Search results for: security engineering
5248 NUX: A Lightweight Block Cipher for Security at Wireless Sensor Node Level
Authors: Gaurav Bansod, Swapnil Sutar, Abhijit Patil, Jagdish Patil
Abstract:
This paper proposes an ultra-lightweight cipher NUX. NUX is a generalized Feistel network. It supports 128/80 bit key length and block length of 64 bit. For 128 bit key length, NUX needs only 1022 GEs which is less as compared to all existing cipher design. NUX design results into less footprint area and minimal memory size. This paper presents security analysis of NUX cipher design which shows cipher’s resistance against basic attacks like Linear and Differential Cryptanalysis. Advanced attacks like Biclique attack is also mounted on NUX cipher design. Two different F function in NUX cipher design results in high diffusion mechanism which generates large number of active S-boxes in minimum number of rounds. NUX cipher has total 31 rounds. NUX design will be best-suited design for critical application like smart grid, IoT, wireless sensor network, where memory size, footprint area and the power dissipation are the major constraints.Keywords: lightweight cryptography, Feistel cipher, block cipher, IoT, encryption, embedded security, ubiquitous computing
Procedia PDF Downloads 3825247 Reimagining Urban Food Security Through Informality Practices: The Case of Street Food Vending in Johannesburg, South Africa
Authors: Blessings Masuku
Abstract:
This study positions itself within the nascent of street food vending that plays a crucial role in addressing urban household food security across the urban landscape of South Africa. The study aimed to understand how various forms of infrastructure systems (i.e., energy, water and sanitation, housing, and transport, among others) intersect with food and urban informality and how vendors and households’ choices and decisions made around food are influenced by infrastructure assemblages. This study noted that most of the literature studies on food security have mainly focused on the rural agricultural sector, with limited attention to urban food security, notably the role of informality practices in addressing urban food insecurity at the household level. This study pays close attention to how informal informality practices such as street food vending can be used as a catalyst to address urban poverty and household food security and steer local economies for sustainable livelihoods of the urban poor who live in the periphery of the city in Johannesburg. This study deconstructs the infrastructure needs of street food vendors, and the aim was to understand how such infrastructure needs intersect with food and policy that governs urban informality practices. The study argues that the decisions and choices of informality actors in the city of Johannesburg are chiefly determined by the assemblages of infrastructure, including regulatory frameworks that govern the informal sector in the city of Johannesburg. A qualitative approach that includes surveys (open-ended questions), archival research (i., e policy and other key document reviews), and key interviews mainly with city officials and informality actors. A thematic analysis was used to analyze the data collected. This study contributes to greater debates on urban studies and burgeoning literature on urban food security in many ways that include Firstly, the pivotal role that the informal food sector, notably street food vending, plays within the urban economy to address urban poverty and household food security, therefore questioning the conservative perspectives that view the informal sector as a hindrance to a ‘modern city’ and an annoyance to ‘modern’ urban spaces. Secondly, this study contributes to the livelihood and coping strategies of the urban poor who, despite harsh and restrictive regulatory frameworks, devise various agentive ways to generate incomes and address urban poverty and food insecurities.Keywords: urban food security, street food vending, informal food sector, infrastructure systems, livelihood strategies, policy framework and governance
Procedia PDF Downloads 655246 Minimization of Denial of Services Attacks in Vehicular Adhoc Networking by Applying Different Constraints
Authors: Amjad Khan
Abstract:
The security of Vehicular ad hoc networking is of great importance as it involves serious life threats. Thus to provide secure communication amongst Vehicles on road, the conventional security system is not enough. It is necessary to prevent the network resources from wastage and give them protection against malicious nodes so that to ensure the data bandwidth availability to the legitimate nodes of the network. This work is related to provide a non conventional security system by introducing some constraints to minimize the DoS (Denial of services) especially data and bandwidth. The data packets received by a node in the network will pass through a number of tests and if any of the test fails, the node will drop those data packets and will not forward it anymore. Also if a node claims to be the nearest node for forwarding emergency messages then the sender can effectively identify the true or false status of the claim by using these constraints. Consequently the DoS(Denial of Services) attack is minimized by the instant availability of data without wasting the network resources.Keywords: black hole attack, grey hole attack, intransient traffic tempering, networking
Procedia PDF Downloads 2865245 Perceived Procedural Justice and Organizational Citizenship Behavior: Evidence from a Security Organization
Authors: Noa Nelson, Orit Appel, Rachel Ben-ari
Abstract:
Organizational Citizenship Behavior (OCB) is voluntary employee behavior that contributes to the organization beyond formal job requirements. It can take different forms, such as helping teammates (OCB toward individuals; hence, OCB-I), or staying after hours to attend a task force (OCB toward the organization; hence, OCB-O). Generally, OCB contributes substantially to organizational climate, goals, productivity, and resilience, so organizations need to understand what encourages it. This is particularly challenging in security organizations. Security work is characterized by high levels of stress and burnout, which is detrimental to OCB, and security organizational design emphasizes formal rules and clear hierarchies, leaving employees with less freedom for voluntary behavior. The current research explored the role of Perceived Procedural Justice (PPJ) in enhancing OCB in a security organization. PPJ refers to how fair decision-making processes are perceived to be. It involves the sense that decision makers are objective, attentive to everyone's interests, respectful in their communications and participatory - allowing individuals a voice in decision processes. Justice perceptions affect motivation, and it was specifically suggested that PPJ creates an attachment to one's organization and personal interest in its success. Accordingly, PPJ had been associated with OCB, but hardly any research tested their association with security organizations. The current research was conducted among prison guards in the Israel Prison Service, to test a correlational and a causal association between PPJ and OCB. It differentiated between perceptions of direct commander procedural justice (CPJ), and perceptions of organization procedural justice (OPJ), hypothesizing that CPJ would relate to OCB-I, while OPJ would relate to OCB-O. In the first study, 336 prison guards (305 male) from 10 different prisons responded to questionnaires measuring their own CPJ, OPJ, OCB-I, and OCB-O. Hierarchical linear regression analyses indicated the significance of commander procedural justice (CPJ): It associated with OCB-I and also associated with OPJ, which, in turn, associated with OCB-O. The second study tested CPJ's causal effects on prison guards' OCB-I and OCB-O; 311 prison guards (275 male) from 14 different prisons read scenarios that described either high or low CPJ, and then evaluated the likelihood of that commander's prison guards performing OCB-I and OCB-O. In this study, CPJ enhanced OCB-O directly. It also contributed to OCB-I, indirectly: CPJ enhanced the motivation for collaboration with the commander, which respondents also evaluated after reading scenarios. Collaboration, in turn, associated with OCB-I. The studies demonstrate that procedural justice, especially commander's PJ, promotes OCB in security work environments. This is important because extraordinary teamwork and motivation are needed to deal with emergency situations and with delicate security challenges. Following the studies, the Israel Prison Service implemented personal procedural justice training for commanders and unit level programs for procedurally just decision processes. From a theoretical perspective, the studies extend the knowledge on PPJ and OCB to security work environments and contribute evidence on PPJ's causal effects. They also call for further research, to understand the mechanisms through which different types of PPJ affect different types of OCB.Keywords: organizational citizenship behavior, perceived procedural justice, prison guards, security organizations
Procedia PDF Downloads 2225244 Understanding Europe’s Role in the Area of Liberty, Security, and Justice as an International Actor
Authors: Barrere Sarah
Abstract:
The area of liberty, security, and justice within the European Union is still a work in progress. No one can deny that the EU struggles between a monistic and a dualist approach. The aim of our essay is to first review how the European law is perceived by the rest of the international scene. It will then discuss two main mechanisms at play: the interpretation of larger international treaties and the penal mechanisms of European law. Finally, it will help us understand the role of a penal Europe on the international scene with concrete examples. Special attention will be paid to cases that deal with fundamental rights as they represent an interesting case study in Europe and in the rest of the World. It could illustrate the aforementioned duality currently present in the Union’s interpretation of international public law. On the other hand, it will explore some specific European penal mechanism through mutual recognition and the European arrest warrant in the transnational criminality frame. Concerning the interpretation of the treaties, it will first, underline the ambiguity and the general nature of some treaties that leave the EU exposed to tension and misunderstanding then it will review the validity of an EU act (whether or not it is compatible with the rules of International law). Finally, it will focus on the most complete manifestation of liberty, security and justice through the principle of mutual recognition. Used initially in commercial matters, it has become “the cornerstone” of European construction. It will see how it is applied in judicial decisions (its main event and achieving success is via the European arrest warrant) and how European member states have managed to develop this cooperation.Keywords: European penal law, international scene, liberty security and justice area, mutual recognition
Procedia PDF Downloads 4095243 Regulation, Co-Regulation and Self-Regulation of Civil Unmanned Aircrafts in Europe
Authors: M. de Miguel Molina, V. Santamarina Campos, M. V. Segarra Oña, B. de Miguel Molina
Abstract:
Safety and security concerns play a key role during the design of civil UAs (aircraft controlled by a pilot who is not onboard it) by the producers and the offer of different services by the operators. At present, European countries have fragmented regulations about the manufacture and use of civil drones, therefore the European institutions are trying to approach all these regulations into a common one. In this sense, not only law but also ethics can give guidelines to the industry in order to obtain better reports from their clients. With our results, we would like to give advice to the European industry, as well as give new insights to the academia and policymakers.Keywords: ethics, regulation, safety, security
Procedia PDF Downloads 6735242 Establishment of Gene Pools for Yield Within the Ghanaian Sweetpotato Parental Germplasm
Authors: John Saaka
Abstract:
The increasing world population poses a threat to food security. To meet current and future food demands, sweetpotato stand a good chance because of its recent food security roles. Concerted efforts are needed for both regional and local level varietal development. Heterosis exploiting breeding scheme (HEBS) is one of the options used to improve yield in some crop species and could be a good approach for sweetpotato improvement in Ghana by establishing heterotic gene pools within a population. To achieve this, 22 parental lines were collected from different sources and put in a full diallel arrangement. A total of 149 families, 20 individual cuttings per family, were taken to the field, including ‘checks’ and parental lines for experimentation in a 1m X 0.3m planting order according to the Westcott design. Results from this study led to the characterization of the selected parents into three main heterotic gene pools based on their suitability for use as male, female or both, respectively. This study serves as a baseline for further characterization of the rest of the germplasm in the Ghanaian sweetpotato breeding program.Keywords: sweetpotato, heterosis, germplasm, food security
Procedia PDF Downloads 785241 Evaluation and Analysis of ZigBee-Based Wireless Sensor Network: Home Monitoring as Case Study
Authors: Omojokun G. Aju, Adedayo O. Sule
Abstract:
ZigBee wireless sensor and control network is one of the most popularly deployed wireless technologies in recent years. This is because ZigBee is an open standard lightweight, low-cost, low-speed, low-power protocol that allows true operability between systems. It is built on existing IEEE 802.15.4 protocol and therefore combines the IEEE 802.15.4 features and newly added features to meet required functionalities thereby finding applications in wide variety of wireless networked systems. ZigBee‘s current focus is on embedded applications of general-purpose, inexpensive, self-organising networks which requires low to medium data rates, high number of nodes and very low power consumption such as home/industrial automation, embedded sensing, medical data collection, smart lighting, safety and security sensor networks, and monitoring systems. Although the ZigBee design specification includes security features to protect data communication confidentiality and integrity, however, when simplicity and low-cost are the goals, security is normally traded-off. A lot of researches have been carried out on ZigBee technology in which emphasis has mainly been placed on ZigBee network performance characteristics such as energy efficiency, throughput, robustness, packet delay and delivery ratio in different scenarios and applications. This paper investigate and analyse the data accuracy, network implementation difficulties and security challenges of ZigBee network applications in star-based and mesh-based topologies with emphases on its home monitoring application using the ZigBee ProBee ZE-10 development boards for the network setup. The paper also expose some factors that need to be considered when designing ZigBee network applications and suggest ways in which ZigBee network can be designed to provide more resilient to network attacks.Keywords: home monitoring, IEEE 802.14.5, topology, wireless security, wireless sensor network (WSN), ZigBee
Procedia PDF Downloads 3865240 Risk Management Approach for a Secure and Performant Integration of Automated Drug Dispensing Systems in Hospitals
Authors: Hind Bouami, Patrick Millot
Abstract:
Medication dispensing system is a life-critical system whose failure may result in preventable adverse events leading to longer patient stays in hospitals or patient death. Automation has led to great improvements in life-critical systems as it increased safety, efficiency, and comfort. However, critical risks related to medical organization complexity and automated solutions integration can threaten drug dispensing security and performance. Knowledge about the system’s complexity aspects and human machine parameters to control for automated equipment’s security and performance will help operators to secure their automation process and to optimize their system’s reliability. In this context, this study aims to document the operator’s situation awareness about automation risks and parameters involved in automation security and performance. Our risk management approach has been deployed in the North Luxembourg hospital center’s pharmacy, which is equipped with automated drug dispensing systems since 2009. With more than 4 million euros of gains generated, North Luxembourg hospital center’s success story was enabled by the management commitment, pharmacy’s involvement in the implementation and improvement of the automation project, and the close collaboration between the pharmacy and Sinteco’s firm to implement the necessary innovation and organizational actions for automated solutions integration security and performance. An analysis of the actions implemented by the hospital and the parameters involved in automated equipment’s integration security and performance has been made. The parameters to control for automated equipment’s integration security and performance are human aspects (6.25%), technical aspects (50%), and human-machine interaction (43.75%). The implementation of an anthropocentric analysis system before automation would have prevented and optimized the control of risks related to automation.Keywords: Automated drug delivery systems, Hospitals, Human-centered automated system, Risk management
Procedia PDF Downloads 1395239 Design and Implementation of a Nano-Power Wireless Sensor Device for Smart Home Security
Authors: Chia-Chi Chang
Abstract:
Most battery-driven wireless sensor devices will enter in sleep mode as soon as possible to extend the overall lifetime of a sensor network. It is necessary to turn off unnecessary radio and peripheral functions, especially the radio unit always consumes more energy than other components during wireless communication. The microcontroller is the most important part of the wireless sensor device. It is responsible for the manipulation of sensing data and communication protocols. The microcontroller always has different sleep modes, each with a different level of energy usage. The deeper the sleep, the lower the energy consumption. Most wireless sensor devices can only enter the sleep mode: the external low-frequency oscillator is still running to wake up the sleeping microcontroller when the sleep timer expires. In this paper, our sensor device can enter the extended sleep mode: none of the oscillator is running and the wireless sensor device has the nanoampere consumption and self-awaking ability. Finally, these wireless sensor devices were deployed in a smart home security network.Keywords: wireless sensor network, battery-driven, sleep mode, home security
Procedia PDF Downloads 3115238 A Multi-Science Study of Modern Synergetic War and Its Information Security Component
Authors: Alexander G. Yushchenko
Abstract:
From a multi-science point of view, we analyze threats to security resulting from globalization of international information space and information and communication aggression of Russia. A definition of Ruschism is formulated as an ideology supporting aggressive actions of modern Russia against the Euro-Atlantic community. Stages of the hybrid war Russia is leading against Ukraine are described, including the elements of subversive activity of the special services, the activation of the military phase and the gradual shift of the focus of confrontation to the realm of information and communication technologies. We reveal an emergence of a threat for democratic states resulting from the destabilizing impact of a target state’s mass media and social networks being exploited by Russian secret services under freedom-of-speech disguise. Thus, we underline the vulnerability of cyber- and information security of the network society in regard of hybrid war. We propose to define the latter a synergetic war. Our analysis is supported with a long-term qualitative monitoring of representation of top state officials on popular TV channels and Facebook. From the memetics point of view, we have detected a destructive psycho-information technology used by the Kremlin, a kind of information catastrophe, the essence of which is explained in detail. In the conclusion, a comprehensive plan for information protection of the public consciousness and mentality of Euro-Atlantic citizens from the aggression of the enemy is proposed.Keywords: cyber and information security, hybrid war, psycho-information technology, synergetic war, Ruschism
Procedia PDF Downloads 1365237 Designing Roudbar Residential Complex Inspired by Anti-Seismic Technologies
Authors: Sara Hadad Dabaghi
Abstract:
Iran is among the first five earthquake prone regions of the world. During the past 90 years, more than 85 catastrophic earthquakes have happened in Iran, leaving approximately 120000 casualties. Therefore, it is necessary to apply modern anti-seismic technologies to the construction of building such earthquake prone zones. This is especially the case with the northern regions of this country where the existence Khazar and Alborz Faults necessitate the observation of building construction security. Thus, the goal of this research is to solve this problem and to design earthquake resistant buildings. The present study is descriptive-analytical carried out on a mixed method platform. The study focuses on designing Roudbar Residential Complex adopting an anti-seismic approach. It is a cross-sectional applied research since its findings could be used to solve the security problems of Roudbar building with respect to earthquakes of the regions. The causality relationship in this research could be formulated as follows: the novel anti-seismic technologies increase security and reduce damages caused by earthquakes.Keywords: design, residential complex, inspiration, anti-seismic technology, Roudbar
Procedia PDF Downloads 2925236 Cloud Computing: Major Issues and Solutions
Authors: S. Adhirai Subramaniyam, Paramjit Singh
Abstract:
This paper presents major issues in cloud computing. The paper describes different cloud computing deployment models and cloud service models available in the field of cloud computing. The paper then concentrates on various issues in the field. The issues such as cloud compatibility, compliance of the cloud, standardizing cloud technology, monitoring while on the cloud and cloud security are described. The paper suggests solutions for these issues and concludes that hybrid cloud infrastructure is a real boon for organizations.Keywords: cloud, cloud computing, mobile cloud computing, private cloud, public cloud, hybrid cloud, SAAS, PAAS, IAAS, cloud security
Procedia PDF Downloads 3465235 Localization Problem in Optical Fiber Sensors
Authors: M. Zyczkowski, P. Markowski, M. Karol
Abstract:
The security industry is making many efforts to lower the costs of system installation. However, the dominant technique is the application of fiber optic sensors. It is necessary to determine the location of the disorder of long optical fiber cables. For a number of years, many research centers developed their own solutions. The article presents the construction of the sensor systems with the possibility of disorder location. We present a methodology for determining location of the disorder. The aim of investigations is to answer the question of which of optical sensor configuration offer the best performance for location of the disorder.Keywords: fiber optic sensor, security sensor, fiber cables, system instillation
Procedia PDF Downloads 6395234 Enabling Cloud Adoption Based Secured Mobile Banking through Backend as a Service
Authors: P. S. Jagadeesh Kumar, S. Meenakshi Sundaram
Abstract:
With the increase of prevailing non-traditional rivalry, mobile banking experiences an ever changing commercial backdrop. Substantial customer demands have established to be more intricate as customers request more expediency and superintend over their banking services. To enterprise advance and modernization in mobile banking applications, it is gradually obligatory to deeply leapfrog the scuffle using business model transformation. The dramaturgical vicissitudes taking place in mobile banking entail advanced traditions to exploit security. By reforming and transforming older back office into integrated mobile banking applications, banks can engender a supple and nimble banking environment that can rapidly respond to new business requirements over cloud computing. Cloud computing is transfiguring ecosystems in numerous industries, and mobile banking is no exemption providing services innovation, greater flexibility to respond to improved security and enhanced business intelligence with less cost. Cloud technology offer secure deployment possibilities that can provision banks in developing new customer experiences, empower operative relationship and advance speed to efficient banking transaction. Cloud adoption is escalating quickly since it can be made secured for commercial mobile banking transaction through backend as a service in scrutinizing the security strategies of the cloud service provider along with the antiquity of transaction details and their security related practices.Keywords: cloud adoption, backend as a service, business intelligence, secured mobile banking
Procedia PDF Downloads 2555233 Information Security Risk Management in IT-Based Process Virtualization: A Methodological Design Based on Action Research
Authors: Jefferson Camacho Mejía, Jenny Paola Forero Pachón, Luis Carlos Gómez Flórez
Abstract:
Action research is a qualitative research methodology, which leads the researcher to delve into the problems of a community in order to understand its needs in depth and finally, to propose actions that lead to a change of social paradigm. Although this methodology had its beginnings in the human sciences, it has attracted increasing interest and acceptance in the field of information systems research since the 1990s. The countless possibilities offered nowadays by the use of Information Technologies (IT) in the development of different socio-economic activities have meant a change of social paradigm and the emergence of the so-called information and knowledge society. According to this, governments, large corporations, small entrepreneurs and in general, organizations of all kinds are using IT to virtualize their processes, taking them from the physical environment to the digital environment. However, there is a potential risk for organizations related with exposing valuable information without an appropriate framework for protecting it. This paper shows progress in the development of a methodological design to manage the information security risks associated with the IT-based processes virtualization, by applying the principles of the action research methodology and it is the result of a systematic review of the scientific literature. This design consists of seven fundamental stages. These are distributed in the three stages described in the action research methodology: 1) Observe, 2) Analyze and 3) Take actions. Finally, this paper aims to offer an alternative tool to traditional information security management methodologies with a view to being applied specifically in the planning stage of IT-based process virtualization in order to foresee risks and to establish security controls before formulating IT solutions in any type of organization.Keywords: action research, information security, information technology, methodological design, process virtualization, risk management
Procedia PDF Downloads 1665232 Contextualizing Household Food Security: A Comparison of Two Villages, Ambros and Maramanzhi, South Africa
Authors: Felicity Aphiwe Mkhongi, Walter Musakwa
Abstract:
Smallholder crop production is a defining factor in achieving food security, particularly at the household level. However, the number of abandoned arable fields is increasing in communal areas of South Africa. While substantial efforts have been devoted to addressing food insecurity in the country, ownership of arable land has not been supplemented with sustainable food production for households. This paper analyses household food security in the context of deagrarianization in two villages, Ambros (Eastern Cape) and Maramanzhi (Limpopo). Semi-structured questionnaires were administered to acquire both qualitative and quantitative data from 106 heads of households. The IBM SPSS Statistics 28.0 computer program was applied to complete data analysis. From the findings of the study, it was evident that compared to arable fields, a greater proportion of households own home-gardens with an average size of 2100m in Ambros and 3400m in Maramanzhi village. The majority of arable fields were abandoned, particularly in Ambros village. Household food access challenges were measured using the Household Food Insecurity Access Scale (HFIAS). This food security indicator revealed that the majority of households were mildly food insecure owing to food shortages emanating from insufficient monthly income and waning household crop production. Food was rated as a very important reason for engaging in cultivation in both villages of the study, but deagrarianization has eroded opportunities for increasing household crop production. Among other possible solutions, this study recommends that the government invest more in agriculture to allow for sustainable strategies that revive abandoned arable land, such as arable fields in communal areas of South Africa, as this could increase food production for households.Keywords: cultivation, deagrarianization, food security, rural households, smallholder farmers
Procedia PDF Downloads 605231 A Novel Software Model for Enhancement of System Performance and Security through an Optimal Placement of PMU and FACTS
Authors: R. Kiran, B. R. Lakshmikantha, R. V. Parimala
Abstract:
Secure operation of power systems requires monitoring of the system operating conditions. Phasor measurement units (PMU) are the device, which uses synchronized signals from the GPS satellites, and provide the phasors information of voltage and currents at a given substation. The optimal locations for the PMUs must be determined, in order to avoid redundant use of PMUs. The objective of this paper is to make system observable by using minimum number of PMUs & the implementation of stability software at 22OkV grid for on-line estimation of the power system transfer capability based on voltage and thermal limitations and for security monitoring. This software utilizes State Estimator (SE) and synchrophasor PMU data sets for determining the power system operational margin under normal and contingency conditions. This software improves security of transmission system by continuously monitoring operational margin expressed in MW or in bus voltage angles, and alarms the operator if the margin violates a pre-defined threshold.Keywords: state estimator (SE), flexible ac transmission systems (FACTS), optimal location, phasor measurement units (PMU)
Procedia PDF Downloads 4135230 Sea Border Dispute between Greece and Turkey in the Mediterrenean: Implications for Turkey’s Maritime Security and Its Military Spending
Authors: Aslihan Caliskan
Abstract:
The term Mediterranean comes from the Latin “mediterraneus” (Medius, "middle" plus Terra, "land, earth"). For the ancient Romans, the Mediterranean was the center of the earth as they knew it. The desire to gain control of the Mediterranean has led to disputes between many nations throughout history, some of which continue to this day. The recent major natural gas discoveries in the Mediterranean have aggravated ongoing tensions in some neighboring countries. The sea border dispute between Turkey and Greece & Greek-Cypriot side is one of the most critical conflicts in the Mediterranean Sea region. This unresolved dispute has many implications for all countries involved, as well as for third parties that have direct or indirect interests in the region. The research question of this context is what are the implications of this controversial sea border problem on the maritime security of Turkey and its military spending. In this paper, the quantitative method is used. Records from the Turkish Defense Ministry, data from the Turkish naval forces have been obtained. In addition, literature research and the United Nations Convention on the Law of the Sea (UNCLOS) application cases were evaluated, and an incident analysis was carried out. This research shows that the sea border dispute issue has a significant impact on the Turkish military both in terms of the structures required to ensure maritime and border security, as well as rising military costs and its macroeconomic implications. The paper begins with a brief overview of relevant principles and methods applied for delimiting th esea borders. The paper continues with a brief description and a background of the sea border dispute between Turkey and Greece & Greek-Cypriot side in the light of the United Nations Convention on the Law of the Sea (UNCLOS). An analysis of the implications of the dispute on Turkey’s maritime security and its military spending is provided in the following chapters. The paper ends with concluding remarks of the author, including suggestions for the way forward.Keywords: sea border security, mediterranean sea, greece-turkey dispute, limitation of sea, united nations convention on the law of the sea (UNCLOS)
Procedia PDF Downloads 1895229 The Prevalence of Organized Retail Crime in Riyadh, Saudi Arabia
Authors: Saleh Dabil
Abstract:
This study investigates the level of existence of organized retail crime in supermarkets of Riyadh, Saudi Arabia. The store managers, security managers and general employees were asked about the types of retail crimes occur in the stores. Three independent variables were related to the report of organized retail theft. The independent variables are: (1) the supermarket profile (volume, location, standard and type of the store), (2) the social physical environment of the store (maintenance, cleanness and overall organizational cooperation), (3) the security techniques and loss prevention electronics techniques used. The theoretical framework of this study based on the social disorganization theory. This study concluded that the organized retail theft, in specific, organized theft is moderately apparent in Riyadh stores. The general result showed that the environment of the stores has an effect on the prevalence of organized retail theft with relation to the gender of thieves, age groups, working shift, type of stolen items as well as the number of thieves in one case. Among other reasons, some factors of the organized theft are: economic pressure of customers based on the location of the store. The dealing of theft also was investigated to have a clear picture of stores dealing with organized retail theft. The result showed that mostly, thieves sent without any action and sometimes given written warning. Very few cases dealt with by police. There are other factors in the study can be looked up in the text. This study suggests solving the problem of organized theft; first is ‘the well distributing of the duties and responsibilities between the employees especially for security purposes’. Second is ‘installation of strong security system’ and ‘making well-designed store layout’. Third is ‘giving training for general employees’ and ‘to give periodically security skills training of employees’. There are other suggestions in the study can be looked up in the text.Keywords: organized crime, retail, theft, loss prevention, store environment
Procedia PDF Downloads 2005228 A Medical Vulnerability Scoring System Incorporating Health and Data Sensitivity Metrics
Authors: Nadir A. Carreon, Christa Sonderer, Aakarsh Rao, Roman Lysecky
Abstract:
With the advent of complex software and increased connectivity, the security of life-critical medical devices is becoming an increasing concern, particularly with their direct impact on human safety. Security is essential, but it is impossible to develop completely secure and impenetrable systems at design time. Therefore, it is important to assess the potential impact on the security and safety of exploiting a vulnerability in such critical medical systems. The common vulnerability scoring system (CVSS) calculates the severity of exploitable vulnerabilities. However, for medical devices it does not consider the unique challenges of impacts to human health and privacy. Thus, the scoring of a medical device on which human life depends (e.g., pacemakers, insulin pumps) can score very low, while a system on which human life does not depend (e.g., hospital archiving systems) might score very high. In this paper, we propose a medical vulnerability scoring system (MVSS) that extends CVSS to address the health and privacy concerns of medical devices. We propose incorporating two new parameters, namely health impact, and sensitivity impact. Sensitivity refers to the type of information that can be stolen from the device, and health represents the impact on the safety of the patient if the vulnerability is exploited (e.g., potential harm, life-threatening). We evaluate fifteen different known vulnerabilities in medical devices and compare MVSS against two state-of-the-art medical device-oriented vulnerability scoring systems and the foundational CVSS.Keywords: common vulnerability system, medical devices, medical device security, vulnerabilities
Procedia PDF Downloads 1725227 Performance Analysis of Elliptic Curve Cryptography Using Onion Routing to Enhance the Privacy and Anonymity in Grid Computing
Authors: H. Parveen Begam, M. A. Maluk Mohamed
Abstract:
Grid computing is an environment that allows sharing and coordinated use of diverse resources in dynamic, heterogeneous and distributed environment using Virtual Organization (VO). Security is a critical issue due to the open nature of the wireless channels in the grid computing which requires three fundamental services: authentication, authorization, and encryption. The privacy and anonymity are considered as an important factor while communicating over publicly spanned network like web. To ensure a high level of security we explored an extension of onion routing, which has been used with dynamic token exchange along with protection of privacy and anonymity of individual identity. To improve the performance of encrypting the layers, the elliptic curve cryptography is used. Compared to traditional cryptosystems like RSA (Rivest-Shamir-Adelman), ECC (Elliptic Curve Cryptosystem) offers equivalent security with smaller key sizes which result in faster computations, lower power consumption, as well as memory and bandwidth savings. This paper presents the estimation of the performance improvements of onion routing using ECC as well as the comparison graph between performance level of RSA and ECC.Keywords: grid computing, privacy, anonymity, onion routing, ECC, RSA
Procedia PDF Downloads 3995226 Security Analysis of Mod. S Transponder Technology and Attack Examples
Authors: M. Rutkowski, J. Cwiklak, M. Grzegorzewski, M. Adamski
Abstract:
All class A Airplanes have to be equipped with Mod. S transponder for ATC surveillance purposes. This technology was designed to provide a robust and dependable solution to localize, identify and exchange data with the airplane. The purpose of this paper is to analyze potential hazards that are a result of lack of any security or encryption on a design level. Secondary Surveillance Radars rely on an active response from an airplane. SSR radar installation is broadcasting a directional interrogation signal to the planes in range on 1030MHz frequency with DPSK modulation. If the interrogation is correctly received by the transponder located on the plane, a proper answer is sent on 1090MHz with PPM modulation containing plane’s SQUAWK, barometric altitude, GPS coordinates and 24bit unique address code. This technology does not use any kind of encryption. All of the specifications from the previous chapter can be found easily on the internet. Since there is no encryption or security measure to ensure the credibility of the sender and message, it is highly hazardous to use such technology to ensure the safety of the air traffic. The only thing that identifies the airplane is the 24-bit unique address. Most of the planes have been sniffed by aviation enthusiasts and cataloged in web databases. In the moment of writing this article, The PoFung Technologies has announced that they are planning to release all band SDR transceiver – this device would be more than enough to build your own Mod. S Transponder. With fake transponder, a potential terrorist can identify as a different airplane. By replacing the transponder in a poorly controlled airspace, hijackers can enter another airspace identifying themselves as another plane and land in the desired area.Keywords: flight safety, hijack, mod S transponder, security analysis
Procedia PDF Downloads 2975225 Streamlining Cybersecurity Risk Assessment for Industrial Control and Automation Systems: Leveraging the National Institute of Standard and Technology’s Risk Management Framework (RMF) Using Model-Based System Engineering (MBSE)
Authors: Gampel Alexander, Mazzuchi Thomas, Sarkani Shahram
Abstract:
The cybersecurity landscape is constantly evolving, and organizations must adapt to the changing threat environment to protect their assets. The implementation of the NIST Risk Management Framework (RMF) has become critical in ensuring the security and safety of industrial control and automation systems. However, cybersecurity professionals are facing challenges in implementing RMF, leading to systems operating without authorization and being non-compliant with regulations. The current approach to RMF implementation based on business practices is limited and insufficient, leaving organizations vulnerable to cyberattacks resulting in the loss of personal consumer data and critical infrastructure details. To address these challenges, this research proposes a Model-Based Systems Engineering (MBSE) approach to implementing cybersecurity controls and assessing risk through the RMF process. The study emphasizes the need to shift to a modeling approach, which can streamline the RMF process and eliminate bloated structures that make it difficult to receive an Authorization-To-Operate (ATO). The study focuses on the practical application of MBSE in industrial control and automation systems to improve the security and safety of operations. It is concluded that MBSE can be used to solve the implementation challenges of the NIST RMF process and improve the security of industrial control and automation systems. The research suggests that MBSE provides a more effective and efficient method for implementing cybersecurity controls and assessing risk through the RMF process. The future work for this research involves exploring the broader applicability of MBSE in different industries and domains. The study suggests that the MBSE approach can be applied to other domains beyond industrial control and automation systems.Keywords: authorization-to-operate (ATO), industrial control systems (ICS), model-based system’s engineering (MBSE), risk management framework (RMF)
Procedia PDF Downloads 1005224 Evaluating Global ‘Thing’ Security of Consumer Products
Authors: Achutha Raman
Abstract:
Today's brave new world features a bonanza of digitally interconnected products, or ‘things,’ that improve convenience, possibilities, and in some cases efficiency for consumers. Nonetheless, even as the market accelerates, this Internet of ‘things’ is subject to substantial leakage of consumer personal data. First defining the fluid concept of ‘things,’ this paper subsequently uses case studies taken from the EU, Asia, and the US, to highlight large gaps and comprehensively evaluate the state of security for consumer ‘things.’ Ultimately, this paper offers several ways of improving the present status quo, and especially focuses on an evaluative approach that augments the standard mechanism of Firmware Over the Air Updates, and ought to be easily implementable.Keywords: cybersecurity, FOTA, Internet of Things, transnational privacy
Procedia PDF Downloads 2215223 Application of Modulo-2 Arithmetic in Securing Communicated Messages throughout the Globe
Authors: Ejd Garba, Okike Benjamin
Abstract:
Today, the word encryption has become very popular even among non-computer professionals. There is no doubt that some works have been carried out in this area, but more works need to be done. Presently, most of the works on encryption is concentrated on the sender of the message without paying any attention to the message recipient. However, it is a good practice if any message sent to someone is received by the particular person whom the message is sent to. This work seeks to ensure that at the receiving end of the message, there is a security to ensure that the recipient computes a key that would enable the encrypted message to be accessed. This key would be in form of password. This would make it possible for a given message to be sent to several people at the same time. When this happens, it is only those people who computes the key correctly that would be given the opportunity to access even the encrypted message, which can in turn be decrypted using the appropriate key.Keywords: arithmetic, cyber space, modulo-2, information security
Procedia PDF Downloads 3235222 Improving Security in Healthcare Applications Using Federated Learning System With Blockchain Technology
Authors: Aofan Liu, Qianqian Tan, Burra Venkata Durga Kumar
Abstract:
Data security is of the utmost importance in the healthcare area, as sensitive patient information is constantly sent around and analyzed by many different parties. The use of federated learning, which enables data to be evaluated locally on devices rather than being transferred to a central server, has emerged as a potential solution for protecting the privacy of user information. To protect against data breaches and unauthorized access, federated learning alone might not be adequate. In this context, the application of blockchain technology could provide the system extra protection. This study proposes a distributed federated learning system that is built on blockchain technology in order to enhance security in healthcare. This makes it possible for a wide variety of healthcare providers to work together on data analysis without raising concerns about the confidentiality of the data. The technical aspects of the system, including as the design and implementation of distributed learning algorithms, consensus mechanisms, and smart contracts, are also investigated as part of this process. The technique that was offered is a workable alternative that addresses concerns about the safety of healthcare while also fostering collaborative research and the interchange of data.Keywords: data privacy, distributed system, federated learning, machine learning
Procedia PDF Downloads 1385221 Threat of Islamic State of Khorasan in Pakistan and Afghanistan Region: Impact on Regional Security
Authors: Irfan U. Din
Abstract:
The growing presence and operational capacity of Islamic State aka Daesh, which emerged in Pak-Afghan region in 2015, poses a serious threat to the already fragile state of the security situation in the region. This paper will shed light on the current state of IS-K network in the Pak-Afghan region and will explain how its presence and operational capacity in the northern and central Afghanistan has increased despite intensive military operations against the group in Nangarhar province – the stronghold of IS-K. It will also explore the role of Pakistani Taliban in the emergence and expansion of IS-K in the region and will unveil the security implication of growing nexus of IS-K and transnational organized groups for the region in Post NATO withdrawal scenario. The study will be qualitative and will rely on secondary and primary data to explore the topic. For secondary data existing literature on the topic will be extensively reviewed while for primary data in-depth interviews will be conducted with subject experts, Taliban commanders, and field researchers.Keywords: Islamic State of Khorasan (IS-K), North Atlantic Treaty Organization (NATO), Pak-Afghan Region, Transnational Organized Crime (TNOC)
Procedia PDF Downloads 2915220 Counter-Terrorism and Civil Society in Nigeria
Authors: Emeka Thaddues Njoku
Abstract:
Since 2009, the Nigerian Government has established diverse counter-terrorism legislations and practices in response terrorism in North Eastern part of the country. However, these measures have hampered not only the ability of civil society organizations to sustain the autonomous spaces that define/locate them at the intersection between the state and public but also the balance between freedom and security. Hence, this study examines the various elements associated with the interface between the counter terrorism security framework of the government and the capacity of civil society organizations to carry out their mandates in Nigeria. In order to achieve this, the survey research of the ex-post facto type will be adopted using the multi-stage sampling technique. A total of two hundred (200) copies of questionnaire will be administered to members of the civil society organizations and 24 In-Depth Interviews (IDI) will be conducted for officials of security agencies, Ministry of Defence and operators of civil society organizations. Fifty respondents will be drawn from each civil society organisations in the areas of humanitarian assistance, human rights Advocacy, development-oriented, peace-building. Moreover, 24 interviewees drawn from the key members of the security agencies (6), Ministry of Defence (6) and 12 operators of civil society organizations-three respondents each will represent the four civil society organizations mentioned above. Also, secondary data will be used to complement In-depth Interview (IDI) sessions. All collected data will be coded and analysed using descriptive statistics of frequency counts and simple percentage in the Statistical Package for Social Science (SPSS). Content analysis will be used for the In-depth interview and secondary data.Keywords: counter-terrorism, civil society organizations, freedom, terrorism
Procedia PDF Downloads 3955219 Secure Hashing Algorithm and Advance Encryption Algorithm in Cloud Computing
Authors: Jaimin Patel
Abstract:
Cloud computing is one of the most sharp and important movement in various computing technologies. It provides flexibility to users, cost effectiveness, location independence, easy maintenance, enables multitenancy, drastic performance improvements, and increased productivity. On the other hand, there are also major issues like security. Being a common server, security for a cloud is a major issue; it is important to provide security to protect user’s private data, and it is especially important in e-commerce and social networks. In this paper, encryption algorithms such as Advanced Encryption Standard algorithms, their vulnerabilities, risk of attacks, optimal time and complexity management and comparison with other algorithms based on software implementation is proposed. Encryption techniques to improve the performance of AES algorithms and to reduce risk management are given. Secure Hash Algorithms, their vulnerabilities, software implementations, risk of attacks and comparison with other hashing algorithms as well as the advantages and disadvantages between hashing techniques and encryption are given.Keywords: Cloud computing, encryption algorithm, secure hashing algorithm, brute force attack, birthday attack, plaintext attack, man in middle attack
Procedia PDF Downloads 282