Search results for: security analysis

Authors: Divyans Mahansaria

Abstract:

User authentication is an important security measure for protecting confidential data and systems. However, the vulnerability while authenticating into a system has significantly increased. Thus, necessary mechanisms must be deployed during the process of authenticating a user to safeguard him/her from the vulnerable attacks. The proposed solution implements a novel authentication mechanism to counter various forms of security breach attacks including phishing, Trojan horse, replay, key logging, Asterisk logging, shoulder surfing, brute force search and others. QR code (Quick Response Code) is a type of matrix barcode or two-dimensional barcode that can be used for storing URLs, text, images and other information. In the proposed solution, during each new authentication request, a QR code is dynamically generated and presented to the user. A piece of generic information is mapped to plurality of elements and stored within the QR code. The mapping of generic information with plurality of elements, randomizes in each new login, and thus the QR code generated for each new authentication request is for one-time use only. In order to authenticate into the system, the user needs to decode the QR code using any QR code decoding software. The QR code decoding software needs to be installed on handheld mobile devices such as smartphones, personal digital assistant (PDA), etc. On decoding the QR code, the user will be presented a mapping between the generic piece of information and plurality of elements using which the user needs to derive cipher secret information corresponding to his/her actual password. Now, in place of the actual password, the user will use this cipher secret information to authenticate into the system. The authentication terminal will receive the cipher secret information and use a validation engine that will decipher the cipher secret information. If the entered secret information is correct, the user will be provided access to the system. Usability study has been carried out on the proposed solution, and the new authentication mechanism was found to be easy to learn and adapt. Mathematical analysis of the time taken to carry out brute force attack on the proposed solution has been carried out. The result of mathematical analysis showed that the solution is almost completely resistant to brute force attack. Today’s standard methods for authentication are subject to a wide variety of software, hardware, and human attacks. The proposed scheme can be very useful in controlling the various types of authentication related attacks especially in a networked computer environment where the use of username and password for authentication is common.

Keywords: authentication, QR code, cipher / decipher text, one time password, secret information

Procedia PDF Downloads 258

Authors: Huseyin Sinan Gunesli

Abstract:

Process Safety Management is a disciplined framework for managing the integrity of systems and processes that handle hazardous substances. It relies on good design principles, well-implemented automation systems, and operating and maintenance practices. Alarm Management Systems play a critically important role in the safe and efficient operation of modern industrial plants. In that respect, Alarm Management is one of the critical factors feeding the safe operations of the plants in the manner of applying effective process safety principles. Trans Anatolian Natural Gas Pipeline (TANAP) is part of the Southern Gas Corridor, which extends from the Caspian Sea to Italy. TANAP transports Natural Gas from the Shah Deniz gas field of Azerbaijan, and possibly from other neighboring countries, to Turkey and through Trans Adriatic Pipeline (TAP) Pipeline to Europe. TANAP plays a crucial role in maintaining Energy Security for the region and Europe. In that respect, the application of Process Safety principles is vital to deliver safe, reliable and efficient Natural Gas delivery to Shippers both in the region and Europe. Effective Alarm Management is one of those Process Safety principles which feeds safe operations of the TANAP pipeline. Alarm Philosophy was designed and implemented in TANAP Pipeline according to the relevant standards. However, it is essential to manage the alarms received in the control room effectively to maintain safe operations. In that respect, TANAP has commenced Alarm Management & Rationalization program as of February 2022 after transferring to Plateau Regime, reaching the design parameters. While Alarm Rationalization started, there were more than circa 2300 alarms received per hour from one of the compressor stations. After applying alarm management principles such as reviewing and removal of bad actors, standing, stale, chattering, fleeting alarms, comprehensive review and revision of alarm set points through a change management principle, conducting alarm audits/design verification and etc., it has been achieved to reduce down to circa 40 alarms per hour. After the successful implementation of alarm management principles as specified above, the number of alarms has been reduced to industry standards. That significantly improved operator vigilance to focus on mainly important and critical alarms to avoid any excursion beyond safe operating limits leading to any potential process safety events. Following the ‟What Gets Measured, Gets Managed” principle, TANAP has identified key Performance Indicators (KPIs) to manage Process Safety principles effectively, where Alarm Management has formed one of the key parameters of those KPIs. However, review and analysis of the alarms were performed manually. Without utilizing Alarm Management Software, achieving full compliance with international standards is almost infeasible. In that respect, TANAP has started using one of the industry-wide known Alarm Management Applications to maintain full review and analysis of alarms and define actions as required. That actually significantly empowered TANAP’s process safety principles in terms of Alarm Management.

Keywords: process safety principles, energy security, natural gas pipeline operations, alarm rationalization, alarm management, alarm management application

Procedia PDF Downloads 86

Authors: Serdal Akyüz, Halit Turan, Mehmet Öztürk

Abstract:

The future security environment will have new battlefield and enemies. The boundaries of battlefield and the identity of enemies cannot be noticed easily. The politicians may not want to lose their soldiers in very risky operations. This approach will pave the way for smart machines like war robots and new drones. These machines will have the decision-making ability and act simultaneously. This ability can change the military targeting process. Military targeting process (MTP) benefits from a wide scope of lethal and non-lethal weapons to reach an intended end-state. This process is now managed by people but in the future smart machines can do it by themselves. At first sight, this development seems useful for humanity owing to decrease the casualties in war. Using robots -which can decide, detect, deliver and asses without human support- for homeland security and against terrorist has very crucial risks and threats. Besides, it can decrease the havoc but also increase the collateral damages. This paper examines the current use of smart war machines, military targeting process and presents a new approach to MTP from lethal autonomy concept's point of view.

Keywords: the autonomous weapon systems, the lethal autonomy, military targeting process (MTP)

Procedia PDF Downloads 415

Authors: Haitham Assiri, Priyadarsi Nanda

Abstract:

The world is gradually entering the fourth industrial revolution. E-Government services are scaling government operations across the globe. However, as promising as an e-Government system would be, it is also susceptible to malicious attacks if not properly secured. This study found out that, in Saudi Arabia, the e-Government website, Yesser is vulnerable to external attacks. Obviously, this can lead to a breach of data integrity and privacy. In this paper, a Systematic Literature Review was conducted to explore possible ways the Kingdom of Saudi Arabia can take necessary measures to strengthen its e-Government system using Blockchain. Blockchain is one of the emerging technologies shaping the world through its applications in finance, elections, healthcare, etc. It secures systems and brings more transparency. A total of 28 papers were selected for this SLR, and 19 of the papers significantly showed that blockchain could enhance the security and privacy of Saudi’s e-government system. Other papers also concluded that blockchain is effective, albeit with the integration of other technologies like IoT, AI and big data. These papers have been analysed to sieve out the findings and set the stage for future research into the subject.

Keywords: blockchain, data integrity, e-government, security threats

Procedia PDF Downloads 232

Authors: Leizhang Wang, Baocang Wang

Abstract:

General Sieve Kernel (G6K) is considered as currently the fastest algorithm for the shortest vector problem (SVP) and record holder of open SVP challenge. We study the lattice basis quality improvement effects of the Workout proposed in G6K, which is composed of a series of pumps to solve SVP. Firstly, we use a low-dimensional pump output basis to propose a predictor to predict the quality of high-dimensional Pumps output basis. Both theoretical analysis and experimental tests are performed to illustrate that it is more computationally expensive to solve the LWE problems by using a G6K default SVP solving strategy (Workout) than these lattice reduction algorithms (e.g. BKZ 2.0, Progressive BKZ, Pump, and Jump BKZ) with sieving as their SVP oracle. Secondly, the default Workout in G6K is optimized to achieve a stronger reduction and lower computational cost. Thirdly, we combine the optimized Workout and the Pump output basis quality predictor to further reduce the computational cost by optimizing LWE instances selection strategy. In fact, we can solve the TU LWE challenge (n = 65, q = 4225, = 0:005) 13.6 times faster than the G6K default Workout. Fourthly, we consider a combined two-stage (Preprocessing by BKZ- and a big Pump) LWE solving strategy. Both stages use dimension for free technology to give new theoretical security estimations of several LWE-based cryptographic schemes. The security estimations show that the securities of these schemes with the conservative Newhope’s core-SVP model are somewhat overestimated. In addition, in the case of LAC scheme, LWE instances selection strategy can be optimized to further improve the LWE-solving efficiency even by 15% and 57%. Finally, some experiments are implemented to examine the effects of our strategies on the Normal Form LWE problems, and the results demonstrate that the combined strategy is four times faster than that of Newhope.

Keywords: LWE, G6K, pump estimator, LWE instances selection strategy, dimension for free

Procedia PDF Downloads 49

Authors: Shashank Gupta, Iteash Agarwal, Vijayalaxmi Mogiligidda, Rajesh Kumar Krishnan, Sruthi Chennuri, Deepika Aggarwal, Anwesha Hoodati, Sheroy Cooper, Ranjan, Mohammad Bilal Sheik, Bhavya K. M., Manasa Hegde, M. Naveen Krishna, Amit Kumar Chauhan, Mallikarjun Korrapati, Sumit Singh, J. B. Singh, Sunil Sud, Sunil Gupta, Sidhartha Pant, Sankar, Neha Agrawal, Ashish Ranjan, Piyush Mohapatra, Roopak T., Arsh Ahmad, Nanjunda M., Dilip Singh

Abstract:

Major research interests on quantum key distribution (QKD) are primarily focussed on increasing 1. point-to-point transmission distance (1000 Km), 2. secure key rate (Mbps), 3. security of quantum layer (device-independence). It is great to push the boundaries on these fronts, but these isolated approaches are neither scalable nor cost-effective due to the requirements of specialised hardware and different infrastructure. Current and future QKD network requires addressing different sets of challenges apart from distance, key rate, and quantum security. In this regard, we present ChaQra -a sub-quantum network with core features as 1) Crypto agility (integration in the already deployed telecommunication fibres), 2) Software defined networking (SDN paradigm for routing different nodes), 3) reliability (addressing denial-of-service with hybrid quantum safe cryptography), 4) upgradability (modules upgradation based on scientific and technological advancements), 5) Beyond QKD (using QKD network for distributed computing, multi-party computation etc). Our results demonstrate a clear path to create and accelerate quantum secure Indian subcontinent under the national quantum mission.

Keywords: quantum network, quantum key distribution, quantum security, quantum information

Procedia PDF Downloads 33

Authors: Muhammad Rana, Quazi Mamun, Rafiqul Islam

Abstract:

In the Internet of Things (IoT), many devices are connected and accumulate a sheer amount of data. These Internet-driven raw data need to be transferred securely to the end-users via dependable networks. Consequently, the challenges of IoT security in various IoT domains are paramount. Cryptography is being applied to secure the networks for authentication, confidentiality, data integrity and access control. However, due to the resource constraint properties of IoT devices, the conventional cipher may not be suitable in all IoT networks. This paper designs a robust and effective lightweight cipher to secure the IoT environment and meet the resource-constrained nature of IoT devices. We also propose a symmetric and block-cipher based lightweight cryptographic algorithm. The proposed algorithm increases the complexity of the block cipher, maintaining the lowest computational requirements possible. The proposed algorithm efficiently constructs the key register updating technique, reduces the number of encryption rounds, and adds a new layer between the encryption and decryption processes.

Keywords: internet of things, cryptography block cipher, S-box, key management, security, network

Procedia PDF Downloads 92

Authors: Maria Jędrzejczak, Patryk Pieniążek

Abstract:

The European legal reality is on the eve of significant change. In European Union law, there is talk of a “fourth industrial revolution”, which is driven by massive data resources linked to powerful algorithms and powerful computing capacity. The above is closely linked to technological developments in the area of artificial intelligence, which has prompted an analysis covering both the legal environment as well as the economic and social impact, also from an ethical perspective. The discussion on the regulation of artificial intelligence is one of the most serious yet widely held at both European Union and Member State level. The literature expects legal solutions to guarantee security for fundamental rights, including privacy, in artificial intelligence systems. There is no doubt that personal data have been increasingly processed in recent years. It would be impossible for artificial intelligence to function without processing large amounts of data (both personal and non-personal). The main driving force behind the current development of artificial intelligence is advances in computing, but also the increasing availability of data. High-quality data are crucial to the effectiveness of many artificial intelligence systems, particularly when using techniques involving model training. The use of computers and artificial intelligence technology allows for an increase in the speed and efficiency of the actions taken, but also creates security risks for the data processed of an unprecedented magnitude. The proposed regulation in the field of artificial intelligence requires analysis in terms of its impact on the regulation on personal data protection. It is necessary to determine what the mutual relationship between these regulations is and what areas are particularly important in the personal data protection regulation for processing personal data in artificial intelligence systems. The adopted axis of considerations is a preliminary assessment of two issues: 1) what principles of data protection should be applied in particular during processing personal data in artificial intelligence systems, 2) what regulation on liability for personal data breaches is in such systems. The need to change the regulations regarding the rights and obligations of data subjects and entities processing personal data cannot be excluded. It is possible that changes will be required in the provisions regarding the assignment of liability for a breach of personal data protection processed in artificial intelligence systems. The research process in this case concerns the identification of areas in the field of personal data protection that are particularly important (and may require re-regulation) due to the introduction of the proposed legal regulation regarding artificial intelligence. The main question that the authors want to answer is how the European Union regulation against data protection breaches in artificial intelligence systems is shaping up. The answer to this question will include examples to illustrate the practical implications of these legal regulations.

Keywords: data protection law, personal data, AI law, personal data breach

Procedia PDF Downloads 46

Authors: N. N. Mosola, K. F. Moeketsi, R. Sehobai, N. Pule

Abstract:

The Internet brings increasing use of Information and Communications Technology (ICT) services and facilities. Consequently, new computing paradigms emerge to provide services over the Internet. Although there are several benefits stemming from these services, they pose several risks inherited from the Internet. For example, cybercrime, identity theft, malware etc. To thwart these risks, this paper proposes a holistic approach. This approach involves multidisciplinary interactions. The paper proposes a top-down and bottom-up approach to deal with cyber security concerns in developing countries. These concerns range from regulatory and legislative areas, cyber awareness, research and development, technical dimensions etc. The main focus areas are highlighted and a cybersecurity model solution is proposed. The paper concludes by combining all relevant solutions into a proposed cybersecurity model to assist developing countries in enhancing a cyber-safe environment to instill and promote a culture of cybersecurity.

Keywords: cybercrime, cybersecurity, computer emergency response team, computer security incident response team

Procedia PDF Downloads 138

Authors: Parvin Foroughifar

Abstract:

The concept of sense of community refers to residents’ sense of attachment and commitment to the other residents in a residential community. It is implicitly indicative of the mental image of a physical environment in which the residents enjoy strong social ties. Sense of community, a crucial factor in improving quality of life and social welfare, leads to life satisfaction in a residential community. Despite the important functions of such a notion, few empirical studies, to the best of the authors' knowledge, have been so far carried out in Iran to investigate the effective factors in sharpening the sense of community in residential communities. This survey research examined sense of community in 360 above 20-year old residents of three residential communities in Tehran, Iran using cluster sampling and questionnaire. The study yielded the result that variables of local social ties, social control and trust, sense of security, length of residence, use of public spaces, and mixed land use have a significant relationship with sense of community.

Keywords: sense of community, local social ties, sense of security, public space, residential community, Tehran

Procedia PDF Downloads 167

Authors: Alicja Starczewska, Aleksander Nawrat, Krzysztof Daniec, Jarosław Homa, Kacper Hołda

Abstract:

Border Gateway Protocol is the main routing protocol that enables routing establishment between all autonomous systems, which are the basic administrative units of the internet. Due to the poor protection of BGP, it is important to use additional BGP security systems. Many solutions to this problem have been proposed over the years, but none of them have been implemented on a global scale. This article describes a system capable of building images of real-time BGP network topology in order to detect BGP anomalies. Our proposal performs a detailed analysis of BGP messages that come into local network cards supplemented by information collected by remote collectors in different localizations.

Keywords: BGP, BGP hijacking, cybersecurity, detection

Procedia PDF Downloads 62

Authors: Leszek Chybowski, Artur Bejger, Katarzyna Gawdzińska

Abstract:

Subversion analysis is a tool used in the TRIZ (Theory of Inventive Problem Solving) methodology. This article introduces the history and describes the process of subversion analysis, as well as function analysis and analysis of the resources, used at the design stage when generating possible undesirable situations. The article charts the course of subversion analysis when applied to a fuel injection nozzle of a marine engine. The work describes the fuel injector nozzle as a technological system and presents principles of analysis for the causes of a cracked tip of the nozzle body. The system is modelled with functional analysis. A search for potential causes of the damage is undertaken and a cause-and-effect analysis for various hypotheses concerning the damage is drawn up. The importance of particular hypotheses is evaluated and the most likely causes of damage identified.

Keywords: complex technical system, fuel injector, function analysis, importance analysis, resource analysis, sabotage analysis, subversion analysis, TRIZ (Theory of Inventive Problem Solving)

Procedia PDF Downloads 602

Authors: Bambang Novianto, Rizal Aditya Herdianto, Raphael Bianco Huwae, Afifah, Alfonso Brolin Sihite, Rudi Lumanto

Abstract:

The mobile banking application is a type of mobile application that is growing rapidly. This is caused by the ease of service and time savings in making transactions. On the other hand, this certainly provides a challenge in security issues. The use of mobile banking can not be separated from cyberattacks that may occur which can result the theft of sensitive information or financial loss. The financial loss and the theft of sensitive information is the most avoided thing because besides harming the user, it can also cause a loss of customer trust in a bank. Cyberattacks that are often carried out against mobile applications are phishing, hacking, theft, misuse of data, etc. Cyberattack can occur when a vulnerability is successfully exploited. OWASP mobile Top 10 has recorded as many as 10 vulnerabilities that are most commonly found in mobile applications. In the others, android permissions also have the potential to cause vulnerabilities. Therefore, an overview of the profile of the mobile banking application becomes an urgency that needs to be known. So that it is expected to be a consideration of the parties involved for improving security. In this study, an experiment has been conducted to capture the profile of the mobile banking applications in Indonesia based on android permission and OWASP mobile top 10 2016. The results show that there are six basic vulnerabilities based on OWASP Mobile Top 10 that are most commonly found in mobile banking applications in Indonesia, i.e. M1:Improper Platform Usage, M2:Insecure Data Storage, M3:Insecure Communication, M5:Insufficient Cryptography, M7:Client Code Quality, and M9:Reverse Engineering. The most permitted android permissions are the internet, status network access, and telephone read status.

Keywords: mobile banking application, OWASP mobile top 10 2016, android permission, sensitive information, financial loss

Procedia PDF Downloads 131

Authors: C. N. Vanitha, M. Usha

Abstract:

In a real world scenario, the viability of the sensor networks has been proved by standardizing the technologies. Wireless sensor networks are vulnerable to both electronic and physical security breaches because of their deployment in remote, distributed, and inaccessible locations. The compromised sensor nodes send malicious data to the base station, and thus, the total network effectiveness will possibly be compromised. To detect and seclude the Route modifiers, a neural network based Pattern Learning predictor (PLP) is presented. This algorithm senses data at any node on present and previous patterns obtained from the en-route nodes. The eminence of any node is upgraded by their predicted and reported patterns. This paper propounds a solution not only to detect the route modifiers, but also to seclude the malevolent nodes from the network. The simulation result proves the effective performance of the network by the presented methodology in terms of energy level, routing and various network conditions.

Keywords: neural networks, pattern learning, security, wireless sensor networks

Procedia PDF Downloads 393

Authors: Itai Kohavi, Wojciech Nowiak

Abstract:

This article explores the stagnation of the Israeli -Palestinian peace negotiation process, and the reasons behind the failure of more than 12 international initiatives to resolve the conflict. Twenty-seven top members of the Israeli national security elite (INSE) were interviewed, including heads of the negotiation teams, the National Security Council, the Mossad, and other intelligence and planning arms. The interviewees provided their insights on the Israeli challenges in reaching a sustainable and stable peace agreement and in dealing with the international pressure on Israel to negotiate a peace agreement while preventing anti-Israeli UN decisions and sanctions. The findings revealed a decision tree, with red herring deception strategies implemented to postpone the negotiation process and to delay major decisions during the negotiation process. Beyond the possible applications for the Israeli – Palestinian conflict, the findings shed more light on the phenomenon of rational deception of allies in a negotiation process, a subject less frequently researched as compared with deception of rivals.

Keywords: deception, Israeli-Palestinian conflict, negotiation, red herring, terrorist state, treadmill negotiation

Procedia PDF Downloads 288

Authors: Pardeep Singh, N. S. Johal

Abstract:

In this research paper the level of subjectivity and objectivity adopted by journalists of different newspapers of the two provinces of the Jammu and Kashmir state has been analysed. This research paper emphasized upon the professionalism of the journalists of two provinces in catering to readers of particular province. In this study it was found that Kashmir based reporters are subjective in their reporting while covering Kashmir sentiments and use hard language against New Delhi, whereas Jammu based reporters are subjective only when it comes to defend security forces and are also bitterly critical of Pakistan, accusing it of being a sponsor of violence in Kashmir.

Keywords: conflict, Jammu and Kashmir, print media, reporter, critical, violence

Procedia PDF Downloads 286

Authors: Afnan Al-Romi, Iman Al-Momani

Abstract:

The urge of applying the Software Engineering (SE) processes is both of vital importance and a key feature in critical, complex large-scale systems, for example, safety systems, security service systems, and network systems. Inevitably, associated with this are risks, such as system vulnerabilities and security threats. The probability of those risks increases in unsecured environments, such as wireless networks in general and in Wireless Sensor Networks (WSNs) in particular. WSN is a self-organizing network of sensor nodes connected by wireless links. WSNs consist of hundreds to thousands of low-power, low-cost, multi-function sensor nodes that are small in size and communicate over short-ranges. The distribution of sensor nodes in an open environment that could be unattended in addition to the resource constraints in terms of processing, storage and power, make such networks in stringent limitations such as lifetime (i.e. period of operation) and security. The importance of WSN applications that could be found in many militaries and civilian aspects has drawn the attention of many researchers to consider its security. To address this important issue and overcome one of the main challenges of WSNs, security solution systems have been developed by researchers. Those solutions are software-based network Intrusion Detection Systems (IDSs). However, it has been witnessed, that those developed IDSs are neither secure enough nor accurate to detect all malicious behaviours of attacks. Thus, the problem is the lack of coverage of all malicious behaviours in proposed IDSs, leading to unpleasant results, such as delays in the detection process, low detection accuracy, or even worse, leading to detection failure, as illustrated in the previous studies. Also, another problem is energy consumption in WSNs caused by IDS. So, in other words, not all requirements are implemented then traced. Moreover, neither all requirements are identified nor satisfied, as for some requirements have been compromised. The drawbacks in the current IDS are due to not following structured software development processes by researches and developers when developing IDS. Consequently, they resulted in inadequate requirement management, process, validation, and verification of requirements quality. Unfortunately, WSN and SE research communities have been mostly impermeable to each other. Integrating SE and WSNs is a real subject that will be expanded as technology evolves and spreads in industrial applications. Therefore, this paper will study the importance of Requirement Engineering when developing IDSs. Also, it will study a set of existed IDSs and illustrate the absence of Requirement Engineering and its effect. Then conclusions are drawn in regard of applying requirement engineering to systems to deliver the required functionalities, with respect to operational constraints, within an acceptable level of performance, accuracy and reliability.

Keywords: software engineering, requirement engineering, Intrusion Detection System, IDS, Wireless Sensor Networks, WSN

Procedia PDF Downloads 310

Authors: A. Al Drees, A. Alahmari, R. Almuwayshir

Abstract:

The advanced information technology is becoming an important factor in the development of financial services industry, especially the banking industry. It has introduced new ways of delivering banking to the customer, such as Internet Banking. Banks began to look at electronic banking (e-banking) as a means to replace some of their traditional branch functions using the Internet as a new distribution channel. Some consumers have at least more than one account, and across banks, and access these accounts using e-banking services. To look at the current net worth position, customers have to login to each of their accounts and get the details and work on consolidation. This not only takes ample time but it is a repetitive activity at a specified frequency. To address this point, an account aggregation concept is added as a solution. E-banking account aggregation, as one of the e-banking types, appeared to build a stronger relationship with customers. Account Aggregation Service generally refers to a service that allows customers to manage their bank accounts maintained in different institutions through a common Internet banking operating a platform, with a high concern to security and privacy. This paper presents an overview of an e-banking account aggregation approach as a new service in the e-banking field.

Keywords: e-banking, account aggregation, security, enterprise development

Procedia PDF Downloads 310

Authors: Nur Azha Putra Abdul Azim, Denise Cheong, S. Nivedita

Abstract:

Currently, there are no nuclear power reactors among the Association of Southeast Asian Nations (ASEAN) member states (AMS) but there are seven operational nuclear research reactors, and Indonesia is about to construct the region’s first experimental power reactor by the end of the decade. If successful, the experimental power reactor will lay the foundation for the country’s and region’s first nuclear power plant. Despite projecting confidence during the period of nuclear power renaissance in the region in the last decade, none of the AMS has committed to a political decision on the use of nuclear energy and this is largely due to the Fukushima nuclear power accident in 2011. Of the ten AMS, Vietnam, Indonesia and Malaysia have demonstrated the most progress in developing nuclear energy based on the nuclear power infrastructure development assessments made by the International Atomic Energy Agency. Of these three states, Vietnam came closest to building its first nuclear power plant but decided to delay construction further due to safety and security concerns. Meanwhile, Vietnam along with Indonesia and Malaysia continue with their nuclear power infrastructure development and the remaining SEA states, with the exception of Brunei and Singapore, continue to build their expertise and capacity for nuclear power energy. At the current rate of progress, Indonesia is expected to make a national decision on the use of nuclear power by 2023 while Malaysia, the Philippines, and Thailand have included the use of nuclear power in their mid to long-term power development plans. Vietnam remains open to nuclear power but has not placed a timeline. The medium to short-term power development projection in the region suggests that the use of nuclear energy in the region is a matter of 'when' rather than 'if'. In lieu of the prospects for nuclear energy in Southeast Asia (SEA), this presentation will review the literature on ASEAN radiological emergency and preparedness response (EPR) plans and examine ASEAN’s disaster management and emergency framework. Through a combination of institutional mapping and stakeholder analysis methods, which we examine in the context of the international EPR, and nuclear safety and security regimes, we will identify the issues and challenges in developing a regional radiological EPR framework in the SEA. We will conclude with the observation that ASEAN faces serious structural, institutional and governance challenges due to the AMS inherent political structures and history of interstate conflicts, and propose that ASEAN should either enlarge the existing scope of its disaster management and response framework or that its radiological EPR framework should exist as a separate entity.

Keywords: nuclear power, nuclear accident, ASEAN, Southeast Asia

Procedia PDF Downloads 135

Authors: Stephen Wheat

Abstract:

Institutional mobile application governance and distribution processes are essential to mobile app innovation. The absence of effective processes poses a significant barrier to the development and adoption of mobile apps for use within a research enterprise and also impedes the translational science of applying research apps in clinical and engineering settings. To accelerate mobile app innovation and adoption, Emory University and Emory Healthcare implemented a three-pronged strategy including. I) Mobile app review and distribution policies and processes. II) Mobile app management infrastructure and mobile app foundation components. III) A strategic sourcing strategy based on preferred mobile app development firms. The results have been an increase from five to 56 mobile apps in the pipeline over three years; increased engagement from technology transfer, legal counsel, compliance, and information security; articulation of a coordinated mobile app strategy; and allocation of more institutional resources toward specific mobile technology and mobile application goals.

Keywords: mobile app management, governance, distribution, information security

Procedia PDF Downloads 284

Authors: Sunil Chaudhary, Rajendra Bahadur Thapa, Eleni Berki, Marko Helenius

Abstract:

The increasing number of Internet and mobile phone users, and essentially those, who use these electronic media to perform online transactions makes Nepal lucrative for phishing attacks. It is one of the reasons behind escalating phishing attacks in the country. Therefore, in this paper we examine various phishing attempts and real scenarios in Nepal to determine the seriousness of the problem. We also want to find out how prepared are the Internet and mobile phone users and how well-equipped are the private sector and government authorities responsible to handle cybercrime in the country. We considered five areas of research study, i.e., legal measures, technical and procedural measures, organizational structure, capacity building and international cooperation. These constitute important factors in cyber security and are recommended by the Global Cyber security Agenda (GCA). On the basis of our findings, we provide essential suggestions to make anti-phishing measures more appropriate to Nepalese State and society.

Keywords: internet banking, mobile banking, e-commerce, phishing, anti-phishing, Nepal

Procedia PDF Downloads 467

Authors: Hongmin Deng, Qionghua Wang

Abstract:

A modified two dimensional (2D) logistic map based on cross feedback control is proposed. This 2D map exhibits more random chaotic dynamical properties than the classic one dimensional (1D) logistic map in the statistical characteristics analysis. So it is utilized as the pseudo-random (PN) sequence generator, where the obtained real-valued PN sequence is quantized at first, then applied to radio frequency identification (RFID) communication system in this paper. This system is experimentally validated on a cortex-M₀ development board, which shows the effectiveness in key generation, the size of key space and security. At last, further cryptanalysis is studied through the test suite in the National Institute of Standards and Technology (NIST).

Keywords: chaos encryption, logistic map, pseudo-random sequence, RFID

Procedia PDF Downloads 385

Authors: Angsumalin Puntho

Abstract:

Disruptive technology has had a great influence on our everyday lives and the existence of an organization. Geologists in the public sector need to keep up with digital technology and be able to work and collaborate in a more effective manner. The result from SWOT and 7S McKinsey analyses suggest that there are inadequate IT personnel, no individual digital literacy development plan, and a misunderstanding of management policies. The Office of Civil Service Commission develops digital literacy skills that civil servants and government officers should possess in order to work effectively; it consists of nine dimensions, including computer skills, internet skills, cyber security awareness, word processing, spreadsheets, presentation programs, online collaboration, graphics editors and cyber security practices; and six steps of digital literacy development including self-assessment, individual development plan, self-learning, certified test, learning reflection, and practices. Geologists can use digital literacy as a learning tool to develop themselves for better career opportunities.

Keywords: disruptive technology, digital technology, digital literacy, computer skills

Procedia PDF Downloads 98

Authors: Mohamed Fadzlee Sulaiman, Zainurrasyid Abdullah, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

In common digital forensics cases, investigation may rely on the analysis conducted on specific and relevant exhibits involved. Usually the investigation officer may define and advise digital forensic analyst about the goals and objectives to be achieved in reconstructing the trail of evidence while maintaining the specific scope of investigation. With the technology growth, people are starting to realize the importance of cyber security to their organization and this new perspective creates awareness that digital forensics auditing must come in place in order to measure possible threat or attack to their cyber-infrastructure. Instead of performing investigation on incident basis, auditing may broaden the scope of investigation to the level of anomaly detection in daily operation of organization’s cyber space. While handling a huge amount of data such as log files, performing digital forensics audit for large organization proven to be onerous task for the analyst either to analyze the huge files or to translate the findings in a way where the stakeholder can clearly understand. Data visualization can be emphasized in conducting digital forensic audit and investigation to resolve both needs. This study will identify the important factors that should be considered to perform data visualization techniques in order to detect anomaly that meet the digital forensic audit and investigation objectives.

Keywords: digital forensic, data visualization, anomaly detection , log analysis, forensic audit, visualization techniques

Procedia PDF Downloads 269

Authors: Jerome Osentowski

Abstract:

The objective at Central Rocky Mountain Permaculture Institute has been to put in practice a sustainable way of life while growing food, medicine, and providing education. This has been done by applying methods of farming such as agroforestry, forest farming, and perennial polycultures. These methods have been found to be regenerative to the environment through carbon sequestration, soil-building, climate change mitigation, and the provision of food security. After 30 years of implementing carbon farming methods, the results are agro-diversity, self-sustaining systems, and a consistent provision of food and medicine. These results are exhibited through polyculture plantings in an outdoor forest garden spanning roughly an acre containing about 200 varieties of fruits, nuts, nitrogen-fixing trees, and medicinal herbs, and two indoor forest garden greenhouses (one Mediterranean and one Tropical) containing about 50 varieties of tropical fruits, beans, herbaceous plants and more. While the climate zone outside the greenhouse is 6, the tropical forest garden greenhouse retains an indoor climate zone of 11 with near-net-zero energy consumption through the use of a climate battery, allowing the greenhouse to serve as a year-round food producer. The effort to source food from the forest gardens is minimal compared to annual crop production. The findings at Central Rocky Mountain Permaculture Institute conclude that agroecological methods are not only beneficial but necessary in order to revive and regenerate the environment and food security.

Keywords: agroecology, agroforestry, carbon farming, carbon sequestration, climate battery, food security, forest farming, forest garden, greenhouse, near-net-zero, perennial polycultures

Procedia PDF Downloads 429

Authors: Juan Carlos Briones Macias

Abstract:

Currently, the Huancavilca City Park in Guayaquil is an abandoned public space that is discovering a growing problem of insecurity, where various problems have been perceived, such as the lack of green areas, deteriorating furniture, insufficient lighting, the use of inadequate cladding materials and very sunny areas due to the lack of planning in the design of green areas. The objective of this scientific article is to redesign Huancavilca Park through public space design strategies for more attractive and comfortable areas, becoming a point of interaction in a safe and accessible way. A mixed methodology (qualitative and quantitative) was applied, obtaining information based on surveys, interviews, field observations, and systematizing the data in the traditional weighting of the structuring aspects of the park. The results were obtained from the methodological design scheme of iterative analysis of public spaces by Jan Güell. It is concluded that the use of urban strategies in the structuring elements of the park, such as vegetation, furniture, generating new activities, and security interventions, will specifically solve all the problems of the Huancavilca Park tested in a Pareto 80/20 Diagram.

Keywords: public space, green areas, vegetation, street furniture, urban analysis

Procedia PDF Downloads 132

Authors: C. U. Om Kumar, S. Kishore, A. Geetha

Abstract:

An Operating system (OS) is software that manages computer hardware and software resources by providing services to computer programs. One of the important user expectations of the operating system is to provide the practice of defending information from unauthorized access, disclosure, modification, inspection, recording or destruction. Operating system is always vulnerable to the attacks of malwares such as computer virus, worm, Trojan horse, backdoors, ransomware, spyware, adware, scareware and more. And so the anti-virus software were created for ensuring security against the prominent computer viruses by applying a dictionary based approach. The anti-virus programs are not always guaranteed to provide security against the new viruses proliferating every day. To clarify this issue and to secure the computer system, our proposed expert system concentrates on authorizing the processes as wanted and unwanted by the administrator for execution. The Expert system maintains a database which consists of hash code of the processes which are to be allowed. These hash codes are generated using MD5 message-digest algorithm which is a widely used cryptographic hash function. The administrator approves the wanted processes that are to be executed in the client in a Local Area Network by implementing Client-Server architecture and only the processes that match with the processes in the database table will be executed by which many malicious processes are restricted from infecting the operating system. The add-on advantage of this proposed Expert system is that it limits CPU usage and minimizes resource utilization. Thus data and information security is ensured by our system along with increased performance of the operating system.

Keywords: virus, worm, Trojan horse, back doors, Ransomware, Spyware, Adware, Scareware, sticky software, process table, MD5, CPU usage and resource utilization

Procedia PDF Downloads 409

Authors: Guo Rui, Cao Xinhu

Abstract:

In recent decades, the world has endured severe challenges in light of climate change, epidemics, geopolitics, terrorism, economic uncertainties, as well as regional conflicts and rivalries. The appropriate use of critical infrastructures (Cis) is confronted. Ports, as typical Cis cover more than 80% of the global freight movement. Within this context, even the minimal disruption of port operations could cause malfunction of the holistic supply chain network and substantial economic losses. Hence, it is crucial to evaluate port performance from the perspective of resilience. Research on resilience and risk/safety management has been increasing, however, it needs more attention, as it could prevent potential socio-economic losses and inspire decision-makers to make resilience-based decisions to answer the challenges, such as COVID-19. To facilitate better moves from decision-makers, ports need to identify proper factors influencing port resilience. Inappropriately influenced factor selection could have a cascading effect on undesirable port performances. Thus, a systematic evaluation of factors is essential to stimulate the improvement process of port resilience investigation. This study zooms into container ports considering their critical role in international trade and global supply chains. 440 articles are selected after relevance ranking, and consequently, 62 articles are scrutinized after the title and abstract screening. Forty-one articles are included for bibliographic analysis in the end. It is found that there is no standardized index system to measure port resilience. And most studies evaluate port resilience merely in the recovery phase. Only two articles cover absorption, adaption and recovery state. However, no literature involves the prevention state. Hence, a uniform resilience index system is expected with a clear resilience definition. And port safety and security should also be considered while evaluating port resilience.

Keywords: port resilience, port safety and security, literature review, index system, port performance

Procedia PDF Downloads 114

Authors: Rupali Bhardwaj

Abstract:

Cryptography is the science of using mathematics to encrypt and decrypt data; the data are converted into some other gibberish form, and then the encrypted data are transmitted. The primary purpose of this paper is to provide two levels of security through a two-step process, rather than transmitted the message bits directly, first encrypted it using 2D cellular automata and then scrambled with Arnold Cat Map transformation; it provides an additional layer of protection and reduces the chance of the transmitted message being detected. A comparative analysis on effectiveness of scrambling technique is provided by scrambling degree measurement parameters i.e. Gray Difference Degree (GDD) and Correlation Coefficient.

Keywords: scrambling, cellular automata, Arnold cat map, game of life, gray difference degree, correlation coefficient

Procedia PDF Downloads 359

Authors: Nyumbaiza Tambwe

Abstract:

The purpose of this paper is to demonstrate that hybrid urban agriculture as the most practiced type of urban agriculture in the majority of cities in sub-Saharan Africa can be taken as an alternative strategy in fighting food insecurity. The practice not only provides food, generates income and fights against unemployment; it constitutes a true back-up for households during crisis linked to the nature of capitalism system. African cities are mostly characterized by rapid population growth, rampant poverty, and high level of unemployment and food insecurity. Those factors and many others are at the origin of the emergence of urban agriculture in many African cities. Based particularly on results of research undertaken in the Democratic Republic of Congo (DRC), but also in comparison with those realized in other parts of the African continent, the paper is a case study. Therefore, the paper firstly describes the situation of food in Africa, secondly, presents hybrid urban agriculture as a household strategy in fighting food insecurity and finally shows possibilities and limits of this practice.

Keywords: alternative strategy, food security, household strategy, hybrid urban agriculture

Procedia PDF Downloads 312