyzing the data, multiple regression techniques were used, and findings reveal that downstream losses have a strong positive correlation with food security (r = .763*) and a 58.3% variation in food security is explainable by post-downstream supply chain food losses. The study discovered that yam supply chain losses within the period under review averaged 50.6%, suggestive of the fact that downstream supply chain losses are the drainpipe and the major source of food insecurity in Nigeria. Therefore, the study concluded that there is a significant relationship between downstream supply chain losses and food insecurity and recommended the establishment of food supply chain structures and policies to enhance food security in Nigeria.

Keywords: food security, downstream supply chain losses, yam, nigeria, supply chain

Procedia PDF Downloads 64

Authors: Yash Goyal, Manish Korde, Juned Siddiqui

Abstract:

Today online education has gained more popularity so that people can easily complete their curriculum on their own time. Virtual learning has been widely used by many educators, especially in higher education institutions due to its benefits to students and faculty. A good knowledge of teaching theory and instructional design systems is required to experience meaningful learning. However, most educational websites are not designed to adapt to all screen sizes. Making the website accessible on all screen sizes is our main objective, so we have created a website that is readily accessible across all screen sizes and accepts all types of payment methods. And we see generally educational websites interface is simple and unexciting. So, we have made a user interface attractive and user friendly. It is not enough for a website to be user-friendly, but also to be familiar to admins and to reduce the workload of the admin as well. We visited so many popular websites under development that they all had issues like responsiveness, simple interface, security measures, payment methods, etc. To overcome this limitation, we have created a website which has taken care of security issues that is why we have created only one admin id and it can be control from that only. And if the user has successfully done the payment, then the admin can send him a username and password through mail individually so there will no fraud in the payment of the course.

Keywords: responsive, accessible, attractive, interface, objective, security.

Procedia PDF Downloads 74

Authors: Maria Jędrzejczak, Patryk Pieniążek

Abstract:

The European legal reality is on the eve of significant change. In European Union law, there is talk of a “fourth industrial revolution”, which is driven by massive data resources linked to powerful algorithms and powerful computing capacity. The above is closely linked to technological developments in the area of artificial intelligence, which has prompted an analysis covering both the legal environment as well as the economic and social impact, also from an ethical perspective. The discussion on the regulation of artificial intelligence is one of the most serious yet widely held at both European Union and Member State level. The literature expects legal solutions to guarantee security for fundamental rights, including privacy, in artificial intelligence systems. There is no doubt that personal data have been increasingly processed in recent years. It would be impossible for artificial intelligence to function without processing large amounts of data (both personal and non-personal). The main driving force behind the current development of artificial intelligence is advances in computing, but also the increasing availability of data. High-quality data are crucial to the effectiveness of many artificial intelligence systems, particularly when using techniques involving model training. The use of computers and artificial intelligence technology allows for an increase in the speed and efficiency of the actions taken, but also creates security risks for the data processed of an unprecedented magnitude. The proposed regulation in the field of artificial intelligence requires analysis in terms of its impact on the regulation on personal data protection. It is necessary to determine what the mutual relationship between these regulations is and what areas are particularly important in the personal data protection regulation for processing personal data in artificial intelligence systems. The adopted axis of considerations is a preliminary assessment of two issues: 1) what principles of data protection should be applied in particular during processing personal data in artificial intelligence systems, 2) what regulation on liability for personal data breaches is in such systems. The need to change the regulations regarding the rights and obligations of data subjects and entities processing personal data cannot be excluded. It is possible that changes will be required in the provisions regarding the assignment of liability for a breach of personal data protection processed in artificial intelligence systems. The research process in this case concerns the identification of areas in the field of personal data protection that are particularly important (and may require re-regulation) due to the introduction of the proposed legal regulation regarding artificial intelligence. The main question that the authors want to answer is how the European Union regulation against data protection breaches in artificial intelligence systems is shaping up. The answer to this question will include examples to illustrate the practical implications of these legal regulations.

Keywords: data protection law, personal data, AI law, personal data breach

Procedia PDF Downloads 26

Authors: Jian Cao

Abstract:

This paper describes a novel watermarking technique which we call the random direction embedding (RDE) watermarking. Unlike traditional watermarking techniques, the watermark energy after the RDE embedding does not focus on a fixed direction, leading to the security against the traditional unauthorized watermark removal attack. In addition, the experimental results show that when compared with the existing secure watermarking, namely natural watermarking (NW), the RDE watermarking gains significant improvement in terms of robustness. In fact, the security of the RDE watermarking is not at the cost of low robustness, and it can even achieve more robust than the traditional spread spectrum watermarking, which has been shown to be very insecure.

Keywords: robustness, spread spectrum watermarking, watermarking security, random direction embedding (RDE)

Procedia PDF Downloads 362

Authors: Laila Algalal, Chen Xi

Abstract:

The US dollar has long served as the world's primary reserve currency. However, this dominance faces growing challenges from internal US economic pressures and the rise of alternative currencies. Internally, issues like high debt, inflation, reduced competitiveness, and economic instability due to inequality in economic policies threaten the dollar's position. Externally, more countries are establishing alternative currencies, payment systems, and regional financial institutions to reduce dollar dependence. These drivers have contributed to a decline in the dollar's share of global foreign exchange reserves from 71% in 2001 to an estimated 58% in 2022. While this 13-percentage point drop took two decades, recent initiatives suggest de-dollarization could accelerate in the coming few decades. Efforts to establish non-dollar trade deals and alternative financial systems show more substantial progress compared to initiatives in the early 2000s. As the nature of the world system is anarchic, states make either individual or group efforts to guarantee their economic security and achieve their interests. Based on neoclassical realism, this paper analyzes both internal and external US economic factors driving current and future de-dollarization and the implications on the international monetary system, in addition to examining the motivation for such moves.

Keywords: de-dollarization, US dollar, monetary system, economic security, economic policies.

Procedia PDF Downloads 54

Authors: Jan Franciszek Jacko

Abstract:

This investigation presents the principle of methodological rationality of decision making and discusses the impact of an organisation's members' methodologically rational or irrational decisions on its security. This study formulates and partially justifies some research hypotheses regarding the impact. The thinking experiment is used according to Max Weber's ideal types method. Two idealised situations("models") are compared: Model A, whereall decision-makers follow methodologically rational decision-making procedures. Model B, in which these agents follow methodologically irrational decision-making practices. Analysing and comparing the two models will allow the formulation of some research hypotheses regarding the impact of methodologically rational and irrational attitudes of members of an organisation on its security. In addition to the method, phenomenological analyses of rationality and irrationality are applied.

Keywords: methodological rationality, rational decisions, security of organisations, philosophy of economics

Procedia PDF Downloads 118

Authors: Johannes Günther

Abstract:

Time Sensitive Networking (TSN), standardized in the IEEE 802.1 standard, has been lent increasing attention in the context of mission critical systems. Such mission critical systems, e.g., in the automotive domain, aviation, industrial, and smart factory domain, are responsible for coordinating complex functionalities in real time. In many of these contexts, a reliable data exchange fulfilling hard time constraints and quality of service (QoS) conditions is of critical importance. TSN standards are able to provide guarantees for deterministic communication behaviour, which is in contrast to common best-effort approaches. Therefore, the superior QoS guarantees of TSN may aid in the development of new technologies, which rely on low latencies and specific bandwidth demands being fulfilled. TSN extends existing Ethernet protocols with numerous standards, providing means for synchronization, management, and overall real-time focussed capabilities. These additional QoS guarantees, as well as management mechanisms, lead to an increased attack surface for potential malicious attackers. As TSN guarantees certain deadlines for priority traffic, an attacker may degrade the QoS by delaying a packet beyond its deadline or even execute a denial of service (DoS) attack if the delays lead to packets being dropped. However, thus far, security concerns have not played a major role in the design of such standards. Thus, while TSN does provide valuable additional characteristics to existing common Ethernet protocols, it leads to new attack vectors on networks and allows for a range of potential attacks. One answer to these security risks is to deploy defense mechanisms according to a moving target defense (MTD) strategy. The core idea relies on the reduction of the attackers' knowledge about the network. Typically, mission-critical systems suffer from an asymmetric disadvantage. DoS or QoS-degradation attacks may be preceded by long periods of reconnaissance, during which the attacker may learn about the network topology, its characteristics, traffic patterns, priorities, bandwidth demands, periodic characteristics on links and switches, and so on. Here, we implemented and tested several MTD-like defense strategies against different attacker models of varying capabilities and budgets, as well as collaborative attacks of multiple attackers within a network, all within the context of TSN networks. We modelled the networks and tested our defense strategies on an OMNET++ testbench, with networks of different sizes and topologies, ranging from a couple dozen hosts and switches to significantly larger set-ups.

Keywords: network security, time sensitive networking, moving target defense, cyber security

Procedia PDF Downloads 45

Authors: Krish Batra

Abstract:

The advent of open banking has revolutionized the financial services industry by fostering innovation, enhancing customer experience, and promoting competition. However, this paradigm shift towards more open and interconnected banking ecosystems has introduced complex cybersecurity challenges. This research paper delves into the multifaceted cybersecurity landscape of open banking, highlighting the vulnerabilities and threats inherent in sharing financial data across a network of banks and third-party providers. Through a detailed analysis of recent data breaches, phishing attacks, and other cyber incidents, the paper assesses the current state of cybersecurity within the open banking framework. It examines the effectiveness of existing security measures, such as encryption, API security protocols, and authentication mechanisms, in protecting sensitive financial information. Furthermore, the paper explores the regulatory response to these challenges, including the implementation of standards such as PSD2 in Europe and similar initiatives globally. By identifying gaps in current cybersecurity practices, the research aims to propose a set of robust, forward-looking strategies that can enhance the security and resilience of open banking systems. This includes recommendations for banks, third-party providers, regulators, and consumers on how to mitigate risks and ensure a secure open banking environment. The ultimate goal is to provide stakeholders with a comprehensive understanding of the cybersecurity implications of open banking and to outline actionable steps for safeguarding the financial ecosystem in an increasingly interconnected world.

Keywords: open banking, financial services industry, cybersecurity challenges, data breaches, phishing attacks, encryption, API security protocols, authentication mechanisms, regulatory response, PSD2, cybersecurity practices

Procedia PDF Downloads 29

Authors: Li Qiang, Yang Ze-Ming, Liu Bao-Xu, Jiang Zheng-Wei

Abstract:

With the increasing complexity of cyberspace security, the cyber-attack attribution has become an important challenge of the security protection systems. The difficult points of cyber-attack attribution were forced on the problems of huge data handling and key data missing. According to this situation, this paper presented a reasoning method of cyber-attack attribution based on threat intelligence. The method utilizes the intrusion kill chain model and Bayesian network to build attack chain and evidence chain of cyber-attack on threat intelligence platform through data calculation, analysis and reasoning. Then, we used a number of cyber-attack events which we have observed and analyzed to test the reasoning method and demo system, the result of testing indicates that the reasoning method can provide certain help in cyber-attack attribution.

Keywords: reasoning, Bayesian networks, cyber-attack attribution, Kill Chain, threat intelligence

Procedia PDF Downloads 416

Authors: Maria Thaemar Tana

Abstract:

The paper examines the policy and practice of Japan’s human security. Specifically, it asks the question: How does Japan’s shift towards a more proactive defence posture affect the place of human security in its foreign policy agenda? Corollary to this, how is Japan sustaining its human security policy? The objective of this research is to understand how Japan, chiefly through the Ministry of Foreign Affairs (MOFA) and JICA (Japan International Cooperation Agency), sustains the concept of human security as a policy framework. In addition, the paper also aims to show how and why Japan continues to include the concept in its overall foreign policy agenda. In light of the recent developments in Japan’s security policy, which essentially result from the changing security environment, human security appears to be gradually losing relevance. The paper, however, argues that despite the strategic challenges Japan faced and is facing, as well as the apparent decline of its economic diplomacy, human security remains to be an area of critical importance for Japanese foreign policy. In fact, as Japan becomes more proactive in its international affairs, the strategic value of human security also increases. Human security was initially envisioned to help Japan compensate for its weaknesses in the areas of traditional security, but as Japan moves closer to a more activist foreign policy, the soft policy of human security complements its hard security policies. Using the framework of neoclassical realism (NCR), the paper recognizes that policy-making is essentially a convergence of incentives and constraints at the international and domestic levels. The theory posits that there is no perfect 'transmission belt' linking material power on the one hand, and actual foreign policy on the other. State behavior is influenced by both international- and domestic-level variables, but while systemic pressures and incentives determine the general direction of foreign policy, they are not strong enough to affect the exact details of state conduct. Internal factors such as leaders’ perceptions, domestic institutions, and domestic norms, serve as intervening variables between the international system and foreign policy. Thus, applied to this study, Japan’s sustained utilization of human security as a foreign policy instrument (dependent variable) is essentially a result of systemic pressures (indirectly) (independent variables) and domestic processes (directly) (intervening variables). Two cases of Japan’s human security practice in two regions are examined in two time periods: Iraq in the Middle East (2001-2010) and South Sudan in Africa (2011-2017). The cases show that despite the different motives behind Japan’s decision to participate in these international peacekeepings ad peace-building operations, human security continues to be incorporated in both rhetoric and practice, thus demonstrating that it was and remains to be an important diplomatic tool. Different variables at the international and domestic levels will be examined to understand how the interaction among them results in changes and continuities in Japan’s human security policy.

Keywords: human security, foreign policy, neoclassical realism, peace-building

Procedia PDF Downloads 109

Authors: Sami M. Alshareef

Abstract:

The rapid growth of smart grid technology has brought significant advancements to the power industry. However, with the increasing interconnectivity and reliance on information and communication technologies, smart grids have become vulnerable to cyber-attacks, posing significant threats to the reliable operation of power systems. Among the critical components of smart grids, the Automatic Generation Control (AGC) system plays a vital role in maintaining the balance between generation and load demand. Therefore, protecting the AGC system from cyber threats is of paramount importance to maintain grid stability and prevent disruptions. Traditional security measures often fall short in addressing sophisticated and evolving cyber threats, necessitating the exploration of innovative approaches. Machine learning, with its ability to analyze vast amounts of data and learn patterns, has emerged as a promising solution to enhance AGC system security. Therefore, this research proposal aims to address the challenges associated with detecting and mitigating cyber-attacks on AGC in smart grids by leveraging machine learning techniques on automatic generation control of two-area power systems. By utilizing historical data, the proposed system will learn the normal behavior patterns of AGC and identify deviations caused by cyber-attacks. Once an attack is detected, appropriate mitigation strategies will be employed to safeguard the AGC system. The outcomes of this research will provide power system operators and administrators with valuable insights into the vulnerabilities of AGC systems in smart grids and offer practical solutions to enhance their cyber resilience.

Keywords: machine learning, cyber-attacks, automatic generation control, smart grid

Procedia PDF Downloads 59

Authors: Samuel Onyekachi Chidi

Abstract:

Nigeria today faces more internal threats stemming from ethnic and religious conflicts than external sources. This article seeks to examine the ethno-religious conflicts in Nigeria from 2015 to 2021 and their impact on national security. The research was guided by six objectives. The theoretical framework adopted for this study is Structural Conflict Theory, which provides an adequate explanation, a predictive rationale for the frequent occurrence of ethno-religious conflicts and a tendency to provide the necessary insight for their resolution. The results of the study revealed that there is a strong relationship between ethnicity, religion, conflict and national security and that the ethno-religious conflicts experienced in Nigeria have gross implications for national security. The study recommends that the secularity of the Nigerian state be restored and preserved and that the state of origin be removed and replaced by the state of residence in all our national documents, as this will reduce ethnic identity, which is in opposition to nationalism. Religious leaders, traditional rulers, the media and other stakeholders should support the government in its fight to reduce ethno-religious conflict by sensitizing its youth, preaching unity and peaceful coexistence, and discouraging the use of violence as a means of settling disputes between groups and individuals.

Keywords: ethnicity, religion, conflict, national security

Procedia PDF Downloads 44

Authors: Waziri Victor Onomza, John K. Alhassan, Idris Ismaila, Noel Dogonyaro Moses

Abstract:

This paper describes the problem of building secure computational services for encrypted information in the Cloud Computing without decrypting the encrypted data; therefore, it meets the yearning of computational encryption algorithmic aspiration model that could enhance the security of big data for privacy, confidentiality, availability of the users. The cryptographic model applied for the computational process of the encrypted data is the Fully Homomorphic Encryption Scheme. We contribute theoretical presentations in high-level computational processes that are based on number theory and algebra that can easily be integrated and leveraged in the Cloud computing with detail theoretic mathematical concepts to the fully homomorphic encryption models. This contribution enhances the full implementation of big data analytics based cryptographic security algorithm.

Keywords: big data analytics, security, privacy, bootstrapping, homomorphic, homomorphic encryption scheme

Procedia PDF Downloads 346

Authors: Michal Stelmach

Abstract:

The aim of this paper is a critical analysis of the security policy in the field of the fight against transnational criminal groups in Central America in XXI century. We are analyzing all taken issues from several perspectives: political, anthropological, sociological and legal which allows me to confront behavior and the attitudes of the political elites against official legislative changes and declared actions, strategies and policies against practice. In the first part of paper we would like to present the genesis and characteristic of transnational gangs, called maras and next we would like to present their activities and roles within chosen sectors of organized crimes. In the second part we will analyze the government’s policy towards transnational criminal groups. The analysis will be concentrated on public safety policy implemented in specific Central American countries as well as regional international cooperation. The main intention of the author is to present the state of the security in Central America in XXI century by emphasizing failures and successes in the fight against transnational criminal organizations. Additionally we want to present and define the challenges currently facing the region now and to show the prediction of the situation’s development within next future and to define the recommendations on the design of public security policies in Central American countries.

Keywords: maras, public security, human rights, Central America

Procedia PDF Downloads 303

Authors: Tarun Chand, Michael Jurczyk

Abstract:

With the increasing need and popularity of IoT devices and how integrated they are becoming in our daily lives and industries, these devices make for a very lucrative target for malicious actors. And since these devices have such limited resources, the implementation of robust security features is a tradeoff to be made for the actual functionality the device was intended for. This makes them an easy target with high returns. Several frameworks for the secure firmware update of these devices have been recently proposed in the literature. They focus on methods such as blockchains and distributed file systems to secure firmware updates, but do not go into the details of the actual implementation of these frameworks and the lower-level interactions among these methods used. This work integrates some of these security measures into one overall framework and details the actual lower-level implementation of this framework in a virtual dockerized testbed running on AWS.

Keywords: blockchain, Ethereum, Geth, IPFS, secure IoT-firmware update, virtual testbed development

Procedia PDF Downloads 33

Authors: A. Andreasyan, C. Connors

Abstract:

The Elliptic Curve Digital Signature algorithm-based X509v3 certificates are becoming more popular due to their short public and private key sizes. Moreover, these certificates can be stored in Internet of Things (IoT) devices, with limited resources, using less memory and transmitted in network security protocols, such as Internet Key Exchange (IKE), Transport Layer Security (TLS) and Secure Shell (SSH) with less bandwidth. The proposed method gives another advantage, in that it increases the performance of the above-mentioned protocols in terms of key exchange by saving one scalar multiplication operation.

Keywords: cryptography, elliptic curve digital signature algorithm, key exchange, network security protocol

Procedia PDF Downloads 124

Authors: Amani A. Saad, Ahmed A. El-Farag, El-Sayed A. Helali

Abstract:

Cloud computing is an important and promising field in the recent decade. Cloud computing allows sharing resources, services and information among the people of the whole world. Although the advantages of using clouds are great, but there are many risks in a cloud. The data security is the most important and critical problem of cloud computing. In this research a new security model for cloud computing is proposed for ensuring secure communication system, hiding information from other users and saving the user's times. In this proposed model Blowfish encryption algorithm is used for exchanging information or data, and SHA-2 cryptographic hash algorithm is used for data integrity. For user authentication process a simple user-name and password is used, the password uses SHA-2 for one way encryption. The proposed system shows an improvement of the processing time of uploading and downloading files on the cloud in secure form.

Keywords: cloud computing, data security, SAAS, PAAS, IAAS, Blowfish

Procedia PDF Downloads 330

Authors: Yuli Paola Cifuentes Sanabria, Lina Paola Beltrán Beltrán, Leonardo Juan Ramírez López

Abstract:

The availability to deploy mobile applications for healthcare is increasing daily thru different mobile app stores. But within these capabilities the number of hacking attacks has also increased, in particular into medical mobile applications. The security vulnerabilities in medical mobile apps can be triggered by errors in code, incorrect logic, poor design, among other parameters. This is usually used by malicious attackers to steal or modify the users’ information. The aim of this research is to analyze the vulnerabilities detected in mobile medical apps according to risk factor standards defined by OWASP in 2014.

Keywords: mHealth apps, OWASP, protocols, security vulnerabilities, risk factors

Procedia PDF Downloads 478

Authors: Mohamed Elkholy, Ahmed Elfatatry

Abstract:

Cloud computing has emerged as a flexible computing paradigm that reshaped the Information Technology map. However, cloud computing brought about a number of security challenges as a result of the physical distribution of computational resources and the limited control that users have over the physical storage. This situation raises many security challenges for data integrity and confidentiality as well as authentication and access control. This work proposes a security mechanism for data integrity that allows a data owner to be aware of any modification that takes place to his data. The data integrity mechanism is integrated with an extended Kerberos authentication that ensures authorized access control. The proposed mechanism protects data confidentiality even if data are stored on an untrusted storage. The proposed mechanism has been evaluated against different types of attacks and proved its efficiency to protect cloud data storage from different malicious attacks.

Keywords: access control, data integrity, data confidentiality, Kerberos authentication, cloud security

Procedia PDF Downloads 311

Authors: Anders Troedsson

Abstract:

For us humans, risk and insecurity are intimately linked to vulnerabilities - where there is vulnerability, there is potentially risk and insecurity. Reducing vulnerability through compensatory measures means decreasing the likelihood of a certain external event be qualified as a risk/threat/assault, and thus also means increasing the individual’s sense of security. The paper suggests that a meaningful way to approach the study of risk/ insecurity is to organize thinking about the vulnerabilities that external phenomena evoke in humans as perceived by them. Such phenomena are, through a set of given vulnerabilities, potentially translated into perceptions of "insecurity." An ontological discussion about salient timespace characteristics of external phenomena as perceived by humans, including such which potentially can be qualified as risk/threat/assault, leads to the positing of two dimensions which are central for describing what in the paper is called the essence of risk/threat/assault. As is argued, such modeling helps analysis steer free of the subjective factor which is intimately connected to human perception and which mediates between phenomena “out there” potentially identified as risk/threat/assault, and their translation into an experience of security or insecurity. A proposed set of universally given vulnerabilities are scrutinized with the help of the two dimensions, resulting in a modeling effort featuring four realms of vulnerabilities which together represent a dynamic whole. This model in turn informs modeling on human security.

Keywords: human vulnerabilities, human security, immediate-inert, material-immaterial, timespace

Procedia PDF Downloads 268

Authors: Ana Luiza Da Gama E Souza

Abstract:

This article aims to discuss the problem of food insecurity in Brazil in what it refers to contamination of food by chemical substances such as herbicides, pesticides, and other contaminants. The issue will be faced by analyzing, on the one hand, the standards that guide the food system in the world and, on the other hand, human rights indicators whose purpose is to provide an effective monitoring of the State's obligations to guarantee food security, analyzing the implications of the former for the success of the latter. The methodology adopted in this article was bibliographic-documentary and consists of three moments of analysis. The first moment consists in the analysis of the reports of the Commission on Human Rights of the Organization of American States to identify the set of progress indicators developed by the Commission. This analysis will involve the new methodology used to evaluate the efficiency in monitoring food security in Brazil the case of using pesticides in the production of food at levels of toxicity not admitted by the inspection bodies. The second moment consists in evaluating the mechanism for monitoring food security in Brazil, which was initially established by the National Food Security Plan (PLANSAN) for 2012-2015 and improved by the II National Food Security Plan for 2016-2019. Those mechanisms were prepared by the Chamber (CAISAN), and have the function to compare the monitoring proposals with the results presented by CAISAN on the Indicators and Results Report of the National Plan for Food and Nutrition Security 2012-2015. The third moment was intended to understand, analyze and evaluate the standardization process of the agri-food system, especially regarding the level of toxicity standards, that is related to food safety monitoring as a guarantee of pesticide-free food. The results show the dependence between private standards of toxicity and the indicators of food safety that leads to inefficiency on monitoring that mechanism in Brazil.

Keywords: standards, indicators, human rights, food security

Procedia PDF Downloads 311

Authors: Seyed Nima Tayarani Bathaie

Abstract:

In this paper, an image-receiving system was designed and implemented through optimization of object detection algorithms using Haar features. This optimized algorithm served as face and eye detection separately. Then, cascading them led to a clear image of the user. Utilization of this feature brought about higher security by preventing fraud. This attribute results from the fact that services will be given to the user on condition that a clear image of his face has already been captured which would exclude the inappropriate person. In order to expedite processing and eliminating unnecessary ones, the input image was compressed, a motion detection function was included in the program, and detection window size was confined.

Keywords: face detection algorithm, Haar features, security of ATM

Procedia PDF Downloads 391

Authors: Rhisan Mae Enriquez-Morales

Abstract:

The primary concern of this study is to answer the question: How does the Philippine government formulate its foreign policy with respect to its territorial claims over areas in the West Philippine Sea after the Scarborough standoff in April 2012? Specifically, the study seeks to provide understanding on the political process in the formulation of foreign policy relating to the Philippine claims in the West Philippine Sea after the 2012 Scarborough Standoff, by looking into the relationship of bureaucracies and how it influences the decision-making process. Secondly, this study aims to determine the long and short term foreign policies of the Philippines with respect to its territorial claims over the West Philippine Sea. Lastly, this study seeks to determine the implication of Philippine foreign policy in settling the West Philippine Sea dispute on the country’s national security. The Bureaucratic Politics Model (BPM) in Foreign Policy Analysis (FPA) is the framework utilized in this study, which focuses primarily on the relationship of bureaucracies in the formulation of foreign policy and how these agencies influence the process of foreign policy formulation. The findings of this study reveal that: first, the Philippines foreign policy in the West Philippine Sea continues to develop to address current developments in the WPS. Second, as the government requires demilitarization there is a shift from traditional to non-traditional security approach. This shift caused inconvenience from the defense sector particularly the Navy thinking that they are being deprived of their traditional roles. Lastly, the Philippine government’s greater emphasis on internal security operation implies the need to reassess its security concerns and look into territorial security.

Keywords: bureaucratic politics model, foreign policy analysis, security, West Philippine sea

Procedia PDF Downloads 364

Authors: Ibtissem Talbi

Abstract:

During the last decade, a variety of chaos-based cryptosystems have been investigated. Most of them are based on the structure of Fridrich, which is based on the traditional confusion-diffusion architecture proposed by Shannon. Compared with traditional cryptosystems (DES, 3DES, AES, etc.), the chaos-based cryptosystems are more flexible, more modular and easier to be implemented, which make them suitable for large scale-data encyption, such as images and videos. The heart of any chaos-based cryptosystem is the chaotic generator and so, a part of the efficiency (robustness, speed) of the system depends greatly on it. In this talk, we give an overview of the state of the art of chaos-based block ciphers and we describe some of our schemes already proposed. Also we will focus on the essential characteristics of the digital chaotic generator, The needed performance of a chaos-based block cipher in terms of security level and speed of calculus depends on the considered application. There is a compromise between the security and the speed of the calculation. The security of these block block ciphers will be analyzed.

Keywords: chaos-based cryptosystems, chaotic generator, security analysis, structure of Fridrich

Procedia PDF Downloads 663

Authors: Alicja Starczewska, Aleksander Nawrat, Krzysztof Daniec, Jarosław Homa, Kacper Hołda

Abstract:

Border Gateway Protocol is the main routing protocol that enables routing establishment between all autonomous systems, which are the basic administrative units of the internet. Due to the poor protection of BGP, it is important to use additional BGP security systems. Many solutions to this problem have been proposed over the years, but none of them have been implemented on a global scale. This article describes a system capable of building images of real-time BGP network topology in order to detect BGP anomalies. Our proposal performs a detailed analysis of BGP messages that come into local network cards supplemented by information collected by remote collectors in different localizations.

Keywords: BGP, BGP hijacking, cybersecurity, detection

Procedia PDF Downloads 53

Authors: Elmahdi Khalil, Saad Enniari, Mostapha Zbakh

Abstract:

Cloud computing promises to increase innovation and the velocity with witch applications are deployed, all while helping any enterprise meet most IT service needs at a lower total cost of ownership and higher return investment. As the march of cloud continues, it brings both new opportunities and new security challenges. To take advantages of those opportunities while minimizing risks, we think that Intrusion Detection Systems (IDS) integrated in the cloud is one of the best existing solutions nowadays in the field. The concept of intrusion detection was known since past and was first proposed by a well-known researcher named Anderson in 1980's. Since that time IDS's are evolving. Although, several efforts has been made in the area of Intrusion Detection systems for cloud computing environment, many attacks still prevail. Therefore, the work presented in this paper proposes a multi criteria analysis and a comparative study between several IDS architectures designated to work in a cloud computing environments. To achieve this objective, in the first place we will search in the state of the art of several consistent IDS architectures designed to work in a cloud environment. Whereas, in a second step we will establish the criteria that will be useful for the evaluation of architectures. Later, using the approach of multi criteria decision analysis Mac Beth (Measuring Attractiveness by a Categorical Based Evaluation Technique we will evaluate the criteria and assign to each one the appropriate weight according to their importance in the field of IDS architectures in cloud computing. The last step is to evaluate architectures against the criteria and collecting results of the model constructed in the previous steps.

Keywords: cloud computing, cloud security, intrusion detection/prevention system, multi-criteria decision analysis

Procedia PDF Downloads 446