Search results for: software security attributes

Authors: Nahid Tavakoli, Asghar Ehteshami, Akbar Hassanzadeh, Fatemeh Amini

Abstract:

Introduction: The Information security incident management guidelines was been developed to help hospitals to meet their information security event and incident management requirements. The purpose of this Study was to investigate on Information Security Incident Management in Isfahan’s educational hospitals in accordance to ISO/IEC 27002 standards. Methods: This was a cross-sectional study to investigate on Information Security Incident Management of educational hospitals in 2014. Based on ISO/IEC 27002 standards, two checklists were applied to check the compliance with standards on Reporting Information Security Events and Weakness and Management of Information Security Incidents and Improvements. One inspector was trained to carry out the assessments in the hospitals. The data was analyzed by SPSS. Findings: In general the score of compliance Information Security Incident Management requirements in two steps; Reporting Information Security Events and Weakness and Management of Information Security Incidents and Improvements was %60. There was the significant difference in various compliance levels among the hospitals (p-valueKeywords: information security incident management, information security management, standards, hospitals

Procedia PDF Downloads 575

Authors: Kuan-Chou Chen

Abstract:

This paper will demonstrate a simulation model of an information security system by using the systems dynamic approach. The relationships in the system model are designed to be simple and functional and do not necessarily represent any particular information security environments. The purpose of the paper aims to develop a generic system dynamic information security system model with implications on information security research. The interrelated and interdependent relationships of five primary sectors in the system dynamic model will be presented in this paper. The integrated information security systems model will include (1) information security characteristics, (2) users, (3) technology, (4) business functions, and (5) policy and management. Environments, attacks, government and social culture will be defined as the external sector. The interactions within each of these sectors will be depicted by system loop map as well. The proposed system dynamic model will not only provide a conceptual framework for information security analysts and designers but also allow information security managers to remove the incongruity between the management of risk incidents and the management of knowledge and further support information security managers and decision makers the foundation for managerial actions and policy decisions.

Keywords: system thinking, information security systems, security management, simulation

Procedia PDF Downloads 429

Authors: Amir Mohtarami, Hadi Kandjani

Abstract:

The amount of business-critical information in enterprises is growing at an extraordinary rate, and the ability to catalog that information and properly protect it using traditional security mechanisms is not keeping pace. Alongside the Information Technology (IT), information security needs a holistic view in enterprise. In other words, a comprehensive architectural approach is required, focusing on the information itself, understanding what the data are, who owns it, and which business and regulatory policies should be applied to the information. Enterprise Architecture Frameworks provide useful tools to grasp different dimensions of IT in organizations. Usually this is done by the layered views on IT architecture, but not requisite security attention has been held in this frameworks. In this paper, after a brief look at the Enterprise Architecture (EA), we discuss the issue of security in the overall enterprise IT architecture. Due to the increasing importance of security, a rigorous EA program in an enterprise should be able to consider security architecture as an integral part of its processes and gives a visible roadmap and blueprint for this aim.

Keywords: enterprise architecture, architecture framework, security architecture, information systems

Procedia PDF Downloads 704

Authors: C. U. Om Kumar, S. Kishore, A. Geetha

Abstract:

An Operating system (OS) is software that manages computer hardware and software resources by providing services to computer programs. One of the important user expectations of the operating system is to provide the practice of defending information from unauthorized access, disclosure, modification, inspection, recording or destruction. Operating system is always vulnerable to the attacks of malwares such as computer virus, worm, Trojan horse, backdoors, ransomware, spyware, adware, scareware and more. And so the anti-virus software were created for ensuring security against the prominent computer viruses by applying a dictionary based approach. The anti-virus programs are not always guaranteed to provide security against the new viruses proliferating every day. To clarify this issue and to secure the computer system, our proposed expert system concentrates on authorizing the processes as wanted and unwanted by the administrator for execution. The Expert system maintains a database which consists of hash code of the processes which are to be allowed. These hash codes are generated using MD5 message-digest algorithm which is a widely used cryptographic hash function. The administrator approves the wanted processes that are to be executed in the client in a Local Area Network by implementing Client-Server architecture and only the processes that match with the processes in the database table will be executed by which many malicious processes are restricted from infecting the operating system. The add-on advantage of this proposed Expert system is that it limits CPU usage and minimizes resource utilization. Thus data and information security is ensured by our system along with increased performance of the operating system.

Keywords: virus, worm, Trojan horse, back doors, Ransomware, Spyware, Adware, Scareware, sticky software, process table, MD5, CPU usage and resource utilization

Procedia PDF Downloads 427

Authors: Pratyush Vatsala, Sanjay Ahuja

Abstract:

The national security and human rights are related terms as there is nothing like absolute security or absolute human right. If we are committed to security, human right is a problem and also a solution, and if we deliberate on human rights, security is a problem but also part of the solution. Ultimately, we have to maintain a balance between the two co-related terms. As more and more armed forces are being deployed by the government within the nation for maintaining peace and security, using force against its own citizen, the search for a judicious balance between intent and action needs to be emphasized. Notwithstanding that a nation state needs complete political independence; the search for security is a driving force behind unquestioned sovereignty. If security is a human value, it overlaps the value of freedom, order, and solidarity. Now, the question needs to be explored, to what extent human rights can be compromised in the name of security in Kashmir or Mizoram like places. The present study aims to explore the issue of maintaining a balance between the use of power and good governance as human rights, providing security as a human value. This paper has been prepared with an aim of strengthening the understanding of the complex and multifaceted relationship between human rights and security forces operating for conflict management and identifies some of the critical human rights issues raised in the context of security forces operations highlighting the relevant human rights principles and standards in which Security as human value be respected at all times and in particular in the context of security forces operations in India.

Keywords: Kashmir, Mizoram, security, value, human right

Procedia PDF Downloads 279

Authors: Amir Rashid

Abstract:

Today is the world of innovations where everyone is looking for a change. Organizations are now looking toward virtualization in order to minimize their computing cost. Cloud Computing has also introduced itself by the means of reducing computing cost. It offers different approach to make computing better by improving utilization and reducing infrastructure and administrative costs. Cloud Computing is basically the amalgamation of Utility Computing and SaaS (Software as a Service). Cloud Computing is quite new to organizations as it is still at its deploying stage. Due to this reason, organizations are not confident whether to adopt it or not. This thesis investigates the problem for organization concerning the security and cost issues. Benefits and drawbacks are being highlighted which organizations can have or suffer in order to adopt Cloud Computing. In Conclusion, Cloud Computing is a better option available for small and medium organizations with a comparison to large companies both in terms of data security and cost.

Keywords: cloud computing, security, cost, elasticity, PaaS, IaaS, SaaS

Procedia PDF Downloads 340

Authors: Wenqing Fan, Yixuan Cheng, Wei Huang

Abstract:

The diversity and complexity of modern IT systems make it almost impossible for internal teams to find vulnerabilities in all software before the software is officially released. The emergence of threat intelligence and vulnerability reporting policy has greatly reduced the burden on software vendors and organizations to find vulnerabilities. However, to prove the existence of the reported vulnerability, it is necessary but difficult for security incident response team to build a deliberated vulnerable environment from the vulnerability report with limited and incomplete information. This paper presents a structured, standardized, machine-oriented vulnerability intelligence format, that can be used to automate the orchestration of Deliberated Vulnerable Environment (DVE). This paper highlights the important role of software configuration and proof of vulnerable specifications in vulnerability intelligence, and proposes a triad model, which is called DIR (Dependency Configuration, Installation Configuration, Runtime Configuration), to define software configuration. Finally, this paper has also implemented a prototype system to demonstrate that the orchestration of DVE can be automated with the intelligence.

Keywords: DIR triad model, DVE, vulnerability intelligence, vulnerability recurrence

Procedia PDF Downloads 121

Authors: Rong Guo, Mengshi Huang, Yujing Bai

Abstract:

With the rapid development of urbanization, the urban population increases and urban sprawl appeared. And these issues led to a sharp deterioration of the ecological environment. So, the urban ecological security evaluation was imminent. The weights identify of index was a key step of the research of ecological security evaluation. The AHP was widely used in the extensive research of weights identify of ecological security index. The characteristics of authority and quantitative can fully reflect the views of relevant experts. On the basis of building the ecological security evaluation index of Harbin, the paper combed and used the basic principle of the AHP, and calculated the weights of Harbin ecological security evaluation index through the process of the expert opinions “summary-feedback-summary”. And lay a foundation of future study of Harbin ecological security index, and guide the quantitative evaluation of Harbin ecological security.

Keywords: AHP, ecological security, evaluation Index, weights identify, harbin

Procedia PDF Downloads 497

Authors: Anil Kumar Tripathi, Ratneshwer Gupta

Abstract:

All the software engineering researches and best industry practices aim at providing software products with high degree of quality and functionality at low cost and less time. These requirements are addressed by the Component Based Software Engineering (CBSE) as well. CBSE, which deals with the software construction by components’ assembly, is a revolutionary extension of Software Engineering. CBSE must define and describe processes to assure timely completion of high quality software systems that are composed of a variety of pre built software components. Though these features provide distinct and visible benefits in software design and programming, they also raise some challenging problems. The aim of this work is to summarize the pertinent issues and considerations in CBSE to make an understanding in forms of concepts and observations that may lead to development of newer ways of dealing with the problems and challenges in CBSE.

Keywords: software component, component based software engineering, software process, testing, maintenance

Procedia PDF Downloads 401

Authors: Malinda Gayan Sirisena

Abstract:

The aim of this research is to evaluate the effectiveness of software quality assurance approaches of Sri Lankan offshore software development organizations, and to propose a framework which could be used across all offshore software development organizations. An empirical study was conducted using derived framework from popular software quality evaluation models. The research instrument employed was a questionnaire survey among thirty seven Sri Lankan registered offshore software development organizations. The findings demonstrate a positive view of Effectiveness of Software Quality Assurance – the stronger predictors of Stability, Installability, Correctness, Testability and Changeability. The present study’s recommendations indicate a need for much emphasis on software quality assurance for the Sri Lankan offshore software development organizations.

Keywords: software quality assurance (SQA), offshore software development, quality assurance evaluation models, effectiveness of quality assurance

Procedia PDF Downloads 421

Authors: H. Gorine, M. Ramadan Elmezughi

Abstract:

In this paper, we investigate security issues and challenges facing researchers in wireless sensor networks and countermeasures to resolve them. The broadcast nature of wireless communication makes Wireless Sensor Networks prone to various attacks. Due to resources limitation constraint in terms of limited energy, computation power and memory, security in wireless sensor networks creates different challenges than wired network security. We will discuss several attempts at addressing the issues of security in wireless sensor networks in an attempt to encourage more research into this area.

Keywords: wireless sensor networks, network security, light weight encryption, threats

Procedia PDF Downloads 526

Authors: Getachew Weldemichael, Sentayehu Alamerew, Leta Tulu, Gezahegn Berecha

Abstract:

Coffee quality improvement program is becoming the focus of coffee research, as the world coffee consumption pattern shifted to high-quality coffee. However, there is limited information on the genetic variation of C. Arabica for quality improvement in potential specialty coffee growing areas of Ethiopia. Therefore, this experiment was conducted with the objectives of determining the magnitude of variation among 105 coffee accessions collected from east Wollega coffee growing areas and assessing correlations between the different coffee qualities attributes. It was conducted in RCRD with three replications. Data on green bean physical characters (shape and make, bean color and odor) and organoleptic cup quality traits (aromatic intensity, aromatic quality, acidity, astringency, bitterness, body, flavor, and overall standard of the liquor) were recorded. Analysis of variance, clustering, genetic divergence, principal component and correlation analysis was performed using SAS software. The result revealed that there were highly significant differences (P<0.01) among the accessions for all quality attributes except for odor and bitterness. Among the tested accessions, EW104 /09, EW101 /09, EW58/09, EW77/09, EW35/09, EW71/09, EW68/09, EW96 /09, EW83/09 and EW72/09 had the highest total coffee quality values (the sum of bean physical and cup quality attributes). These genotypes could serve as a source of genes for green bean physical characters and cup quality improvement in Arabica coffee. Furthermore, cluster analysis grouped the coffee accessions into five clusters with significant inter-cluster distances implying that there is moderate diversity among the accessions and crossing accessions from these divergent inter-clusters would result in hetrosis and recombinants in segregating generations. The principal component analysis revealed that the first three principal components with eigenvalues greater than unity accounted for 83.1% of the total variability due to the variation of nine quality attributes considered for PC analysis, indicating that all quality attributes equally contribute to a grouping of the accessions in different clusters. Organoleptic cup quality attributes showed positive and significant correlations both at the genotypic and phenotypic levels, demonstrating the possibility of simultaneous improvement of the traits. Path coefficient analysis revealed that acidity, flavor, and body had a high positive direct effect on overall cup quality, implying that these traits can be used as indirect criteria to improve overall coffee quality. Therefore, it was concluded that there is considerable variation among the accessions, which need to be properly conserved for future improvement of the coffee quality. However, the variability observed for quality attributes must be further verified using biochemical and molecular analysis.

Keywords: accessions, Coffea arabica, cluster analysis, correlation, principal component

Procedia PDF Downloads 165

Authors: Anunya Thanasrisuebwong

Abstract:

This research paper aimed to find out how was the ethical climate in an organization and job performance satisfaction of employees affected employees’ engagement and commitment by using the case study of PTT Exploration and Production Public Company Limited, Thailand. The population of this research was 4,383 Thai employees of PTTEP, Thailand. From a total of 420 questionnaires sent out, 345 respondents replied. The statistics utilized was mean score and Multiple Regression Analysis. The findings revealed that the respondents had opinion towards ethical climate of their organization, job performance satisfaction and organization engagement and commitment at a high level. The test of hypothesis disclosed the determinant attributes of job performance satisfaction that affected the respondents’ overall level of organization engagement and commitment. The set of these determinant attributes consisted of employees’ responsibilities for duties, organization’s policies and practice, relationship with organization’s commanders, work security and stability, job description, career path and relationship with colleagues. These variables were able to predict the employees’ organization engagement and commitment at 50.6 percent.

Keywords: ethical climate in organization, job performance satisfaction, organization engagement, commitment

Procedia PDF Downloads 285

Authors: Ralph Adaimy, Wassim El-Hajj, Ghassen Ben Brahim, Hazem Hajj, Haidar Safa

Abstract:

Huge amounts of data and personal information are being sent to and retrieved from web applications on daily basis. Every application has its own confidentiality and integrity policies. Violating these policies can have broad negative impact on the involved company’s financial status, while enforcing them is very hard even for the developers with good security background. In this paper, we propose a framework that enforces security-by-construction in web applications. Minimal developer effort is required, in a sense that the developer only needs to annotate database attributes by a security class. The web application code is then converted into an intermediary representation, called Extended Program Dependence Graph (EPDG). Using the EPDG, the provided annotations are propagated to the application code and run against generic security enforcement rules that were carefully designed to detect insecure information flows as early as they occur. As a result, any violation in the data’s confidentiality or integrity policies is reported. As a proof of concept, two PHP web applications, Hotel Reservation and Auction, were used for testing and validation. The proposed system was able to catch all the existing insecure information flows at their source. Moreover and to highlight the simplicity of the suggested approaches vs. existing approaches, two professional web developers assessed the annotation tasks needed in the presented case studies and provided a very positive feedback on the simplicity of the annotation task.

Keywords: web applications security, secure information flow, program dependence graph, database annotation

Procedia PDF Downloads 471

Authors: Mehmet Kargaci

Abstract:

It is more important to access information than to get the correct information and to transform it to the knowledge in a proper way. Every person, organizations or governments who have the knowledge now become the target. Cyber security involves the range of measures to be taken from individual to the national level. The National institutions refer to academic, military and major public and private institutions, which are very important for the national security. Thus they need further cyber security measures. It appears that the traditional cyber security measures in the national level are alone not sufficient, while the individual measures remain in a restricted level. It is evaluated that the most appropriate method for preventing the cyber vulnerabilities rather than existing measures are to develop institutional measures. This study examines the cyber security measures to be taken, especially in the national institutions.

Keywords: cyber defence, information, critical infrastructure, security

Procedia PDF Downloads 537

Authors: Supaporn Prajongjai, Pannarungsri Inpayoung

Abstract:

This research attempts to explore the perception and satisfaction of international tourists toward Thai economy, politics and Bangkok attributes. Due to tourism industry provides a high rate of revenue for Thailand, and the outcome from this business drives every section of Thailand such as business, residents’ living level. Unfortunately, some incidents in the country, such as some turmoil, have ruined the city’s image which obviously impacts to the tourism industry, the major source of revenue. The size of this research was 400 international tourists who visit Bangkok, Thailand during the 1st – 20th March 2009 and age between 20 – 65 years. The results reveal that tourists satisfy with all of Bangkok’s attributes including general attractions, heritage attraction, maintenance factors and cultural attraction. Also, tourists’ perception toward Thai politics is significantly related to their satisfaction of Bangkok’s attributes, but their perception toward Thai economy is not significantly correlated to their satisfaction of Bangkok’s attributes.

Keywords: international tourists' perception, tourists' satisfactions, Thai economy, tourism destination

Procedia PDF Downloads 254

Authors: Ghada S. Moussa

Abstract:

With the increase in population along with economic prosperity, an enormous increase in the number and types of vehicles on the roads occurred. This fact brings a growing need for efficiently yet effectively classifying vehicles into their corresponding categories, which play a crucial role in many areas of infrastructure planning and traffic management. This paper presents two vehicle-type classification approaches; 1) geometric-based and 2) appearance-based. The two classification approaches are used for two tasks: multi-class and intra-class vehicle classifications. For the evaluation purpose of the proposed classification approaches’ performance and the identification of the most effective yet efficient one, 10-fold cross-validation technique is used with a large dataset. The proposed approaches are distinguishable from previous research on vehicle classification in which: i) they consider both geometric and appearance attributes of vehicles, and ii) they perform remarkably well in both multi-class and intra-class vehicle classification. Experimental results exhibit promising potentials implementations of the proposed vehicle classification approaches into real-world applications.

Keywords: appearance attributes, geometric attributes, support vector machine, vehicle classification

Procedia PDF Downloads 338

Authors: Anthony I. Otuonye, Juliet N. Odii, Perpetual N. Ibe

Abstract:

The obvious challenges faced by most commercial bank customers while using the services of ATMs (Automated Teller Machines) across developing countries have triggered the need for an improved system with better security features. Current ATM systems are password-based, and research has proved the vulnerabilities of these systems to heinous attacks and manipulations. We have discovered by research that the security of current ATM-assisted banking services in most developing countries of the world is easily broken and maneuvered by fraudsters, majorly because it is quite difficult for these systems to identify an impostor with privileged access as against the authentic bank account owner. Again, PIN (Personal Identification Number) code passwords are easily guessed, just to mention a few of such obvious limitations of traditional ATM operations. In this research work also, we have developed a system of fingerprint biometrics with PIN code Authentication that seeks to improve the security features of traditional ATM installations as well as other Banking Services. The aim is to ensure better security at all ATM installations and raise the confidence of bank customers. It is hoped that our system will overcome most of the challenges of the current password-based ATM operation if properly applied. The researchers made use of the OOADM (Object-Oriented Analysis and Design Methodology), a software development methodology that assures proper system design using modern design diagrams. Implementation and coding were carried out using Visual Studio 2010 together with other software tools. Results obtained show a working system that provides two levels of security at the client’s side using a fingerprint biometric scheme combined with the existing 4-digit PIN code to guarantee the confidence of bank customers across developing countries.

Keywords: fingerprint biometrics, banking operations, verification, ATMs, PIN code

Procedia PDF Downloads 42

Authors: Mounir Zekkaoui, Abdelhadi Fennan

Abstract:

The software evolution control requires a deep understanding of the changes and their impact on different system heterogeneous artifacts. And an understanding of descriptive knowledge of the developed software artifacts is a prerequisite condition for the success of the evolutionary process. The implementation of an evolutionary process is to make changes more or less important to many heterogeneous software artifacts such as source code, analysis and design models, unit testing, XML deployment descriptors, user guides, and others. These changes can be a source of degradation in functional, qualitative or behavioral terms of modified software. Hence the need for a unified approach for extraction and representation of different heterogeneous artifacts in order to ensure a unified and detailed description of heterogeneous software artifacts, exploitable by several software tools and allowing to responsible for the evolution of carry out the reasoning change concerned.

Keywords: heterogeneous software artifacts, software evolution control, unified approach, meta model, software architecture

Procedia PDF Downloads 445

Authors: Stefan Bauer, Josef Frysak

Abstract:

According to the scientific information management literature, the improper use of information technology (e.g. personal computers) by employees are one main cause for operational and information security loss events. Therefore, organizations implement information security awareness programs to increase employees’ awareness to further prevention of loss events. However, in many cases these information security awareness programs consist of conventional delivery methods like posters, leaflets, or internal messages to make employees aware of information security policies. We assume that a viral information security awareness video might be more effective medium than conventional methods commonly used by organizations. The purpose of this research is to develop a viral video artifact to improve employee security behavior concerning information technology.

Keywords: information security awareness, delivery methods, viral videos, employee security behavior

Procedia PDF Downloads 542

Authors: Shruti Kohli

Abstract:

The sophistication and pervasiveness of cyber-attacks are constantly growing, driven partly by technological progress, profitable applications in organized crime and state-sponsored innovation. The modernization of rail control systems has resulted in an increasing reliance on digital technology and increased the potential for security breaches and cyber-attacks. This research track showcases the need for developing a secure reusable scalable framework for enhancing cyber security of rail assets. A cyber security framework has been proposed that is being developed to detect the tell-tale signs of cyber-attacks against industrial assets.

Keywords: cyber security, rail asset, security threat, cyber ontology

Procedia PDF Downloads 430

Authors: Thomas Adi Purnomo Sidhi

Abstract:

Nowadays, network is an essential need in almost every part of human daily activities. People now can seamlessly connect to others through the Internet. With advanced technology, our personal data now can be more easily accessed. One of many components we are concerned for delivering the best network is a security issue. This paper is proposing a method that provides more options for security. This research aims to improve network security by focusing on the physical layer which is the first layer of the OSI model. The layer consists of the basic networking hardware transmission technologies of a network. With the use of observation method, the research produces a schematic design for enhancing the network security through the gray code converter.

Keywords: network, network security, grey code, physical layer

Procedia PDF Downloads 504

Authors: Arenca Trashani

Abstract:

20 years after its first entrance in a General Assembly of the United Nation’s Resolution, human security has became a very important tool in a global debate affecting directly the whole main rules and regulations in international law and more closely in international human rights law. This paper will cover a very important issue of today at how the human security has its impact to the development of international human rights law, not as far as a challenge as it is seen up now but a tool of moving toward development and globalization. In order to analyze the impact of human security to the global agenda, we need to look to the main pillars of the international legal order which are affected by the human security in itself and its application in the policy making for this international legal order global and regional ones. This paper will focus, also, on human security, as a new and very important tool of measuring development, stability and the level of democratic consolidation and the respect for human rights especially in developing countries such as Albania. The states are no longer capable to monopolize the use of human security just within their boundaries and separated from the other principles of a functioning democracy. In this context, human security would be best guaranteed under the respect of the rule of law and democratization. During the last two decades the concept security has broadly developed, from a state-centric to a more human-centric approach: from state security to respect for human rights, to economic security, to environmental security as well. Last but not least we would see that human rights could be affected by human security not just at their promotion but also at their enforcement and mainly at the international institutions, which are entitled to promote and to protect human rights.

Keywords: human security, international human rights law, development, Albania, international law

Procedia PDF Downloads 758

Authors: Mehrab Faraghti

Abstract:

Trojan horses, a form of malware masquerading as legitimate software, pose significant cybersecurity threats. These malicious programs exploit user trust, infiltrate systems, and can lead to data breaches, financial loss, and compromised privacy. This paper explores the mechanisms through which Trojan horses operate, including delivery methods such as phishing and software vulnerabilities. It categorizes various types of Trojan horses and their specific impacts on individuals and organizations. Additionally, the research highlights the evolution of Trojan threats and the importance of user awareness and proactive security measures. By analyzing case studies of notable Trojan attacks, this study identifies common vulnerabilities that can be exploited and offers insights into effective countermeasures, including behavioral analysis, anomaly detection, and robust incident response strategies. The findings emphasize the need for comprehensive cybersecurity education and the implementation of advanced security protocols to mitigate the risks associated with Trojan horses.

Keywords: Trojan horses, cybersecurity, malware, data breach

Procedia PDF Downloads 9

Authors: E. Kempen, M. J. Labuschagne, M. P. Jama

Abstract:

There is evidence that experiential learning is truly influential and favored by the millennial generation. However, little is known about the role and attributes an educator has to adopt during the experiential learning cycle, especially when applied in optometry education. This study aimed to identify the roles and attributes of an optometry educator during the different modes of the experiential learning cycle. Methods: A qualitative case study design was used. Data was collected using an open-ended questionnaire survey, following the application of nine different teaching-learning methods based on the experimental learning cycle. The total sample population of 68 undergraduate students from the Department of Optometry at the University of the Free State, South Africa were invited to participate. Focus group interviews (n=15) added additional data that contributed to the interpretation and confirmation of the data obtained from the questionnaire surveys. Results: The perceptions and experiences of the students identified a variety of roles and attributes as well as recommendations on the effective adoption of these roles and attributes. These roles and attributes included being knowledgeable, creating an interest, providing guidance, being approachable, building confidence, implementing ground rules, leading by example, and acting as a mediator. Conclusion: The findings suggest that the actions of an educator have the most substantial impact on students’ perception of a learning experience. Not only are the recommendations based on the views of a millennial generation, but the implementation of the personalized recommendations may also transform a learning environment. This may lead an optometry student to a deeper understanding of knowledge.

Keywords: experiences and perceptions, experiential learning, millennial generation, recommendation for optometry education

Procedia PDF Downloads 115

Authors: S. M. Tavakoli Sani, M. Sabbet Moghadam, Y. Khorram Farhadi, Iraj Rezayi Nejad

Abstract:

The concept of national security in Iran is a permanently effective factor in acceptance or rejection of many international obligations. These obligations had been defined according to the type of legislation of Iran in many aspects. Therefore, there are several treaties at international level which requires Iran’s security to come in contact with obligations in these treaties in a way that an obstacle to join to them and their passage in parliament. This issue is a typical category which every country pays attention to be accepted in treaties or to include their national security in that treaties and also they can see the related treaties from this perspective, but this issue that 'what is the concept of Iran’s national security', and 'To what extent it is changed in recent years, especially after Islamic Revolution' are important issues that can be criticized. Thus, this study is trying to assess singed treaties from the perspective of Iran’s national security according of the true meaning of treaty and to investigate how the international treaties may be in conflict with Iran’s national security.

Keywords: treaties, national security, Iran, Islamic Revolution

Procedia PDF Downloads 469

Authors: Vuk M. Popovic, Dunja D. Popovic

Abstract:

Software maintenance phase is started once a software project has been developed and delivered. After that, any modification to it corresponds to maintenance. Software maintenance involves modifications to keep a software project usable in a changed or a changing environment, to correct discovered faults, and modifications, and to improve performance or maintainability. Software maintenance and management of software maintenance are recognized as two most important and most expensive processes in a life of a software product. This research is basing the prediction of maintenance, on risks and time evaluation, and using them as data sets for working with neural networks. The aim of this paper is to provide support to project maintenance managers. They will be able to pass the issues planned for the next software-service-patch to the experts, for risk and working time evaluation, and afterward to put all data to neural networks in order to get software maintenance prediction. This process will lead to the more accurate prediction of the working hours needed for the software-service-patch, which will eventually lead to better planning of budget for the software maintenance projects.

Keywords: laboratory information system, maintenance engineering, neural networks, software maintenance, software maintenance costs

Procedia PDF Downloads 358

Authors: Nur Imroatun Sholihat, Gresika Bunga Sylvana

Abstract:

Currently, cyber attack became an incredibly serious problem due to its increasing trend all over the world. Therefore, information security becomes prominent for every organization including public sector organization. In Indonesia, unfortunately, Ministry of Finance (MoF) is the only public sector organization that has already formally established procedure to assess its information security adequacy by performing information security audits (November 2017). We assess the implementation of information security audits in the MoF using qualitative data obtained by interviewing IT auditors and by analysis of related documents. For this reason, information security audit practice in the MoF could become the acceptable benchmark for all other public sector organizations in Indonesia. This study is important because, to the best of the author’s knowledge, our research into information security audits practice in Indonesia’s public sector have not been found yet. Results showed that information security audits performed mostly by doing pentest (penetration testing) to MoF’s critical applications.

Keywords: information security audit, information technology, Ministry of Finance of Indonesia, public sector organization

Procedia PDF Downloads 237

Authors: Tamil Chelvi Vadivelu, Nurazean Maarop, Rasimah Che Yusoff, Farhana Aini Saludin

Abstract:

Implementing a remote healthcare system needs to consider many security features. Therefore, before any deployment of the remote healthcare system, a feasibility study from the security perspective is crucial. Remote healthcare system using WBAN technology has been used in other countries for medical purposes but in Malaysia, such projects are still not yet implemented. This study was conducted qualitatively. The interview results involving five healthcare practitioners are further elaborated. The study has addressed four important security features in order to incorporate remote healthcare system using WBAN in Malaysian government hospitals.

Keywords: remote healthcare, IT security, security features, wireless sensor application

Procedia PDF Downloads 306

Authors: Tshegofatso Rambau, Tonderai Muchenje

Abstract:

Zero-day attacks (ZDA) are increasing day by day; there are many vulnerabilities in systems and software that date back decades. Companies keep discovering vulnerabilities in their systems and software and work to release patches and updates. A zero-day vulnerability is a software fault that is not widely known and is unknown to the vendor; attackers work very quickly to exploit these vulnerabilities. These are major security threats with a high success rate because businesses lack the essential safeguards to detect and prevent them. This study focuses on the factors and techniques that can help us detect zero-day attacks. There are various methods and techniques for detecting vulnerabilities. Various companies like edges can offer penetration testing and smart vulnerability management solutions. We will undertake literature studies on zero-day attacks and detection methods, as well as modeling approaches and simulations, as part of the study process.

Keywords: zero-day attacks, exploitation, vulnerabilities

Procedia PDF Downloads 102