Search results for: hardware security evaluation
9436 Enhancing Cloud Computing with Security Trust Model
Authors: John Ayoade
Abstract:
Cloud computing is a model that enables the delivery of on-demand computing resources such as networks, servers, storage, applications and services over the internet. Cloud Computing is a relatively growing concept that presents a good number of benefits for its users; however, it also raises some security challenges which may slow down its use. In this paper, we identify some of those security issues that can serve as barriers to realizing the full benefits that cloud computing can bring. One of the key security problems is security trust. A security trust model is proposed that can enhance the confidence that users need to fully trust the use of public and mobile cloud computing and maximize the potential benefits that they offer.Keywords: cloud computing, trust, security, certificate authority, PKI
Procedia PDF Downloads 4849435 An Efficient Hardware/Software Workflow for Multi-Cores Simulink Applications
Authors: Asma Rebaya, Kaouther Gasmi, Imen Amari, Salem Hasnaoui
Abstract:
Over these last years, applications such as telecommunications, signal processing, digital communication with advanced features (Multi-antenna, equalization..) witness a rapid evaluation accompanied with an increase of user exigencies in terms of latency, the power of computation… To satisfy these requirements, the use of hardware/software systems is a common solution; where hardware is composed of multi-cores and software is represented by models of computation, synchronous data flow (SDF) graph for instance. Otherwise, the most of the embedded system designers utilize Simulink for modeling. The issue is how to simplify the c code generation, for a multi-cores platform, of an application modeled by Simulink. To overcome this problem, we propose a workflow allowing an automatic transformation from the Simulink model to the SDF graph and providing an efficient schedule permitting to optimize the number of cores and to minimize latency. This workflow goes from a Simulink application and a hardware architecture described by IP.XACT language. Based on the synchronous and hierarchical behavior of both models, the Simulink block diagram is automatically transformed into an SDF graph. Once this process is successfully achieved, the scheduler calculates the optimal cores’ number needful by minimizing the maximum density of the whole application. Then, a core is chosen to execute a specific graph task in a specific order and, subsequently, a compatible C code is generated. In order to perform this proposal, we extend Preesm, a rapid prototyping tool, to take the Simulink model as entry input and to support the optimal schedule. Afterward, we compared our results to this tool results, using a simple illustrative application. The comparison shows that our results strictly dominate the Preesm results in terms of number of cores and latency. In fact, if Preesm needs m processors and latency L, our workflow need processors and latency L'< L.Keywords: hardware/software system, latency, modeling, multi-cores platform, scheduler, SDF graph, Simulink model, workflow
Procedia PDF Downloads 2699434 Digital Preservation: A Need of Tomorrow
Authors: Gaurav Kumar
Abstract:
Digital libraries have been established all over the world to create, maintain and to preserve the digital materials. This paper exhibits the importance and objectives of digital preservation. The necessities of preservation are hardware and software technology to interpret the digital documents and discuss various aspects of digital preservation.Keywords: preservation, digital preservation, conservation, archive, repository, document, information technology, hardware, software, organization, machine readable format
Procedia PDF Downloads 5889433 Blockchain Technology Security Evaluation: Voting System Based on Blockchain
Authors: Omid Amini
Abstract:
Nowadays, technology plays the most important role in the life of human beings because people use technology to share data and to communicate with each other, but the challenge is the security of this data. For instance, as more people turn to technology in the world, more data is generated, and more hackers try to steal or infiltrate data. In addition, the data is under the control of the central authority, which can trigger the challenge of losing information and changing information; this can create widespread anxiety for different people in different communities. In this paper, we sought to investigate Blockchain technology that can guarantee information security and eliminate the challenge of central authority access to information. Now a day, people are suffering from the current voting system. This means that the lack of transparency in the voting system is a big problem for society and the government in most countries, but blockchain technology can be the best alternative to the previous voting system methods because it removes the most important challenge for voting. According to the results, this research can be a good start to getting acquainted with this new technology, especially on the security part and familiarity with how to use a voting system based on blockchain in the world. At the end of this research, it is concluded that the use of blockchain technology can solve the major security problem and lead to a secure and transparent election.Keywords: blockchain, technology, security, information, voting system, transparency
Procedia PDF Downloads 1329432 High Level Synthesis of Canny Edge Detection Algorithm on Zynq Platform
Authors: Hanaa M. Abdelgawad, Mona Safar, Ayman M. Wahba
Abstract:
Real-time image and video processing is a demand in many computer vision applications, e.g. video surveillance, traffic management and medical imaging. The processing of those video applications requires high computational power. Therefore, the optimal solution is the collaboration of CPU and hardware accelerators. In this paper, a Canny edge detection hardware accelerator is proposed. Canny edge detection is one of the common blocks in the pre-processing phase of image and video processing pipeline. Our presented approach targets offloading the Canny edge detection algorithm from processing system (PS) to programmable logic (PL) taking the advantage of High Level Synthesis (HLS) tool flow to accelerate the implementation on Zynq platform. The resulting implementation enables up to a 100x performance improvement through hardware acceleration. The CPU utilization drops down and the frame rate jumps to 60 fps of 1080p full HD input video stream.Keywords: high level synthesis, canny edge detection, hardware accelerators, computer vision
Procedia PDF Downloads 4789431 On the Use of Machine Learning for Tamper Detection
Authors: Basel Halak, Christian Hall, Syed Abdul Father, Nelson Chow Wai Kit, Ruwaydah Widaad Raymode
Abstract:
The attack surface on computing devices is becoming very sophisticated, driven by the sheer increase of interconnected devices, reaching 50B in 2025, which makes it easier for adversaries to have direct access and perform well-known physical attacks. The impact of increased security vulnerability of electronic systems is exacerbated for devices that are part of the critical infrastructure or those used in military applications, where the likelihood of being targeted is very high. This continuously evolving landscape of security threats calls for a new generation of defense methods that are equally effective and adaptive. This paper proposes an intelligent defense mechanism to protect from physical tampering, it consists of a tamper detection system enhanced with machine learning capabilities, which allows it to recognize normal operating conditions, classify known physical attacks and identify new types of malicious behaviors. A prototype of the proposed system has been implemented, and its functionality has been successfully verified for two types of normal operating conditions and further four forms of physical attacks. In addition, a systematic threat modeling analysis and security validation was carried out, which indicated the proposed solution provides better protection against including information leakage, loss of data, and disruption of operation.Keywords: anti-tamper, hardware, machine learning, physical security, embedded devices, ioT
Procedia PDF Downloads 1539430 Security Architecture for Cloud Networking: A Survey
Authors: Vishnu Pratap Singh Kirar
Abstract:
In the cloud computing hierarchy IaaS is the lowest layer, all other layers are built over it. Thus it is the most important layer of cloud and requisite more importance. Along with advantages IaaS faces some serious security related issue. Mainly Security focuses on Integrity, confidentiality and availability. Cloud computing facilitate to share the resources inside as well as outside of the cloud. On the other hand, cloud still not in the state to provide surety to 100% data security. Cloud provider must ensure that end user/client get a Quality of Service. In this report we describe possible aspects of cloud related security.Keywords: cloud computing, cloud networking, IaaS, PaaS, SaaS, cloud security
Procedia PDF Downloads 5309429 Islamic Social Security: A Discourse
Authors: Safiyya A. Abba, Shehu U. R. Aliyu
Abstract:
This paper deals with Islamic social security: a discourse explores the meaning and nature of Islamic social security system. The paper reviews the social security framework and operations during the early period. The paper further identifies the instruments of Islamic social security discusses its principles and objectives. The paper discovers that Islamic social security is a personification of a comprehensive welfare approach in view of its varied instruments that are deeply rooted in the Islamic law, unique principles and realistic and achievable objectives. Furthermore, the Islamic social security system has far reaching socioeconomic implications; social justice, cohesion, equity, a catalyst for poverty eradication, income redistribution, economic growth and development.Keywords: Islamic social security, basic needs, zakat, socioeconomic justice, equity
Procedia PDF Downloads 4409428 Tenure Security, Agricultural Diversity and Food Security
Authors: Amanuel Hadera Gebreyesus
Abstract:
In the literature, the study of tenure and food security has largely involved separate lines of inquiry. In effect, the nexus among these has received little attention; and the underinvestment in research related to the relationship between tenure and food security deters generation of tenure-related knowledge and policy guidance for improving food and nutrition security. Drawing from this motivation, we study the relationship among tenure security, agricultural diversity and food security and dietary diversity. We employ IV approaches to examine the effect of tenure security and agricultural diversity on food security and dietary diversity. We find tenure security is inversely related with food insecurity as shown by its negative association with hunger scale, hunger index and hunger category. On the other hand, results suggest that tenure security improves minimum dietary diversity of women while we find no association with child dietary diversity. Moreover, agricultural diversity is positively related with minimum dietary diversity of women, which may point to higher accessibility and consumption of dietary food groups by women. Also, findings suggest that farmers use their human (knowledge and skills) and resource (land) endowments to improve food security and dietary diversity. An implication from this is the importance of not only improving access to land but also long-term tenure security to promote agricultural diversity, food security and dietary diversity.Keywords: tenure security, food security, agricultural diversity, dietary diversity, women
Procedia PDF Downloads 2169427 Linux Security Management: Research and Discussion on Problems Caused by Different Aspects
Authors: Ma Yuzhe, Burra Venkata Durga Kumar
Abstract:
The computer is a great invention. As people use computers more and more frequently, the demand for PCs is growing, and the performance of computer hardware is also rising to face more complex processing and operation. However, the operating system, which provides the soul for computers, has stopped developing at a stage. In the face of the high price of UNIX (Uniplexed Information and Computering System), batch after batch of personal computer owners can only give up. Disk Operating System is too simple and difficult to bring innovation into play, which is not a good choice. And MacOS is a special operating system for Apple computers, and it can not be widely used on personal computers. In this environment, Linux, based on the UNIX system, was born. Linux combines the advantages of the operating system and is composed of many microkernels, which is relatively powerful in the core architecture. Linux system supports all Internet protocols, so it has very good network functions. Linux supports multiple users. Each user has no influence on their own files. Linux can also multitask and run different programs independently at the same time. Linux is a completely open source operating system. Users can obtain and modify the source code for free. Because of these advantages of Linux, it has also attracted a large number of users and programmers. The Linux system is also constantly upgraded and improved. It has also issued many different versions, which are suitable for community use and commercial use. Linux system has good security because it relies on a file partition system. However, due to the constant updating of vulnerabilities and hazards, the using security of the operating system also needs to be paid more attention to. This article will focus on the analysis and discussion of Linux security issues.Keywords: Linux, operating system, system management, security
Procedia PDF Downloads 1089426 A Survey on Countermeasures of Cache-Timing Attack on AES Systems
Authors: Settana M. Abdulh, Naila A. Sadalla, Yaseen H. Taha, Howaida Elshoush
Abstract:
Side channel attacks are based on side channel information, which is information that is leaked from encryption systems. This includes timing information, power consumption as well as electromagnetic or even sound leaking which can exploited by an attacker. Implementing side channel attacks are possible if and only if an attacker has access to a cryptosystem. In this case, the attacker can exploit bad implementation in software or hardware which is not controlled by encryption implementer. Thus, he/she will represent a real threat to the security system. Several countermeasures have been proposed to eliminate side channel information vulnerability.Cache timing attack is a special type of side channel attack. Here, timing information is collected and analyzed by an attacker to guess sensitive information such as encryption key or plaintext. This paper reviews the technique applied in this attack and surveys the countermeasures against it, evaluating the feasibility and usability of each. Based on this evaluation, finally we pose several recommendations about using these countermeasures.Keywords: AES algorithm, side channel attack, cache timing attack, cache timing countermeasure
Procedia PDF Downloads 2999425 Comparative Analysis between Wired and Wireless Technologies in Communications: A Review
Authors: Jafaru Ibrahim, Tonga Agadi Danladi, Haruna Sani
Abstract:
Many telecommunications industry are looking for new ways to maximize their investment in communication networks while ensuring reliable and secure information transmission. There is a variety of communications medium solutions, the two must popularly in used are wireless technology and wired options, such as copper and fiber-optic cable. Wired network has proven its potential in the olden days but nowadays wireless communication has emerged as a robust and most intellect and preferred communication technique. Each of these types of communication medium has their advantages and disadvantages according to its technological characteristics. Wired and wireless networking has different hardware requirements, ranges, mobility, reliability and benefits. The aim of the paper is to compare both the Wired and Wireless medium on the basis of various parameters such as usability, cost, efficiency, flexibility, coverage, reliability, mobility, speed, security etc.Keywords: cost, mobility, reliability, speed, security, wired, wireless
Procedia PDF Downloads 4709424 An Efficient Encryption Scheme Using DWT and Arnold Transforms
Authors: Ali Abdrhman M. Ukasha
Abstract:
Data security needed in data transmission, storage, and communication to ensure the security. The color image is decomposed into red, green, and blue channels. The blue and green channels are compressed using 3-levels discrete wavelet transform. The Arnold transform uses to changes the locations of red image channel pixels as image scrambling process. Then all these channels are encrypted separately using a key image that has same original size and is generating using private keys and modulo operations. Performing the X-OR and modulo operations between the encrypted channels images for image pixel values change purpose. The extracted contours of color image recovery can be obtained with accepted level of distortion using Canny edge detector. Experiments have demonstrated that proposed algorithm can fully encrypt 2D color image and completely reconstructed without any distortion. It has shown that the color image can be protected with a higher security level. The presented method has easy hardware implementation and suitable for multimedia protection in real time applications such as wireless networks and mobile phone services.Keywords: color image, wavelet transform, edge detector, Arnold transform, lossy image encryption
Procedia PDF Downloads 4829423 Simple Ways to Enhance the Security of Web Services
Authors: Majid Azarniush, Soroush Mokallaei
Abstract:
Although robust security software, including anti-viruses, anti spy wares, anti-spam and firewalls, are amalgamated with new technologies such as Safe Zone, Hybrid Cloud, Sand Box etc., and it can be said that they have managed to prepare highest level of security against viruses, spy wares and other malwares in 2012, but in fact hackers' attacks to websites are increasingly becoming more and more complicated. Because of security matters and developments, it can be said that it was expected to happen so. Here in this work, we try to point out to some functional and vital notes to enhance security on the web enabling the user to browse safely in no limit web world and to use virtual space securely.Keywords: firewalls, security, web services, software
Procedia PDF Downloads 5129422 Survey of Access Controls in Cloud Computing
Authors: Monirah Alkathiry, Hanan Aljarwan
Abstract:
Cloud computing is one of the most significant technologies that the world deals with, in different sectors with different purposes and capabilities. The cloud faces various challenges in securing data from unauthorized access or modification. Consequently, security risks and levels have greatly increased. Therefore, cloud service providers (CSPs) and users need secure mechanisms that ensure that data are kept secret and safe from any disclosures or exploits. For this reason, CSPs need a number of techniques and technologies to manage and secure access to the cloud services to achieve security goals, such as confidentiality, integrity, identity access management (IAM), etc. Therefore, this paper will review and explore various access controls implemented in a cloud environment that achieve different security purposes. The methodology followed in this survey was conducting an assessment, evaluation, and comparison between those access controls mechanisms and technologies based on different factors, such as the security goals it achieves, usability, and cost-effectiveness. This assessment resulted in the fact that the technology used in an access control affects the security goals it achieves as well as there is no one access control method that achieves all security goals. Consequently, such a comparison would help decision-makers to choose properly the access controls that meet their requirements.Keywords: access controls, cloud computing, confidentiality, identity and access management
Procedia PDF Downloads 1319421 Multi-Dimension Threat Situation Assessment Based on Network Security Attributes
Authors: Yang Yu, Jian Wang, Jiqiang Liu, Lei Han, Xudong He, Shaohua Lv
Abstract:
As the increasing network attacks become more and more complex, network situation assessment based on log analysis cannot meet the requirements to ensure network security because of the low quality of logs and alerts. This paper addresses the lack of consideration of security attributes of hosts and attacks in the network. Identity and effectiveness of Distributed Denial of Service (DDoS) are hard to be proved in risk assessment based on alerts and flow matching. This paper proposes a multi-dimension threat situation assessment method based on network security attributes. First, the paper offers an improved Common Vulnerability Scoring System (CVSS) calculation, which includes confident risk, integrity risk, availability risk and a weighted risk. Second, the paper introduces deterioration rate of properties collected by sensors in hosts and network, which aimed at assessing the time and level of DDoS attacks. Third, the paper introduces distribution of asset value in security attributes considering features of attacks and network, which aimed at assessing and show the whole situation. Experiments demonstrate that the approach reflects effectiveness and level of DDoS attacks, and the result can show the primary threat in network and security requirement of network. Through comparison and analysis, the method reflects more in security requirement and security risk situation than traditional methods based on alert and flow analyzing.Keywords: DDoS evaluation, improved CVSS, network security attribute, threat situation assessment
Procedia PDF Downloads 2099420 Investigation of Information Security Incident Management Based on International Standard ISO/IEC 27002 in Educational Hospitals in 2014
Authors: Nahid Tavakoli, Asghar Ehteshami, Akbar Hassanzadeh, Fatemeh Amini
Abstract:
Introduction: The Information security incident management guidelines was been developed to help hospitals to meet their information security event and incident management requirements. The purpose of this Study was to investigate on Information Security Incident Management in Isfahan’s educational hospitals in accordance to ISO/IEC 27002 standards. Methods: This was a cross-sectional study to investigate on Information Security Incident Management of educational hospitals in 2014. Based on ISO/IEC 27002 standards, two checklists were applied to check the compliance with standards on Reporting Information Security Events and Weakness and Management of Information Security Incidents and Improvements. One inspector was trained to carry out the assessments in the hospitals. The data was analyzed by SPSS. Findings: In general the score of compliance Information Security Incident Management requirements in two steps; Reporting Information Security Events and Weakness and Management of Information Security Incidents and Improvements was %60. There was the significant difference in various compliance levels among the hospitals (p-value9419 Developing a Systems Dynamics Model for Security Management
Authors: Kuan-Chou Chen
Abstract:
This paper will demonstrate a simulation model of an information security system by using the systems dynamic approach. The relationships in the system model are designed to be simple and functional and do not necessarily represent any particular information security environments. The purpose of the paper aims to develop a generic system dynamic information security system model with implications on information security research. The interrelated and interdependent relationships of five primary sectors in the system dynamic model will be presented in this paper. The integrated information security systems model will include (1) information security characteristics, (2) users, (3) technology, (4) business functions, and (5) policy and management. Environments, attacks, government and social culture will be defined as the external sector. The interactions within each of these sectors will be depicted by system loop map as well. The proposed system dynamic model will not only provide a conceptual framework for information security analysts and designers but also allow information security managers to remove the incongruity between the management of risk incidents and the management of knowledge and further support information security managers and decision makers the foundation for managerial actions and policy decisions.Keywords: system thinking, information security systems, security management, simulation
Procedia PDF Downloads 4299418 Enterprise Security Architecture: Approaches and a Framework
Authors: Amir Mohtarami, Hadi Kandjani
Abstract:
The amount of business-critical information in enterprises is growing at an extraordinary rate, and the ability to catalog that information and properly protect it using traditional security mechanisms is not keeping pace. Alongside the Information Technology (IT), information security needs a holistic view in enterprise. In other words, a comprehensive architectural approach is required, focusing on the information itself, understanding what the data are, who owns it, and which business and regulatory policies should be applied to the information. Enterprise Architecture Frameworks provide useful tools to grasp different dimensions of IT in organizations. Usually this is done by the layered views on IT architecture, but not requisite security attention has been held in this frameworks. In this paper, after a brief look at the Enterprise Architecture (EA), we discuss the issue of security in the overall enterprise IT architecture. Due to the increasing importance of security, a rigorous EA program in an enterprise should be able to consider security architecture as an integral part of its processes and gives a visible roadmap and blueprint for this aim.Keywords: enterprise architecture, architecture framework, security architecture, information systems
Procedia PDF Downloads 7049417 Security as Human Value: Issue of Human Rights in Indian Sub-Continental Operations
Authors: Pratyush Vatsala, Sanjay Ahuja
Abstract:
The national security and human rights are related terms as there is nothing like absolute security or absolute human right. If we are committed to security, human right is a problem and also a solution, and if we deliberate on human rights, security is a problem but also part of the solution. Ultimately, we have to maintain a balance between the two co-related terms. As more and more armed forces are being deployed by the government within the nation for maintaining peace and security, using force against its own citizen, the search for a judicious balance between intent and action needs to be emphasized. Notwithstanding that a nation state needs complete political independence; the search for security is a driving force behind unquestioned sovereignty. If security is a human value, it overlaps the value of freedom, order, and solidarity. Now, the question needs to be explored, to what extent human rights can be compromised in the name of security in Kashmir or Mizoram like places. The present study aims to explore the issue of maintaining a balance between the use of power and good governance as human rights, providing security as a human value. This paper has been prepared with an aim of strengthening the understanding of the complex and multifaceted relationship between human rights and security forces operating for conflict management and identifies some of the critical human rights issues raised in the context of security forces operations highlighting the relevant human rights principles and standards in which Security as human value be respected at all times and in particular in the context of security forces operations in India.Keywords: Kashmir, Mizoram, security, value, human right
Procedia PDF Downloads 2799416 Seamless MATLAB® to Register-Transfer Level Design Methodology Using High-Level Synthesis
Authors: Petri Solanti, Russell Klein
Abstract:
Many designers are asking for an automated path from an abstract mathematical MATLAB model to a high-quality Register-Transfer Level (RTL) hardware description. Manual transformations of MATLAB or intermediate code are needed, when the design abstraction is changed. Design conversion is problematic as it is multidimensional and it requires many different design steps to translate the mathematical representation of the desired functionality to an efficient hardware description with the same behavior and configurability. Yet, a manual model conversion is not an insurmountable task. Using currently available design tools and an appropriate design methodology, converting a MATLAB model to efficient hardware is a reasonable effort. This paper describes a simple and flexible design methodology that was developed together with several design teams.Keywords: design methodology, high-level synthesis, MATLAB, verification
Procedia PDF Downloads 1399415 Perovskite Solar Cells Penetration on Electric Grids Based on the Power Hardware in the Loop Methodology
Authors: Alaa A. Zaky, Bandar Alfaifi, Saleh Alyahya, Alkistis Kontou, Panos Kotsampopoulos
Abstract:
In this work, we present for the first time the grid-integration of 3rd generation perovskite solar cells (PSCs) based on nanotechnology in fabrication. The effect of this penetration is analyzed in normal, fault and islanding cases of operation under different irradiation conditions using the power hardware in the loop (PHIL) methodology. The PHL method allows the PSCs connection to the electric grid which is simulated in the real-time digital simulator (RTDS), for laboratory validation of the PSCs behavior under conditions very close to real.Keywords: perovskite solar cells, power hardware in the loop, real-time digital simulator, smart grid
Procedia PDF Downloads 269414 Smart Automated Furrow Irrigation: A Preliminary Evaluation
Authors: Jasim Uddin, Rod Smith, Malcolm Gillies
Abstract:
Surface irrigation is the most popular irrigation method all over the world. However, two issues: low efficiency and huge labour involvement concern irrigators due to scarcity in recent years. To address these issues, a smart automated furrow is conceptualised that can be operated using digital devices like smartphone, iPad or computer and a preliminary evaluation was conducted in this study. The smart automated system is the integration of commercially available software and hardware. It includes real-time surface irrigation optimisation software (SISCO) and Rubicon Water’s surface irrigation automation hardware and software. The automated system consists of automatic water delivery system with 300 mm flexible pipes attached to both sides of a remotely controlled valve to operate the irrigation. A water level sensor to obtain the real-time inflow rate from the measured head in the channel, advance sensors to measure the advance time to particular points of an irrigated field, a solar-powered telemetry system including a base station to communicate all the field sensors with the main server. On the basis of field data, the software (SISCO) is optimised the ongoing irrigation and determine the optimum cut-off for particular irrigation and send this information to the control valve to stop the irrigation in a particular (cut-off) time. The preliminary evaluation shows that the automated surface irrigation worked reasonably well without manual intervention. The evaluation of farmers managed irrigation events show the potentials to save a significant amount of water and labour. A substantial amount of economic and social benefits are expected in rural industries by adopting this system. The future outcome of this work would be a fully tested commercial adaptive real-time furrow irrigation system able to compete with the pressurised alternative of centre pivot or lateral move machines on capital cost, water and labour savings but without the massive energy costs.Keywords: furrow irrigation, smart automation, infiltration, SISCO, real-time irrigation, adoptive control
Procedia PDF Downloads 4519413 Security Threats on Wireless Sensor Network Protocols
Authors: H. Gorine, M. Ramadan Elmezughi
Abstract:
In this paper, we investigate security issues and challenges facing researchers in wireless sensor networks and countermeasures to resolve them. The broadcast nature of wireless communication makes Wireless Sensor Networks prone to various attacks. Due to resources limitation constraint in terms of limited energy, computation power and memory, security in wireless sensor networks creates different challenges than wired network security. We will discuss several attempts at addressing the issues of security in wireless sensor networks in an attempt to encourage more research into this area.Keywords: wireless sensor networks, network security, light weight encryption, threats
Procedia PDF Downloads 5269412 Integrated Water Resources Management to Ensure Water Security of Arial Khan River Catchment
Authors: Abul Kalam Azad
Abstract:
Water security has become an increasingly important issue both at the national and international levels. Bangladesh having an abundance of water during monsoon while the shortage of water during the dry season is far from being water secured. Though water security has been discussed discretely at a different level but a holistic effort to ensure water security is yet to be made. The elements of water security such as sectoral demands of water, conflicting requirements amongst the sectors, balancing between demand and supply including the quality of water can best be understood and managed in a catchment as it is the standard functioning unit. The Arial Khan River catchment consists of parts of Faridpur, Madaripur, Shariatpur and Barishal districts have all the components of water demands such as agriculture, domestic, commercial, industrial, forestry, fisheries, navigation or recreation and e-flow requirements. Based on secondary and primary data, water demands of various sectors have been determined. CROPWAT 8.0 has been used to determine the Agricultural Water Demand. Mean Annual Flow (MAF) and Flow Duration Curve (FDC) have been used to determine the e-flow requirements. Water Evaluation and Planning System (WEAP) based decision support tool as part of Integrated Water Resources Management (IWRM) has been utilized for ensuring the water security of the Arial Khan River catchment. Studies and practice around the globe connected with water security were consulted to mitigate the pressure on demand and supply including the options available to ensure the water security. Combining all the information, a framework for ensuring water security has been suggested for Arial Khan River catchment which can further be projected to river basin as well as for the country. This will assist planners and researchers to introduce the model for integrated water resources management of any catchment/river basins.Keywords: water security, water demand, water supply, WEAP, CROPWAT
Procedia PDF Downloads 199411 Towards Security in Virtualization of SDN
Authors: Wanqing You, Kai Qian, Xi He, Ying Qian
Abstract:
In this paper, the potential security issues brought by the virtualization of a Software Defined Networks (SDN) would be analyzed. The virtualization of SDN is achieved by FlowVisor (FV). With FV, a physical network is divided into multiple isolated logical networks while the underlying resources are still shared by different slices (isolated logical networks). However, along with the benefits brought by network virtualization, it also presents some issues regarding security. By examining security issues existing in an OpenFlow network, which uses FlowVisor to slice it into multiple virtual networks, we hope we can get some significant results and also can get further discussions among the security of SDN virtualization.Keywords: SDN, network, virtualization, security
Procedia PDF Downloads 4289410 Survey Based Data Security Evaluation in Pakistan Financial Institutions against Malicious Attacks
Authors: Naveed Ghani, Samreen Javed
Abstract:
In today’s heterogeneous network environment, there is a growing demand for distrust clients to jointly execute secure network to prevent from malicious attacks as the defining task of propagating malicious code is to locate new targets to attack. Residual risk is always there no matter what solutions are implemented or whet so ever security methodology or standards being adapted. Security is the first and crucial phase in the field of Computer Science. The main aim of the Computer Security is gathering of information with secure network. No one need wonder what all that malware is trying to do: It's trying to steal money through data theft, bank transfers, stolen passwords, or swiped identities. From there, with the help of our survey we learn about the importance of white listing, antimalware programs, security patches, log files, honey pots, and more used in banks for financial data protection but there’s also a need of implementing the IPV6 tunneling with Crypto data transformation according to the requirements of new technology to prevent the organization from new Malware attacks and crafting of its own messages and sending them to the target. In this paper the writer has given the idea of implementing IPV6 Tunneling Secessions on private data transmission from financial organizations whose secrecy needed to be safeguarded.Keywords: network worms, malware infection propagating malicious code, virus, security, VPN
Procedia PDF Downloads 3589409 A Systematic Literature Review on Security and Privacy Design Patterns
Authors: Ebtehal Aljedaani, Maha Aljohani
Abstract:
Privacy and security patterns are both important for developing software that protects users' data and privacy. Privacy patterns are designed to address common privacy problems, such as unauthorized data collection and disclosure. Security patterns are designed to protect software from attack and ensure reliability and trustworthiness. Using privacy and security patterns, software engineers can implement security and privacy by design principles, which means that security and privacy are considered throughout the software development process. These patterns are available to translate "security & privacy-by-design" into practical advice for software engineering. Previous research on privacy and security patterns has typically focused on one category of patterns at a time. This paper aims to bridge this gap by merging the two categories and identifying their similarities and differences. To do this, the authors conducted a systematic literature review of 25 research papers on privacy and security patterns. The papers were analysed based on the category of the pattern, the classification of the pattern, and the security requirements that the pattern addresses. This paper presents the results of a comprehensive review of privacy and security design patterns. The review is intended to help future IT designers understand the relationship between the two types of patterns and how to use them to design secure and privacy-preserving software. The paper provides a clear classification of privacy and security design patterns, along with examples of each type. The authors found that there is only one widely accepted classification of privacy design patterns, while there are several competing classifications of security design patterns. Three types of security design patterns were found to be the most commonly used.Keywords: design patterns, security, privacy, classification of patterns, security patterns, privacy patterns
Procedia PDF Downloads 1329408 A Holistic Approach to Institutional Cyber Security
Authors: Mehmet Kargaci
Abstract:
It is more important to access information than to get the correct information and to transform it to the knowledge in a proper way. Every person, organizations or governments who have the knowledge now become the target. Cyber security involves the range of measures to be taken from individual to the national level. The National institutions refer to academic, military and major public and private institutions, which are very important for the national security. Thus they need further cyber security measures. It appears that the traditional cyber security measures in the national level are alone not sufficient, while the individual measures remain in a restricted level. It is evaluated that the most appropriate method for preventing the cyber vulnerabilities rather than existing measures are to develop institutional measures. This study examines the cyber security measures to be taken, especially in the national institutions.Keywords: cyber defence, information, critical infrastructure, security
Procedia PDF Downloads 5379407 Rethinking the Role of Small States in the Hybrid Era: Shifts in the Cypriot Foreign and Defence Policies, 2004-2019
Authors: Constantinos Adamides, Petros Petrikkos
Abstract:
In the era of growing hybrid threats, small states find themselves in need to re-evaluate existing foreign and defense policies. The pressure to establishing or maintain a status of a reliable partner in the community in which they belong to, vis-à-vis their multilateral relations with other organisations and entities, small states may need to shift their policies in the field to accommodate security needs that are not only pertinent to their security, but also to that of the organisations (bloc) in which they interact. Unlike potential shortcomings in a small state’s mainstream security and defence framework where the threat would be limited to the state itself, in more contemporary times with dominating hybrid threats, the small states’ security shortcomings may also become a security problem for the bloc in which these states belong to. An indicative example is small states like Cyprus and Malta, which belong and 'interact' in the European Union. As a result, the nature of hybrid threats can be utilised to hurt bigger states in a bloc by exploiting the small states’ vulnerabilities and security gaps. Inevitably, both the defensive and foreign policy collaborations of small states with bigger states have been and are constantly re-evaluated to tackle and prevent such problems. In essence, the goal of this ‘re-evaluation’ aims to achieve a twofold goal: The first is the small states’ quest to appear as a reliable partner within the bloc, while the second is to avoid being the weakest security link in the bloc’s defence against hybrid threats. Indeed, the hybrid arena is a security area where they can excel in the bloc, despite the potential and expected conventional military deficiencies. This new environment prompts us to think security from the perspective of small states differently and in relation to their role as members or big organisations. The paper focuses on the case of Cyprus following its accession to the European Union and examines how a country that has had a very focused security orientation –not least due to its ongoing security problems– altered its foreign and defence policies within the European Union to ensure compliance with the rest of the bloc, while at the same time maximizing its role as a security player. Specifically, it examines the methods through which the country shifted its policies as well as the challenges and opportunities that emerged from these security shifts.Keywords: Cyprus, defence, foreign policy, hybrid threats, ontological security, small states
Procedia PDF Downloads 136