Search results for: information security audit

Authors: Okike Benjamin, Garba Ejd

Abstract:

Today, it has been observed security of information along the superhighway is often compromised by those who are not authorized to have access to such information. In order to ensure the security of information along the superhighway, such information should be encrypted by some means to conceal the real meaning of the information. There are many encryption techniques out there in the market. However, some of these encryption techniques are often easily decrypted by adversaries. The researcher has decided to develop an encryption technique that may be more difficult to decrypt. This may be achieved by splitting the message to be encrypted into parts and encrypting each part separately and swapping the positions before transmitting the message along the superhighway. The method is termed Merged Irregular Transposition Cipher. Also, the research would determine the complexity level in respect to the number of splits of the message.

Keywords: transposition cipher, merged irregular cipher, encryption, complexity level

Procedia PDF Downloads 323

Authors: Isa Raquel Alves Soeiro, Cristina Isabel Branco de Sá

Abstract:

In Portugal, since 2008, there has been a requirement to export the Standard Audit File for Tax Purposes (SAF-T) standard file (in XML format). This file thus gathers tax-relevant information from a company relating to a specific period of taxation. There are two types of SAF-T files that serve different purposes: the SAF-T of revenues and the SAF-T of accounting, which requires taxpayers and accounting firms to invest in order to adapt the accounting programs to the legal requirements. The implementation of the SAF-T accounting file aims to facilitate the collection of relevant tax data by tax inspectors as support of taxpayers' tax returns for the analysis of accounting records or other information with tax relevance (Portaria No. 321-A/2007 of March 26 and Portaria No. 302/2016 of December 2). The main objective of this research project is to verify, through quantitative analysis, what is the cost of compliance of Small and Medium Enterprises (SME) in the district of Leiria in the introduction and implementation of the tax obligation of SAF-T - Standard Audit File for Tax Purposes of accounting. The information was collected through a questionnaire sent to a population of companies selected through the SABI Bureau Van Dijk database in 2020. Based on the responses obtained to the questionnaire, the companies were divided into two groups: Group 1 -companies who are self-employed and whose main activity is accounting services; and Group 2 -companies that do not belong to the accounting sector. In general terms, the conclusion is that there are no statistically significant differences in the costs of complying with the accounting SAF-T between the companies in Group 1 and Group 2 and that, on average, the internal costs of both groups represent the largest component of the total cost of compliance with the accounting SAF-T. The results obtained show that, in both groups, the total costs of complying with the SAF-T of accounting are regressive, which appears to be similar to international studies, although these are related to different tax obligations. Additionally, we verified that the variables volume of business, software used, number of employees, and legal form explain the differences in the costs of complying with accounting SAF-T in the Leiria district SME.

Keywords: compliance costs, SAF-T accounting, SME, Portugal

Procedia PDF Downloads 61

Authors: Ademuyiwa Agbonyin, Stamatis Zoras, Mohammad Zandi

Abstract:

This paper investigates the extent to which building energy modelling can be informed based on preliminary information provided by infrared thermography using a thermal imaging camera in a walkthrough audit. The case-study building is the Sheffield Cathedral, built in the early 1400s. Based on an informative qualitative report generated from the thermal images taken at the site, the regions showing significant heat loss are input into a computer model of the cathedral within the integrated environmental solution (IES) virtual environment software which performs an energy simulation to determine quantitative heat losses through the building envelope. Building data such as material thermal properties and building plans are provided by the architects, Thomas Ford and Partners Ltd. The results of the modelling revealed the portions of the building with the highest heat loss and these aligned with those suggested by the thermal camera. Retrofit options for the building are also considered, however, may not see implementation due to a desire to conserve the architectural heritage of the building. Results show that thermal imaging in a walk-through audit serves as a useful guide for the energy modelling process. Hand calculations were also performed to serve as a 'control' to estimate losses, providing a second set of data points of comparison.

Keywords: historic buildings, energy retrofit, thermal comfort, software modelling, energy modelling

Procedia PDF Downloads 146

Authors: Prateep Wajeetongratana

Abstract:

The objective of this research is to examine the effects of internal audit innovation on firm performance effectiveness influences of financial report reliability, organizational process improvement, and risk management effectiveness. This paper drew upon the survey data collected from 400 employees survey conducted at Nonthaburi province, Thailand. The statistics utilized in this paper included percentage, mean, standard deviation, and regression analysis. The findings revealed that the majority of samples were between 31-40 years old, married, held an undergraduate degree, and had an average income between 10,000-15,000 baht. And also the results show that auditing integration has only influence on financial report reliability. Moreover, corporate risk evaluation has effect on firm performance by risk management effectiveness and control self-assessment has effect influence on firm performance by organizational process improvement and risk management effectiveness as well.

Keywords: corporate risk evaluation, firm performance effectiveness, internal audit innovation, marketing management

Procedia PDF Downloads 356

Authors: Raif Parlakkaya, Umran Kahraman, Huseyin Cetin

Abstract:

Internet financial reporting and corporate governance issues are in the focus of academic and professional studies due to their attributed importance by stakeholders of corporations. Major aim of this study is to reveal the relationship between internet financial reporting which is held as dependent variable and some indicators of corporate governance such as the ratio of managerial ownership, blockholder ownership, number of independent members in the board of directors, frequency of meetings by audit committee and education level of audit committee members which are held as independent variables. Main purpose is to reveal the effect of corporate governance on the voluntary efforts of Internet Financial reporting. The scope of the research is limited to the Turkish Corporations listed in Borsa Istanbul (Istanbul Stock Exchange) and findings which are generated by means of SPSS software are revealed in results section and interpreted in conclusions.

Keywords: audit committee, corporate governance, internet financial reporting, managerial ownership

Procedia PDF Downloads 499

Authors: Magdaléna Náplavová, Tomáš Ludík, Petr Hrůza, František Božek

Abstract:

The use of IT equipment has become a part of every day. However, each device that is part of cyberspace should be secured against unauthorized use. It is very important to know the basics of these security devices, but also the basics of safe conduct their owners. This information should be part of every curriculum computer science education in primary and secondary schools. Therefore, the work focuses on the education of pupils in primary and secondary schools on the Internet. Analysis of the current state describes approaches to the education of pupils in security issues on the Internet. The paper presents a questionnaire-based survey which was carried out in the Czech Republic, whose task was to ascertain the level of opinion pupils in primary and secondary schools on the issue of communication in social networks. The research showed that awareness of socio-pathological phenomena on the Internet environment is very low. Based on the results it was proposed appropriate ways of teaching to this issue and its inclusion a proposal of curriculum for primary and secondary schools.

Keywords: information security, cyber space, general awareness, questionnaire, socio-pathological phenomena, educational system

Procedia PDF Downloads 368

Authors: Mehdi Ghaemi

Abstract:

In principle, foreign investment security is enshrined in International Investment Agreements (IIAs) and Bilateral Investment Treaties (BITs) in the form of protection standards such as the Full Protection and Security Standard (FPS). Accordingly, the host countries undertake to provide the necessary security for the economic activities of foreign investment. With the outbreak of coronavirus, the international community called COVID-19 a threat to international peace security, as well as to the public interest and national security of nations; and to deal with, they proposed several solutions, generally including quarantine, creating social distances, and restricting businesses. This article first studies the security of foreign investment in international investment law. In the following, it analyzes the consequences of the COVID-19 pandemic for foreign investment security so that if there is a threat to that security, solutions could be offered to reduce it.

Keywords: foreign investment, FPS standard, host country, public health, COVID-19

Procedia PDF Downloads 80

Authors: Amel Osman, Stewart McKenna

Abstract:

Aim: Fever may present as the sole sign of a serious underlying infection in young infants. Febrile Infants aged less than 90 days are at an elevated susceptibility to invasive bacterial infections, thus presenting a challenge in ensuring the appropriate management of these cases. This study aims to ensure strict adherence to NICE guidelines for the management of fever in infants between 0 and 90 days presenting to Tallaght Hospital ED. A comprehensive audit, followed by a re-audit, was conducted to enhance the quality of care delivered to these patients. In accordance with NICE guidelines, all febrile infants should undergo blood tests. Additionally, LP should be performed in all neonates under 28 days, infants displaying signs of illness, and those with WCC below 5 or above 15. Method: A retrospective case review was performed, encompassing all patients aged between 0 to 90 days who presented with fever at Tallaght ED. Data retrieval was conducted from electronic records on two separate occasions, six months apart. The evaluation encompassed the assessment of body temperature as well as both partial and full septic workups. Results: Over the study period, 150 infants presented to the ED with fever in the initial audit, and 120 in the re-audit. In the first study, 81 patients warranted a full septic workup as per NICE, but only 48 received it. Conversely, 40 patients met criteria for a partial septic workup, with 12 undergoing blood tests. In the second study, 73 patients qualified for a full septic workup, of which 52 were completed. Additionally, 27 patients were indicated for a partial workup, with 20 undergoing blood tests. Conclusion: Managing febrile infants under three months of age presenting to Tallaght ED remains a persistent challenge, underscoring the need for continuous educational initiatives to guarantee that these patients receive the requisite assessments and treatments.

Keywords: infants, fever, septic workup, tallaght

Procedia PDF Downloads 31

Authors: Okike Benjami, Garba Ejd

Abstract:

Today, it has been observed security of information along the superhighway is often compromised by those who are not authorized to have access to such information. In other to ensure the security of information along the superhighway, such information should be encrypted by some means to conceal the real meaning of the information. There are many encryption techniques out there in the market. However, some of these encryption techniques are often decrypted by adversaries with ease. The researcher has decided to develop an encryption technique that may be more difficult to decrypt. This may be achieved by splitting the message to be encrypted into parts and encrypting each part separately and swapping the positions before transmitting the message along the superhighway. The method is termed Okike’s Merged Irregular Transposition Cipher. Also, the research would determine the complexity level in respect to the number of splits of the message.

Keywords: transposition cipher, merged irregular cipher, encryption, complexity level

Procedia PDF Downloads 272

Authors: John Ayoade

Abstract:

Cloud computing is a model that enables the delivery of on-demand computing resources such as networks, servers, storage, applications and services over the internet. Cloud Computing is a relatively growing concept that presents a good number of benefits for its users; however, it also raises some security challenges which may slow down its use. In this paper, we identify some of those security issues that can serve as barriers to realizing the full benefits that cloud computing can bring. One of the key security problems is security trust. A security trust model is proposed that can enhance the confidence that users need to fully trust the use of public and mobile cloud computing and maximize the potential benefits that they offer.

Keywords: cloud computing, trust, security, certificate authority, PKI

Procedia PDF Downloads 462

Authors: Andrei Bogdan Stanescu, Laura Diaconescu

Abstract:

With the increasing concerns about data breaches and privacy violations, organizations seek robust security measures to protect sensitive information. This research paper highlights the importance of implementing the Zero-Trust Security methodology using Passwordless Authentication Gateways that leverage Keycloak, an open-source Identity and Access Management (IAM) software, as a solution to address the security challenges these organizations face. The paper presents the successful implementation and deployment of such a solution in a mid-size, privacy-oriented organization. The implementation resulted in significant security improvements, reducing the risk of unauthorized access and potential data breaches. Moreover, user feedback indicated enhanced convenience and streamlined authentication experiences. The results of this study bring solid contributions in the field of cybersecurity and provide practical insights for organizations aiming to strengthen their security practices.

Keywords: identity and access management, passwordless authentication, privacy, zero-trust security

Procedia PDF Downloads 74

Authors: Jefferson Camacho Mejía, Jenny Paola Forero Pachón, Luis Carlos Gómez Flórez

Abstract:

Action research is a qualitative research methodology, which leads the researcher to delve into the problems of a community in order to understand its needs in depth and finally, to propose actions that lead to a change of social paradigm. Although this methodology had its beginnings in the human sciences, it has attracted increasing interest and acceptance in the field of information systems research since the 1990s. The countless possibilities offered nowadays by the use of Information Technologies (IT) in the development of different socio-economic activities have meant a change of social paradigm and the emergence of the so-called information and knowledge society. According to this, governments, large corporations, small entrepreneurs and in general, organizations of all kinds are using IT to virtualize their processes, taking them from the physical environment to the digital environment. However, there is a potential risk for organizations related with exposing valuable information without an appropriate framework for protecting it. This paper shows progress in the development of a methodological design to manage the information security risks associated with the IT-based processes virtualization, by applying the principles of the action research methodology and it is the result of a systematic review of the scientific literature. This design consists of seven fundamental stages. These are distributed in the three stages described in the action research methodology: 1) Observe, 2) Analyze and 3) Take actions. Finally, this paper aims to offer an alternative tool to traditional information security management methodologies with a view to being applied specifically in the planning stage of IT-based process virtualization in order to foresee risks and to establish security controls before formulating IT solutions in any type of organization.

Keywords: action research, information security, information technology, methodological design, process virtualization, risk management

Procedia PDF Downloads 147

Authors: Yasir Ramadhan

Abstract:

This study aims to investigate tax avoidance practices when a financial crisis occurs due to the effects of the COVID-19 pandemic. This study also finds out how the influence of independent commissioners and external auditors on tax avoidance practices during the COVID-19 pandemic. Tax avoidance practices are measured by the current ETR. The role of the independent board of commissioners is measured by the proportion of independent commissioners in the composition of the board of commissioners, while the external auditor is measured by audit quality. In this study, there were 342 observations of companies listed on the Indonesia Stock Exchange from 2019 to 2020. This study used the difference-in-differences (DiD) method in data analysis. The results of this study indicate that companies do tax avoidance during the COVID-19 pandemic. Meanwhile, independent commissioners and qualified audits are not proven to be able to negate tax avoidance practices during the COVID-19 Pandemic. These results also show that a higher proportion of independent commissioners and audit quality are not sufficient for countries with low levels of auditor litigation and investor protection and weak regulatory frameworks.

Keywords: audit, commissioner, tax avoidance, COVID-19 pandemic

Procedia PDF Downloads 127

Authors: Ralph Adaimy, Wassim El-Hajj, Ghassen Ben Brahim, Hazem Hajj, Haidar Safa

Abstract:

Huge amounts of data and personal information are being sent to and retrieved from web applications on daily basis. Every application has its own confidentiality and integrity policies. Violating these policies can have broad negative impact on the involved company’s financial status, while enforcing them is very hard even for the developers with good security background. In this paper, we propose a framework that enforces security-by-construction in web applications. Minimal developer effort is required, in a sense that the developer only needs to annotate database attributes by a security class. The web application code is then converted into an intermediary representation, called Extended Program Dependence Graph (EPDG). Using the EPDG, the provided annotations are propagated to the application code and run against generic security enforcement rules that were carefully designed to detect insecure information flows as early as they occur. As a result, any violation in the data’s confidentiality or integrity policies is reported. As a proof of concept, two PHP web applications, Hotel Reservation and Auction, were used for testing and validation. The proposed system was able to catch all the existing insecure information flows at their source. Moreover and to highlight the simplicity of the suggested approaches vs. existing approaches, two professional web developers assessed the annotation tasks needed in the presented case studies and provided a very positive feedback on the simplicity of the annotation task.

Keywords: web applications security, secure information flow, program dependence graph, database annotation

Procedia PDF Downloads 451

Authors: Jefferson Camacho Mejia, Jenny Paola Forero Pachon, Luis Carlos Gomez Florez

Abstract:

The innumerable possibilities offered by the use of Information Technology (IT) in the development of different socio-economic activities has made a change in the social paradigm and the emergence of the so-called information and knowledge society. The Colombian government, aware of this reality, has been promoting the use of IT as part of the E-government strategy adopted in the country. However, it is well known that the use of IT implies the existence of certain threats that put the security of information in the digital environment at risk. One of the priorities of the Colombian government is to improve access to alternative justice through IT, in particular, access to Alternative Dispute Resolution (ADR): conciliation, arbitration and friendly composition; by means of which it is sought that the citizens directly resolve their differences. To this end, a trend has been identified in the use of Online Dispute Resolution (ODR) systems, which extend the benefits of ADR to the digital environment through the use of IT. This article presents a process for the analysis of information security risks associated with the incorporation of ODR systems in the context of conciliation in Colombia, based on four fundamental stages identified in the literature: (I) Identification of assets, (II) Identification of threats and vulnerabilities (III) Estimation of the impact and 4) Estimation of risk levels. The methodological design adopted for this research was the grounded theory, since it involves interactions that are applied to a specific context and from the perspective of diverse participants. As a result of this investigation, the activities to be followed are defined to carry out an analysis of information security risks, in the context of the conciliation in Colombia supported by ODR systems, thus contributing to the estimation of the risks to make possible its subsequent treatment.

Keywords: alternative dispute resolution, conciliation, information security, online dispute resolution systems, process, risk analysis

Procedia PDF Downloads 217

Authors: Se-Han Lee, Kwang-Woo Go, Gwang-Hyun Ahn, Hee-Sung Park, Cheol-Kyu Han, Jun-Bo Shim, Geun-Chul Kang, Hyun-Jung Lee

Abstract:

In recent years, with the advent of smart cars and the expansion of the market, the announcement of 'Adventures in Automotive Networks and Control Units' at the DEFCON21 conference in 2013 revealed that cars are not safe from hacking. As a result, the HEAVENS model considering not only the functional safety of the vehicle but also the security has been suggested. However, the HEAVENS model only presents a simple process, and there are no detailed procedures and activities for each process, making it difficult to apply it to the actual vehicle security vulnerability check. In this paper, we propose an automated attack database that systematically summarizes attack vectors, attack types, and vulnerable vehicle models to prepare for various car hacking attacks, and data flow diagrams that can detect various vulnerabilities and suggest a way to materialize the HEAVENS model.

Keywords: automotive security, HEAVENS, car hacking, security model, information security

Procedia PDF Downloads 333

Authors: E. A. Tkachenko, E. M. Rogova, A. S. Osipenko

Abstract:

The problems of technological development for the Russian Federation take on special significance in the context of modernization of the production base. The complexity of the position of the Russian economy is that it cannot be attributed fully to developing ones. Russia is a strong industrial power that has gone through the processes of destructive de-industrialization in the conditions of changing its economic and political structure. The need to find ways for re-industrialization is not a unique task for the economies of industrially developed countries. Under the influence of production outsourcing for 20 years, the industrial potential of leading economies of the world was regressed against the backdrop of the ascent of China, a new industrial giant. Therefore, methods, tools, and techniques utilized for industrial renaissance in EU may be used to achieve a technological leap in the Russian Federation, especially since the temporary gap of 5-7 years makes it possible to analyze best practices and use those technological transfer tools that have shown the greatest efficiency. In this article, methods of technological transfer are analyzed, the role of technological audit is justified, and factors are analyzed that influence the successful process of commercialization of technologies.

Keywords: technological transfer, productivity, technological audit, commercialization of technologies

Procedia PDF Downloads 192

Authors: Mohamad Ibrahim Al Ladan

Abstract:

Social networks, such as Facebook, Myspace, LinkedIn, Google+, and Twitter have experienced exponential growth and a remarkable adoption rate in recent years. They provide attractive means of online social interactions and communications with family, friends, and colleagues from around the corner or across the globe, and they have become an important part of daily digital interactions for more than one and a half billion users around the world. The various personal information sharing practices that social network providers encourage have led to their success as innovative social interaction platforms. However, these practices have resulted in ample concerns with respect to privacy and security from different stakeholders. Addressing these privacy and security concerns in social networks is a must for these networks to be sustainable. Existing security and privacy tools may not be enough to address existing concerns. Some guidelines should be followed to protect users from the existing risks. In this paper, we have investigated and discussed the various privacy and security issues and concerns pertaining to social networks. Moreover, we have classified these privacy and security issues and presented a thorough discussion of the implications of these issues and concerns on the future of the social networks. In addition, we have presented a set of guidelines as precaution measures that users can consider to address these issues and concerns.

Keywords: social networks privacy issues, social networks security issues, social networks privacy precautions measures, social networks security precautions measures

Procedia PDF Downloads 276

Authors: Amos Olusola Akinola

Abstract:

The aim of this study is to evaluate the internal control system on fraud prevention in Nigerian business organizations. A survey research was undertaken in five organizations from the banking and manufacturing sectors in Nigeria using the simple random sampling technique and primary data was obtained with the aid structured questionnaire drawn on five likert’s scale. Four Hypotheses were formulated and tested using the T-test Statistics, Correlation and Regression Analysis at 95% confidence interval. It was discovered that internal control has a significant positive relationship with fraud prevention and that a weak internal control system permits fraudulent activities among staff. Based on the findings, it was recommended that organizations should continually and methodically review and evaluate the components of its internal control system whether activities are working as planned or not and that every organization should have pre-determined guidelines for conducting its operations and ensures compliance with these set guidelines while proactive steps should be taken to establish the independence of the internal audit by making the audit reportable to the governing council of an organization and not the chief executive officer.

Keywords: internal control, internal system, internal audit, fraud prevention, fraud detection

Procedia PDF Downloads 358

Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla

Abstract:

Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.

Keywords: Denial-of-Service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities

Procedia PDF Downloads 178

Authors: Nataliya Venelinova

Abstract:

The paper proposes a new interdisciplinary model of reconsidering the role of mass communication effects by coverage of terrorism. The idea of 4P model is based on the synergy, created by the information strategy of threat, predominantly used by terrorist groups, the effects of mediating the symbolic action of the terrorist attacks or the taking of responsibility of any attacks, and the reshaped public perception for security after the attacks being mass communicated. The paper defines the mass communication cycle of terrorism, which leads not only to re-agenda setting of the societies, but also spirally amplifying the effect of propagating fears by over-informing on terrorism attacks. This finally results in the outlining of the so called 4P-model of information terrorism: mass propaganda, panic, paranoia and pandemic.

Keywords: information terrorism, mass communication cycle, public perception, security

Procedia PDF Downloads 153

Authors: Vishnu Pratap Singh Kirar

Abstract:

In the cloud computing hierarchy IaaS is the lowest layer, all other layers are built over it. Thus it is the most important layer of cloud and requisite more importance. Along with advantages IaaS faces some serious security related issue. Mainly Security focuses on Integrity, confidentiality and availability. Cloud computing facilitate to share the resources inside as well as outside of the cloud. On the other hand, cloud still not in the state to provide surety to 100% data security. Cloud provider must ensure that end user/client get a Quality of Service. In this report we describe possible aspects of cloud related security.

Keywords: cloud computing, cloud networking, IaaS, PaaS, SaaS, cloud security

Procedia PDF Downloads 507

Authors: Mohammad A. Alia

Abstract:

With the rapid evolution of the internet applications, cloud computing becomes one of today’s hottest research areas due to its ability to reduce costs associated with computing. Cloud is, therefore, increasing flexibility and scalability for computing services in the internet. Cloud computing is Internet based computing due to shared resources and information which are dynamically delivered to consumers. As cloud computing share resources via the open network, hence cloud outsourcing is vulnerable to attack. Therefore, this paper will explore data security of cloud computing by implementing chaotic cryptography. The proposal scenario develops a problem transformation technique that enables customers to secretly transform their information. This work proposes the chaotic cryptographic algorithms have been applied to enhance the security of the cloud computing accessibility. However, the proposed scenario is secure, easy and straightforward process. The chaotic encryption and digital signature systems ensure the security of the proposed scenario. Though, the choice of the key size becomes crucial to prevent a brute force attack.

Keywords: chaos, cloud computing, security, cryptography

Procedia PDF Downloads 329

Authors: Safiyya A. Abba, Shehu U. R. Aliyu

Abstract:

This paper deals with Islamic social security: a discourse explores the meaning and nature of Islamic social security system. The paper reviews the social security framework and operations during the early period. The paper further identifies the instruments of Islamic social security discusses its principles and objectives. The paper discovers that Islamic social security is a personification of a comprehensive welfare approach in view of its varied instruments that are deeply rooted in the Islamic law, unique principles and realistic and achievable objectives. Furthermore, the Islamic social security system has far reaching socioeconomic implications; social justice, cohesion, equity, a catalyst for poverty eradication, income redistribution, economic growth and development.

Keywords: Islamic social security, basic needs, zakat, socioeconomic justice, equity

Procedia PDF Downloads 417

Authors: Mubarak Saadu Nabunkari, Abdullahi Abdu Ibrahim, Muhammad Ilyas

Abstract:

This study looks at how Internet of Things (IoT) devices are used in healthcare to monitor and treat patients better. However, using these devices in healthcare comes with security problems. The research explores using Security Information and Event Management (SIEM) systems with healthcare IoT devices to solve these security challenges. Reviewing existing literature shows the current state of IoT security and emphasizes the need for better protection. The main worry is that healthcare IoT devices can be easily hacked, putting patient data and device functionality at risk. To address this, the research suggests a detailed security framework designed for these devices. This framework, based on literature and best practices, includes important security measures like authentication, data encryption, access controls, and anomaly detection. Adding SIEM systems to this framework helps detect threats in real time and respond quickly to incidents, making healthcare IoT devices more secure. The study highlights the importance of this integration and offers guidance for implementing healthcare IoT securely, efficiently, and effectively.

Keywords: cyber security, threat intelligence, forensics, heath care

Procedia PDF Downloads 40

Authors: Amanuel Hadera Gebreyesus

Abstract:

In the literature, the study of tenure and food security has largely involved separate lines of inquiry. In effect, the nexus among these has received little attention; and the underinvestment in research related to the relationship between tenure and food security deters generation of tenure-related knowledge and policy guidance for improving food and nutrition security. Drawing from this motivation, we study the relationship among tenure security, agricultural diversity and food security and dietary diversity. We employ IV approaches to examine the effect of tenure security and agricultural diversity on food security and dietary diversity. We find tenure security is inversely related with food insecurity as shown by its negative association with hunger scale, hunger index and hunger category. On the other hand, results suggest that tenure security improves minimum dietary diversity of women while we find no association with child dietary diversity. Moreover, agricultural diversity is positively related with minimum dietary diversity of women, which may point to higher accessibility and consumption of dietary food groups by women. Also, findings suggest that farmers use their human (knowledge and skills) and resource (land) endowments to improve food security and dietary diversity. An implication from this is the importance of not only improving access to land but also long-term tenure security to promote agricultural diversity, food security and dietary diversity.

Keywords: tenure security, food security, agricultural diversity, dietary diversity, women

Procedia PDF Downloads 181

Authors: Oludare Isaac Abiodun, Esther Omolara Abiodun

Abstract:

The purpose of this paper is to demonstrate that cyberterrorism is existing and poses a threat to computer security and national security. Nowadays, people have become excitedly dependent upon computers, phones, the Internet, and the Internet of things systems to share information, communicate, conduct a search, etc. However, these network systems are at risk from a different source that is known and unknown. These network systems risk being caused by some malicious individuals, groups, organizations, or governments, they take advantage of vulnerabilities in the computer system to hawk sensitive information from people, organizations, or governments. In doing so, they are engaging themselves in computer threats, crime, and terrorism, thereby making the use of computers insecure for others. The threat of cyberterrorism is of various forms and ranges from one country to another country. These threats include disrupting communications and information, stealing data, destroying data, leaking, and breaching data, interfering with messages and networks, and in some cases, demanding financial rewards for stolen data. Hence, this study identifies many ways that cyberterrorists utilize the Internet as a tool to advance their malicious mission, which negatively affects computer security and safety. One could identify causes for disparate anomaly behaviors and the theoretical, ideological, and current forms of the likelihood of cyberterrorism. Therefore, for a countermeasure, this paper proposes the use of previous and current computer security models as found in the literature to help in countering cyberterrorism

Keywords: cyberterrorism, computer security, information, internet, terrorism, threat, digital forensic solution

Procedia PDF Downloads 76

Authors: Jared Oluoch

Abstract:

Connected vehicles are equipped with wireless sensors that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication. These vehicles will in the near future provide road safety, improve transport efficiency, and reduce traffic congestion. One of the challenges for connected vehicles is how to ensure that information sent across the network is secure. If security of the network is not guaranteed, several attacks can occur, thereby compromising the robustness, reliability, and efficiency of the network. This paper discusses existing security mechanisms and unique properties of connected vehicles. The methodology employed in this work is exploratory. The paper reviews existing security solutions for connected vehicles. More concretely, it discusses various cryptographic mechanisms available, and suggests areas of improvement. The study proposes a combination of symmetric key encryption and public key cryptography to improve security. The study further proposes message aggregation as a technique to overcome message redundancy. This paper offers a comprehensive overview of connected vehicles technology, its applications, its security mechanisms, open challenges, and potential areas of future research.

Keywords: VANET, connected vehicles, 802.11p, WAVE, DSRC, trust, security, cryptography

Procedia PDF Downloads 289

Authors: Majid Azarniush, Soroush Mokallaei

Abstract:

Although robust security software, including anti-viruses, anti spy wares, anti-spam and firewalls, are amalgamated with new technologies such as Safe Zone, Hybrid Cloud, Sand Box etc., and it can be said that they have managed to prepare highest level of security against viruses, spy wares and other malwares in 2012, but in fact hackers' attacks to websites are increasingly becoming more and more complicated. Because of security matters and developments, it can be said that it was expected to happen so. Here in this work, we try to point out to some functional and vital notes to enhance security on the web enabling the user to browse safely in no limit web world and to use virtual space securely.

Keywords: firewalls, security, web services, software

Procedia PDF Downloads 485

Authors: Rasim Alguliev, Farhad Yusifov

Abstract:

Considering the international experience, conceptual and architectural principles of forming of electron government are researched and some suggestions were made. The assessment of monitoring of forming processes of electron government, intellectual analysis of web-resources, provision of information security, electron democracy problems were researched, conceptual approaches were suggested. By taking into consideration main principles of electron government theory, important research directions were specified.

Keywords: electron government, public administration, information security, web-analytics, social networks, data mining

Procedia PDF Downloads 445