Search results for: security test institutionalization
11807 The Awareness of Computer Science Students Regarding the Security of Location Based Games
Authors: Jacques Barnard, Magda Huisman, Gunther R. Drevin
Abstract:
Rapid expansion and development in die mobile technology market has created an opportunity for users to participate in location based games. As a consequence of this fast expanding market and new technology, it is important to be aware of the implications this has on security. This paper measures the impact on the security awareness of games’ participants, as well as on that of students at university level with regards to their various stages of input in years of studying and gamer classification. This serves to provide insight into the matter as to discernible differences in the awareness of the security implications concerning these technologies. The data was accumulated via a web questionnaire that was to be completed yearly by students from respective year groups. Results signify a meaningful disparity in security awareness among students completing the varying study years and research. This awareness, however, does not always impact on gamers.Keywords: gamer classifications, location based games, location based data, security awareness
Procedia PDF Downloads 29311806 A Multi-Agent System for Accelerating the Delivery Process of Clinical Diagnostic Laboratory Results Using GSM Technology
Authors: Ayman M. Mansour, Bilal Hawashin, Hesham Alsalem
Abstract:
Faster delivery of laboratory test results is one of the most noticeable signs of good laboratory service and is often used as a key performance indicator of laboratory performance. Despite the availability of technology, the delivery time of clinical laboratory test results continues to be a cause of customer dissatisfaction which makes patients feel frustrated and they became careless to get their laboratory test results. The Medical Clinical Laboratory test results are highly sensitive and could harm patients especially with the severe case if they deliver in wrong time. Such results affect the treatment done by physicians if arrived at correct time efforts should, therefore, be made to ensure faster delivery of lab test results by utilizing new trusted, Robust and fast system. In this paper, we proposed a distributed Multi-Agent System to enhance and faster the process of laboratory test results delivery using SMS. The developed system relies on SMS messages because of the wide availability of GSM network comparing to the other network. The software provides the capability of knowledge sharing between different units and different laboratory medical centers. The system was built using java programming. To implement the proposed system we had many possible techniques. One of these is to use the peer-to-peer (P2P) model, where all the peers are treated equally and the service is distributed among all the peers of the network. However, for the pure P2P model, it is difficult to maintain the coherence of the network, discover new peers and ensure security. Also, security is a quite important issue since each node is allowed to join the network without any control mechanism. We thus take the hybrid P2P model, a model between the Client/Server model and the pure P2P model using GSM technology through SMS messages. This model satisfies our need. A GUI has been developed to provide the laboratory staff with the simple and easy way to interact with the system. This system provides quick response rate and the decision is faster than the manual methods. This will save patients life.Keywords: multi-agent system, delivery process, GSM technology, clinical laboratory results
Procedia PDF Downloads 25011805 Forecasting Future Society to Explore Promising Security Technologies
Authors: Jeonghwan Jeon, Mintak Han, Youngjun Kim
Abstract:
Due to the rapid development of information and communication technology (ICT), a substantial transformation is currently happening in the society. As the range of intelligent technologies and services is continuously expanding, ‘things’ are becoming capable of communicating one another and even with people. However, such “Internet of Things” has the technical weakness so that a great amount of such information transferred in real-time may be widely exposed to the threat of security. User’s personal data are a typical example which is faced with a serious security threat. The threats of security will be diversified and arose more frequently because next generation of unfamiliar technology develops. Moreover, as the society is becoming increasingly complex, security vulnerability will be increased as well. In the existing literature, a considerable number of private and public reports that forecast future society have been published as a precedent step of the selection of future technology and the establishment of strategies for competitiveness. Although there are previous studies that forecast security technology, they have focused only on technical issues and overlooked the interrelationships between security technology and social factors are. Therefore, investigations of security threats in the future and security technology that is able to protect people from various threats are required. In response, this study aims to derive potential security threats associated with the development of technology and to explore the security technology that can protect against them. To do this, first of all, private and public reports that forecast future and online documents from technology-related communities are collected. By analyzing the data, future issues are extracted and categorized in terms of STEEP (Society, Technology, Economy, Environment, and Politics), as well as security. Second, the components of potential security threats are developed based on classified future issues. Then, points that the security threats may occur –for example, mobile payment system based on a finger scan technology– are identified. Lastly, alternatives that prevent potential security threats are proposed by matching security threats with points and investigating related security technologies from patent data. Proposed approach can identify the ICT-related latent security menaces and provide the guidelines in the ‘problem – alternative’ form by linking the threat point with security technologies.Keywords: future society, information and communication technology, security technology, technology forecasting
Procedia PDF Downloads 46911804 Policy Compliance in Information Security
Authors: R. Manjula, Kaustav Bagchi, Sushant Ramesh, Anush Baskaran
Abstract:
In the past century, the emergence of information technology has had a significant positive impact on human life. While companies tend to be more involved in the completion of projects, the turn of the century has seen importance being given to investment in information security policies. These policies are essential to protect important data from adversaries, and thus following these policies has become one of the most important attributes revolving around information security models. In this research, we have focussed on the factors affecting information security policy compliance in two models : The theory of planned behaviour and the integration of the social bond theory and the involvement theory into a single model. Finally, we have given a proposal of where these theories would be successful.Keywords: information technology, information security, involvement theory, policies, social bond theory
Procedia PDF Downloads 37211803 Migrant Workers and the Challenge for Human Security in Southeast Asia since 1997
Authors: Hanen Khaldi
Abstract:
This paper aims to study the impact of international migration on human security in the Southeastern region of Asia, especially after Asian Financial Crisis 1997-98. International migration has impacts on many dimensions of security: the state security (sovereignty and autonomy); international relationships security (conflicts, terrorism, etc); and immigrants security. The paper aims to improve our comprehension of the impact of international migration on immigrant security in the region of Southeast Asia, particularly “vulnerable workers’’ whose number is growing very fast in the region. The literature review carried out on this matter led us to ask the following two question: 1) Did the creation of ASEAN Community matter on the evolution of immigrants in the region? And How governments try to resolve the gap between economic objectifs and security of immigrants in the region? To answer these two questions, the paper is subdivided in three parts: Firstly, we will show how the creation of the ASEAN Community, especially ASEAN Economic Community, had a significant impact on the pattern of evolution of immigration in this region. Secondly, we will paint a portrait illustrating the vulnerability of immigrants in Southeast Asia, particularly unskilled workers. Finally, using the theories of regional integration, we will assess how governments try to ensure the security and safety of the immigrants. Overall, our analysis illustrate the significant change of the official discourse of the leaders of the ASEAN member states, now more conciliator and especially more open to cooperation, as well as the proliferation of meetings and initiatives between these countries to control mobility flows in the region, and the ensure immigrants security.Keywords: migrant workers, human security, human rights
Procedia PDF Downloads 17011802 Political Economy of Internal Dispalcement, Migration and Human Security in Zimbabwe: 1800 to Present Day
Authors: Chupicai Manuel
Abstract:
The purpose of this article is to examine the political economy and history of internal displacement, migration and human security in Zimbabwe from 1800 to present day. The article gives a timeline of major internal displacement, migration trends that took place in Zimbabwe before colonialism, through the colonial period up to the present day and examines the human security context of such periods. In view of the above, a political economy analysis will be employed to examine the different factors that promoted internal displacement and human movements from 1800 to the present day and explore the architecture of human security in Zimbabwe. The ultimate goal of this literature review is to provide a longitudinal analysis of internal displacement, migration and human security regimes that existed in Zimbabwe with the view of promoting social cohesion and nation building.Keywords: human security, internal displacement, migration, political economy
Procedia PDF Downloads 35611801 A Pattern Practise for Awareness Educations on Information Security: Information Security Project
Authors: Fati̇h Apaydin
Abstract:
Education technology is an area which constantly changes and creates innovations. As an inevitable part of the changing circumstances, the societies who have a tendency to the improvements keep up with these innovations by using the methods and strategies which have been designed for education technology. At this point, education technology has taken the responsibility to help the individuals improve themselves and teach the effective teaching methods by filling the airs in theoretical information, information security and the practice. The technology which comes to the core of our lives by raising the importance of it day by day and it enforced its position in computer- based environments. As a result, ‘being ready for technological innovations, improvement on computer-based talent, information, ability and attitude’ doctrines have to be given. However, it is today quite hard to deal with the security and reinforcement of this information. The information which is got illegally gives harm to society from every aspect, especially education. This study includes how and to what extent to use these innovative appliances such as computers and the factor of information security of these appliances in computer-based education. As the use of computer is constantly becoming prevalent in our country, both education and computer will never become out of date, so how computer-based education affects our lives and the study of information security for this type of education are important topics.Keywords: computer, information security, education, technology, development
Procedia PDF Downloads 59511800 Enhancing Human Security Through Conmprehensive Counter-terrorism Measures
Authors: Alhaji Khuzaima Mohammed Osman, Zaeem Sheikh Abdul Wadudi Haruna
Abstract:
This article aims to explore the crucial link between counter-terrorism efforts and the preservation of human security. As acts of terrorism continue to pose significant threats to societies worldwide, it is imperative to develop effective strategies that mitigate risks while safeguarding the rights and well-being of individuals. This paper discusses key aspects of counter-terrorism and human security, emphasizing the need for a comprehensive approach that integrates intelligence, prevention, response, and resilience-building measures. By highlighting successful case studies and lessons learned, this article provides valuable insights for policymakers, law enforcement agencies, and practitioners in their quest to address terrorism and foster human security.Keywords: human security, risk mitigation, terrorist activities, civil liberties
Procedia PDF Downloads 9111799 Blockchain’s Feasibility in Military Data Networks
Authors: Brenden M. Shutt, Lubjana Beshaj, Paul L. Goethals, Ambrose Kam
Abstract:
Communication security is of particular interest to military data networks. A relatively novel approach to network security is blockchain, a cryptographically secured distribution ledger with a decentralized consensus mechanism for data transaction processing. Recent advances in blockchain technology have proposed new techniques for both data validation and trust management, as well as different frameworks for managing dataflow. The purpose of this work is to test the feasibility of different blockchain architectures as applied to military command and control networks. Various architectures are tested through discrete-event simulation and the feasibility is determined based upon a blockchain design’s ability to maintain long-term stable performance at industry standards of throughput, network latency, and security. This work proposes a consortium blockchain architecture with a computationally inexpensive consensus mechanism, one that leverages a Proof-of-Identity (PoI) concept and a reputation management mechanism.Keywords: blockchain, consensus mechanism, discrete-event simulation, fog computing
Procedia PDF Downloads 13911798 Future Outlook and Current Situation for Security of Gas Supply in Eastern Baltic Region
Authors: Ando Leppiman, Kati Kõrbe Kaare, Ott Koppel
Abstract:
The growing demand for gas has rekindled a debate on gas security of supply due to supply interruptions, increasing gas prices, transportation and distribution bottlenecks and a growing reliance on imports over longer distances. Security of supply is defined mostly as an infrastructure package to satisfy N-1 criteria. In case of Estonia, Finland, Latvia, and Lithuania all the gas infrastructure is built to supply natural gas only from one single supplier, Russia. In 2012, almost 100% of natural gas to the Eastern Baltic Region was supplied by Gazprom. under such circumstances infrastructure N-1 criteria does not guarantee security of supply. In the Eastern Baltic Region, the assessment of risk of gas supply disruption has been worked out by applying the method of risk scenarios. There are various risks to be tackled in Eastern Baltic States in terms of improving security of supply, such as single supplier risk, physical infrastructure risk, regulatory gap, fair price, and competition. The objective of this paper is to evaluate the energy security of the Eastern Baltic Region within the framework of the European Union’s policies and to make recommendations on how to better guarantee the energy security of the region.Keywords: security of supply, supply routes for natural gas, energy balance, diversified supply options, common regulative package
Procedia PDF Downloads 26211797 Implementing Zero-Trust Security with Passwordless Authentication Gateways for Privacy-Oriented Organizations Using Keycloak
Authors: Andrei Bogdan Stanescu, Laura Diaconescu
Abstract:
With the increasing concerns about data breaches and privacy violations, organizations seek robust security measures to protect sensitive information. This research paper highlights the importance of implementing the Zero-Trust Security methodology using Passwordless Authentication Gateways that leverage Keycloak, an open-source Identity and Access Management (IAM) software, as a solution to address the security challenges these organizations face. The paper presents the successful implementation and deployment of such a solution in a mid-size, privacy-oriented organization. The implementation resulted in significant security improvements, reducing the risk of unauthorized access and potential data breaches. Moreover, user feedback indicated enhanced convenience and streamlined authentication experiences. The results of this study bring solid contributions in the field of cybersecurity and provide practical insights for organizations aiming to strengthen their security practices.Keywords: identity and access management, passwordless authentication, privacy, zero-trust security
Procedia PDF Downloads 9211796 Threat Analysis: A Technical Review on Risk Assessment and Management of National Testing Service (NTS)
Authors: Beenish Urooj, Ubaid Ullah, Sidra Riasat
Abstract:
National Testing Service-Pakistan (NTS) is an agency in Pakistan that conducts student success appraisal examinations. In this research paper, we must present a security model for the NTS organization. The security model will depict certain security countermeasures for a better defense against certain types of breaches and system malware. We will provide a security roadmap, which will help the company to execute its further goals to maintain security standards and policies. We also covered multiple aspects in securing the environment of the organization. We introduced the processes, architecture, data classification, auditing approaches, survey responses, data handling, and also training and awareness of risk for the company. The primary contribution is the Risk Survey, based on the maturity model meant to assess and examine employee training and knowledge of risks in the company's activities.Keywords: NTS, risk assessment, threat factors, security, services
Procedia PDF Downloads 7111795 Stackelberg Security Game for Optimizing Security of Federated Internet of Things Platform Instances
Authors: Violeta Damjanovic-Behrendt
Abstract:
This paper presents an approach for optimal cyber security decisions to protect instances of a federated Internet of Things (IoT) platform in the cloud. The presented solution implements the repeated Stackelberg Security Game (SSG) and a model called Stochastic Human behaviour model with AttRactiveness and Probability weighting (SHARP). SHARP employs the Subjective Utility Quantal Response (SUQR) for formulating a subjective utility function, which is based on the evaluations of alternative solutions during decision-making. We augment the repeated SSG (including SHARP and SUQR) with a reinforced learning algorithm called Naïve Q-Learning. Naïve Q-Learning belongs to the category of active and model-free Machine Learning (ML) techniques in which the agent (either the defender or the attacker) attempts to find an optimal security solution. In this way, we combine GT and ML algorithms for discovering optimal cyber security policies. The proposed security optimization components will be validated in a collaborative cloud platform that is based on the Industrial Internet Reference Architecture (IIRA) and its recently published security model.Keywords: security, internet of things, cloud computing, stackelberg game, machine learning, naive q-learning
Procedia PDF Downloads 35511794 Exploring the Dark Side of IT Security: Delphi Study on Business’ Influencing Factors
Authors: Tizian Matschak, Ilja Nastjuk, Stephan Kühnel, Simon Trang
Abstract:
We argue that besides well-known primary effects of information security controls (ISCs), namely confidentiality, integrity, and availability, ISCs can also have secondary effects. For example, while IT can add business value through impacts on business processes, ISCs can be a barrier and distort the relationship between IT and organizational value through the impact on business processes. By applying the Delphi method with 28 experts, we derived 27 business process influence dimensions of ISCs. Defining and understanding these mechanisms can change the common understanding of the cost-benefit valuation of IT security investments and support managers' effective and efficient decision-making.Keywords: business process dimensions, dark side of information security, Delphi study, IT security controls
Procedia PDF Downloads 11211793 An Overview of Privacy and Security Issues in Social Networks
Authors: Mohamad Ibrahim Al Ladan
Abstract:
Social networks, such as Facebook, Myspace, LinkedIn, Google+, and Twitter have experienced exponential growth and a remarkable adoption rate in recent years. They provide attractive means of online social interactions and communications with family, friends, and colleagues from around the corner or across the globe, and they have become an important part of daily digital interactions for more than one and a half billion users around the world. The various personal information sharing practices that social network providers encourage have led to their success as innovative social interaction platforms. However, these practices have resulted in ample concerns with respect to privacy and security from different stakeholders. Addressing these privacy and security concerns in social networks is a must for these networks to be sustainable. Existing security and privacy tools may not be enough to address existing concerns. Some guidelines should be followed to protect users from the existing risks. In this paper, we have investigated and discussed the various privacy and security issues and concerns pertaining to social networks. Moreover, we have classified these privacy and security issues and presented a thorough discussion of the implications of these issues and concerns on the future of the social networks. In addition, we have presented a set of guidelines as precaution measures that users can consider to address these issues and concerns.Keywords: social networks privacy issues, social networks security issues, social networks privacy precautions measures, social networks security precautions measures
Procedia PDF Downloads 31011792 Information Security Dilemma: Employees' Behaviour on Three-Dimensions to Failure
Authors: Dyana Zainudin, Atta Ur-Rahman, Thaier Hamed
Abstract:
This paper explains about human nature concept as to understand the significance of information security in employees’ mentality including leaders in an organisation. By studying on a theory concept of the latest Von Solms fourth waves, information security governance basically refers to the concept of a set of methods, techniques and tools that responsible for protecting resources of a computer system to ensure service availability, confidentiality and integrity of information. However, today’s information security dilemma relates to the acceptance of employees mentality. The major causes are a lack of communication and commitment. These types of management in an organisation are labelled as immoral/amoral management which effects on information security compliance. A recovery action is taken based on ‘learn a lesson from incident events’ rather than prevention. Therefore, the paper critically analysed the Von Solms fourth waves’ theory with current human events and its correlation by studying secondary data and also from qualitative analysis among employees in public sectors. ‘Three-dimensions to failure’ of information security dilemma are explained as deny, don’t know and don’t care. These three-dimensions are the most common vulnerable behaviour owned by employees. Therefore, by avoiding the three-dimensions to failure may improve the vulnerable behaviour of employees which is often related to immoral/amoral management.Keywords: information security management system, information security behaviour, information security governance, information security culture
Procedia PDF Downloads 20911791 Migration, Security, and Human Rights in Nigeria: Navigating National Interests Amidst Regional Crises
Authors: Otu Otu Akanu
Abstract:
The nexus between migration, national security, and human rights has become increasingly complex, particularly within Nigeria's geopolitical landscape. This study explores how Nigeria navigates the balance between safeguarding national security and upholding human rights amidst escalating regional crises, such as conflicts in the Lake Chad Basin and the Sahel. Through a comprehensive analysis of policy frameworks, security measures, and human rights protocols, this paper critically examines the challenges and opportunities in Nigeria's approach. The study employed a multidisciplinary methodology, integrating perspectives from International Relations, Human Security Studies, and Migration Law to provide a holistic understanding of the issue. Drawing on primary data from government reports, policy documents, and interviews with key stakeholders, alongside secondary literature, the study reveals a persistent tension between security imperatives and human rights obligations. While Nigeria has made strides in enhancing its security architecture, the findings highlight significant gaps in the protection of migrants' rights, often exacerbated by external pressures and domestic political dynamics. The paper argues that a recalibration of Nigeria's security and human rights policies is imperative for achieving sustainable peace and security in the region. By offering policy recommendations rooted in international best practices, this study contributes to the ongoing discourse on migration and security in West Africa and provides a framework for other nations grappling with similar challenges. This research underscores the need for an integrated approach that transcends traditional security paradigms, advocating a more inclusive and human-centered strategy in addressing the complexities of migration and national security.Keywords: migration, national security, human rights, Nigeria, West Africa
Procedia PDF Downloads 2111790 Cloud Computing Security for Multi-Cloud Service Providers: Controls and Techniques in Our Modern Threat Landscape
Authors: Sandesh Achar
Abstract:
Cloud computing security is a broad term that covers a variety of security concerns for organizations that use cloud services. Multi-cloud service providers must consider several factors when addressing security for their customers, including identity and access management, data at rest and in transit, egress and ingress traffic control, vulnerability and threat management, and auditing. This paper explores each of these aspects of cloud security in detail and provides recommendations for best practices for multi-cloud service providers. It also discusses the challenges inherent in securing a multi-cloud environment and offers solutions for overcoming these challenges. By the end of this paper, readers should have a good understanding of the various security concerns associated with multi-cloud environments in the context of today’s modern cyber threats and how to address them.Keywords: multi-cloud service, system organization control, data loss prevention, identity and access management
Procedia PDF Downloads 9811789 A Security Study for Smart Metering Systems
Authors: Musaab Hasan, Farkhund Iqbal, Patrick C. K. Hung, Benjamin C. M. Fung, Laura Rafferty
Abstract:
In modern societies, the smart cities concept raised simultaneously with the projection towards adopting smart devices. A smart grid is an essential part of any smart city as both consumers and power utility companies benefit from the features provided by the power grid. In addition to advanced features presented by smart grids, there may also be a risk when the grids are exposed to malicious acts such as security attacks performed by terrorists. Considering advanced security measures in the design of smart meters could reduce these risks. This paper presents a security study for smart metering systems with a prototype implementation of the user interfaces for future works.Keywords: security design, smart city, smart meter, smart grid, smart metering system
Procedia PDF Downloads 33811788 Sharing Experience in Authentic Learning for Mobile Security
Abstract:
Mobile devices such as smartphones are getting more and more popular in our daily lives. The security vulnerability and threat attacks become a very emerging and important research and education topic in computing security discipline. There is a need to have an innovative mobile security hands-on laboratory to provide students with real world relevant mobile threat analysis and protection experience. This paper presents an authentic teaching and learning mobile security approach with smartphone devices which covers most important mobile threats in most aspects of mobile security. Each lab focuses on one type of mobile threats, such as mobile messaging threat, and conveys the threat analysis and protection in multiple ways, including lectures and tutorials, multimedia or app-based demonstration for threats analysis, and mobile app development for threat protections. This authentic learning approach is affordable and easily-adoptable which immerse students in a real world relevant learning environment with real devices. This approach can also be applied to many other mobile related courses such as mobile Java programming, database, network, and any security relevant courses so that can learn concepts and principles better with the hands-on authentic learning experience.Keywords: mobile computing, Android, network, security, labware
Procedia PDF Downloads 40711787 Environmental Refugees in Africa: A Case Study of Sahel Region
Authors: Ahlem Setrallah
Abstract:
Environment has become a phenomenon directly linked to security in recent decades. This security aspect of environment is justified by the challenges that environment problems can have on human life and thus security especially within the scope of human security that is based mainly on the individual rather than on the state. Because Africa is not safe from the global warming and all its consequences on environment, this continent has witnessed many crises related to environment and that have had direct impact on security in Africa. One of those crises is environmental displacement or immigration which was caused by natural disasters like draught, desertification and food shortage to name but a few. This paper aims at shedding light at some important cases in the Africa focusing mainly on the Sahel region. The main research questions that we are trying to answer are the following: 1-What is the relationship between environment and forced immigration in the Sahel region? 2-What is the impact of environmental immigration on Security in the region? 3-How have the states in this region reacted to this crisis? 4-Is the measures taken by those states adequate or not? 5- How to remedy for the limitations of those measures? The paper is based on case study methodology as a way to better understand the relationship between security and environment using library research for data collection and analysis. This paper aims also at presenting some suggesting regarding possible ways of reducing the negative impact of environmental immigration.Keywords: environment, refugees, Sahel region, security
Procedia PDF Downloads 48011786 The Acceptance of E-Assessment Considering Security Perspective: Work in Progress
Authors: Kavitha Thamadharan, Nurazean Maarop
Abstract:
The implementation of e-assessment as tool to support the process of teaching and learning in university has become a popular technological means in universities. E-Assessment provides many advantages to the users especially the flexibility in teaching and learning. The e-assessment system has the capability to improve its quality of delivering education. However, there still exists a drawback in terms of security which limits the user acceptance of the online learning system. Even though there are studies providing solutions for identified security threats in e-learning usage, there is no particular model which addresses the factors that influences the acceptance of e-assessment system by lecturers from security perspective. The aim of this study is to explore security aspects of e-assessment in regard to the acceptance of the technology. As a result a conceptual model of secure acceptance of e-assessment is proposed. Both human and security factors are considered in formulation of this conceptual model. In order to increase understanding of critical issues related to the subject of this study, interpretive approach involving convergent mixed method research method is proposed to be used to execute the research. This study will be useful in providing more insightful understanding regarding the factors that influence the user acceptance of e-assessment system from security perspective.Keywords: secure technology acceptance, e-assessment security, e-assessment, education technology
Procedia PDF Downloads 46011785 Partnering with Stakeholders to Secure Digitization of Water
Authors: Sindhu Govardhan, Kenneth G. Crowther
Abstract:
Modernisation of the water sector is leading to increased connectivity and integration of emerging technologies with traditional ones, leading to new security risks. The convergence of Information Technology (IT) with Operation Technology (OT) results in solutions that are spread across larger geographic areas, increasingly consist of interconnected Industrial Internet of Things (IIOT) devices and software, rely on the integration of legacy with modern technologies, use of complex supply chain components leading to complex architectures and communication paths. The result is that multiple parties collectively own and operate these emergent technologies, threat actors find new paths to exploit, and traditional cybersecurity controls are inadequate. Our approach is to explicitly identify and draw data flows that cross trust boundaries between owners and operators of various aspects of these emerging and interconnected technologies. On these data flows, we layer potential attack vectors to create a frame of reference for evaluating possible risks against connected technologies. Finally, we identify where existing controls, mitigations, and other remediations exist across industry partners (e.g., suppliers, product vendors, integrators, water utilities, and regulators). From these, we are able to understand potential gaps in security, the roles in the supply chain that are most likely to effectively remediate those security gaps, and test cases to evaluate and strengthen security across these partners. This informs a “shared responsibility” solution that recognises that security is multi-layered and requires collaboration to be successful. This shared responsibility security framework improves visibility, understanding, and control across the entire supply chain, and particularly for those water utilities that are accountable for safe and continuous operations.Keywords: cyber security, shared responsibility, IIOT, threat modelling
Procedia PDF Downloads 7711784 Engaging with Security and State from a Gendered Lens in the South Asian Context: Indian State’s Construction of Internal Security and State Responses
Authors: Pooja Bakshi
Abstract:
In the following paper, an attempt would be made to engage with the relationship between the state and the imperatives of security from a gendered lens. This will be juxtaposed with the feminist engagement with International Law. Theorizations from the literature on South Asian politics and Global politics would be applied to the manner in which the Indian state has defined and proposed to deal with concerns of internal security pertaining to the ‘Left Wing Extremism’ in 2010-2011. It would be argued that the state needs to be disaggregated into the legislature, executive and the judiciary; since there are times when some institutional parts of the state provide space for progressive democratic engagement whilst other institutions don’t. The specific contours of violence faced by women and children at the hands of the state, in the above-mentioned discourse would also be examined. In the end, implications of the security state discourse on debates in International Law would be elaborated.Keywords: feminist engagement, human rights, state response to left extremism, security studies in South Asia
Procedia PDF Downloads 49411783 An Exploration of Anti-Terrorism Laws in Nigeria
Authors: Sani Mohammed Adam
Abstract:
This work seeks to review the security challenges facing Nigeria and explore the relevance of laws and policies in tackling the menace. The work looks at the adequacy of available legislations and the functionality of relevant institutions such as the Armed Forces, the Nigeria Police Force, the State Security Service, the Defence Intelligence Agency and the Nigerian Intelligence Agency etc. Comparisons would be made with other jurisdictions, such as inter alia, the Homeland Security in the USA and Counter Terrorism Laws of the United Kingdom. Recommendations would be made on how to strengthen both institutions and laws to curtail the growth of Terrorism in Nigeria.Keywords: legislations, Nigeria, security, terrorism
Procedia PDF Downloads 68111782 Case Study: Institutionalization of CSR Activities of MRGC through an NGO (OSDI)
Authors: Aasim Siddiqui
Abstract:
In a country where 45.6 per cent of the total population lives below the poverty line, according to the Human Development Report 2014 by UNDP, an increasing number of private companies are now dedicating their resources to remedy this situation of chronic poverty. Most corporations in Pakistan now have a separate and dedicated department for Corporate Social Responsibility (CSR), albeit with varying goals and hence different strategies for achieving those goals. Similarly, Marine Group of Companies (MRGC) also has a robust CSR policy which the group implements through a Non-Government Organization (NGO) called Organization for Social Development Initiatives (OSDI). This organization, which operates under the ambit of MRGC’s CSR division, has a concentrated focus on helping the poorest communities in the rural areas of Pakistan to break out of intergenerational poverty. This paper maps the theoretical strategies as well as practical activities undertaken by OSDI for poverty alleviation via rural development in Pakistan. To obtain in-depth information of demographics, livelihood and socio-economic indicators in OSDI’s focused districts; a combination of quantitative and qualitative research methodologies was used during the course of this research. The paper highlights and explains OSDI’s unique three-pronged approach which aims at reducing poverty through income generation via the livelihood assistance program and through the provision of access to the most basic services (including health and education) via the community development and food security programs. Modeled on the concept of capacity building, OSDI’s modus operandi is centered on disbursing timely microcredit facilities to farmers who can benefit from these funds by investing in productive assets to foster financial capability for the future. With a focus on increasing the income of poor farmers, OSDI’s approach is to integrate all the socio-economic facets: education, health and sanitation and food security, to induce a sustained positive impact on their living standards.Keywords: CSR, poverty, rural, sustainability
Procedia PDF Downloads 24911781 A Tutorial on Network Security: Attacks and Controls
Authors: Belbahi Ahlam
Abstract:
With the phenomenal growth in the Internet, network security has become an integral part of computer and information security. In order to come up with measures that make networks more secure, it is important to learn about the vulnerabilities that could exist in a computer network and then have an understanding of the typical attacks that have been carried out in such networks. The first half of this paper will expose the readers to the classical network attacks that have exploited the typical vulnerabilities of computer networks in the past and solutions that have been adopted since then to prevent or reduce the chances of some of these attacks. The second half of the paper will expose the readers to the different network security controls including the network architecture, protocols, standards and software/ hardware tools that have been adopted in modern day computer networks.Keywords: network security, attacks and controls, computer and information, solutions
Procedia PDF Downloads 45711780 Identifying the Barriers to Institutionalizing a One Health Concept in Responding to Zoonotic Diseases in South Asia
Authors: Rojan Dahal
Abstract:
One Health refers to a collaborative effort between multiple disciplines - locally, nationally, and globally - to attain optimal health. Although there were unprecedented intersectoral alliances between the animal and human health sectors during the avian influenza outbreak, there are different views and perceptions concerning institutionalizing One Health in South Asia. It is likely a structural barrier between the relevant professionals working in different entities or ministries when it comes to collaborating on One Health actions regarding zoonotic diseases. Politicians and the public will likely need to invest large amounts of money, demonstrate political will, and understand how One Health works to overcome these barriers. One Health might be hard to invest in South Asian countries, where the benefits are based primarily on models and projections and where numerous issues related to development and health need urgent attention. The other potential barrier to enabling the One Health concept in responding to zoonotic diseases is a failure to represent One Health in zoonotic disease control and prevention measures in the national health policy, which is a critical component of institutionalizing the One Health concept. One Health cannot be institutionalized without acknowledging the linkages between animal, human, and environmental sectors in dealing with zoonotic diseases. Efforts have been made in the past to prepare a preparedness plan for One Health implementation, but little has been done to establish a policy environment to institutionalize One Health. It is often assumed that health policy refers specifically to medical care issues and health care services. When drafting, reviewing, and redrafting the policy, it is important to engage a wide range of stakeholders. One Health institutionalization may also be hindered by the interplay between One Health professionals and bureaucratic inertia in defining the priorities of diseases due to competing interests on limited budgets. There is a possibility that policymakers do not recognize the importance of veterinary professionals in preventing human diseases originating in animals. Compared to veterinary medicine, the human health sector has produced most of the investment and research outputs related to zoonotic diseases. The public health profession may consider itself superior to the veterinary profession. Zoonotic diseases might not be recognized as threats to human health, impeding integrated policies. The effort of One Health institutionalization remained only among the donor agencies and multi-sectoral organizations. There is a need for strong political will and state capacity to overcome the existing institutional, financial, and professional barriers for its effective implementation. There is a need to assess the structural challenges, policy challenges, and the attitude of the professional working in the multiple disciplines related to One Health. Limited research has been conducted to identify the reasons behind the barriers to institutionalizing the One Health concept in South Asia. Institutionalizing One Health in responding to zoonotic diseases breaks down silos and integrates animals, humans, and the environment.Keywords: one health, institutionalization, South Asia, institutionalizations
Procedia PDF Downloads 10011779 Analysis of Threats in Interoperability of Medical Devices
Authors: M. Sandhya, R. M. Madhumitha, Sharmila Sankar
Abstract:
Interoperable medical devices (IMDs) face threats due to the increased attack surface accessible by interoperability and the corresponding infrastructure. Initiating networking and coordination functionalities primarily modify medical systems' security properties. Understanding the threats is a vital first step in ultimately crafting security solutions for such systems. The key to this problem is coming up with some common types of threats or attacks with those of security and privacy, and providing this information as a roadmap. This paper analyses the security issues in interoperability of devices and presents the main types of threats that have to be considered to build a secured system.Keywords: interoperability, threats, attacks, medical devices
Procedia PDF Downloads 33311778 Securing Healthcare IoT Devices and Enabling SIEM Integration: Addressing
Authors: Mubarak Saadu Nabunkari, Abdullahi Abdu Ibrahim, Muhammad Ilyas
Abstract:
This study looks at how Internet of Things (IoT) devices are used in healthcare to monitor and treat patients better. However, using these devices in healthcare comes with security problems. The research explores using Security Information and Event Management (SIEM) systems with healthcare IoT devices to solve these security challenges. Reviewing existing literature shows the current state of IoT security and emphasizes the need for better protection. The main worry is that healthcare IoT devices can be easily hacked, putting patient data and device functionality at risk. To address this, the research suggests a detailed security framework designed for these devices. This framework, based on literature and best practices, includes important security measures like authentication, data encryption, access controls, and anomaly detection. Adding SIEM systems to this framework helps detect threats in real time and respond quickly to incidents, making healthcare IoT devices more secure. The study highlights the importance of this integration and offers guidance for implementing healthcare IoT securely, efficiently, and effectively.Keywords: cyber security, threat intelligence, forensics, heath care
Procedia PDF Downloads 67