Search results for: security personnel
2786 Tag Impersonation Attack on Ultra-lightweight Radio Frequency Identification Authentication Scheme (ESRAS)
Authors: Reham Al-Zahrani, Noura Aleisa
Abstract:
The proliferation of Radio Frequency Identification (RFID) technology has raised concerns about system security, particularly regarding tag impersonation attacks. Regarding RFID systems, an appropriate authentication protocol must resist active and passive attacks. A tag impersonation occurs when an adversary's tag is used to fool an authenticating reader into believing it is a legitimate tag. This paper analyzed the security of the efficient, secure, and practical ultra-lightweight RFID Authentication Scheme (ESRAS). Then, the paper presents a comprehensive analysis of the Efficient, Secure, and Practical Ultra-Lightweight RFID Authentication Scheme (ESRAS) in the context of radio frequency identification (RFID) systems that employed the Scyther tool to examine the protocol's security against a tag impersonation attack.Keywords: RFID, impersonation attack, authentication, ultra-lightweight protocols
Procedia PDF Downloads 652785 National Security Threat and Fear of Rising Islamic Extremism in Bangladesh due to Influx of Rohingya Refugees
Authors: Afsana Afsar Tuly
Abstract:
The Rohingyas are a group of minority Muslimsin Myanmar who witnessed series of persecution, violence, and torture from Burmese military since 1948. In 2017, around 700,000 Rohingyas fled to the neighboring country Bangladesh and took shelter as refugees after facing clashes with Myanmar security forces. The number increased to 1.8 million in 2020, creating one of the largest refugee crises of recent times. This research focuses on the vulnerability and poverty faced by Rohingyas in refugee camps and how thelack of long-term solution and silence from international communitycan pose national security threat and increasing Islamic extremism in Bangladesh. Islamic religious and terrorist groups have used the Rohingyas position as stateless people to influence them into speaking against the secular government of Bangladesh. There has been increasing crime rates and formation of different rebel groups in refugee camps, causing clashes with Bangladeshi police and authority. Human trafficking, illegal drug dealings, prostitution, and other illicit activities have continuously gone up in the southeastern part of Bangladesh. Some economic, social, and environmental factors are studied and analyzed to show the change in Bangladesh between 2017 and 2020.Keywords: national security threat, islamic extremism, rohingya refugees, refugee studies, Bangladesh, myanmar
Procedia PDF Downloads 1442784 Cryptography Based Authentication Methods
Authors: Mohammad A. Alia, Abdelfatah Aref Tamimi, Omaima N. A. Al-Allaf
Abstract:
This paper reviews a comparison study on the most common used authentication methods. Some of these methods are actually based on cryptography. In this study, we show the main cryptographic services. Also, this study presents a specific discussion about authentication service, since the authentication service is classified into several categorizes according to their methods. However, this study gives more about the real life example for each of the authentication methods. It talks about the simplest authentication methods as well about the available biometric authentication methods such as voice, iris, fingerprint, and face authentication.Keywords: information security, cryptography, system access control, authentication, network security
Procedia PDF Downloads 4702783 Improving Security Features of Traditional Automated Teller Machines-Based Banking Services via Fingerprint Biometrics Scheme
Authors: Anthony I. Otuonye, Juliet N. Odii, Perpetual N. Ibe
Abstract:
The obvious challenges faced by most commercial bank customers while using the services of ATMs (Automated Teller Machines) across developing countries have triggered the need for an improved system with better security features. Current ATM systems are password-based, and research has proved the vulnerabilities of these systems to heinous attacks and manipulations. We have discovered by research that the security of current ATM-assisted banking services in most developing countries of the world is easily broken and maneuvered by fraudsters, majorly because it is quite difficult for these systems to identify an impostor with privileged access as against the authentic bank account owner. Again, PIN (Personal Identification Number) code passwords are easily guessed, just to mention a few of such obvious limitations of traditional ATM operations. In this research work also, we have developed a system of fingerprint biometrics with PIN code Authentication that seeks to improve the security features of traditional ATM installations as well as other Banking Services. The aim is to ensure better security at all ATM installations and raise the confidence of bank customers. It is hoped that our system will overcome most of the challenges of the current password-based ATM operation if properly applied. The researchers made use of the OOADM (Object-Oriented Analysis and Design Methodology), a software development methodology that assures proper system design using modern design diagrams. Implementation and coding were carried out using Visual Studio 2010 together with other software tools. Results obtained show a working system that provides two levels of security at the client’s side using a fingerprint biometric scheme combined with the existing 4-digit PIN code to guarantee the confidence of bank customers across developing countries.Keywords: fingerprint biometrics, banking operations, verification, ATMs, PIN code
Procedia PDF Downloads 422782 On the Use of Machine Learning for Tamper Detection
Authors: Basel Halak, Christian Hall, Syed Abdul Father, Nelson Chow Wai Kit, Ruwaydah Widaad Raymode
Abstract:
The attack surface on computing devices is becoming very sophisticated, driven by the sheer increase of interconnected devices, reaching 50B in 2025, which makes it easier for adversaries to have direct access and perform well-known physical attacks. The impact of increased security vulnerability of electronic systems is exacerbated for devices that are part of the critical infrastructure or those used in military applications, where the likelihood of being targeted is very high. This continuously evolving landscape of security threats calls for a new generation of defense methods that are equally effective and adaptive. This paper proposes an intelligent defense mechanism to protect from physical tampering, it consists of a tamper detection system enhanced with machine learning capabilities, which allows it to recognize normal operating conditions, classify known physical attacks and identify new types of malicious behaviors. A prototype of the proposed system has been implemented, and its functionality has been successfully verified for two types of normal operating conditions and further four forms of physical attacks. In addition, a systematic threat modeling analysis and security validation was carried out, which indicated the proposed solution provides better protection against including information leakage, loss of data, and disruption of operation.Keywords: anti-tamper, hardware, machine learning, physical security, embedded devices, ioT
Procedia PDF Downloads 1532781 Governance, Risk Management, and Compliance Factors Influencing the Adoption of Cloud Computing in Australia
Authors: Tim Nedyalkov
Abstract:
A business decision to move to the cloud brings fundamental changes in how an organization develops and delivers its Information Technology solutions. The accelerated pace of digital transformation across businesses and government agencies increases the reliance on cloud-based services. They are collecting, managing, and retaining large amounts of data in cloud environments makes information security and data privacy protection essential. It becomes even more important to understand what key factors drive successful cloud adoption following the commencement of the Privacy Amendment Notifiable Data Breaches (NDB) Act 2017 in Australia as the regulatory changes impact many organizations and industries. This quantitative correlational research investigated the governance, risk management, and compliance factors contributing to cloud security success. The factors influence the adoption of cloud computing within an organizational context after the commencement of the NDB scheme. The results and findings demonstrated that corporate information security policies, data storage location, management understanding of data governance responsibilities, and regular compliance assessments are the factors influencing cloud computing adoption. The research has implications for organizations, future researchers, practitioners, policymakers, and cloud computing providers to meet the rapidly changing regulatory and compliance requirements.Keywords: cloud compliance, cloud security, data governance, privacy protection
Procedia PDF Downloads 1162780 Intrusion Detection in Cloud Computing Using Machine Learning
Authors: Faiza Babur Khan, Sohail Asghar
Abstract:
With an emergence of distributed environment, cloud computing is proving to be the most stimulating computing paradigm shift in computer technology, resulting in spectacular expansion in IT industry. Many companies have augmented their technical infrastructure by adopting cloud resource sharing architecture. Cloud computing has opened doors to unlimited opportunities from application to platform availability, expandable storage and provision of computing environment. However, from a security viewpoint, an added risk level is introduced from clouds, weakening the protection mechanisms, and hardening the availability of privacy, data security and on demand service. Issues of trust, confidentiality, and integrity are elevated due to multitenant resource sharing architecture of cloud. Trust or reliability of cloud refers to its capability of providing the needed services precisely and unfailingly. Confidentiality is the ability of the architecture to ensure authorization of the relevant party to access its private data. It also guarantees integrity to protect the data from being fabricated by an unauthorized user. So in order to assure provision of secured cloud, a roadmap or model is obligatory to analyze a security problem, design mitigation strategies, and evaluate solutions. The aim of the paper is twofold; first to enlighten the factors which make cloud security critical along with alleviation strategies and secondly to propose an intrusion detection model that identifies the attackers in a preventive way using machine learning Random Forest classifier with an accuracy of 99.8%. This model uses less number of features. A comparison with other classifiers is also presented.Keywords: cloud security, threats, machine learning, random forest, classification
Procedia PDF Downloads 3202779 Blockchain’s Feasibility in Military Data Networks
Authors: Brenden M. Shutt, Lubjana Beshaj, Paul L. Goethals, Ambrose Kam
Abstract:
Communication security is of particular interest to military data networks. A relatively novel approach to network security is blockchain, a cryptographically secured distribution ledger with a decentralized consensus mechanism for data transaction processing. Recent advances in blockchain technology have proposed new techniques for both data validation and trust management, as well as different frameworks for managing dataflow. The purpose of this work is to test the feasibility of different blockchain architectures as applied to military command and control networks. Various architectures are tested through discrete-event simulation and the feasibility is determined based upon a blockchain design’s ability to maintain long-term stable performance at industry standards of throughput, network latency, and security. This work proposes a consortium blockchain architecture with a computationally inexpensive consensus mechanism, one that leverages a Proof-of-Identity (PoI) concept and a reputation management mechanism.Keywords: blockchain, consensus mechanism, discrete-event simulation, fog computing
Procedia PDF Downloads 1382778 The New Approach to Airport Emergency Plans
Authors: Jakub Kraus, Vladimír Plos, Peter Vittek
Abstract:
This article deals with a new approach to the airport emergency plans, which are the basic documents and manuals for dealing with events with impact on safety or security. The article describes the identified parts in which the current airport emergency plans do not fulfill their role and which should therefore be considered in the creation of corrective measures. All these issues have been identified at airports in the Czech Republic and confirmed at airports in neighboring countries.Keywords: airport emergency plan, aviation safety, aviation security, comprehensive management system
Procedia PDF Downloads 5112777 How Manufacturing Firm Manages Information Security: Need Pull and Technology Push Perspective
Authors: Geuna Kim, Sanghyun Kim
Abstract:
This study investigates various factors that may influence the ISM process, including the organization’s internal needs and external pressure, and examines the role of regulatory pressure in ISM development and performance. The 105 sets of data collected in a survey were tested against the research model using SEM. The results indicate that NP and TP had positive effects on the ISM process, except for perceived benefits. Regulatory pressure had a positive effect on the relationship between ISM awareness and ISM development and performance.Keywords: information security management, need pull, technology push, regulatory pressure
Procedia PDF Downloads 2962776 Changing the Dynamics of the Regional Water Security in the Mekong River Basin: An Explorative Study Understanding the Cooperation and Conflict from Critical Hydropolitical Perspective
Authors: Richard Grünwald, Wenling Wang, Yan Feng
Abstract:
The presented paper explores the changing dynamics of regional water security in the Mekong River Basin and examines the contemporary water-related challenges from a critical hydropolitical perspective. By drawing on the Lancang-Mekong Cooperation and Conflict Database (LMCCD) recording more than 3000 water-related events within the basin in the last 30 years, we identified several trends changing the dynamics of the regional water security in the Mekong River Basin. Firstly, there is growing politicization of water that is no longer interpreted as abundant. While some scientists blame the rapid basin development, particularly in upstream countries, other researchers consider climate change and cumulative environmental impacts of various water projects as the main culprit for changing the water flow. Secondly, there is an increasing securitization of large-scale hydropower dams with questionable outcomes. Despite hydropower dams raise many controversies, many riparian states push the development at all cost. Such water security dilemma can be especially traced to Laos and Cambodia, which highly invest in the hydropower sector even at the expense of the local environment and good relations with neighbouring countries situated lower on the river. Thirdly, there is a lack of accountable transboundary water governance that will effectively face a looming water crisis. To date, most of the existing cooperation mechanisms are undermined by the geopolitical interests of foreign donors and increasing mistrust to scientific approaches dealing with water insecurity. Our findings are beneficial for the policy-makers and other water experts who want to grasp the broader hydropolitical context in the Mekong River Basin and better understand the new water security threats, including misinterpretation of the hydrological data and legitimization of the pro-development narratives.Keywords: critical hydropolitics, mekong river, politicization of science, water governance, water security
Procedia PDF Downloads 2132775 Proposal of Optimality Evaluation for Quantum Secure Communication Protocols by Taking the Average of the Main Protocol Parameters: Efficiency, Security and Practicality
Authors: Georgi Bebrov, Rozalina Dimova
Abstract:
In the field of quantum secure communication, there is no evaluation that characterizes quantum secure communication (QSC) protocols in a complete, general manner. The current paper addresses the problem concerning the lack of such an evaluation for QSC protocols by introducing an optimality evaluation, which is expressed as the average over the three main parameters of QSC protocols: efficiency, security, and practicality. For the efficiency evaluation, the common expression of this parameter is used, which incorporates all the classical and quantum resources (bits and qubits) utilized for transferring a certain amount of information (bits) in a secure manner. By using criteria approach whether or not certain criteria are met, an expression for the practicality evaluation is presented, which accounts for the complexity of the QSC practical realization. Based on the error rates that the common quantum attacks (Measurement and resend, Intercept and resend, probe attack, and entanglement swapping attack) induce, the security evaluation for a QSC protocol is proposed as the minimum function taken over the error rates of the mentioned quantum attacks. For the sake of clarity, an example is presented in order to show how the optimality is calculated.Keywords: quantum cryptography, quantum secure communcation, quantum secure direct communcation security, quantum secure direct communcation efficiency, quantum secure direct communcation practicality
Procedia PDF Downloads 1842774 An Intrusion Detection Systems Based on K-Means, K-Medoids and Support Vector Clustering Using Ensemble
Authors: A. Mohammadpour, Ebrahim Najafi Kajabad, Ghazale Ipakchi
Abstract:
Presently, computer networks’ security rise in importance and many studies have also been conducted in this field. By the penetration of the internet networks in different fields, many things need to be done to provide a secure industrial and non-industrial network. Fire walls, appropriate Intrusion Detection Systems (IDS), encryption protocols for information sending and receiving, and use of authentication certificated are among things, which should be considered for system security. The aim of the present study is to use the outcome of several algorithms, which cause decline in IDS errors, in the way that improves system security and prevents additional overload to the system. Finally, regarding the obtained result we can also detect the amount and percentage of more sub attacks. By running the proposed system, which is based on the use of multi-algorithmic outcome and comparing that by the proposed single algorithmic methods, we observed a 78.64% result in attack detection that is improved by 3.14% than the proposed algorithms.Keywords: intrusion detection systems, clustering, k-means, k-medoids, SV clustering, ensemble
Procedia PDF Downloads 2212773 Security Issues in Long Term Evolution-Based Vehicle-To-Everything Communication Networks
Authors: Mujahid Muhammad, Paul Kearney, Adel Aneiba
Abstract:
The ability for vehicles to communicate with other vehicles (V2V), the physical (V2I) and network (V2N) infrastructures, pedestrians (V2P), etc. – collectively known as V2X (Vehicle to Everything) – will enable a broad and growing set of applications and services within the intelligent transport domain for improving road safety, alleviate traffic congestion and support autonomous driving. The telecommunication research and industry communities and standardization bodies (notably 3GPP) has finally approved in Release 14, cellular communications connectivity to support V2X communication (known as LTE – V2X). LTE – V2X system will combine simultaneous connectivity across existing LTE network infrastructures via LTE-Uu interface and direct device-to-device (D2D) communications. In order for V2X services to function effectively, a robust security mechanism is needed to ensure legal and safe interaction among authenticated V2X entities in the LTE-based V2X architecture. The characteristics of vehicular networks, and the nature of most V2X applications, which involve human safety makes it significant to protect V2X messages from attacks that can result in catastrophically wrong decisions/actions include ones affecting road safety. Attack vectors include impersonation attacks, modification, masquerading, replay, MiM attacks, and Sybil attacks. In this paper, we focus our attention on LTE-based V2X security and access control mechanisms. The current LTE-A security framework provides its own access authentication scheme, the AKA protocol for mutual authentication and other essential cryptographic operations between UEs and the network. V2N systems can leverage this protocol to achieve mutual authentication between vehicles and the mobile core network. However, this protocol experiences technical challenges, such as high signaling overhead, lack of synchronization, handover delay and potential control plane signaling overloads, as well as privacy preservation issues, which cannot satisfy the adequate security requirements for majority of LTE-based V2X services. This paper examines these challenges and points to possible ways by which they can be addressed. One possible solution, is the implementation of the distributed peer-to-peer LTE security mechanism based on the Bitcoin/Namecoin framework, to allow for security operations with minimal overhead cost, which is desirable for V2X services. The proposed architecture can ensure fast, secure and robust V2X services under LTE network while meeting V2X security requirements.Keywords: authentication, long term evolution, security, vehicle-to-everything
Procedia PDF Downloads 1672772 Cyber Supply Chain Resilient: Enhancing Security through Leadership to Protect National Security
Authors: Katie Wood
Abstract:
Cyber criminals are constantly on the lookout for new opportunities to exploit organisation and cause destruction. This could lead to significant cause of economic loss for organisations in the form of destruction in finances, reputation and even the overall survival of the organization. Additionally, this leads to serious consequences on national security. The threat of possible cyber attacks places further pressure on organisations to ensure they are secure, at a time where international scale cyber attacks have occurred in a range of sectors. Stakeholders are wanting confidence that their data is protected. This is only achievable if a business fosters a resilient supply chain strategy which is implemented throughout its supply chain by having a strong cyber leadership culture. This paper will discuss the essential role and need for organisations to adopt a cyber leadership culture and direction to learn about own internal processes to ensure mitigating systemic vulnerability of its supply chains. This paper outlines that to protect national security there is an urgent need for cyber awareness culture change. This is required in all organisations, regardless of their sector or size, to implementation throughout the whole supplier chain to support and protect economic prosperity to make the UK more resilient to cyber-attacks. Through businesses understanding the supply chain and risk management cycle of their own operates has to be the starting point to ensure effective cyber migration strategies.Keywords: cyber leadership, cyber migration strategies, resilient supply chain strategy, cybersecurity
Procedia PDF Downloads 2422771 The Fadama Initiative: Implications for Human Security and Sustainable Development in Nigeria
Authors: Albert T. Akume, Yahya M. Abdullahi
Abstract:
The impact of poverty on individual and society is grave, hence the efforts by the government to eradicate or alleviate. In Nigeria the various efforts to reduce rural poverty by empowering them and making the process of their development self-sustaining have ended dismally. That notwithstanding, government determination to conquer poverty has not diminish as in the early 1990s the government with financial collaboration from the World Bank and African Development Bank introduced the fadama project. It is against this backdrop that this paper uses the documentary and analytical research methods to examine the implication the fadama development project has for community capacity development and human security in Nigeria. From the analysis it was discovered the fadama project improved household income of fadama farmers, community empowerment, participatory development planning and support for demand driven productive investment in farm and non-farm activities including community infrastructures. Despite this impressive result the fadama project is challenged by conflict especially in northern Nigeria and late delivery of necessary farm consumables that aid improved productivity. It was therefore recommended that the government should strengthen her various state security institutions to proactively mitigate conflicts and to ensure that farm consumables and other support services reach farmers timely.Keywords: capacity development, empowerment, fadama, human security, poverty reduction, theory of change, sustainable development
Procedia PDF Downloads 4962770 Strengthening the Security of the Thai-Myanmar Border Trade of the People in the Mae Sot Customs Checkpoint Area, Tak Province
Authors: Sakapas Saengchai
Abstract:
A Study on Strengthening the Security of the Thai-Myanmar Border Trade Area of the people in the Mae Sot customs checkpoint area, Tak province, was designed as a qualitative research study. Its objectives were to study the principles of strengthening border trade security and enhancing people's participation. To develop a border trade model that enhances the spatial economy and improves people's quality of life by collecting data using a participant observation method. In-depth interview group chats border checkpoint administrators, Mae Sot customs checkpoint, Tak province, private entrepreneurs, community leaders, and the opening of a community forum to exchange opinions with people in the area. The results of the study found that 1. Security development is to promote crime reduction. Reduce drug trafficking problems Smuggling and human trafficking have been reduced. Including planning and preparation to protect people from terrorism, epidemics, and communicable diseases, including cooperation with Burma on border rules for people and workers, 2. Wealth development is to promote investment. Transport links value chain logistics Cross-border goods and services on the Thai-Myanmar border Both amending regulations and laws to promote fair trade. Emphasis on convenient and fast service as well as promoting the Thai border area to be a tourist attraction that can create prosperity and income for the community in the area By using balanced natural resources, with production and consumption that are environmentally friendly, and emphasizes the participation of the public sector, the private sector, and people from all sectors in the sustainable development of the Thai border.Keywords: security, border trade, customs, participation, people
Procedia PDF Downloads 1812769 Energy Security and Sustainable Development: Challenges and Prospects
Authors: Abhimanyu Behera
Abstract:
Over the past few years, energy security and sustainable development have moved rapidly into the global agenda. There are two main reasons: first, the impact of high and often volatile energy prices; second, concerns over environmental sustainability particularly about the global climate. Both issues are critically important in which impressive economic growth has boosted the demand for energy and put corresponding strains on the environment. Energy security is a broad concept that focuses on energy availability and pricing. Specifically, it refers to the ability of the energy supply system i.e. suppliers, transporters, distributors and regulatory, financial and R&D institutions to deliver the amount of competitively priced energy that customers demand, within accepted standards of reliability, timeliness, quality, safety. Traditionally, energy security has been defined in the context of the geopolitical risks to external oil supplies but today it is encompassing all energy forms, all the external and internal links bringing the energy to the final consumer, and all the many ways energy supplies can be disrupted including equipment malfunctions, system design flaws, operator errors, malicious computer activities, deficient market and regulatory frameworks, corporate financial problems, labour actions, severe weather and natural events, aggressive acts (e.g. war, terrorism and sabotage), and geopolitical disruptions. In practice, the most challenging disruptions are those linked to: 1) extreme weather events; 2) mismatched electricity supply and demand; 3) regulatory failures; and 4) concentration of oil and gas resources in certain regions of the world. However, insecure energy supplies inhibit development by raising energy costs and imposing expensive cuts in services when disruptions actually occur. The energy supply sector can best advance sustainable development by producing and delivering secure and environmentally-friendly sources of energy and by increasing the efficiency of energy use. With this objective, this paper seeks to highlight the significance of energy security and sustainable development in today’s world. Moreover, it critically overhauls the major challenges towards sustainability of energy security and what are the major policies are taken to overcome these challenges by Government is lucidly explicated in this paper.Keywords: energy, policies, security, sustainability
Procedia PDF Downloads 3882768 Classification of IoT Traffic Security Attacks Using Deep Learning
Authors: Anum Ali, Kashaf ad Dooja, Asif Saleem
Abstract:
The future smart cities trend will be towards Internet of Things (IoT); IoT creates dynamic connections in a ubiquitous manner. Smart cities offer ease and flexibility for daily life matters. By using small devices that are connected to cloud servers based on IoT, network traffic between these devices is growing exponentially, whose security is a concerned issue, since ratio of cyber attack may make the network traffic vulnerable. This paper discusses the latest machine learning approaches in related work further to tackle the increasing rate of cyber attacks, machine learning algorithm is applied to IoT-based network traffic data. The proposed algorithm train itself on data and identify different sections of devices interaction by using supervised learning which is considered as a classifier related to a specific IoT device class. The simulation results clearly identify the attacks and produce fewer false detections.Keywords: IoT, traffic security, deep learning, classification
Procedia PDF Downloads 1522767 An Efficient Mitigation Plan to Encounter Various Vulnerabilities in Internet of Things Enterprises
Authors: Umesh Kumar Singh, Abhishek Raghuvanshi, Suyash Kumar Singh
Abstract:
As IoT networks gain popularity, they are more susceptible to security breaches. As a result, it is crucial to analyze the IoT platform as a whole from the standpoint of core security concepts. The Internet of Things relies heavily on wireless networks, which are well-known for being susceptible to a wide variety of attacks. This article provides an analysis of many techniques that may be used to identify vulnerabilities in the software and hardware associated with the Internet of Things (IoT). In the current investigation, an experimental setup is built with the assistance of server computers, client PCs, Internet of Things development boards, sensors, and cloud subscriptions. Through the use of network host scanning methods and vulnerability scanning tools, raw data relating to IoT-based applications and devices may be collected. Shodan is a tool that is used for scanning, and it is also used for effective vulnerability discovery in IoT devices as well as penetration testing. This article presents an efficient mitigation plan for encountering vulnerabilities in the Internet of Things.Keywords: internet of things, security, privacy, vulnerability identification, mitigation plan
Procedia PDF Downloads 402766 A Review on Factors Influencing Implementation of Secure Software Development Practices
Authors: Sri Lakshmi Kanniah, Mohd Naz’ri Mahrin
Abstract:
More and more businesses and services are depending on software to run their daily operations and business services. At the same time, cyber-attacks are becoming more covert and sophisticated, posing threats to software. Vulnerabilities exist in the software due to the lack of security practices during the phases of software development. Implementation of secure software development practices can improve the resistance to attacks. Many methods, models and standards for secure software development have been developed. However, despite the efforts, they still come up against difficulties in their deployment and the processes are not institutionalized. There is a set of factors that influence the successful deployment of secure software development processes. In this study, the methodology and results from a systematic literature review of factors influencing the implementation of secure software development practices is described. A total of 44 primary studies were analysed as a result of the systematic review. As a result of the study, a list of twenty factors has been identified. Some of factors that affect implementation of secure software development practices are: Involvement of the security expert, integration between security and development team, developer’s skill and expertise, development time and communication between stakeholders. The factors were further classified into four categories which are institutional context, people and action, project content and system development process. The results obtained show that it is important to take into account organizational, technical and people issues in order to implement secure software development initiatives.Keywords: secure software development, software development, software security, systematic literature review
Procedia PDF Downloads 3772765 Brazilian Public Security: Governability and Constitutional Change
Authors: Gabriel Dolabella, Henrique Rangel, Stella Araújo, Carlos Bolonha, Igor de Lazari
Abstract:
Public security is a common subject on the Brazilian political agenda. The seventh largest economy in the world has high crime and insecurity rates. Specialists try to explain this social picture based on poverty, inequality or public policies addressed to drug trafficking. This excerpt approaches State measures to handle that picture. Therefore, the public security - law enforcement institutions - is at the core of this paper, particularly the relationship among federal and state law enforcement agencies, mainly ruled by a system of urgency. The problems are informal changes on law enforcement management and public opinion collaboration to these changes. Whenever there were huge international events, Brazilian armed forces occupied streets to assure law enforcement - ensuring the order. This logic, considered in the long time, could impact the federal structure of the country. The post-madisonian theorists verify that urgency is often associated to delegation of powers, which is true for Brazilian law enforcement, but here there is a different delegation: States continuously delegate law enforcement powers to the federal government throughout the use of Armed Forces. Therefore, the hypothesis is: Brazil is under a political process of federalization of public security. The political framework addressed here can be explained by the disrespect of legal constraints and the failure of rule of law theoretical models. The methodology of analysis is based on general criteria. Temporally, this study investigates events from 2003, when discussions about the disarmament statute begun. Geographically, this study is limited to Brazilian borders. Materially, the analysis result from the observation of legal resources and political resources (pronouncements of government officials). The main parameters are based on post-madisonianism and federalization of public security can be assessed through credibility and popularity that allow evaluation of this political process of constitutional change. The objective is to demonstrate how the Military Forces are used in public security, not as a random fact or an isolated political event, in order to understand the political motivations and effects that stem from that use from an institutional perspective.Keywords: public security, governability, rule of law, federalism
Procedia PDF Downloads 6772764 Development of a Data Security Model Using Steganography
Authors: Terungwa Simon Yange, Agana Moses A.
Abstract:
This paper studied steganography and designed a simplistic approach to a steganographic tool for hiding information in image files with the view of addressing the security challenges with data by hiding data from unauthorized users to improve its security. The Structured Systems Analysis and Design Method (SSADM) was used in this work. The system was developed using Java Development Kit (JDK) 1.7.0_10 and MySQL Server as its backend. The system was tested with some hypothetical health records which proved the possibility of protecting data from unauthorized users by making it secret so that its existence cannot be easily recognized by fraudulent users. It further strengthens the confidentiality of patient records kept by medical practitioners in the health setting. In conclusion, this work was able to produce a user friendly steganography software that is very fast to install and easy to operate to ensure privacy and secrecy of sensitive data. It also produced an exact copy of the original image and the one carrying the secret message when compared with each.Keywords: steganography, cryptography, encryption, decryption, secrecy
Procedia PDF Downloads 2652763 Signs, Signals and Syndromes: Algorithmic Surveillance and Global Health Security in the 21st Century
Authors: Stephen L. Roberts
Abstract:
This article offers a critical analysis of the rise of syndromic surveillance systems for the advanced detection of pandemic threats within contemporary global health security frameworks. The article traces the iterative evolution and ascendancy of three such novel syndromic surveillance systems for the strengthening of health security initiatives over the past two decades: 1) The Program for Monitoring Emerging Diseases (ProMED-mail); 2) The Global Public Health Intelligence Network (GPHIN); and 3) HealthMap. This article demonstrates how each newly introduced syndromic surveillance system has become increasingly oriented towards the integration of digital algorithms into core surveillance capacities to continually harness and forecast upon infinitely generating sets of digital, open-source data, potentially indicative of forthcoming pandemic threats. This article argues that the increased centrality of the algorithm within these next-generation syndromic surveillance systems produces a new and distinct form of infectious disease surveillance for the governing of emergent pathogenic contingencies. Conceptually, the article also shows how the rise of this algorithmic mode of infectious disease surveillance produces divergences in the governmental rationalities of global health security, leading to the rise of an algorithmic governmentality within contemporary contexts of Big Data and these surveillance systems. Empirically, this article demonstrates how this new form of algorithmic infectious disease surveillance has been rapidly integrated into diplomatic, legal, and political frameworks to strengthen the practice of global health security – producing subtle, yet distinct shifts in the outbreak notification and reporting transparency of states, increasingly scrutinized by the algorithmic gaze of syndromic surveillance.Keywords: algorithms, global health, pandemic, surveillance
Procedia PDF Downloads 1842762 Women and Food Security: Evidence from Bangladesh Demographic Health Survey 2011
Authors: Abdullah Al. Morshed, Mohammad Nahid Mia
Abstract:
Introduction: Food security refers to the availability of food and a person’s access to it. It is a complex sustainable development issue, which is closely related to under-nutrition. Food security, in turn, can widely affect the living standard, and is rooted in poverty and leads to poor health, low productivity, low income, food shortage, and hunger. The study's aim was to identify the most vulnerable women who are in insecure positions. Method: 17,842 married women were selected for analysis from the Bangladesh Demographic and Health Survey 2011. Food security defined as dichotomous variables of skipped meals and eaten less food at least once in the last year. The outcome variables were cross-tabulated with women's socio-demographic characteristics and chi2 test was applied to see the significance. Logistic regression models were applied to identify the most vulnerable groups in terms of food security. Result: Only 18.5% of women said that they ever had to skip meals in the last year. 45.7% women from low socioeconomic status had skip meal for at least once whereas only 3.6% were from women with highest socioeconomic status. Women meal skipping was ranged from 1.4% to 34.2% by their educational status. 22% of women were eaten less food during the last year. The rate was higher among the poorest (51.6%), illiterate (39.9%) and household have no electricity connection (38.1) in compared with richest (4.4%), higher educated (2.0%), and household has electricity connection (14.0%). The logistic regression analysis indicated that household socioeconomic status, and women education show strong gradients to skip meals. Poorest have had higher odds (20.9) than richest and illiterate women had 7.7 higher odds than higher educated. In terms of religion, Christianity was 2.3 times more likely to skip their meals than Islam. On the other hand, a similar trend was observed in our other outcome variable eat less food. Conclusion: In this study we able to identify women with lower economics status and women with no education were mostly suffered group from starvation.Keywords: food security, hunger, under-nutrition, women
Procedia PDF Downloads 3732761 Learning Disability or Learning Differences: Understanding Differences Between Cultural and Linguistic Diversity, Learning Differences, and Learning Disabilities
Authors: Jolanta Jonak, Sylvia Tolczyk
Abstract:
Students demonstrate various learning preferences and learning styles that range from visual, auditory to kinesthetic preferences. These learning preferences are further impacted by individual cognitive make up that characterizes itself in linguistic strengths, logical- special, inter-or intra- personal, just to name a few. Students from culturally and linguistically diverse backgrounds (CLD) have an increased risk of being misunderstood by many school systems and even medical personnel. CLD students are influenced by many factors (like acculturation and experience) that may impact their achievements and functioning levels. CLD students who develop initial or basic interpersonal communication proficiency skills in the target language are even at a higher risk for being suspected of learning disability when they are underachieving academically. Research indicates that large numbers of students arenot provided the type of education and types of supports they need in order to be successful in an academicenvironment. Multiple research findings indicate that significant numbers of school staff self-reports that they do not feel adequately prepared to work with CLD students. It is extremely important for the school staff, especially school psychologists, who often are the first experts that are consulted, to be educated about overlapping symptoms and settle differences between learning difference and disability. It is equally important for medical personnel, mainly pediatricians, psychologists, and psychiatrists, to understand the subtle differences to avoid inaccurate opinions. Having the knowledge, school staff can avoid unnecessary referrals for special education evaluations and avoid inaccurate decisions about the presence of a disability. This presentation will illustrate distinctions based on research between learning differences and disabilities, how to recognize them, and how to assess for them.Keywords: special education, learning disability, differentiation, differences
Procedia PDF Downloads 1562760 AMBICOM: An Ambient Computing Middleware Architecture for Heterogeneous Environments
Authors: Ekrem Aksoy, Nihat Adar, Selçuk Canbek
Abstract:
Ambient Computing or Ambient Intelligence (AmI) is emerging area in computer science aiming to create intelligently connected environments and Internet of Things. In this paper, we propose communication middleware architecture for AmI. This middleware architecture addresses problems of communication, networking, and abstraction of applications, although there are other aspects (e.g. HCI and Security) within general AmI framework. Within this middleware architecture, any application developer might address HCI and Security issues with extensibility features of this platform.Keywords: AmI, ambient computing, middleware, distributed-systems, software-defined networking
Procedia PDF Downloads 2842759 Runtime Monitoring Using Policy-Based Approach to Control Information Flow for Mobile Apps
Authors: Mohamed Sarrab, Hadj Bourdoucen
Abstract:
Mobile applications are verified to check the correctness or evaluated to check the performance with respect to specific security properties such as availability, integrity, and confidentiality. Where they are made available to the end users of the mobile application is achievable only to a limited degree using software engineering static verification techniques. The more sensitive the information, such as credit card data, personal medical information or personal emails being processed by mobile application, the more important it is to ensure the confidentiality of this information. Monitoring non-trusted mobile application during execution in an environment where sensitive information is present is difficult and unnerving. The paper addresses the issue of monitoring and controlling the flow of confidential information during non-trusted mobile application execution. The approach concentrates on providing a dynamic and usable information security solution by interacting with the mobile users during the run-time of mobile application in response to information flow events.Keywords: mobile application, run-time verification, usable security, direct information flow
Procedia PDF Downloads 3812758 Addressing Urban Security Challenges in Nigeria through Neighborhood Renewal: A Reflection of Mokola World Bank Slum Upgrading Pilot Project
Authors: Tabiti S. Tabiti, A. M. Jinadu, Daramola Japheth
Abstract:
Urban insecurity is among the challenges militating against sustainable urban governance; in the first place it distorts the peace of urban areas making them unsafe. On the other hand it hinders the effective performance of urban functions. Urban security challenges manifest in different forms such as, street violence, theft and robbery, accidents of different types kidnapping, killings etc.. Efforts to address urban security challenges in Nigeria have been concentrated in legislative, law enforcement and the use of community vigilante groups. However in this study, the place of physical planning strategy through effective neighbourhood renewal as practiced in Mokola is presented as an effective complementary approach for addressing urban insecurity. On this backdrop, the paper recommends the need for gradual rehabilitation of urban slum neighborhoods by the state government in collaboration with World Bank and other development financiers. The local governments should be made autonomy in Nigeria so as to make them more responsible to the people. Other recommendations suggested in the paper include creating enabling environment that will promote economic empowerment and public enlightment on personal and community sanitation. It is certain that if these recommendations are adopted the challenge of urban insecurity will reduce significantly in Nigerian cities.Keywords: neighbourhood renewal, pilot project, slum upgrading, urban security
Procedia PDF Downloads 4372757 Mobile Payment over NFC: The M-Check System Case
Authors: Karima Maazouz, Habib Benlahmer, Naceur Achtaich
Abstract:
The realization of mobile payments will make possible new and unforeseen ways of convenience and m-commerce. Mobile payment today benefit from technology and trends. NFC technology is creating a new era of contactless mobile payment. the “M-check” is a mobile payment system provides a new way facilitating transaction with high valued payment and enable new m-commerce. The objective of the paper is to propose a new solution for m-payment. The proposed combination of m-check system and NFC offers acceptable security for payment mobile, client’s satisfaction, and simplifies the process payment between clients and merchants.Keywords: M-payment, NFC, M-check, M-commerce, security
Procedia PDF Downloads 596