Search results for: information security audit

Authors: Helyeh Doutaghi

Abstract:

The United Nations Security Council (UNSC) is one of the six principal organs of the United Nations. Under the Charter of the United Nations (UN Charter), the UNSC’s primary responsibility is maintaining international peace and security, which it does through establishing and adopting a Security Council resolution. United Nations resolutions are formal expressions of the opinion or will of United Nations organs. However, there have been times when powerful politicians (or governments with great political power) had the first say in situations where the UNSC should have had jurisdiction based on the principle of rule of law, which is the notion that people are governed by the law rather than by officials. This paper will assess the effectiveness of the UNSC by analyzing its actions during the Iran-Iraq war for it has been found that one of the major reasons for the prolongation of the war was a result of the one-sided positions taken by the UNSC and many nations. The UNSC’s success in achieving its primary goal during the war will be discussed, including an examination of the duties and structure of the UNSC by reviewing the articles in the UN Charter; this will include examples of the UNSC’s role in other international disputes as well.

Keywords: UN Security Council, Iran, Iraq, charter, international law

Procedia PDF Downloads 461

Authors: Bagul Abhijeet

Abstract:

Background: Client-Server model is the backbone of today’s internet communication. In which normal user can not have control over particular website or server? By using the same processing model one can have unauthorized access to particular server. In this paper, we discussed about application scenario of hacking for simple website or server consist of unauthorized way to access the server database. This application emerges to autonomously take direct access of simple website or server and retrieve all essential information maintain by administrator. In this system, IP address of server given as input to retrieve user-id and password of server. This leads to breaking administrative security of server and acquires the control of server database. Whereas virus helps to escape from server security by crashing the whole server. Objective: To control malicious attack and preventing all government website, and also find out illegal work to do hackers activity. Results: After implementing different hacking as well as non-hacking techniques, this system hacks simple web sites with normal security credentials. It provides access to server database and allow attacker to perform database operations from client machine. Above Figure shows the experimental result of this application upon different servers and provides satisfactory results as required. Conclusion: In this paper, we have presented a to view to hack the server which include some hacking as well as non-hacking methods. These algorithms and methods provide efficient way to hack server database. By breaking the network security allow to introduce new and better security framework. The terms “Hacking” not only consider for its illegal activities but also it should be use for strengthen our global network.

Keywords: Hacking, Vulnerabilities, Dummy request, Virus, Server monitoring

Procedia PDF Downloads 252

Authors: Mamta Thakur, Dr. Shashi Mawar, Ms. Levis Murry, Dr. D.k.sharma

Abstract:

Aim: The aim of this study is to develop nephrology nursing procedure protocol after clinical audit of current nephrology nursing practices. Materials and methods: This descriptive observational study was conducted on 40 nurses who were working in Nephrology Department of AIIMS, New Delhi to observe their current practices to assess the existing gaps in the practice. The nurses were enrolled through total enumerative sampling. Sociodemographic profile of nurses and clinical profile for site of procedure was collected. Observation checklist was formed on the basis of standard nursing practices, which included 7 dimensions for hemodialysis procedure and 3 dimensions for procedure of assisting renal biopsy. Based on the gaps identified, nephrology nursing procedure protocol will be developed. Nurses were observed during two shifts, and each nurse was observed once. Scoring of items were done in each dimension, and for acceptable practices, nurses have to score ≥80% in each dimension. Results: Data was analyzed using descriptive statistics. Majority of nurses (73.7%) in nephrology ward and (80.9%) in hemodialysis unit have not undergone any special training in nephrology. Most of nurses (80.9%) followed the acceptable nursing practices for procedure of connection for hemodialysis. None of nurses followed the acceptable level (≥80%) of nursing practices for the procedure of predialysis assessment, the procedure for site preparation, during dialysis assessment and post dialysis assessment. None (100%) showed the acceptable level of nursing practices for all the dimensions of assisting renal biopsy procedure. Nephrology nursing procedure protocol was developed by researcher following a rigorous process, and this will reduce the gaps in the nursing practice. Conclusion: Clinical audit found that there were gaps in the existing nursing practices compared to the standardised nursing practices for procedure of hemodialysis and assisting renal biopsy, and these gaps have been addressed by the development of the protocol.

Keywords: nursing practice, nephrology nursing procedure, nursing protocol, renal biopsy, hemodialysis

Procedia PDF Downloads 103

Authors: Asmau Zarma Gogaram

Abstract:

The paper examines adult education and how it can be employed as a strategy for transformation and security challenges in Nigeria. It defines the meaning of adult education and its objectives.The issue of the necessity of employing adult education as a strategy for transformation and security challenges was also examined in the paper.In doing this it discussed the different types of adult education programmes, i.e.continuing education, literacy education, retirement and pre-retirement education and civic education. The paper concluded by stating that if the programmes stated are internalizes and applied they can help to raise awareness. Finally the paper proffered some recommendations one of which was that government should at all levels increase their efforts or promoting acquisition of adult education.

Keywords: adult education, transformation and security challenges, Nigeria, education and human development

Procedia PDF Downloads 523

Authors: Arvind Dhingra, Tejinder Singh Saggu

Abstract:

As the energy demands rise and the pollution levels grow, it becomes imperative for us to save energy in all the fields in which it is used. The industrial sector is the major commercial energy consuming sector in India, where electrical energy is the most common and widely used type of energy. As the demand and price of energy are increasing day by day, therefore, the subject of energy conservation is a concern for most energy users particularly industry. Judicious use of energy becomes imperative for third world developing country being presence of energy crisis. This paper provides some measure for energy saving that can be commonly recommended for a rolling unit of steel industry. A case of hot rolling unit in JSL Stainless Ltd., Hisar for energy conservation is given. Overall improvement in energy consumption in light of the stated recommendation is illustrated along with the proposed utilization of the techniques and their applications. Energy conservation in conventional motor with replacement or use of star delta star converter, reduction in cable losses, replacement of filament of LED lamps, replacement of conventional transformer with cast resin dry type transformer and provision of energy management system for energy conservation and per unit production cost reduction are elaborated in this paper.

Keywords: energy audit, energy conservation, energy efficient motors

Procedia PDF Downloads 532

Authors: Khalid Javed, Rashid Mahmood

Abstract:

The constitution empowers the Federal Government to collect taxes on income other than agricultural income, taxes on capital value, customs, excise duties and sales taxes. The Central Board of Revenue (CBR) and its subordinate departments administer the tax system. Each of the three principal taxes has a different history and different set of issues. For a large number of income tax payers the core of the business process is pre-audit and assessment by a tax official. This process gives considerable discretion to tax officials, with potential for abuse. Moreover, this process is also not tenable as the number of taxpayers increase. The report is focused on a total overhaul of the process and organization of income tax. Sales tax is recent and its process and organization is adjusted to the needs of an expanding tax base. These are based on self-assessment and selective audit. Similarly, in customs the accent is on accelerating and broadening the changes begun in recent years. Before long, central excise will be subsumed in sales tax. During the nineties, despite many changes in the tax regime and introduction of withholding and presumptive taxes, Federal Government tax to GDP ratio has varied narrowly around eleven percent. The tax base has grown but still remains narrow and skewed. The number of income tax filers is around one million.

Keywords: central board of revenue, GDP, sale tax, income tax

Procedia PDF Downloads 442

Authors: Syed Ahsan, Saleh Alshomrani, Ishtiaq Rasool, Ali Hassan

Abstract:

In this oral presentation, we will provide an overview of the technical and semantic architecture of a desert border security and critical infrastructure protection security system. Modern border security systems are designed to reduce the dependability and intrusion of human operators. To achieve this, different types of sensors are use along with video surveillance technologies. Application of these technologies in a harsh desert environment of Saudi Arabia poses unique challenges. Environmental and geographical factors including high temperatures, desert storms, temperature variations and remoteness adversely affect the reliability of surveillance systems. To successfully implement a reliable, effective system in a harsh desert environment, the following must be achieved: i) Selection of technology including sensors, video cameras, and communication infrastructure that suit desert environments. ii) Reduced power consumption and efficient usage of equipment to increase the battery life of the equipment. iii) A reliable and robust communication network with efficient usage of bandwidth. Also, to reduce the expert bottleneck, an ontology-based intelligent information systems needs to be developed. Domain knowledge unique and peculiar to Saudi Arabia needs to be formalized to develop an expert system that can detect abnormal activities and any intrusion.

Keywords: border security, sensors, abnormal activity detection, ontologies

Procedia PDF Downloads 481

Authors: Victor Au, Khin Maung Than, Zaw Win Aung, Linawati Jumat

Abstract:

Background & Objectives: Cardiac arrests can occur anywhere or anytime, and most of the cases will be brought to the emergency department except the cases that happened in at in-patient setting. Raja IsteriPangiran Anak Saleha (RIPAS) Hospital is the only tertiary government hospital which located in Brunei Muara district and received all referral from other Brunei districts. Data of cardiac arrests in Brunei Darussalam scattered between Emergency Medical Ambulance Services (EMAS), Emergency Department (ED), general inpatient wards, and Intensive Care Unit (ICU). In this audit, we only focused on cardiac arrest cases which had happened or presented to the emergency department RIPAS Hospital. Theobjectives of this audit were to look at demographic of cardiac arrest cases and the survival to discharge rate of In-Hospital Cardiac Arrest (IHCA) and Out-Hospital Cardiac Arrest (OHCA). Methodology: This audit retrospective study was conducted on all cardiac arrest cases that underwent Cardiopulmonary Resuscitation (CPR) in ED RIPAS Hospital, Brunei Muara, in the year 2019-2020. All cardiac arrest cases that happened or were brought in to emergency department were included. All the relevant data were retrieved from ED visit registry book and electronic medical record “Bru-HIMS” with keyword diagnosis of “cardiac arrest”. Data were analyzed and tabulated using Excel software. Result: 313 cardiac arrests were recorded in the emergency department in year 2019-2020. 92% cases were categorized as OHCA, and the remaining 8% as IHCA. Majority of the cases were male with age between 50-60 years old. In OHCA subgroup, only 12.4% received bystander CPR, and 0.4% received Automatic External Defibrillator (AED) before emergency medical personnel arrived. Initial shockable rhythm in IHCA group accounted for 12% compare to 4.9% in OHCA group. Outcome of ED resuscitation, 32% of IHCA group achieved return of spontaneous circulation (ROSC) with a survival to discharge rate was 16%. For OHCA group, 12.35% achieved ROSC, but unfortunately, none of them survive till discharge. Conclusion: Standardized registry for cardiac arrest in the emergency department is required to provide valid baseline data to measure the quality and outcome of cardiac arrest. Zero survival rate for out hospital cardiac arrest is very concerning, and it might represent the significant breach in cardiac arrest chains of survival. Systematic prospective data collection is needed to identify contributing factors and to improve resuscitation outcome.

Keywords: cardiac arrest, OHCA, IHCA, resuscitation, emergency department

Procedia PDF Downloads 99

Authors: Carlos Gonzalez, Neil Slatcher, Marcus Properzi, Kan Seah

Abstract:

In many underground mining operations, shotcrete is used for permanent rock support. Shotcrete thickness is a critical measure of the success of this process. 3D Laser Mapping, in conjunction with Jetcrete, has developed a 3D laser scanning system specifically for measuring the thickness of shotcrete. The system is mounted on the shotcrete spraying machine and measures the rock faces before and after spraying. The calculated difference between the two 3D surface models is measured as the thickness of the sprayed concrete. Typical work patterns for the shotcrete process required a rapid and automatic system. The scanning takes place immediately before and after the application of the shotcrete so no convergence takes place in the interval between scans. Automatic alignment of scans without targets was implemented which allows for the possibility of movement of the spraying machine between scans. Case studies are presented where accuracy tests are undertaken and automatic audit reports are calculated. The use of 3D imaging data for the calculation of shotcrete thickness is an important tool for geotechnical engineers and contract managers, and this could become the new state-of-the-art methodology for the mining industry.

Keywords: 3D imaging, shotcrete, surface model, tunnel stability

Procedia PDF Downloads 290

Authors: Sipumle Qapeshu, Bongiwe Mcata, Ajuruchukwu Obi

Abstract:

Subsistence farmers practice farming for survival while commercial farmers produce to feed themselves and larger society with the motive to achieve highest profit. These types of farmers are characterised by growing what they eat, live without making regular purchases in the markets. The main objective of subsistence/peasant farmers is to ensure food security at household level. Cabbage is a crop that has been identified to have vital food nutrient sources like Vitamin A, B and C, protein, calcium, iron and antioxidative compounds beneficial for preventing cancer. This paper, therefore, looks at the potential that cabbage production has in enhancing household food security and also the challenges encountered by these cabbage producers. Primary data was obtained from 50 respondents, and linear regression model was used to analyse the data used. Income was used as food security measure. The results showed that three variables were statistically significant and they are gender (10%), education (5%) and household size (5%). Meaning that these are variables that influenced cabbage production by these households, and it also affects their food security status since income is affected.

Keywords: subsistence farmers, food security, cabbage, farming

Procedia PDF Downloads 300

Authors: Yunyong Guo, Man Wang, Bryan Guo, Nathan Guo

Abstract:

This paper introduces an advanced security and privacy model tailored for Telehealth systems, emphasizing end-to-end protection across IoT, Fog, and Cloud components. The proposed model integrates encryption, key management, intrusion detection, and privacy-preserving measures to safeguard patient data. A comprehensive simulation study evaluates the model's effectiveness in scenarios such as unauthorized access, physical breaches, and insider threats. Results indicate notable success in detecting and mitigating threats yet underscore areas for refinement. The study contributes insights into the intricate balance between security and usability in Telehealth environments, setting the stage for continued advancements.

Keywords: cloud, enhancing security, fog, IoT, telehealth

Procedia PDF Downloads 78

Authors: Buse T. Aydın, Enver Ozdemir

Abstract:

In this study, a double layer authentication scheme between the aircraft and the Air Traffic Control (ATC) tower is designed to prevent any unauthorized aircraft from introducing themselves as friends. The method is a combination of classical cryptographic methods and new generation physical layers. The first layer has employed the embedded key of the aircraft. The embedded key is assumed to installed during the construction of the utility. The other layer is a physical attribute (flight path, distance, etc.) between the aircraft and the ATC tower. We create a mathematical model so that two layers’ information is employed and an aircraft is authenticated as a friend or foe according to the accuracy of the results of the model. The results of the aircraft are compared with the results of the ATC tower and if the values found by the aircraft and ATC tower match within a certain error margin, we mark the aircraft as a friend. In this method, even if embedded key is captured by the enemy aircraft, without the information of the second layer, the enemy can easily be determined. Overall, in this work, we present a more reliable system by adding a physical layer in the authentication process.

Keywords: ADS-B, communication with physical layer security, cryptography, identification friend or foe

Procedia PDF Downloads 161

Authors: Michel Berthiaume, Daniel Chamberland-Tremblay, Elaine Paiva Mosconi, Jérôme Blanchet-Brisson

Abstract:

This presentation documents the overall failure of North-American universities to build an effective IT Policies communication with their primary users: the students. A sample of 12 universities was selected. A set of indicators based on usability principles to assess the content of IT Policies vas devised. Then, IT Policies were rated according to the indicators and the results analyzed to build an overall picture of the potential of communication problems in policy communication. The initial finding is that network security professionals in Universities have to reach a delicate balance between asset protection, asset valorization and user security awareness.

Keywords: computer security, IT policy, security awareness, network user rules

Procedia PDF Downloads 562

Authors: Erdianta S, Chastiti M. Wulolo, IDK Kerta Widana

Abstract:

Perang Semesta strategy is a national security system used by Republic of Indonesia. It comes from local wisdom, cultural, and hereditary of Indonesia itself. This system involves all people and all nation resources, and it is early prepared by government and conducted totality, integratedly, directly, and continously to enforce a sovereignty of country, teritorial integrity and the safety of the whole nation from threats. This study uses a qualitative content analysis method by studying, recording, and analyzing government policy. The Perang Semesta strategy divided into main, backup, and supporting components. Every component has its function and responsibility in security perspective. So when an attack comes, all people of Indonesia will voluntary to defend the country. Perang Semesta strategy is a national security system which becomes the most reliable strategy toward geography and demography of Indonesia.

Keywords: Indonesia, Perang Semesta strategy, national security, local wisdom

Procedia PDF Downloads 455

Authors: Debalina Ghoshal

Abstract:

Nuclear security is the ‘prevention and detection of, and response to unauthorised removal, sabotage, unauthorised access, illegal transfer or other malicious acts involving nuclear or radiological material or their associated facilities.’ Ever since the end of Cold War, nuclear materials security has remained a concern for global security. However, with the increase in terrorist attacks not just in India especially, security of nuclear materials remains a priority. Therefore, India has made continued efforts to tighten its security on nuclear materials to prevent nuclear theft and radiological terrorism. Nuclear security is different from nuclear safety. Physical security is also a serious concern and India had been careful of the physical security of its nuclear materials. This is more so important since India is expanding its nuclear power capability to generate electricity for economic development. As India targets 60,000 MW of electricity production by 2030, it has a range of reactors to help it achieve its goal. These include indigenous Pressurised Heavy Water Reactors, now standardized at 700 MW per reactor Light Water Reactors, and the indigenous Fast Breeder Reactors that can generate more fuel for the future and enable the country to utilise its abundant thorium resource. Nuclear materials security can be enhanced through two important ways. One is through proliferation resistant technologies and diplomatic efforts to take non proliferation initiatives. The other is by developing technical means to prevent any leakage in nuclear materials in the hands of asymmetric organisations. New Delhi has already implemented IAEA Safeguards on their civilian nuclear installations. Moreover, the IAEA Additional Protocol has also been ratified by India in order to enhance its transparency of nuclear material and strengthen nuclear security. India is a party to the IAEA Conventions on Nuclear Safety and Security, and in particular the 1980 Convention on the Physical Protection of Nuclear Material and its amendment in 2005, Code of Conduct in Safety and Security of Radioactive Sources, 2006 which enables the country to provide for the highest international standards on nuclear and radiological safety and security. India's nuclear security approach is driven by five key components: Governance, Nuclear Security Practice and Culture, Institutions, Technology and International Cooperation. However, there is still scope for further improvements to strengthen nuclear materials and nuclear security. The NTI Report, ‘India’s improvement reflects its first contribution to the IAEA Nuclear Security Fund etc. in the future, India’s nuclear materials security conditions could be further improved by strengthening its laws and regulations for security and control of materials, particularly for control and accounting of materials, mitigating the insider threat, and for the physical security of materials during transport. India’s nuclear materials security conditions also remain adversely affected due to its continued increase in its quantities of nuclear material, and high levels of corruption among public officials.’ This paper would study briefly the progress made by India in nuclear and nuclear material security and the step ahead for India to further strengthen this.

Keywords: India, nuclear security, nuclear materials, non proliferation

Procedia PDF Downloads 352

Authors: Ying Zhu

Abstract:

Recent years have witnessed a boom of foreign investments in the field of artificial intelligence (AI). Foreign investments provide critical capital for AI development but also trigger national security concerns of host states. A notable example is an increasing number of cases in which the Committee on Foreign Investment in the United States (CFIUS) has denied Chinese acquisitions of US technology companies on national security grounds. On July 19, 2018, the Congress has reached a deal on the final draft of a new provision to strengthen CFIUS’s authority to review overseas transactions involving sensitive US technology. The question is: how to reconcile the emerging tension between, on the one hand, foreign AI investors’ expectations of a predictable investment environment, and on the other hand, host states’ regulatory power on national security? This paper provides a methodology to reconcile this tension under international investment law. Based on an examination, the national security exception clauses in international investment treaties and the application of national security justification in investor-state arbitration jurisprudence, the paper argues that a traditional interpretation of the national security exception, based on the necessity concept in customary international law, fails to take into account new risks faced by countries, including security concerns over strategic industries such as AI. To overcome this shortage, the paper proposes to incorporate an integrated national security clause in international investment treaties, which includes a two-tier test: a ‘self-judging’ test in the pre-establishment period and a ‘proportionality’ test in the post-establishment period. At the end, the paper drafts a model national security clause for future treaty-drafting practice.

Keywords: foreign investment, artificial intelligence, international investment law, national security exception

Procedia PDF Downloads 153

Authors: A. Mohammadpour, Ebrahim Najafi Kajabad, Ghazale Ipakchi

Abstract:

Presently, computer networks’ security rise in importance and many studies have also been conducted in this field. By the penetration of the internet networks in different fields, many things need to be done to provide a secure industrial and non-industrial network. Fire walls, appropriate Intrusion Detection Systems (IDS), encryption protocols for information sending and receiving, and use of authentication certificated are among things, which should be considered for system security. The aim of the present study is to use the outcome of several algorithms, which cause decline in IDS errors, in the way that improves system security and prevents additional overload to the system. Finally, regarding the obtained result we can also detect the amount and percentage of more sub attacks. By running the proposed system, which is based on the use of multi-algorithmic outcome and comparing that by the proposed single algorithmic methods, we observed a 78.64% result in attack detection that is improved by 3.14% than the proposed algorithms.

Keywords: intrusion detection systems, clustering, k-means, k-medoids, SV clustering, ensemble

Procedia PDF Downloads 221

Authors: Surah Aldakhl, Dafer Alali, Mohamed Zohdy

Abstract:

The next generation of electricity grid infrastructure, known as the "smart grid," integrates smart ICT (information and communication technology) into existing grids in order to alleviate the drawbacks of existing one-way grid systems. Future power systems' efficiency and dependability are anticipated to significantly increase thanks to the Smart Grid, especially given the desire for renewable energy sources. The security of the Smart Grid's cyber infrastructure is a growing concern, though, as a result of the interconnection of significant power plants through communication networks. Since cyber-attacks can destroy energy data, beginning with personal information leaking from grid members, they can result in serious incidents like huge outages and the destruction of power network infrastructure. We shall thus propose a secure smart energy management system based on the Blockchain as a remedy for this problem. The power transmission and distribution system may undergo a transformation as a result of the inclusion of optical fiber sensors and blockchain technology in smart grids. While optical fiber sensors allow real-time monitoring and management of electrical energy flow, Blockchain offers a secure platform to safeguard the smart grid against cyberattacks and unauthorized access. Additionally, this integration makes it possible to see how energy is produced, distributed, and used in real time, increasing transparency. This strategy has advantages in terms of improved security, efficiency, dependability, and flexibility in energy management. An in-depth analysis of the advantages and drawbacks of combining blockchain technology with optical fiber is provided in this paper.

Keywords: smart grids, blockchain, fiber optic sensor, security

Procedia PDF Downloads 120

Authors: Ghazwan Al-Haji, Adeyemi Adedokun

Abstract:

Traffic safety at intersections is highly represented, given the fact that accidents occur randomly in time and space. It is necessary to judge whether the intersection is dangerous or not based on short-term observations, and not waiting for many years of assessing historical accident data. There are active and pro-active road infrastructure safety methods for assessing safety at intersections. This study aims to investigate the use of quantitative and qualitative pre-observational methods as the best practice for accident prediction, future black spot identification, and treatment. Historical accident data from STRADA (the Swedish Traffic Accident Data Acquisition) was used within Norrkoping city in Sweden. The ADT (Average Daily Traffic), capacity and speed were used to predict accident rates. Locations with the highest accident records and predicted accident counts were identified and hence audited qualitatively by using Street Audit. The results from these quantitative and qualitative methods were analyzed, validated and compared. The paper provides recommendations on the used methods as well as on how to reduce the accident occurrence at the chosen intersections.

Keywords: intersections, traffic conflict, traffic safety, street audit, accidents predictions

Procedia PDF Downloads 233

Authors: Rabih Nehme, Abdullah Al Mutawa

Abstract:

The general goal behind this research is to gain a better understanding of factors leading to dysfunctional behavior of auditors. Recent accounting scandals -Enron, Waste Management Inc., WorldCom, Xerox Corporation, etc. -provided an ample proof of how the role of auditors has become the basis of controversial debates in many circles and instances in our modern time. The majority of lawsuits and accounting scandals seem to have a central topic in focus, namely the question ''Where were the auditors? The survey we offer up for research is made up of 34 questions that are designed to analyse the perception of auditors and the cause of dysfunctional behavior. The object of this research is comprised of auditors positioned and employed at the Big Four audit firms in Kuwait. Dysfunctional behavior (DB) is measured against two signal proxies of dysfunctional behavior; premature sign-off and under reporting of chargeable time. DB is analysed against time budget pressure and time deadline pressure. The research results' suggest that the general belief among auditors is that the profession of accountancy predetermines their tendency to commit certain patterns of dysfunctional behavior. Having our investigation conducted at the Big Four audit firms, we have come to the conclusion that there is a general difference in behavior patterns among perceptions of dysfunctional behavior and normal skeptic professional behavior.

Keywords: big four, dysfunctional behavior, time budget, time deadline

Procedia PDF Downloads 472

Authors: Dongwan Kang, Joohyung Oh, Chaetae Im

Abstract:

Advancement of communication technologies and smart devices in the recent times is leading to changes into the integrated wired and wireless communication environments. Since early days, businesses had started introducing environments for mobile device application to their operations in order to improve productivity (efficiency) and the closed corporate environment gradually shifted to an open structure. Recently, individual user's interest in working environment using mobile devices has increased and a new corporate working environment under the concept of BYOD is drawing attention. BYOD (bring your own device) is a concept where individuals bring in and use their own devices in business activities. Through BYOD, businesses can anticipate improved productivity (efficiency) and also a reduction in the cost of purchasing devices. However, as a result of security threats caused by frequent loss and theft of personal devices and corporate data leaks due to low security, companies are reluctant about adopting BYOD system. In addition, without considerations to diverse devices and connection environments, there are limitations in detecting abnormal behaviors such as information leaks which use the existing network-based security equipment. This study suggests a method to detect abnormal behaviors according to individual behavioral patterns, rather than the existing signature-based malicious behavior detection and discusses applications of this method in BYOD environment.

Keywords: BYOD, security, anomaly behavior detection, security equipment, communication technologies

Procedia PDF Downloads 324

Authors: Hesham A. El Zouka, Mustafa M. Hosni ka

Abstract:

The Radio Frequency Identification (RFID) technology has a diverse base of applications, but it is also prone to security threats. There are different types of security attacks that limit the range of the RFID applications. For example, deploying the RFID networks in insecure environments could make the RFID system vulnerable to many types of attacks such as spoofing attack, location traceability attack, physical attack and many more. Therefore, security is often an important requirement for RFID systems. In this paper, RFID mutual authentication protocol is implemented based on mobile agent technology and timestamp, which are used to provide strong authentication and integrity assurances to both the RFID readers and their corresponding RFID tags. The integration of mobile agent technology and timestamp provides promising results towards achieving this goal and towards reducing the security threats in RFID systems.

Keywords: RFID, security, authentication protocols, privacy, agent-based architecture, time-stamp, digital signature

Procedia PDF Downloads 269

Authors: Halilu Babaji, Adamu Buba

Abstract:

The proliferation of small arms and light weapons (SALW) and its illicit trafficking in West Africa and Nigeria in particular, pose a major threat to peace, security and development in the Sub-region. The high circulation of these weapons in the region is a product of the interplay of several factors, which derives principally from the internal socio-economic and political dynamics compounded by globalization. The process of globalization has congealed both time and space making it easier for ideas, goods, persons, services, information, products and money to move across borders with fewer restrictions. And this has a negative effect in the entire region making it easier for arms, ammunition, insurgents, criminal and drugs to flow within national boundaries. The failure of public security in most parts of Nigeria has lead communities to indulge in different forms of ‘self-help ‘security measures, ranging from vigilante groups to community-owned arms stockpiling. Having lost confidence in the Nigerian state, parties to some of these conflicts have become entangled in a security dilemma. The quest to procure more arms to guarantee personal and community protection from perceived and real enemies is fuelling the ‘domestic arms race ‘. Therefore, as small arms remain-and proliferate – development is impeded. The impact of SALW on economic well being and national development in Nigeria is of vast significant. Therefore the need to collect these arms in circulation in Nigeria particularly the volatile area of North-east is of very important. This will hopefully contribute to government effort in building a free, secured and peaceful society.

Keywords: arms, development, proliferation, security

Procedia PDF Downloads 326

Authors: Farzaneh Bayat

Abstract:

Successful and effective presence in regional and global markets along with optimal use of available utilities and proper utilization of new sources for offering desirable services based on customer satisfaction is inevitable. Commitment has a significant role in offering optimal services. Offering high quality job and desirable services to the customers are personnel’s commitment. Thus, Shiraz Chamran Hospital which is affiliated with Shiraz Medical School and is one of the orthopedic poles in southern Iran was studied. This hospital has 750 personnel and physicians which a sample of 200 of them were chosen as the statistic society for a 5 month period from June to November 2009. Main variables in this decision are: responsibility and responsiveness, job security, team work, task autonomy, gradation opportunity, information sharing, payments and commitment. The study approach is descriptive-correlative. With applied and segmental nature of the tests and statistic analysis, the 7 hypotheses were approved with 95% of certainty.

Keywords: commitment, information sharing, responsibility and responsiveness, job security, task autonomy

Procedia PDF Downloads 340

Authors: Ejd Garba, Okike Benjamin

Abstract:

Today, the word encryption has become very popular even among non-computer professionals. There is no doubt that some works have been carried out in this area, but more works need to be done. Presently, most of the works on encryption is concentrated on the sender of the message without paying any attention to the message recipient. However, it is a good practice if any message sent to someone is received by the particular person whom the message is sent to. This work seeks to ensure that at the receiving end of the message, there is a security to ensure that the recipient computes a key that would enable the encrypted message to be accessed. This key would be in form of password. This would make it possible for a given message to be sent to several people at the same time. When this happens, it is only those people who computes the key correctly that would be given the opportunity to access even the encrypted message, which can in turn be decrypted using the appropriate key.

Keywords: arithmetic, cyber space, modulo-2, information security

Procedia PDF Downloads 320

Authors: Hayley Lawrence, Nabi Shah, Sarah Dyer

Abstract:

Aims: Lumbar punctures are a common bedside procedure performed in acute medicine. Published guidance exists on the standardised documentation of invasive procedures in order to reduce the risk of complications. The audit aim was to assess current standards of documentation in accordance with both the GMC and the National Standards for Invasive Procedures guidelines. A second cycle was conducted after introducing a standardised sticker created using current guidelines. This would assess whether the sticker improved documentation, aiming for 100% standard in each step of the procedure. Methods: An initial prospective audit of current practice was conducted over a 3-month period. Patients were identified by their presenting complaints and by colleagues assessing acute medical patients. Initial findings were presented locally, and a further prospective audit was conducted following the implementation of a standardised sticker. Results: 19 lumbar punctures were included in the first cycle and 13 procedures in the second. Pre-procedure documentation was collected for each cycle, whereby documentation of ‘Indication’ improved from 5.3% to 84.6%, ‘Consent’ from 84.2% to 100%, ‘Coagulopathy’ from 0% to 61.5%, ‘Drug Chart checked’ from 0% to 100%, ‘Position of patient’ from 26.3% to 100% and use of ‘Aseptic Technique’ from 83.3% to 100% from the first to the second cycle respectively. ‘Level of Doctor’ and ‘Supervision’ decreased from 53% to 31% and 53% to 46%, respectively, in the second cycle. Documentation of the procedure itself also demonstrated improvements, with ‘Level of Insertion’ 15.8% to 100%, ‘Name of Antiseptic Used’ 11.1% to 69.2%, ‘Local Anaesthetic Used’ 26.3% to 53.8%, ‘Needle Gauge’ 42.1% to 76.9%, ‘Number of Attempts’ 78.9% to 100% and ‘Traumatic/Atraumatic’ procedure 26.3% to 92.3%, respectively. A similar number of opening pressures were documented in each cycle at 57.9% and 53.8%, respectively, but its documentation was deemed ‘Not Applicable’ in a higher number of patients in the second cycle. Post-procedure documentation improved, with ‘Number of Samples obtained’ increasing from 52.6% to 92.3% and documentation of ‘Immediate Complications’ increasing from 78.9% to 100%. ‘Dressing Applied’ was poorly documented in the first cycle at 16.7%. This was not included on the standardised sticker, resulting in 0% documentation in the second cycle. Documentation of Clinicians’ Name and Bleep reduced from 63.2% to 15.4%, but when the name only was analysed, this increased to 84.6%. Conclusions: Standardised stickers for lumbar punctures do improve documentation and hence should result in improved patient safety. There is still room for improvement to reach 100% standard in each area, especially with respect to the clinician’s name and contact details being documented. Final adjustments will be made to the sticker before being included in a lumbar puncture kit, which will be made readily available in the acute medical wards. Future audits could be extended to include other common bedside procedures performed in acute medicine to ensure documentation of all these procedures reaches 100% standard.

Keywords: invasive procedure, lumbar puncture, medical record keeping, procedure checklist, procedure documentation, standardised documentation

Procedia PDF Downloads 105

Authors: Liwen Wang, Yuting Chen, Tong Wu, Shaolei Hu

Abstract:

In order to enhance the security of critical financial infrastructure, this study carries out a transformation of the architecture of a financial trading terminal to a zero trust architecture (ZTA), constructs an active defense system for cybersecurity, improves the security level of trading services in the Internet environment, enhances the ability to prevent network attacks and unknown risks, and reduces the industry and security risks brought about by cybersecurity risks. This study introduces the SDP technology of ZTA, adapts and applies it to a financial trading terminal to achieve security optimization and fine-grained business grading control. The upgraded architecture of the trading terminal moves security protection forward to the user access layer, replaces VPN to optimize remote access, and significantly improves the security protection capability of Internet transactions. The study achieves 1. deep integration with the access control architecture of the transaction system; 2. no impact on the performance of terminals and gateways, and no perception of application system upgrades; 3. customized checklist and policy configuration; 4. introduction of industry-leading security technology such as single-packet authorization (SPA) and secondary authentication. This study carries out a successful application of ZTA in the field of financial trading and provides transformation ideas for other similar systems while improving the security level of financial transaction services in the Internet environment.

Keywords: zero trust, trading terminal, architecture, network security, cybersecurity

Procedia PDF Downloads 167

Authors: Mireille Elhajj, Washington Ochieng, Deeph Chana

Abstract:

The challenges of the rapid growth in the demand for transport has traditionally been seen within the context of the problems of congestion, air quality, climate change, safety, and affordability. However, there are increasing threats including those related to crime such as cyber-attacks that threaten the security of the transport of people and goods. To the best of the authors’ knowledge, this paper presents for the first time, a comprehensive framework for the assessment of the current and future security issues of multi-modal transport systems. The approach or method proposed is based on a structured framework starting with a detailed specification of the transport asset map (transport system architecture), followed by the identification of vulnerabilities. The asset map and vulnerabilities are used to identify the various approaches for exploitation of the vulnerabilities, leading to the creation of a set of threat scenarios. The threat scenarios are then transformed into risks and their categories, and include insights for their mitigation. The consideration of the mitigation space is holistic and includes the formulation of appropriate policies and tactics and/or technical interventions. The quality of the framework is ensured through a structured and logical process that identifies the stakeholders, reviews the relevant documents including policies and identifies gaps, incorporates targeted surveys to augment the reviews, and uses subject matter experts for validation. The approach to categorising security risks is an extension of the current methods that are typically employed. Specifically, the partitioning of risks into either physical or cyber categories is too limited for developing mitigation policies and tactics/interventions for transport systems where an interplay between physical and cyber processes is very often the norm. This interplay is rapidly taking on increasing significance for security as the emergence of cyber-physical technologies, are shaping the future of all transport modes. Examples include: Connected Autonomous Vehicles (CAVs) in road transport; the European Rail Traffic Management System (ERTMS) in rail transport; Automatic Identification System (AIS) in maritime transport; advanced Communications, Navigation and Surveillance (CNS) technologies in air transport; and the Internet of Things (IoT). The framework adopts a risk categorisation scheme that considers risks as falling within the following threat→impact relationships: Physical→Physical, Cyber→Cyber, Cyber→Physical, and Physical→Cyber). Thus the framework enables a more complete risk picture to be developed for today’s transport systems and, more importantly, is readily extendable to account for emerging trends in the sector that will define future transport systems. The framework facilitates the audit and retro-fitting of mitigations in current transport operations and the analysis of security management options for the next generation of Transport enabling strategic aspirations such as systems with security-by-design and co-design of safety and security to be achieved. An initial application of the framework to transport systems has shown that intra-modal consideration of security measures is sub-optimal and that a holistic and multi-modal approach that also addresses the intersections/transition points of such networks is required as their vulnerability is high. This is in-line with traveler-centric transport service provision, widely accepted as the future of mobility services. In summary, a risk-based framework is proposed for use by the stakeholders to comprehensively and holistically assess the security of transport systems. It requires a detailed understanding of the transport architecture to enable a detailed vulnerabilities analysis to be undertaken, creates threat scenarios and transforms them into risks which form the basis for the formulation of interventions.

Keywords: mitigations, risk, transport, security, vulnerabilities

Procedia PDF Downloads 165

Authors: Jandot Aurélia

Abstract:

In France, in the main media, the concern about nuclear safety and security has not really appeared before the beginning of the 1970s. The gradual changes in its perception are studied here through the arguments given in the main French news magazines, linked with several parameters. As this represents a considerable amount of copies and thus of information, are selected here the main articles as well as the main “mental images” aiming to persuade the readers and which have led the public awareness to evolve. Indeed, in the 1970s, in France, these evolutions were not made in one day. Indeed, over the period, many articles were still in favor of nuclear power plants and promoted the technological advances that were made in this field. They had to be taken into account. But, gradually, grew up arguments and mental images discrediting the perception of nuclear technology. Among these were the environmental impacts of this industry, as the question of pollution progressively appeared. So, between 1970 and 1979, the language has changed, as the perceptible objectives of the communication, allowing to discern the deepest intentions of the editorial staffs of the French news magazines. This is all these changes that are emphasized here, over a period when the safety and security concern linked to the nuclear technology, to there a field for specialists, has become progressively a social issue seemingly open to all.

Keywords: environmental impacts, media discourse, nuclear security, public awareness

Procedia PDF Downloads 283

Authors: Settana M. Abdulh, Naila A. Sadalla, Yaseen H. Taha, Howaida Elshoush

Abstract:

Side channel attacks are based on side channel information, which is information that is leaked from encryption systems. This includes timing information, power consumption as well as electromagnetic or even sound leaking which can exploited by an attacker. Implementing side channel attacks are possible if and only if an attacker has access to a cryptosystem. In this case, the attacker can exploit bad implementation in software or hardware which is not controlled by encryption implementer. Thus, he/she will represent a real threat to the security system. Several countermeasures have been proposed to eliminate side channel information vulnerability.Cache timing attack is a special type of side channel attack. Here, timing information is collected and analyzed by an attacker to guess sensitive information such as encryption key or plaintext. This paper reviews the technique applied in this attack and surveys the countermeasures against it, evaluating the feasibility and usability of each. Based on this evaluation, finally we pose several recommendations about using these countermeasures.

Keywords: AES algorithm, side channel attack, cache timing attack, cache timing countermeasure

Procedia PDF Downloads 299