Search results for: layered security
2664 Intrusion Detection and Prevention System (IDPS) in Cloud Computing Using Anomaly-Based and Signature-Based Detection Techniques
Authors: John Onyima, Ikechukwu Ezepue
Abstract:
Virtualization and cloud computing are among the fast-growing computing innovations in recent times. Organisations all over the world are moving their computing services towards the cloud this is because of its rapid transformation of the organization’s infrastructure and improvement of efficient resource utilization and cost reduction. However, this technology brings new security threats and challenges about safety, reliability and data confidentiality. Evidently, no single security technique can guarantee security or protection against malicious attacks on a cloud computing network hence an integrated model of intrusion detection and prevention system has been proposed. Anomaly-based and signature-based detection techniques will be integrated to enable the network and its host defend themselves with some level of intelligence. The anomaly-base detection was implemented using the local deviation factor graph-based (LDFGB) algorithm while the signature-based detection was implemented using the snort algorithm. Results from this collaborative intrusion detection and prevention techniques show robust and efficient security architecture for cloud computing networks.Keywords: anomaly-based detection, cloud computing, intrusion detection, intrusion prevention, signature-based detection
Procedia PDF Downloads 3052663 The Influence of the Islamic State (IS) on India: Recent Developments and Challenges
Authors: Alvite Singh Ningthoujam
Abstract:
The most recent terror phenomenon, which is also known as the Islamic State of Iraq and Syria (ISIS), or Islamic State (IS), has its influence felt in South Asia. This dreaded Sunni militant group, today, has become a concern in India as well. Already affected by various terror activities in the country, the influence of the IS on the radicalised Muslim youths in India has been watched closely by the security agencies. There had already been a few IS-related incidents in India due to which this issue has emerged as a threat or challenge to India’s internal security. The rapid radicalisation of youths in a few states where there are sizeable Muslim populations has gone, to some extent, in favour of the IS, particularly in the terror outfit’s recruitment process. What has added to the worry of the Indian security agencies is the announcement of the Al-Qaeda leader, Ayman al-Zawahari, of the creation of the Al-Qaeda in the Indian Subcontinent. In fact, this is a worrisome factor as both the militant groups, that is, al-Qaeda and ISIS, have a similar objective to target India and to turn this South Asian country as one of the recruiting grounds for extremists. There is also a possibility that an Indian Mujahedeen (IM) man was believed to be instrumental in recruiting for the ISIS poor Muslims in a few Indian states. If this nexus between ISIS and India’s home-grown terror groups manages to establish a robust link, then the headache of combating such amalgamated force will be a hard task for Indian security agencies. In the wake of the above developments, this paper would seek to analyse the developing trend in India in regard to IS. It would also bring out the reasons as to why further penetration of the IS influence on India would be a grave concern in the internal security of the country. The last section of the paper would highlight the steps that have been taken by the Indian government to tackle this menace effectively.Keywords: India, Islamic State, Muslim, Security
Procedia PDF Downloads 3762662 Cyber Security Enhancement via Software Defined Pseudo-Random Private IP Address Hopping
Authors: Andre Slonopas, Zona Kostic, Warren Thompson
Abstract:
Obfuscation is one of the most useful tools to prevent network compromise. Previous research focused on the obfuscation of the network communications between external-facing edge devices. This work proposes the use of two edge devices, external and internal facing, which communicate via private IPv4 addresses in a software-defined pseudo-random IP hopping. This methodology does not require additional IP addresses and/or resources to implement. Statistical analyses demonstrate that the hopping surface must be at least 1e3 IP addresses in size with a broad standard deviation to minimize the possibility of coincidence of monitored and communication IPs. The probability of breaking the hopping algorithm requires a collection of at least 1e6 samples, which for large hopping surfaces will take years to collect. The probability of dropped packets is controlled via memory buffers and the frequency of hops and can be reduced to levels acceptable for video streaming. This methodology provides an impenetrable layer of security ideal for information and supervisory control and data acquisition systems.Keywords: moving target defense, cybersecurity, network security, hopping randomization, software defined network, network security theory
Procedia PDF Downloads 1852661 Modeling of Masonry In-Filled R/C Frame to Evaluate Seismic Performance of Existing Building
Authors: Tarek M. Alguhane, Ayman H. Khalil, M. N. Fayed, Ayman M. Ismail
Abstract:
This paper deals with different modeling aspects of masonry infill: no infill model, Layered shell infill model, and strut infill model. These models consider the complicated behavior of the in-filled plane frames under lateral load similar to an earthquake load. Three strut infill models are used: NBCC (2005) strut infill model, ASCE/SEI 41-06 strut infill model and proposed strut infill model based on modification to Canadian, NBCC (2005) strut infill model. Pushover and modal analyses of a masonry infill concrete frame with a single storey and an existing 5-storey RC building have been carried out by using different models for masonry infill. The corresponding hinge status, the value of base shear at target displacement as well as their dynamic characteristics have been determined and compared. A validation of the structural numerical models for the existing 5-storey RC building has been achieved by comparing the experimentally measured and the analytically estimated natural frequencies and their mode shapes. This study shows that ASCE/SEI 41-06 equation underestimates the values for the equivalent properties of the diagonal strut while Canadian, NBCC (2005) equation gives realistic values for the equivalent properties. The results indicate that both ASCE/SEI 41-06 and Canadian, NBCC (2005) equations for strut infill model give over estimated values for dynamic characteristic of the building. Proposed modification to Canadian, NBCC (2005) equation shows that the fundamental dynamic characteristic values of the building are nearly similar to the corresponding values using layered shell elements as well as measured field results.Keywords: masonry infill, framed structures, RC buildings, non-structural elements
Procedia PDF Downloads 2772660 Specification of Requirements to Ensure Proper Implementation of Security Policies in Cloud-Based Multi-Tenant Systems
Authors: Rebecca Zahra, Joseph G. Vella, Ernest Cachia
Abstract:
The notion of cloud computing is rapidly gaining ground in the IT industry and is appealing mostly due to making computing more adaptable and expedient whilst diminishing the total cost of ownership. This paper focuses on the software as a service (SaaS) architecture of cloud computing which is used for the outsourcing of databases with their associated business processes. One approach for offering SaaS is basing the system’s architecture on multi-tenancy. Multi-tenancy allows multiple tenants (users) to make use of the same single application instance. Their requests and configurations might then differ according to specific requirements met through tenant customisation through the software. Despite the known advantages, companies still feel uneasy to opt for the multi-tenancy with data security being a principle concern. The fact that multiple tenants, possibly competitors, would have their data located on the same server process and share the same database tables heighten the fear of unauthorised access. Security is a vital aspect which needs to be considered by application developers, database administrators, data owners and end users. This is further complicated in cloud-based multi-tenant system where boundaries must be established between tenants and additional access control models must be in place to prevent unauthorised cross-tenant access to data. Moreover, when altering the database state, the transactions need to strictly adhere to the tenant’s known business processes. This paper focuses on the fact that security in cloud databases should not be considered as an isolated issue. Rather it should be included in the initial phases of the database design and monitored continuously throughout the whole development process. This paper aims to identify a number of the most common security risks and threats specifically in the area of multi-tenant cloud systems. Issues and bottlenecks relating to security risks in cloud databases are surveyed. Some techniques which might be utilised to overcome them are then listed and evaluated. After a description and evaluation of the main security threats, this paper produces a list of software requirements to ensure that proper security policies are implemented by a software development team when designing and implementing a multi-tenant based SaaS. This would then assist the cloud service providers to define, implement, and manage security policies as per tenant customisation requirements whilst assuring security for the customers’ data.Keywords: cloud computing, data management, multi-tenancy, requirements, security
Procedia PDF Downloads 1562659 Formal Verification for Ethereum Smart Contract Using Coq
Authors: Xia Yang, Zheng Yang, Haiyong Sun, Yan Fang, Jingyu Liu, Jia Song
Abstract:
The smart contract in Ethereum is a unique program deployed on the Ethereum Virtual Machine (EVM) to help manage cryptocurrency. The security of this smart contract is critical to Ethereum’s operation and highly sensitive. In this paper, we present a formal model for smart contract, using the separated term-obligation (STO) strategy to formalize and verify the smart contract. We use the IBM smart sponsor contract (SSC) as an example to elaborate the detail of the formalizing process. We also propose a formal smart sponsor contract model (FSSCM) and verify SSC’s security properties with an interactive theorem prover Coq. We found the 'Unchecked-Send' vulnerability in the SSC, using our formal model and verification method. Finally, we demonstrate how we can formalize and verify other smart contracts with this approach, and our work indicates that this formal verification can effectively verify the correctness and security of smart contracts.Keywords: smart contract, formal verification, Ethereum, Coq
Procedia PDF Downloads 6902658 Securing the Electronic Commerce - The Way Forward: A Comparative Ananlysis
Authors: Sarthak Mishra, Astha Sinha
Abstract:
There’s no doubt about the convenience of making commercial and business transactions over the Internet under the new business model known as the e-Commerce. The term 'Electronic commerce' or e-Commerce refers to the use of an electronic medium to carry out commercial transactions. E-Commerce is one of the parts of Information Science framework and its uses are gradually becoming popular. Thus, the threat of security issues in Information Science has now become an important subject of discussion amongst the concerned users. These two issues i.e. security and privacy are required to be looked into through social, organizational, technical and economic perspectives. The current paper analyses the effect of these two issues in the arena of e-commerce. Here, no specification has been discussed rather an attempt has been made to provide a general overview. Further, attempts have been made to discuss the security and privacy issues in relation to the E-Commerce financial transactions. We shall also discuss in particular different steps required to be taken before online shopping and also shall discuss the purpose of security and privacy in E-Commerce and why it has currently become the need of the present hour. Lastly, an attempt has been made to discuss the plausible future course of development of this practice and its impact upon the global economy and if any changes should be bought about to ensure a smooth evolution of the practice. This paper has adopted a descriptive methodology to undertake its major area of study, wherein the major source of information has been via the secondary resources. Also, the study is of a comparative nature wherein the position of the various national regimes have compared with regards to the research question.Keywords: business-business transaction (B2B), business-consumer transaction (B2C), e-commerce, online transaction, privacy and security threats
Procedia PDF Downloads 2322657 Securing Land Rights for Food Security in Africa: An Appraisal of Links Between Smallholders’ Land Rights and the Right to Adequate Food in Ethiopia
Authors: Husen Ahmed Tura
Abstract:
There are strong links between secure land rights and food security in Africa. However, as land is owned by governments, land users do not have adequate legislative protection. This article explores normative and implementation gaps in relation to small-scale farmers’ land rights under the Ethiopia’s law. It finds that the law facilitates eviction of small-scale farmers and indigenous peoples from their land without adequate alternative means of livelihood. It argues that as access to land and other natural resources is strongly linked to the right to adequate food, Ethiopia should reform its land laws in the light of its legal obligations under international human rights law to respect, protect and fulfill the right to adequate food and ensure freedom from hunger.Keywords: smallholder, secure land rights , food security, right to food, land grabbing, forced evictions
Procedia PDF Downloads 3082656 Personal Variables and Students’ Perception of School Security in Secondary Schools in Calabar Municipality, Cross River State, Nigeria
Authors: James Bassey Ejue, Dorn Cklaimz Enamhe, Helen Francis Ejue
Abstract:
The study examined the influence of personal variables such as sex, type of school, and parental socio-economic status on secondary school students’ perception of school security. To guide the study, three null hypotheses were formulated. The research design adopted was the survey design, and a 20-item instrument was constructed and validated by the researchers through a test-retest procedure. The sample size for the study comprised 2,198 students made up of male and female students selected through a stratified random sampling technique. This was drawn from a study population of 21,988, made up of 12,635 students and 9353 students from public and private secondary schools, respectively. Data were analyzed using an independent t-test statistical tool. The findings showed that female students were more fearful in their perception of school security; the students in private schools perceived school to be more insecure than those in public schools; and the students from high parental socio-economic status are more associated with the perception of school as insecure than the ones from low parental socio-economic status. Based on these findings, it was recommended that, among others, more reassuring measures be put in place to check school security for females, for those in private schools, and for those from high parental socio-economic status. School counsellors should also be guided accordingly in designing intervention strategies.Keywords: personal variables, students, perception, school security
Procedia PDF Downloads 772655 Central American Security Issue: Civil War Legacy and Contemporary Challenges
Authors: Olga Andrianova, Lazar Jeifets
Abstract:
The security issue has always been one of the most sensitive and significant in Latin American context, especially focused on Central American region. Despite the fact that the time of the civil wars has ended, violence, delinquency, insecurity, discrimination still exist and keep relevance in the 21st century. This article is dedicated to consider this kind of problems, to find out the main causes and to propose solution approaches.Keywords: Central America, insecurity, instability, post-war countries, violence
Procedia PDF Downloads 4732654 Design of Low-Maintenance Sewer Pump Stations with High-Security Measures for Municipal Applications
Authors: H. V. Smit, V. H. J. de Wet
Abstract:
South African municipalities are dealing with aging and dilapidated infrastructure while faced with challenges in the form of expanding informal settlements, vandalism, theft, and a lack of maintenance which place even more pressure on existing infrastructure. The existing infrastructure was never designed to cater to these challenges, and this becomes evident when evaluating the current state of many municipal sewer pump stations. A need has thus arisen to develop a sewer pump station design concept that will address these challenges and allow for a long-term sustainable solution. This article deals with the design concepts which have been developed for sewer pump stations for an effective reduction in maintenance, improved grit handling, improvement to the operation and maintenance working conditions, and the adoption of high-security design philosophy.Keywords: high security, low maintenance, municipal application, sewer pump station
Procedia PDF Downloads 1092653 Techno-Economic Optimization and Evaluation of an Integrated Industrial Scale NMC811 Cathode Active Material Manufacturing Process
Authors: Usama Mohamed, Sam Booth, Aliysn J. Nedoma
Abstract:
As part of the transition to electric vehicles, there has been a recent increase in demand for battery manufacturing. Cathodes typically account for approximately 50% of the total lithium-ion battery cell cost and are a pivotal factor in determining the viability of new industrial infrastructure. Cathodes which offer lower costs whilst maintaining or increasing performance, such as nickel-rich layered cathodes, have a significant competitive advantage when scaling up the manufacturing process. This project evaluates the techno-economic value proposition of an integrated industrial scale cathode active material (CAM) production process, closing the mass and energy balances, and optimizing the operation conditions using a sensitivity analysis. This is done by developing a process model of a co-precipitation synthesis route using Aspen Plus software and validated based on experimental data. The mechanism chemistry and equilibrium conditions were established based on previous literature and HSC-Chemistry software. This is then followed by integrating the energy streams, adding waste recovery and treatment processes, as well as testing the effect of key parameters (temperature, pH, reaction time, etc.) on CAM production yield and emissions. Finally, an economic analysis estimating the fixed and variable costs (including capital expenditure, labor costs, raw materials, etc.) to calculate the cost of CAM ($/kg and $/kWh), total plant cost ($) and net present value (NPV). This work sets the foundational blueprint for future research into sustainable industrial scale processes for CAM manufacturing.Keywords: cathodes, industrial production, nickel-rich layered cathodes, process modelling, techno-economic analysis
Procedia PDF Downloads 1002652 Some Issues with Extension of an HPC Cluster
Authors: Pil Seong Park
Abstract:
Homemade HPC clusters are widely used in many small labs, because they are easy to build and cost-effective. Even though incremental growth is an advantage of clusters, it results in heterogeneous systems anyhow. Instead of adding new nodes to the cluster, we can extend clusters to include some other Internet servers working independently on the same LAN, so that we can make use of their idle times, especially during the night. However extension across a firewall raises some security problems with NFS. In this paper, we propose a method to solve such a problem using SSH tunneling, and suggest a modified structure of the cluster that implements it.Keywords: extension of HPC clusters, security, NFS, SSH tunneling
Procedia PDF Downloads 4252651 Re-Emergence of Religious Militancy in Pakistan after Return of Afghan Taliban to Power Corridors in Afghanistan (2021-2022)
Authors: Syed Sibtain Hussain Shah
Abstract:
The Afghan Taliban returned to power corridors in Afghanistan in August 2021 after waging a twenty-year insurgency in the country. U.S.-led forces completed their withdrawal from Afghanistan on August 30, 2021, but the Taliban took control of the whole country till August 15, 2021. At the same time, some of the militant groups such as Tehrik-e-Taliban Pakistan (TTP) and Islamic State Khurasan (IS-K) reappeared in Pakistan’s borders and other areas and by increasing attacks on the armed forces of Pakistan and minorities communities. These groups once again created a crucial challenge to the internal security of the country. Since mid of 2021, many of the terrorist incidents in the countries specified in the areas of Pakistan bordering Afghanistan were committed by TTP and IS-K. The aim of this paper is to investigate the reappearance of TTP and IS-K in 2021 and 2022 as a crucial threat to the internal security of Pakistan. The author will particularly probe threats to the security of military personnel and their installations and threats to human security, including danger to religious minority communities in the different areas of the country, including border areas such as Waziristan, which was once a hub of TTP and other militant groups in the 2000s. The author will employ the relevant method and appropriate theories of security studies, such as religious extremism and terrorism, in this study. TTP, inspired by the Afghan Taliban, initially emerged in Pakistan in 2007 and this group has so far targeted various religious and ethnic communities and government installations in Pakistan. The group is not only against Pakistan’s government policies, but it also committed terrorist attacks on the communities of the other Muslim sects and as well as non-Muslim communities. Most of the prominent figures of this violent group disappeared or escaped to Afghanistan after military actions, such as the larger “Zarb-e-Azb” operation in Pakistan in 2015. IS-K, which established its branch of Khurasan covering Pakistan and Afghanistan in 2015, with its main formation in Iraq and Syria in 2015, by targeting religious minorities such as Shia Muslims, has so far created a vital security challenge for the security of the country.Keywords: Pakistan, Afghanistan, Afghan Taliban, Pakistani Taliban, Islamic state Khorasan, security threat
Procedia PDF Downloads 1402650 The Contribution of the Livestock Marketing Programme in Improving Household Food Security in Communal Areas of Umzimkhulu Local Municipality, Kwa-Zulu Natal
Authors: Sibongiseni Peacock, Denver Naidoo, Sikhalazo Dube
Abstract:
The study investigates the impact of the National Red Meat Development Programme on household food security in rural areas of uMzimkhulu. Self-administered questionnaires were employed to gather data from 77 smallholder beef farmers participating in the St. Paul feedlot project. Data analysis utilized the Household Food Insecurity Access Scale (HFIAS) developed by USAID to assess the household food security status of St. Paul feedlot beneficiaries, with descriptive statistics employed for result analysis. Findings indicate that the majority (80.50%) of beneficiaries experienced food insecurity, while (19.50%) were classified as food secure, with most participants falling within the category of moderate food insecurity. Food insecurity predominantly stemmed from challenges faced by farmers unable to sell their cattle or whose cattle were not market-ready due to bureaucratic obstacles hindering the programme. Farmers identified feed shortages as the primary constraint, resulting in missed income opportunities. These findings underscore the critical need to address feed challenges and bureaucratic barriers to enhance the efficacy of the National Red Meat Development Programme in promoting household food security in rural areas.Keywords: National Red Meat Development, household food security, St. Paul feedlot, livestock, HFIAS
Procedia PDF Downloads 542649 Automatic Teller Machine System Security by Using Mobile SMS Code
Authors: Husnain Mushtaq, Mary Anjum, Muhammad Aleem
Abstract:
The main objective of this paper is used to develop a high security in Automatic Teller Machine (ATM). In these system bankers will collect the mobile numbers from the customers and then provide a code on their mobile number. In most country existing ATM machine use the magnetic card reader. The customer is identifying by inserting an ATM card with magnetic card that hold unique information such as card number and some security limitations. By entering a personal identification number, first the customer is authenticated then will access bank account in order to make cash withdraw or other services provided by the bank. Cases of card fraud are another problem once the user’s bank card is missing and the password is stolen, or simply steal a customer’s card & PIN the criminal will draw all cash in very short time, which will being great financial losses in customer, this type of fraud has increase worldwide. So to resolve this problem we are going to provide the solution using “Mobile SMS code” and ATM “PIN code” in order to improve the verify the security of customers using ATM system and confidence in the banking area.Keywords: PIN, inquiry, biometric, magnetic strip, iris recognition, face recognition
Procedia PDF Downloads 3642648 Assessing the Role of Water Research and Development Investment towards Water Security in South Africa: During the Five Years Period (2009/10 - 2013/14)
Authors: Hlamulo Makelane
Abstract:
The study aims at providing new insights regarding research and development (R&D) public and private activities based on the national R&D survey of the past five years. The main question of the study is what role does water R&D plays on water security; to then analyze what lessons could be extracted to improve the security of water through R&D. In particular, this work concentrates on three main aspects of R&D investments: (i) the level of expenditures, (ii) the sources of funding related to water R&D, and (iii) the personnel working in the field, both for the public and private sectors. The nonlinear regression approached will be used for data analysis based on secondary data gathered from the South African nation R&D survey conducted annually by the Centre for science, technology and innovation indicators (CeSTII).Keywords: water, R&D, investment, public sector, private sector
Procedia PDF Downloads 2372647 Multi-Agent TeleRobotic Security Control System: Requirements Definitions of Multi-Agent System Using The Behavioral Patterns Analysis (BPA) Approach
Authors: Assem El-Ansary
Abstract:
This paper illustrates the event-oriented Behavioral Pattern Analysis (BPA) modeling approach in developing an Multi-Agent TeleRobotic Security Control System (MTSCS). The event defined in BPA is a real-life conceptual entity that is unrelated to any implementation. The major contributions of this research are the Behavioral Pattern Analysis (BPA) modeling methodology, and the development of an interactive software tool (DECISION), which is based on a combination of the Analytic Hierarchy Process (AHP) and the ELECTRE Multi-Criteria Decision Making (MCDM) methods.Keywords: analysis, multi-agent, TeleRobotics control, security, modeling methodology, software modeling, event-oriented, behavioral pattern, use cases
Procedia PDF Downloads 4382646 Central American Security Issue: Civil Wars Legacy and Contemporary Challenges
Authors: Olga Andrianova, Lazar Jeifets
Abstract:
The security issue has always been one of the most sensitive and significant in Latin American context, especially focused on Central American region. Despite the fact that the time of the civil wars has ended, violence, delinquency, insecurity, discrimination still exist and keep relevance in the 21st century. This article is dedicated to consider this kind of problems, to find out the main causes and to propose solution approaches.Keywords: Central America, insecurity, instability, violence
Procedia PDF Downloads 3952645 Insurance of Agricultural Activities as the Basis for Food Security
Authors: J. B. Akshataeva, G. T. Aigarinova, A. Amankulova, D. S. Kalkanova
Abstract:
This article examines some aspects of the insurance of agricultural activities, strategic documents on deepening investment opportunities. Insurance market development is before the society and the state. It also examines problems of agricultural insurance development in the market economy of Kazakhstan as the basis for food security.Keywords: agriculture, food safety, insurance, privacy issues
Procedia PDF Downloads 5032644 Weapon Collection Initiatives and the Threat of Small Arms and Light Weapons Proliferation in Volatile Areas of North-Eastern Nigeria as a Way Forward for National Security and Development
Authors: Halilu Babaji, Adamu Buba
Abstract:
The proliferation of small arms and light weapons (SALW) and its illicit trafficking in West Africa and Nigeria in particular, pose a major threat to peace, security and development in the Sub-region. The high circulation of these weapons in the region is a product of the interplay of several factors, which derives principally from the internal socio-economic and political dynamics compounded by globalization. The process of globalization has congealed both time and space making it easier for ideas, goods, persons, services, information, products and money to move across borders with fewer restrictions. And this has a negative effect in the entire region making it easier for arms, ammunition, insurgents, criminal and drugs to flow within national boundaries. The failure of public security in most parts of Nigeria has lead communities to indulge in different forms of ‘self-help ‘security measures, ranging from vigilante groups to community-owned arms stockpiling. Having lost confidence in the Nigerian state, parties to some of these conflicts have become entangled in a security dilemma. The quest to procure more arms to guarantee personal and community protection from perceived and real enemies is fuelling the ‘domestic arms race ‘. Therefore, as small arms remain-and proliferate – development is impeded. The impact of SALW on economic well being and national development in Nigeria is of vast significant. Therefore the need to collect these arms in circulation in Nigeria particularly the volatile area of North-east is of very important. This will hopefully contribute to government effort in building a free, secured and peaceful society.Keywords: arms, development, proliferation, security
Procedia PDF Downloads 3252643 Importance of Hardware Systems and Circuits in Secure Software Development Life Cycle
Authors: Mir Shahriar Emami
Abstract:
Although it is fully impossible to ensure that a software system is quite secure, developing an acceptable secure software system in a convenient platform is not unreachable. In this paper, we attempt to analyze software development life cycle (SDLC) models from the hardware systems and circuits point of view. To date, the SDLC models pay merely attention to the software security from the software perspectives. In this paper, we present new features for SDLC stages to emphasize the role of systems and circuits in developing secure software system through the software development stages, the point that has not been considered previously in the SDLC models.Keywords: SDLC, SSDLC, software security, software process engineering, hardware systems and circuits security
Procedia PDF Downloads 2612642 Addressing Supply Chain Data Risk with Data Security Assurance
Authors: Anna Fowler
Abstract:
When considering assets that may need protection, the mind begins to contemplate homes, cars, and investment funds. In most cases, the protection of those assets can be covered through security systems and insurance. Data is not the first thought that comes to mind that would need protection, even though data is at the core of most supply chain operations. It includes trade secrets, management of personal identifiable information (PII), and consumer data that can be used to enhance the overall experience. Data is considered a critical element of success for supply chains and should be one of the most critical areas to protect. In the supply chain industry, there are two major misconceptions about protecting data: (i) We do not manage or store confidential/personally identifiable information (PII). (ii) Reliance on Third-Party vendor security. These misconceptions can significantly derail organizational efforts to adequately protect data across environments. These statistics can be exciting yet overwhelming at the same time. The first misconception, “We do not manage or store confidential/personally identifiable information (PII)” is dangerous as it implies the organization does not have proper data literacy. Enterprise employees will zero in on the aspect of PII while neglecting trade secret theft and the complete breakdown of information sharing. To circumvent the first bullet point, the second bullet point forges an ideology that “Reliance on Third-Party vendor security” will absolve the company from security risk. Instead, third-party risk has grown over the last two years and is one of the major causes of data security breaches. It is important to understand that a holistic approach should be considered when protecting data which should not involve purchasing a Data Loss Prevention (DLP) tool. A tool is not a solution. To protect supply chain data, start by providing data literacy training to all employees and negotiating the security component of contracts with vendors to highlight data literacy training for individuals/teams that may access company data. It is also important to understand the origin of the data and its movement to include risk identification. Ensure processes effectively incorporate data security principles. Evaluate and select DLP solutions to address specific concerns/use cases in conjunction with data visibility. These approaches are part of a broader solutions framework called Data Security Assurance (DSA). The DSA Framework looks at all of the processes across the supply chain, including their corresponding architecture and workflows, employee data literacy, governance and controls, integration between third and fourth-party vendors, DLP as a solution concept, and policies related to data residency. Within cloud environments, this framework is crucial for the supply chain industry to avoid regulatory implications and third/fourth party risk.Keywords: security by design, data security architecture, cybersecurity framework, data security assurance
Procedia PDF Downloads 882641 Effect of the Food Distribution on Household Food Security Status in Iran
Authors: Delaram Ghodsi, Nasrin Omidvar, Hassan Eini-Zinab, Arash Rashidian, Hossein Raghfar
Abstract:
Food supplementary programs are policy approaches that aim to reduce financial barriers to healthy diets and tackle food insecurity. This study aimed to evaluate the effect of the supportive section of Multidisciplinary Supplementary Program for Improvement of Nutritional Status of Children (MuPINSC) on households’ food security status and nutritional status of mothers. MuPINSC is a national integrative program in Iran that distributes supplementary food basket to malnourished or growth retarded children living in low-income families in addition to providing health services, including sanitation, growth monitoring, and empowerment of families. This longitudinal study is part of a comprehensive evaluation of the program. The study participants included 359 mothers of children aged 6 to 72 month under coverage of the supportive section of the program in two provinces of Iran (Semnan and Qazvin). Demographic and economic characteristics of families were assessed by a questionnaire. Data on food security of family was collected by locally adapted Household Food Insecurity Access Scale (HFIAS) at the baseline of the study and six month thereafter. Weight and height of mothers were measured at the baseline and end of the study and mother’s BMI was calculated. Data were analysed, using paired t-test, GEE (Generalized Estimating Equation), and Chi-square tests. Based on the findings, at the baseline, only 4.7% of families were food-secure, while 13.1%, 38.7% and, 43.5% were categorized as mild, moderate and severe food insecure. After six months follow up, the distribution of different levels of food security changed significantly (P<0.001) to 7.9%, 11.6%, 42.6%, and 38%, respectively. At the end of the study, the chance of food insecurity was significantly 20% lower than the beginning (OR=0.796; 0.653-0.971). No significant difference was observed in maternal BMI based on food security (P>0.05). The findings show that the food supplementary program for children improved household food security status in the studied households. Further research is needed to assess other factors that affect the effectiveness of this large scale program on nutritional status and household’s food security.Keywords: food security, food supplementary program, household, malnourished children
Procedia PDF Downloads 4012640 Impact of HIV/AIDS on Food Security in Pala Sub-Location, Bondo District, Kenya
Authors: S. B. Otieno, Were Fred, E. W. Kabiru, K. Waza
Abstract:
Background: HIV/AIDS is leading to the loss of labor through sickness and subsequent death, this is leading to the neglect of farm and off-farm activities, with the subsequent loss of potential income and food security. The situation is sensitive to seasonal labour peaks in agriculture. This study was done to determine the impact of high HIV prevalence in farming systems and food security in Pala Bondo District, Kenya. Methods: In this study, 386 respondents were randomly chosen in Pala Sub-Location. The respondents and key informants were interviewed using structured questionnaire. The data were entered and analyzed using SPSS version 16. Results: It was established that majority of respondents (67%) were between 18 and 35 years {χ2 = (1, N = 386) = 13.430, p = 0.000} (chimney effect). The study also established that 83.5% of respondents were married {χ2 = (1, N= 370) = 166.277 p = 0.000} and predominant occupation being farming and fishing (61%), while 52.8% of farm labour was by hand, 26% by oxen, and 4.9% mechanized. 73.2% of respondents only farm 0.25 to 2 acres, 48% mentioned lack of labour in land preparation {χ2 ((1,N = 321) = 113.146, p = 0.000), in planting {χ2 (1, N = 321) = 29.28, p = 0.000}. Majority of respondents lack food from January to June, during which 93% buy food. Conclusion: The high HIV prevalence in Pala has affected the farm labour leading to food insecurity.Keywords: food security, HIV, AIDS, labour
Procedia PDF Downloads 2692639 Protecting Right to Life and Combating Terrorism through the Instrument of Law in Nigeria
Authors: Oyekan Kolawole Jamiu
Abstract:
The right to life is a moral principle based on the belief that a human being has the right to life and, in particular, should not be unjustly killed by another human being. However, the most worrisome security challenge in Nigeria which has cut short the lives of innocent Nigerians is the activities of the dreaded terrorist group known as Boko Haram (which means Western Education is a sin). Between 2004 till date, over 15000 people have been gruesomely murdered by this terrorist group. However, despite the facts that suspected terrorists are arrested and paraded almost on a daily basis, cases of terrorism in our courts in Nigeria today have not been expeditiously dealt with by the judiciary. This paper examines the concept of right to life. The right to life is an inherent right for each and every person. From his or her birth; the individual is considered a living being that must be protected. The right to life connotes also right to live and grow in a healthy environment where there is appropriate health care, qualitative education and adequate security of lives and property. The paper also examines the fight against terrorism and the duty of the government to protect right to life of every individual even in the midst of the fight against terrorism. The paper further reviews the Terrorism Act 2011(as amended) and the clogs in the wheel of prosecution of suspected terrorists. The paper concludes that since terrorism is a new security challenge, to prevent conflict of interest, only one security agency should be trained and saddled with the responsibility of prosecuting suspected terrorist, Law should be enacted to compel intelligent gathering and sharing of information among security agencies and in addition, a special court should be established to deal expeditiously with cases of terrorism in Nigeria.Keywords: terrorism, intelligent gathering, right to life, prosecution
Procedia PDF Downloads 3492638 Child Labour and the Challenges of National Security in Nigeria: A Study of Aba Urban, Abia State, Nigeria
Authors: Anyaogu Paul
Abstract:
The study examines the problem of child labour in respect to National security in Nigeria. The current situation reflects a chronic urban poverty, which can compel parents and guardians to send their children and wards of school age to engage in income yielding activities to augment family income. The study sought to explain the basis of child labour, its causes and its effects on its victim and society at large. A social survey research design was employed to select the respondents. A sample size of 250 respondents was selected from targeted population of children below the age of 18 years. A questionnaire instrument was employed to collect data. An accidental sampling technique was employed to select the respondents. The findings revealed that child labour is on the increase and a serious threat to national security and social cohesion. The study recommends that the Nigerian government should enforce the laws on child labour and provide opportunities for job creation for urban dwellers. More so, government should also provide free and compulsory education at primary and secondary school levels of education.Keywords: child labour, family income, national security, survey research
Procedia PDF Downloads 4242637 Client Hacked Server
Authors: Bagul Abhijeet
Abstract:
Background: Client-Server model is the backbone of today’s internet communication. In which normal user can not have control over particular website or server? By using the same processing model one can have unauthorized access to particular server. In this paper, we discussed about application scenario of hacking for simple website or server consist of unauthorized way to access the server database. This application emerges to autonomously take direct access of simple website or server and retrieve all essential information maintain by administrator. In this system, IP address of server given as input to retrieve user-id and password of server. This leads to breaking administrative security of server and acquires the control of server database. Whereas virus helps to escape from server security by crashing the whole server. Objective: To control malicious attack and preventing all government website, and also find out illegal work to do hackers activity. Results: After implementing different hacking as well as non-hacking techniques, this system hacks simple web sites with normal security credentials. It provides access to server database and allow attacker to perform database operations from client machine. Above Figure shows the experimental result of this application upon different servers and provides satisfactory results as required. Conclusion: In this paper, we have presented a to view to hack the server which include some hacking as well as non-hacking methods. These algorithms and methods provide efficient way to hack server database. By breaking the network security allow to introduce new and better security framework. The terms “Hacking” not only consider for its illegal activities but also it should be use for strengthen our global network.Keywords: Hacking, Vulnerabilities, Dummy request, Virus, Server monitoring
Procedia PDF Downloads 2512636 Secure Optical Communication System Using Quantum Cryptography
Authors: Ehab AbdulRazzaq Hussein
Abstract:
Quantum cryptography (QC) is an emerging technology for secure key distribution with single-photon transmissions. In contrast to classical cryptographic schemes, the security of QC schemes is guaranteed by the fundamental laws of nature. Their security stems from the impossibility to distinguish non-orthogonal quantum states with certainty. A potential eavesdropper introduces errors in the transmissions, which can later be discovered by the legitimate participants of the communication. In this paper, the modeling approach is proposed for QC protocol BB84 using polarization coding. The single-photon system is assumed to be used in the designed models. Thus, Eve cannot use beam-splitting strategy to eavesdrop on the quantum channel transmission. The only eavesdropping strategy possible to Eve is the intercept/resend strategy. After quantum transmission of the QC protocol, the quantum bit error rate (QBER) is estimated and compared with a threshold value. If it is above this value the procedure must be stopped and performed later again.Keywords: security, key distribution, cryptography, quantum protocols, Quantum Cryptography (QC), Quantum Key Distribution (QKD).
Procedia PDF Downloads 4042635 A Decision-Support Tool for Humanitarian Distribution Planners in the Face of Congestion at Security Checkpoints: A Real-World Case Study
Authors: Mohanad Rezeq, Tarik Aouam, Frederik Gailly
Abstract:
In times of armed conflicts, various security checkpoints are placed by authorities to control the flow of merchandise into and within areas of conflict. The flow of humanitarian trucks that is added to the regular flow of commercial trucks, together with the complex security procedures, creates congestion and long waiting times at the security checkpoints. This causes distribution costs to increase and shortages of relief aid to the affected people to occur. Our research proposes a decision-support tool to assist planners and policymakers in building efficient plans for the distribution of relief aid, taking into account congestion at security checkpoints. The proposed tool is built around a multi-item humanitarian distribution planning model based on multi-phase design science methodology that has as its objective to minimize distribution and back ordering costs subject to capacity constraints that reflect congestion effects using nonlinear clearing functions. Using the 2014 Gaza War as a case study, we illustrate the application of the proposed tool, model the underlying relief-aid humanitarian supply chain, estimate clearing functions at different security checkpoints, and conduct computational experiments. The decision support tool generated a shipment plan that was compared to two benchmarks in terms of total distribution cost, average lead time and work in progress (WIP) at security checkpoints, and average inventory and backorders at distribution centers. The first benchmark is the shipment plan generated by the fixed capacity model, and the second is the actual shipment plan implemented by the planners during the armed conflict. According to our findings, modeling and optimizing supply chain flows reduce total distribution costs, average truck wait times at security checkpoints, and average backorders when compared to the executed plan and the fixed-capacity model. Finally, scenario analysis concludes that increasing capacity at security checkpoints can lower total operations costs by reducing the average lead time.Keywords: humanitarian distribution planning, relief-aid distribution, congestion, clearing functions
Procedia PDF Downloads 82