Search results for: software security attributes

Authors: Safwan Mawlood Hussien

Abstract:

Internet of Things (IoT) is a promising technology has received considerable attention in different fields such as health, industry, defence, and agro, etc. Due to the limitation capacity of computing, storage, and communication, IoT objects are more vulnerable to attacks. Many solutions have been proposed to solve security issues, such as key management using symmetric-key ciphers. This study provides a scalable group distribution key management based on ECcryptography; with less transmitted messages The method has been validated through simulations in OMNeT++.

Keywords: elliptic curves, Diffie–Hellman, discrete logarithm problem, secure key exchange, WSN security, IoT security, smart-agro

Procedia PDF Downloads 119

Authors: Adel Smeda, Badr Najep

Abstract:

Software architecture is a method of describing the architecture of a software system at a high level of abstraction. It represents a common abstraction of a system that stakeholders can use as a basis for mutual understanding, negotiation, consensus, and communication. It also manifests the earliest design decisions about a system, and these early bindings carry weight far out of proportion to their individual gravity with respect to the system's remaining development, its deployment, and its maintenance life, therefore it is the earliest point at which design decisions governing the system to be built can be analyzed. In this paper, we present a tool to model the architecture of software systems. It represents the first method by which system defects can be detected, and provide a clear representation of a system’s components and interactions at a high level of abstraction. It can be distinguished from other tools by its support to all software architecture elements. The tool is built using VB.net 2010. We used this tool to describe two well know systems, i.e. Capitalize and Client/Server, and the descriptions we obtained support all architectural elements of the two systems.

Keywords: software architecture, architecture description languages, modeling

Procedia PDF Downloads 466

Authors: Loide Sambo

Abstract:

Achieving energy security has, in the past few decades, become one of the main goals in the security agenda of every country around the world. For Southern African Countries (SAC) the aim is not different, yet these countries face a particular challenge in the pursuit of their energy security. More than just secure enough energy sources to fuel their industrial and societal needs, SAC have as well to ensure that they trade their rich energy resources to the global market in a way that promotes and safeguards their economic development objectives. Considering the relevance of this issue to the SAC, the present paper explores the possibility of these countries to achieve energy security through regional cooperation, under the Southern Africa Development Community (SADC) platform. It discusses the challenges and opportunities for advancing energy security in this region through cooperation. After analyzing the data through the documentary analysis method, it was found that regional cooperation among SAC to improve energy security is not effective since cooperation in the region is still very susceptible to a plethora of challenges, such as political instability, lack of development of infrastructure and expertise, lack of good governance, lack of sense of cohesiveness, and most important lack of political commitment. It was also found that significant commitment on regional cooperation had been centered on the electricity sub-sector due to the region’s huge electricity deficit. Thus less commitment is dedicated to the development and policy harmonization of the other sub-sectors such as the one of natural gas and oil, for instance. Hence, it is recommended that the leadership of the SAC is fully committed to cooperate and harmonize the policies, the strategic plans, as well as the infrastructure concerning to all the natural energy resources and its respective sub-sectors. This would provide the SAC significant leverage to negotiate for the energy market access, ensuring that the region’s energy commodities are traded, while the countries themselves retain enough energy to sustain their economic growth and development, improving, therefore, their energy security.

Keywords: regional cooperation, energy security, economic development, political commitment

Procedia PDF Downloads 248

Authors: Nodelman V.

Abstract:

Despite serious difficulties in the assimilation of the conceptual system of Calculus, software in the educational process is used only occasionally, and even then, mainly for illustration purposes. The following are a few reasons: The non-trivial nature of the studied material, Lack of skills in working with software, Fear of losing time working with software, The variety of the software itself, the corresponding interface, syntax, and the methods of working with the software, The need to find suitable models, and familiarize yourself with working with them, Incomplete compatibility of the found models with the content and teaching methods of the studied material. This paper proposes an active use of the developed non-commercial software VusuMatica, which allows removing these restrictions through Broad support for the studied mathematical material (and not only Calculus). As a result - no need to select the right software, Emphasizing the unity of mathematics, its intrasubject and interdisciplinary relations, User-friendly interface, Absence of special syntax in defining mathematical objects, Ease of building models of the studied material and manipulating them, Unlimited flexibility of models thanks to the ability to redefine objects, which allows exploring objects characteristics, and considering examples and counterexamples of the concepts under study. The construction of models is based on an original approach to the analysis of the structure of the studied concepts. Thanks to the ease of construction, students are able not only to use ready-made models but also to create them on their own and explore the material studied with their help. The presentation includes examples of using VusuMatica in studying the concepts of limit and continuity of a function, its derivative, and integral.

Keywords: counterexamples, limitations and requirements, software, teaching and learning calculus, user-friendly interface and syntax

Procedia PDF Downloads 81

Authors: Alma Orucevic-Alagic, Martin Höst

Abstract:

Open source communities have demonstrated that complex and enterprise grade software can be produced, supported, and maintained by self-organizing groups of developers using primarily electronic form of communication. Due to the inherent nature of open source development, a specific set of open source software development practices has evolved. While there is an ongoing research on the topic of applicability of open source development practices within a company setting, still little is known about their benefits and challenges. The objective of this research is to understand if and to what degree open source development practices observed within a mature open source community are aligned with development practices within a large software and hardware company setting. For the purpose of this case study a set of open source development practices that are present in a mature open source community has been identified. Then, development practices of a large, international, hardware and software company based in Sweden were assessed and compared to the identified open source community practices. It is shown that there are many similarities between a mature open source community and a large company setting in regard to software development practices. We also identify practices that exist in open source communities and that are not standard within a company setting, but whose implementation can result in an improved software development efficiency within the company setting.

Keywords: development practices, open source software, innersource, closed open source

Procedia PDF Downloads 558

Authors: Yael Deutsch, Arieh Gavious

Abstract:

The threat of aviation terrorism and its potential damage became significant after the 9/11 terror attacks. These attacks have led authorities and leaders to suggest that security personnel should overcome politically correct scruples about profiling and use it openly. However, there is a lack of knowledge about the smart usage of profiling and its advantages. We analyze game models that are suitable to specific real-world scenarios, focusing on profiling as a tool to detect potential violators, such as terrorists and smugglers. We provide analytical and clear answers to difficult questions, and by that help fighting against harmful violation acts.

Keywords: game theory, profiling, security, nash equilibrium

Procedia PDF Downloads 109

Authors: Fiyinfoluwa Giwa, Nicholas Ngepah

Abstract:

This paper investigates the relationship between the Fourth Industrial Revolution and food security in South Africa. The Ordinary Least Square was adopted from 2012 Q1 to 2021 Q4. The study used artificial intelligence investment and the food production index as the measure for the fourth industrial revolution and food security, respectively. Findings reveal a significant and positive coefficient of 0.2887, signifying a robust statistical relationship between AI adoption and the food production index. As a policy recommendation, this paper recommends the introduction of incentives for farmers and agricultural enterprises to adopt AI technologies -and the expansion of digital connectivity and access to technology in rural areas.

Keywords: Fourth Industrial Revolution, food security, artificial intelligence investment, food production index, ordinary least square

Procedia PDF Downloads 75

Authors: Yunos Zahri, Ab Hamid R. Susanty, Ahmad Mustaffa

Abstract:

This paper explores the need for a national baseline study on understanding the level of cyber security situational awareness among primary and secondary school students in Malaysia. The online survey method was deployed to administer the data collection exercise. The target groups were divided into three categories: Group 1 (primary school aged 7-9 years old), Group 2 (primary school aged 10-12 years old), and Group 3 (secondary school aged 13-17 years old). A different questionnaire set was designed for each group. The survey topics/areas included Internet and digital citizenship knowledge. Respondents were randomly selected from rural and urban areas throughout all 14 states in Malaysia. A total of 9,158 respondents participated in the survey, with most states meeting the minimum sample size requirement to represent the country’s demographics. The findings and recommendations from this baseline study are fundamental to develop teaching modules required for children to understand the security risks and threats associated with the Internet throughout their years in school. Early exposure and education will help ensure healthy cyber habits among millennials in Malaysia.

Keywords: cyber security awareness, cyber security education, cyber security, school students

Procedia PDF Downloads 302

Authors: Naveed Ghani, Samreen Javed

Abstract:

In today’s heterogeneous network environment, there is a growing demand for distrust clients to jointly execute secure network to prevent from malicious attacks as the defining task of propagating malicious code is to locate new targets to attack. Residual risk is always there no matter what solutions are implemented or whet so ever security methodology or standards being adapted. Security is the first and crucial phase in the field of Computer Science. The main aim of the Computer Security is gathering of information with secure network. No one need wonder what all that malware is trying to do: It's trying to steal money through data theft, bank transfers, stolen passwords, or swiped identities. From there, with the help of our survey we learn about the importance of white listing, antimalware programs, security patches, log files, honey pots, and more used in banks for financial data protection but there’s also a need of implementing the IPV6 tunneling with Crypto data transformation according to the requirements of new technology to prevent the organization from new Malware attacks and crafting of its own messages and sending them to the target. In this paper the writer has given the idea of implementing IPV6 Tunneling Secessions on private data transmission from financial organizations whose secrecy needed to be safeguarded.

Keywords: network worms, malware infection propagating malicious code, virus, security, VPN

Procedia PDF Downloads 358

Authors: Lennon Furtado, Sandro Oliveira

Abstract:

The importance of an effective measurement program lies in the ability to control and predict what can be measured. Thus, the measurement program has the capacity to provide bases in decision-making to support the interests of an organization. Therefore, it is only possible to apply for an effective measurement program with a team of software engineers well trained in the measurement area. However, the literature indicates that are few computer science courses that have in their program the teaching of the software measurement process. And even these, generally present only basic theoretical concepts of said process and little or no measurement in practice, which results in the student's lack of motivation to learn the measurement process. In this context, according to some experts in software process improvements, one of the most used approaches to maintaining the motivation and commitment to software process improvements program is the use of the gamification. Therefore, this paper aims to present a proposal of teaching the measurement process by gamification. Which seeks to improve student motivation and performance in the assimilation of tasks related to software measurement, by incorporating elements of games into the practice of measurement process, making it more attractive for learning. And as a way of validating the proposal will be made a comparison between two distinct groups of 20 students of Software Quality class, a control group, and an experiment group. The control group will be the students that will not make use of the gamification proposal to learn software measurement process, while the experiment group, will be the students that will make use of the gamification proposal to learn software measurement process. Thus, this paper will analyze the objective and subjective results of each group. And as objective result will be analyzed the student grade reached at the end of the course, and as subjective results will be analyzed a post-course questionnaire with the opinion of each student about the teaching method. Finally, this paper aims to prove or refute the following hypothesis: If the gamification proposal to teach software measurement process does appropriate motivate the student, in order to attribute the necessary competence to the practical application of the measurement process.

Keywords: education, gamification, software measurement process, software engineering

Procedia PDF Downloads 314

Authors: Nareshkumar Harale, B. B. Meshram

Abstract:

The continued exponential growth of successful cyber intrusions against today’s businesses has made it abundantly clear that traditional perimeter security measures are no longer adequate and effective. We evolved the network trust architecture from trust-untrust to Zero-Trust, With Zero Trust, essential security capabilities are deployed in a way that provides policy enforcement and protection for all users, devices, applications, data resources, and the communications traffic between them, regardless of their location. Information exchange over the Internet, in spite of inclusion of advanced security controls, is always under innovative, inventive and prone to cyberattacks. TCP/IP protocol stack, the adapted standard for communication over network, suffers from inherent design vulnerabilities such as communication and session management protocols, routing protocols and security protocols are the major cause of major attacks. With the explosion of cyber security threats, such as viruses, worms, rootkits, malwares, Denial of Service attacks, accomplishing efficient and effective intrusion detection and prevention is become crucial and challenging too. In this paper, we propose a design and analysis model for next generation network intrusion detection and protection system as part of layered security strategy. The proposed system design provides intrusion detection for wide range of attacks with layered architecture and framework. The proposed network intrusion classification framework deals with cyberattacks on standard TCP/IP protocol, routing protocols and security protocols. It thereby forms the basis for detection of attack classes and applies signature based matching for known cyberattacks and data mining based machine learning approaches for unknown cyberattacks. Our proposed implemented software can effectively detect attacks even when malicious connections are hidden within normal events. The unsupervised learning algorithm applied to network audit data trails results in unknown intrusion detection. Association rule mining algorithms generate new rules from collected audit trail data resulting in increased intrusion prevention though integrated firewall systems. Intrusion response mechanisms can be initiated in real-time thereby minimizing the impact of network intrusions. Finally, we have shown that our approach can be validated and how the analysis results can be used for detecting and protection from the new network anomalies.

Keywords: network intrusion detection, network intrusion prevention, association rule mining, system analysis and design

Procedia PDF Downloads 227

Authors: Samuel Owoade, Zainab Idowu, Idris Ajibade, Abel Uzoka

Abstract:

Cloud computing adoption continues to soar, with 83% of enterprise workloads estimated to be in the cloud by 2022. However, this rapid migration raises security concerns, needing strong security management solutions to safeguard sensitive data and essential applications. This paper investigates the critical role of technical project managers in orchestrating security management initiatives for cloud environments, evaluating their responsibilities, challenges, and best practices for assuring the resilience and integrity of cloud infrastructures. Drawing from a comprehensive review of industry reports and interviews with cloud security experts, this research highlights the multifaceted landscape of security management in cloud environments. Despite the rapid adoption of cloud services, only 25% of organizations have matured their cloud security practices, indicating a pressing need for effective management strategies. This paper proposes a strategy framework adapted to the demands of technical project managers, outlining the important components of effective cloud security management. Notably, 76% of firms identify misconfiguration as a major source of cloud security incidents, underlining the significance of proactive risk assessment and constant monitoring. Furthermore, the study emphasizes the importance of technical project managers in facilitating cross-functional collaboration, bridging the gap between cybersecurity professionals, cloud architects, compliance officers, and IT operations teams. With 68% of firms seeing difficulties integrating security policies into their cloud systems, effective communication and collaboration are critical to success. Case studies from industry leaders illustrate the practical use of security management projects in cloud settings. These examples demonstrate the importance of technical project managers in using their expertise to address obstacles and generate meaningful outcomes, with 92% of firms reporting improved security practices after implementing proactive security management tactics. In conclusion, this research underscores the critical role of technical project managers in safeguarding cloud environments against evolving threats. By embracing their role as guardians of the cloud realm, project managers can mitigate risks, optimize resource utilization, and uphold the trust and integrity of cloud infrastructures in an era of digital transformation.

Keywords: cloud security, security management, technical project management, cybersecurity, cloud infrastructure, risk management, compliance

Procedia PDF Downloads 51

Authors: Viet-Hung Truong, Seung-Eock Kim

Abstract:

This paper presents a robust software package for practical advanced analysis of space steel framed structures. The pre- and post-processors of the presented software package are coded in the C++ programming language while the solver is written by using the FORTRAN programming language. A user-friendly graphical interface of the presented software is developed to facilitate the modeling process and result interpretation of the problem. The solver employs the stability functions for capturing the second-order effects to minimize modeling and computational time. Both the plastic-hinge and fiber-hinge beam-column elements are available in the presented software. The generalized displacement control method is adopted to solve the nonlinear equilibrium equations.

Keywords: advanced analysis, beam-column, fiber-hinge, plastic hinge, steel frame

Procedia PDF Downloads 307

Authors: Triveni Gogoi, Rima Chatterjee

Abstract:

Shear wave velocity (Vs) estimation is an important approach in the seismic exploration and characterization of a hydrocarbon reservoir. There are varying methods for prediction of S-wave velocity, if recorded S-wave log is not available. But all the available methods for Vs prediction are empirical mathematical models. Shear wave velocity can be estimated using P-wave velocity by applying Castagna’s equation, which is the most common approach. The constants used in Castagna’s equation vary for different lithologies and geological set-ups. In this study, multiple regression analysis has been used for estimation of S-wave velocity. The EMERGE module from Hampson-Russel software has been used here for generation of S-wave log. Both single attribute and multi attributes analysis have been carried out for generation of synthetic S-wave log in Upper Assam basin. Upper Assam basin situated in North Eastern India is one of the most important petroleum provinces of India. The present study was carried out using four wells of the study area. Out of these wells, S-wave velocity was available for three wells. The main objective of the present study is a prediction of shear wave velocities for wells where S-wave velocity information is not available. The three wells having S-wave velocity were first used to test the reliability of the method and the generated S-wave log was compared with actual S-wave log. Single attribute analysis has been carried out for these three wells within the depth range 1700-2100m, which corresponds to Barail group of Oligocene age. The Barail Group is the main target zone in this study, which is the primary producing reservoir of the basin. A system generated list of attributes with varying degrees of correlation appeared and the attribute with the highest correlation was concerned for the single attribute analysis. Crossplot between the attributes shows the variation of points from line of best fit. The final result of the analysis was compared with the available S-wave log, which shows a good visual fit with a correlation of 72%. Next multi-attribute analysis has been carried out for the same data using all the wells within the same analysis window. A high correlation of 85% has been observed between the output log from the analysis and the recorded S-wave. The almost perfect fit between the synthetic S-wave and the recorded S-wave log validates the reliability of the method. For further authentication, the generated S-wave data from the wells have been tied to the seismic and correlated them. Synthetic share wave log has been generated for the well M2 where S-wave is not available and it shows a good correlation with the seismic. Neutron porosity, density, AI and P-wave velocity are proved to be the most significant variables in this statistical method for S-wave generation. Multilinear regression method thus can be considered as a reliable technique for generation of shear wave velocity log in this study.

Keywords: Castagna's equation, multi linear regression, multi attribute analysis, shear wave logs

Procedia PDF Downloads 229

Authors: Adine Barett, Jermel Watson, Anteneh Girma, Kacem Thabet

Abstract:

In information security, secure communication of data across networks has always been a problem at the forefront. Transfer of information across networks is susceptible to being exploited by attackers engaging in malicious activity. In this paper, we leverage steganography and cryptography to create a layered security solution to protect the information being transmitted. The first layer of security leverages crypto- graphic techniques to scramble the information so that it cannot be deciphered even if the steganography-based layer is compromised. The second layer of security relies on steganography to disguise the encrypted in- formation so that it cannot be seen. We consider three cryptographic cipher methods in the cryptography layer, namely, Playfair cipher, Blowfish cipher, and Hills cipher. Then, the encrypted message is passed through the least significant bit (LSB) to the steganography algorithm for further encryption. Both encryption approaches are combined efficiently to help secure information in transit over a network. This multi-layered encryption is a solution that will benefit cloud platforms, social media platforms and networks that regularly transfer private information such as banks and insurance companies.

Keywords: cryptography, steganography, layered security, Cipher, encryption

Procedia PDF Downloads 84

Authors: Ramadhan Febriansyah, Sarah Novianti, Santi Agustini

Abstract:

Indonesia is a big country with Moslem population. The government must fulfill all needs of the people. However, we do not have a good policy yet especially on healthy, safety and halal food. We try to offer a new solution to overcome this with ASUH (Aman, Sehat, Utuh, Halal) or in English is SHIH (Safe, Healthy, Intact, Halal) as alternative Indonesian policy on food security. This policy is Indonesian Government’s commitment to support Sustainability Development Goals program for the zero hunger (end hunger, to achieve food security and improved nutrition for Indonesian people, of course, to promote sustainable agriculture). Hopefully, it not only can increasing quality on food especially on livestock goods (meat, egg, milk) but also to guarantee the halal food. However, this policy can be an example to others country especially Moslem countries to support SDG’s programs. This research conducted means of the descriptive method; the authors find compare the secondary data obtained from journals, textbook and scientific articles in order to determine the factors that influence food safety and food security. Relevant data used and contain a description of SDG’s as well as about the system food safety and food security that SHIH (Safe, Healthy, Intact and Halal) so these ideas can be implemented.

Keywords: food safety, food security, food sovereignty, halal SDG's

Procedia PDF Downloads 383

Authors: Christantus Begealawuh Nchongayi

Abstract:

As clearly stated in goal 14 of sustainable development goals, global oceans greatly contribute to making the earth habitable for mankind. This explains why ocean governance is an important global concern today. The emerging maritime security problems and the impact of climate change on African oceans, evidenced by tropical cyclones as seen recently in the Southern region of Africa, is also an indication that maritime governance and policymaking are important elements of peace and security in Africa. Within the last decade, there have been commendable efforts towards maritime governance and policymaking in Africa, although implementation of existing maritime policies is still lacking. This paper provides a snapshot of the overall state of the maritime policymaking process in Africa. It specifically explores the challenges facing policymakers in developing national and regional maritime security strategy in the East African Community. For methodology, the paper relied on primary and secondary data. Primary data was collected from informal discussions with policymakers and key policy-making bodies in Africa, and from a survey of public opinions. The study found that the Africa Integrated Maritime Strategy (2050 AIMS) is a recent template for regional and national maritime security policymaking in Africa and that although maritime security has in the past not been prioritized in the security agenda of the East African Community, developing and aligning a regional maritime security strategy to the 2050 AIMS will result to positive regional integration outcomes in East Africa.

Keywords: 2050 Africa integrated maritime strategy, east African community, maritime policy-making, maritime security

Procedia PDF Downloads 216

Authors: Hualter Barbosa, Bruno Bonifacio

Abstract:

The process of globalization and new business has transformed the dynamics of software development. To meet the new demands, the software industry has adapted new methodologies that can shorten development cycles to ensure greater competitiveness. Given this scenario, Global Software Development (GSD) has become a strategic element for new products' success. However, the reliability, opportunity, and perceived value can be influenced substantially with the automation of steps in the development process activities. In this sense, the development of new technologies can help developers and managers to improve the quality of development. This paper presents a report on improving one of the release process activities of Sidia's mobile product area using software technology. The objective is to present the improvement of the CLCATCH tool developed based on experimental studies and qualitative analysis on the points of improvement for the release process in Android update projects for Samsung mobile devices. The results show improvement for the new version and approach of the tool, with points that can facilitate new features of the proposed technology.

Keywords: Android updated, empirical studies, GSD, process improvement

Procedia PDF Downloads 142

Authors: Husnil Khatimah, Fairol Halim

Abstract:

This research examines the moderating impact of security on intention to use e-money that adapted from some variables of the TAM (Technology Acceptance Model) and TPB (Theory of Planned Behavior). This study will use security as moderating variable and finds these relationship depends on customer intention to use e-money as payment tools. The conceptual framework of e-money transactions was reviewed to understand behavioral intention of consumers from perceived usefulness, perceived ease of use, perceived behavioral control and security. Quantitative method will be utilized as sources of data collection. A total of one thousand respondents will be selected using quota sampling method in Medan, Indonesia. Descriptive analysis and Multiple Regression analysis will be conducted to analyze the data. The article ended with suggestion for future studies.

Keywords: e-money transaction, TAM & TPB, moderating variable, behavioral intention, conceptual paper

Procedia PDF Downloads 454

Authors: Jihène Khalifa

Abstract:

This study analyzed the relationships between Tunisia’s economic growth, food security, agricultural productivity, and climate change using the ARDL model for the period from 1990 to 2022. The ARDL model reveals a positive correlation between economic growth and lagged agricultural productivity. Additionally, the vector autoregressive (VAR) model highlights the beneficial impact of lagged agricultural productivity on economic growth and the negative effect of rainfall on economic growth. Granger causality analysis identifies unidirectional relationships from economic growth to agricultural productivity, crop production, food security, and temperature variations, as well as from temperature variations to crop production. Furthermore, a bidirectional causality is established between crop production and food security. The study underscores the impact of climate change on crop production and suggests the need for adaptive strategies to mitigate these climate effects.

Keywords: economic growth, agriculture, food security, climate change, ARDl, VAR

Procedia PDF Downloads 31

Authors: Abdullah M. Algarni, Yashwant K. Malaiya

Abstract:

Some of the key aspects of vulnerability-discovery, dissemination, and disclosure-have received some attention recently. However, the role of interaction among the vulnerability discoverers and vulnerability acquirers has not yet been adequately addressed. Our study suggests that a major percentage of discoverers, a majority in some cases, are unaffiliated with the software developers and thus are free to disseminate the vulnerabilities they discover in any way they like. As a result, multiple vulnerability markets have emerged. In some of these markets, the exchange is regulated, but in others, there is little or no regulation. In recent vulnerability discovery literature, the vulnerability discoverers have remained anonymous individuals. Although there has been an attempt to model the level of their efforts, information regarding their identities, modes of operation, and what they are doing with the discovered vulnerabilities has not been explored. Reports of buying and selling of the vulnerabilities are now appearing in the press; however, the existence of such markets requires validation, and the natures of the markets need to be analysed. To address this need, we have attempted to collect detailed information. We have identified the most prolific vulnerability discoverers throughout the past decade and examined their motivation and methods. A large percentage of these discoverers are located in Eastern and Western Europe and in the Far East. We have contacted several of them in order to collect first-hand information regarding their techniques, motivations, and involvement in the vulnerability markets. We examine why many of the discoverers appear to retire after a highly successful vulnerability-finding career. The paper identifies the actual vulnerability markets, rather than the hypothetical ideal markets that are often examined. The emergence of worldwide government agencies as vulnerability buyers has significant implications. We discuss potential factors that can impact the risk to society and the need for detailed exploration.

Keywords: risk management, software security, vulnerability discoverers, vulnerability markets

Procedia PDF Downloads 252

Authors: Mohar Kassim, Hardy Azmir, Rahmat Sholihin Mokhtar

Abstract:

The purpose of this study is to build portable application software to determine the level of cardiovascular fitness for cadet students of the National Defence University of Malaysia (NDUM). Fitness in the context of this study refers to physical fitness, specifically the cardiovascular endurance level test battery in the form of a 2.4 km run test for UPNM cadet students. This run test will be conducted to measure, test, and evaluate the performance of UPNM cadet students. All the run test results can be recorded electronically inside the portable software and will later be able to show the level of cardiovascular fitness of every cadet student according to age and gender. This software can also calculate the body mass index (BMI). Normative survey method will be used in this study through the analysis of the 2.4 km run test results. The run test scores will be classified in interval and ratio scales. Based on the findings of this study, portable application software will produced. The software will be able to directly assist the Military Training Academy (ALK), Malaysian Armed Forces (ATM), and other relevant agencies in determining the level of cardiovascular fitness among their staff. The test can be done electronically and on portable mode. The next step to be taken is to have this application patented.

Keywords: development, software, application, portable, fitness norms, cardiovascular endurance

Procedia PDF Downloads 549

Authors: Hussain Ali Bekhet, Endang Jati Mat Sahid

Abstract:

For the past few decades, the Malaysian economy has expanded at an impressive pace, whilst, the Malaysian population has registered a relatively high growth rate. These factors had driven the growth of final energy demand. The ballooning energy demand coupled with the country’s limited indigenous energy resources have resulted in an increased of the country’s net import. Therefore, acknowledging the precarious position of the country’s energy self-sufficiency, this study has identified three main concerns regarding energy security, namely; over-dependence on fossil fuel, increasing energy import dependency, and increasing energy consumption per capita. This paper discusses the recent energy demand and supply trends, highlights the policies that are affecting energy security in Malaysia and suggests strategic options towards achieving energy security. The paper suggested that diversifying energy sources, reducing carbon content of energy, efficient utilization of energy and facilitating low-carbon industries could further enhance the effectiveness of the measures as the introduction of policies and initiatives will be more holistic.

Keywords: electricity, energy policy, energy security, Malaysia

Procedia PDF Downloads 305

Authors: Kassem Saleh

Abstract:

An alarming number of software projects fail to deliver the required functionalities within the provided budget and timeframe and with the required qualities. Some of the main reasons for this problem include bad stakeholder management, poor communications and informal change management. Informal processes to identify, engage and control stakeholders lead to these reasons. Recently, to emphasize its importance, the Project Management Institute (PMI) updated the Project Management Body of Knowledge (PMBoK) to explicitly include the stakeholder management knowledge area. This knowledge area consists of four processes to identify stakeholders, plan stakeholder management, and manage and control stakeholder engagement. The use of appropriate techniques for stakeholder management in software projects will definitely lead to higher quality and successful software. In this paper, we describe some of the proven techniques that can be used during the execution of the four processes for stakeholder management. Development of collaboration tools for automating these processes are recommended and need to be integrated in available software project management tools.

Keywords: project management, stakeholder management, software development, project management body of knowledge

Procedia PDF Downloads 311

Authors: P. Ghann, J. Shiguang, C. Zhou

Abstract:

Access control is one of the most challenging issues facing information security. Access control is defined as, the ability to permit or deny access to a particular computational resource or digital information by an unauthorized user or subject. The concept of usage control (UCON) has been introduced as a unified approach to capture a number of extensions for access control models and systems. In UCON, an access decision is determined by three factors: Authorizations, obligations and conditions. Attribute mutability and decision continuity are two distinct characteristics introduced by UCON for the first time. An observation of UCON components indicates that, the components are predefined and static. In this paper, we propose a new and flexible model of usage control for the creation and elimination of some of these components; for example new objects, subjects, attributes and integrate these with the original UCON model. We also propose a model for concurrent usage scenarios in UCON.

Keywords: access control, concurrency, digital container, usage control

Procedia PDF Downloads 320

Authors: L. Sellami, D. Idoughi, P. F. Tiako

Abstract:

Cloud computing provides infrastructure to the enterprise through the Internet allowing access to cloud services at anytime and anywhere. This pervasive aspect of the services, the distributed nature of data and the wide use of information make cloud computing vulnerable to intrusions that violate the security of the cloud. This requires the use of security mechanisms to detect malicious behavior in network communications and hosts such as intrusion detection systems (IDS). In this article, we focus on the detection of intrusion into the cloud sing IDSs. We base ourselves on client authentication in the computing cloud. This technique allows to detect the abnormal use of ubiquitous service and prevents the intrusion of cloud computing. This is an approach based on client authentication data. Our IDS provides intrusion detection inside and outside cloud computing network. It is a double protection approach: The security user node and the global security cloud computing.

Keywords: cloud computing, intrusion detection system, privacy, trust

Procedia PDF Downloads 323

Authors: Florence Malongane, Lyndy J. McGaw, Legesse K. Debusho, Fhatuwani N. Mudau

Abstract:

Rooibos (Aspalathus linearis (Burm.f.) R.Dahlgren), honeybush (Cyclopia Vent. species), bush tea (Athrixia phylicoides DC.) and special tea (Monsonia burkeana) are traditionally consumed herbal teas in South Africa. The volatile and sensory qualities of rooibos and honeybush tea have previously been described although there is a dearth of information regarding the sensory attributes and volatile compounds analysis of special tea and bush tea. The objective of this study was to describe the sensory properties, compare the differences in descriptive sensory analysis (DSA) and volatile compounds of bush tea, special, rooibos, honeybush and the blend of bush tea with special, honeybush and rooibos in a 1:1 ratio and subsequently to determine the influence of blending bush tea with other herbal teas. DSA was used to assess the sensory attributes of the teas while gas chromatography–mass spectrometry (GC-MS) was used to quantitatively determine the volatile components of the teas. Rooibos tea and honeybush tea had an overall sweet-caramel, honey-sweet, perfume floral and woody aroma with slight astringency, consistent with the taste and aftertaste attributes. In contrast, bush tea and special tea depicted green-cut grass, dry green herbal, cooked spinach aroma as well as taste and aftertaste characteristics. GC-MS analyses revealed that the seven tea samples had similar major volatiles, including 2-furanmethanol, 2-methoxy-4-vinylphenol, acetic acid, D-limonene terpene and phytol. Cluster analysis revealed that the sweet and woody flavour of honeybush and rooibos were ascribed to the presence of á-myrcene, phenylethyl alcohol, phytol and vanillin. The bitter, medicinal flavour attributes of special tea were attributed to (-)-carvone. Blending of bush tea with rooibos and honeybush tea toned down its aversive flavour components, typically the bitter, green-cut grass and herbal properties, thus minimising the possibility of consumer aversion.

Keywords: bush tea, rooibos tea, honeybush tea, sensory, volatile compounds

Procedia PDF Downloads 181

Authors: Eugenia Jilinguirian

Abstract:

In the healthcare industry, data mining is essential since it transforms the field by collecting useful data from large datasets. Data mining is the process of applying advanced analytical methods to large patient records and medical histories in order to identify patterns, correlations, and trends. Healthcare professionals can improve diagnosis accuracy, uncover hidden linkages, and predict disease outcomes by carefully examining these statistics. Additionally, data mining supports personalized medicine by personalizing treatment according to the unique attributes of each patient. This proactive strategy helps allocate resources more efficiently, enhances patient care, and streamlines operations. However, to effectively apply data mining, however, and ensure the use of private healthcare information, issues like data privacy and security must be carefully considered. Data mining continues to be vital for searching for more effective, efficient, and individualized healthcare solutions as technology evolves.

Keywords: data mining, healthcare, big data, individualised healthcare, healthcare solutions, database

Procedia PDF Downloads 66

Authors: Amneh Alkurdi, Yasean Tahat, Hamzeh Almuali

Abstract:

Purpose: The primary objective of the present paper is to examine the impact of CG attributes, including the board size, independency, separation and managerial ownership) on firm dividend payouts policy; using a sample of 72 Jordanian listed companies for the period of 2007-2013. Methodology: The study does manually review the sample firm’s annual reports for data collection and use OLS regression to carry out this investigation. Findings: The findings indicate that CG attributes have a strong impact on dividend payouts policy. In particular, board size, independency and separation have had significant associations with dividends payouts indicating that such variables matter when determining on dividends which may mitigate the conflicts between stakeholders’ and managers’ interests. The results also indicate that managerial ownership has had no significant impact on the dividends policy suggesting that managers do not use the strength of their position to influence the dividends policy. Finally, the results show that firm size and profitability have had statistically positive associations with dividend payouts, while this was not the case for firm leverage and growth where significant and positive relationships were documented. Originality/implication: The current paper extends the extant literature in this field by investigating the impact of the board composition on dividends and provides some insights for policy makers in emerging markets.

Keywords: corporate governance, dividends payouts policy, jordan, accounting

Procedia PDF Downloads 192

Authors: Anastasios Papathanasiou, George Liontos, Athanasios Katsouras, Vasiliki Liagkou, Euripides Glavas

Abstract:

Email remains a crucial communication tool due to its efficiency, accessibility and cost-effectiveness, enabling rapid information exchange across global networks. However, the global adoption of email has also made it a prime target for cyber threats, including phishing, malware and Business Email Compromise (BEC) attacks, which exploit its integral role in personal and professional realms in order to perform fraud and data breaches. To combat these threats, this research advocates for a multi-layered defense strategy incorporating advanced technological tools such as anti-spam and anti-malware software, machine learning algorithms and authentication protocols. Moreover, we developed an artificial intelligence model specifically designed to analyze email headers and assess their security status. This AI-driven model examines various components of email headers, such as "From" addresses, ‘Received’ paths and the integrity of SPF, DKIM and DMARC records. Upon analysis, it generates comprehensive reports that indicate whether an email is likely to be malicious or benign. This capability empowers users to identify potentially dangerous emails promptly, enhancing their ability to avoid phishing attacks, malware infections and other cyber threats.

Keywords: email security, artificial intelligence, header analysis, threat detection, phishing, DMARC, DKIM, SPF, ai model

Procedia PDF Downloads 59