Search results for: information security risk treatment

Authors: A. V. Dolzhikova

Abstract:

The article deals with the problems of labour migration in the Russian Federation in the context of Russia's national security, provides the typology of migrants residing in the territory of the Russian Federation and analyzes the risk factors. The author considers the structure of migration flows and the terms of legal, economic and socio-cultural adaptation of migrants in the Russian Federation. In this connection, the status of the Russian migration legislation, the concept of the comprehensive exam in Russian as a foreign language, history of Russia and the basics of the Russian Federation legislation for foreign citizens which was introduced in Russia on January 1, 2015, are analyzed. The article discloses its role as the adaptation strategy and the factor of Russia's migration security.

Keywords: comprehensive exam, migration policy, migration legislation, Russia's national security

Procedia PDF Downloads 340

Authors: Okike Benjamin, Garba Ejd

Abstract:

Today, it has been observed security of information along the superhighway is often compromised by those who are not authorized to have access to such information. In order to ensure the security of information along the superhighway, such information should be encrypted by some means to conceal the real meaning of the information. There are many encryption techniques out there in the market. However, some of these encryption techniques are often easily decrypted by adversaries. The researcher has decided to develop an encryption technique that may be more difficult to decrypt. This may be achieved by splitting the message to be encrypted into parts and encrypting each part separately and swapping the positions before transmitting the message along the superhighway. The method is termed Merged Irregular Transposition Cipher. Also, the research would determine the complexity level in respect to the number of splits of the message.

Keywords: transposition cipher, merged irregular cipher, encryption, complexity level

Procedia PDF Downloads 320

Authors: Abhijit Trailokya

Abstract:

Background: Cardiovascular diseases (CVD’s) are the major cause of morbidity and mortality in both developed and developing countries. Many clinical trials have demonstrated that low-density lipoprotein cholesterol (LDL-C) lowering, reduces the incidence of coronary and cerebrovascular events across a broad spectrum of patients at risk. Guidelines for the management of patients at risk have been established in Europe and North America. The guidelines have advocated progressively lower LDL-C targets and more aggressive use of statin therapy. In Indian patients, comprehensive data on dyslipidemia management and its treatment outcomes are inadequate. There is lack of information on existing treatment patterns, the patient’s profile being treated, and factors that determine treatment success or failure in achieving desired goals. Purpose: The present study was planned to determine the lipid control status in high-risk dyslipidemic patients treated with lipid-lowering therapy in India. Methods: This cross-sectional, non-interventional, single visit program was conducted across 483 sites in India where male and female patients with high-risk dyslipidemia aged 18 to 65 years who had visited for a routine health check-up to their respective physician at hospital or a healthcare center. Percentage of high-risk dyslipidemic patients achieving adequate LDL-C level (< 70 mg/dL) on lipid-lowering therapy and the association of lipid parameters with patient characteristics, comorbid conditions, and lipid lowering drugs were analysed. Results: 3089 patients were enrolled in the study; of which 64% were males. LDL-C data was available for 95.2% of the patients; only 7.7% of these patients achieved LDL-C levels < 70 mg/dL on lipid-lowering therapy, which may be due to inability to follow therapeutic plans, poor compliance, or inadequate counselling by physician. The physician’s lack of awareness about recent treatment guidelines also might contribute to patients’ poor adherence, not explaining adequately the benefit and risks of a medication, not giving consideration to the patient’s life style and the cost of medication. Statin was the most commonly used anti-dyslipidemic drug across population. The higher proportion of patients had the comorbid condition of CVD and diabetes mellitus across all dyslipidemic patients. Conclusion: As per the European Society of Cardiology guidelines the ideal LDL-C levels in high risk dyslipidemic patients should be less than 70%. In the present study, 7.7% of the patients achieved LDL-C levels < 70 mg/dL on lipid lowering therapy which is very less. Most of high risk dyslipidemic patients in India are on suboptimal dosage of statin. So more aggressive and high dosage statin therapy may be required to achieve target LDLC levels in high risk Indian dyslipidemic patients.

Keywords: cardiovascular disease, diabetes mellitus, dyslipidemia, LDL-C, lipid lowering drug, statins

Procedia PDF Downloads 179

Authors: M. S. Razana, Z. W. Shafiuddin

Abstract:

Internal auditing is one of the most important activities for organizations that implement information security management systems (ISMS). The purpose of internal audits is to ensure the ISMS implementation is in accordance to the ISO/IEC 27001 standard and the organization’s own requirements for its ISMS. Competent internal auditors are the main element that contributes to the effectiveness of internal auditing activities. To realize this need, CyberSecurity Malaysia is now in the process of becoming a certification body that certifies ISMS internal auditors. The certification scheme will assess the competence of internal auditors in generic knowledge and skills in management systems, and also in ISMS-specific knowledge and skills. The certification assessment is based on the ISO/IEC 19011 Guidelines for auditing management systems, ISO/IEC 27007 Guidelines for information security management systems auditing and ISO/IEC 27001 Information security management systems requirements. The certification scheme complies with the ISO/IEC 17024 General requirements for bodies operating certification systems of persons. Candidates who pass the exam will be certified as an ISMS Internal Auditor, whose competency will be evaluated every three years.

Keywords: ISMS internal audit, ISMS internal auditor, ISO/IEC 17024, competence, certification

Procedia PDF Downloads 217

Authors: Gampel Alexander, Mazzuchi Thomas, Sarkani Shahram

Abstract:

The cybersecurity landscape is constantly evolving, and organizations must adapt to the changing threat environment to protect their assets. The implementation of the NIST Risk Management Framework (RMF) has become critical in ensuring the security and safety of industrial control and automation systems. However, cybersecurity professionals are facing challenges in implementing RMF, leading to systems operating without authorization and being non-compliant with regulations. The current approach to RMF implementation based on business practices is limited and insufficient, leaving organizations vulnerable to cyberattacks resulting in the loss of personal consumer data and critical infrastructure details. To address these challenges, this research proposes a Model-Based Systems Engineering (MBSE) approach to implementing cybersecurity controls and assessing risk through the RMF process. The study emphasizes the need to shift to a modeling approach, which can streamline the RMF process and eliminate bloated structures that make it difficult to receive an Authorization-To-Operate (ATO). The study focuses on the practical application of MBSE in industrial control and automation systems to improve the security and safety of operations. It is concluded that MBSE can be used to solve the implementation challenges of the NIST RMF process and improve the security of industrial control and automation systems. The research suggests that MBSE provides a more effective and efficient method for implementing cybersecurity controls and assessing risk through the RMF process. The future work for this research involves exploring the broader applicability of MBSE in different industries and domains. The study suggests that the MBSE approach can be applied to other domains beyond industrial control and automation systems.

Keywords: authorization-to-operate (ATO), industrial control systems (ICS), model-based system’s engineering (MBSE), risk management framework (RMF)

Procedia PDF Downloads 60

Authors: Magdaléna Náplavová, Tomáš Ludík, Petr Hrůza, František Božek

Abstract:

The use of IT equipment has become a part of every day. However, each device that is part of cyberspace should be secured against unauthorized use. It is very important to know the basics of these security devices, but also the basics of safe conduct their owners. This information should be part of every curriculum computer science education in primary and secondary schools. Therefore, the work focuses on the education of pupils in primary and secondary schools on the Internet. Analysis of the current state describes approaches to the education of pupils in security issues on the Internet. The paper presents a questionnaire-based survey which was carried out in the Czech Republic, whose task was to ascertain the level of opinion pupils in primary and secondary schools on the issue of communication in social networks. The research showed that awareness of socio-pathological phenomena on the Internet environment is very low. Based on the results it was proposed appropriate ways of teaching to this issue and its inclusion a proposal of curriculum for primary and secondary schools.

Keywords: information security, cyber space, general awareness, questionnaire, socio-pathological phenomena, educational system

Procedia PDF Downloads 364

Authors: Mehdi Ghaemi

Abstract:

In principle, foreign investment security is enshrined in International Investment Agreements (IIAs) and Bilateral Investment Treaties (BITs) in the form of protection standards such as the Full Protection and Security Standard (FPS). Accordingly, the host countries undertake to provide the necessary security for the economic activities of foreign investment. With the outbreak of coronavirus, the international community called COVID-19 a threat to international peace security, as well as to the public interest and national security of nations; and to deal with, they proposed several solutions, generally including quarantine, creating social distances, and restricting businesses. This article first studies the security of foreign investment in international investment law. In the following, it analyzes the consequences of the COVID-19 pandemic for foreign investment security so that if there is a threat to that security, solutions could be offered to reduce it.

Keywords: foreign investment, FPS standard, host country, public health, COVID-19

Procedia PDF Downloads 76

Authors: Okike Benjami, Garba Ejd

Abstract:

Today, it has been observed security of information along the superhighway is often compromised by those who are not authorized to have access to such information. In other to ensure the security of information along the superhighway, such information should be encrypted by some means to conceal the real meaning of the information. There are many encryption techniques out there in the market. However, some of these encryption techniques are often decrypted by adversaries with ease. The researcher has decided to develop an encryption technique that may be more difficult to decrypt. This may be achieved by splitting the message to be encrypted into parts and encrypting each part separately and swapping the positions before transmitting the message along the superhighway. The method is termed Okike’s Merged Irregular Transposition Cipher. Also, the research would determine the complexity level in respect to the number of splits of the message.

Keywords: transposition cipher, merged irregular cipher, encryption, complexity level

Procedia PDF Downloads 267

Authors: John Ayoade

Abstract:

Cloud computing is a model that enables the delivery of on-demand computing resources such as networks, servers, storage, applications and services over the internet. Cloud Computing is a relatively growing concept that presents a good number of benefits for its users; however, it also raises some security challenges which may slow down its use. In this paper, we identify some of those security issues that can serve as barriers to realizing the full benefits that cloud computing can bring. One of the key security problems is security trust. A security trust model is proposed that can enhance the confidence that users need to fully trust the use of public and mobile cloud computing and maximize the potential benefits that they offer.

Keywords: cloud computing, trust, security, certificate authority, PKI

Procedia PDF Downloads 459

Authors: Gopinath Rathod, Vinod Puranik

Abstract:

Sustainability is regarded as a key concept for survival in the competitive scenario. Industrial risk and diversification of risk type’s increases with industrial developments. In the context of sustainable manufacturing, the evaluation of risk is difficult because of the incomplete information and multiple indicators. Fuzzy Multiple Attribute Decision Method (FMADM) has been used with a three level hierarchical decision making model to evaluate aggregate risk for sustainable manufacturing projects. A case study has been presented to reflect the risk characteristics in sustainable manufacturing projects.

Keywords: sustainable manufacturing, decision making, aggregate risk, fuzzy logic, fuzzy multiple attribute decision method

Procedia PDF Downloads 495

Authors: K. Sekulová, M. Šimon

Abstract:

The article demonstrates on a case study how it is possible to identify MSD risk. It is based on a dissertation risk identification model of occupational diseases formation in relation to the work activity that determines what risk can endanger workers who are exposed to the specific risk factors. It is evaluated based on statistical calculations. These risk factors are main cause of upper-extremities musculoskeletal disorders.

Keywords: case study, upper-extremity musculoskeletal disorders, ergonomics, risk identification

Procedia PDF Downloads 471

Authors: Sylvia Szabo, Thilini Navaratne, Indrajit Pal, Seree Park

Abstract:

Deltaic and coastal regions are often strategically important both from local and regional perspectives. While deltas are known to be bread baskets of the world, delta inhabitants often face the risk of food and nutritional insecurity. These risks are highly exacerbated by the impacts of climate and environmental change. While numerous regional studies examined the prevalence and the determinants of food security in specific delta and coastal regions, there is still a lack of a systematic analysis of the most widely used scientific food security indicators. In order to fill this gap, a systematic review was carried out using Covidence, a Cochrane-adopted systematic review processing software. Papers included in the review were selected from the SCOPUS, Thomson Reuters Web of Science, Science Direct, ProQuest, and Google Scholar databases. Both scientific papers and grey literature (e.g., reports by international organizations) were considered. The results were analyzed by food security components (access, availability, quality, and strategy) and by world regions. Suggestions for further food security, nutrition, and health research, as well as policy-related implications, are also discussed.

Keywords: delta regions, coastal, food security, indicators, systematic review

Procedia PDF Downloads 215

Authors: Frederic Jumelle, Kelvin So, Didan Deng

Abstract:

A method and system for neuropsychological performance test, comprising a mobile terminal, used to interact with a cloud server which stores user information and is logged into by the user through the terminal device; the user information is directly accessed through the terminal device and is processed by artificial neural network, and the user information comprises user facial emotions information, performance test answers information and user chronometrics. This assessment is used to evaluate the cognitive performance and emotional response of the subject to a series of dichotomous questions describing various situations of daily life and challenging the users' knowledge, values, ethics, and principles. In industrial applications, the timing of this assessment will depend on the users' need to obtain a service from a provider, such as opening a bank account, getting a mortgage or an insurance policy, authenticating clearance at work, or securing online payments.

Keywords: artificial intelligence, neurofinance, neuropsychology, risk management

Procedia PDF Downloads 115

Authors: Yung-Feng Yen, Yun-Ju Lai

Abstract:

Background: Metabolic syndrome (MetS) is reversible; however, the effect of changes in MetS status on the risk of incident cancer has not been extensively studied. We aimed to investigate the effects of changes in MetS status on incident cancer risk. Methods: This prospective, longitudinal study used data from Taiwan’s MJ cohort of 157,915 adults recruited from 2002–2016 who had repeated MetS measurements 5.2 (±3.5) years apart and were followed up for the new onset of cancer over 8.2 (±4.5) years. A new diagnosis of incident cancer in study individuals was confirmed by their pathohistological reports. The participants’ MetS status included MetS-free (n=119,331), MetS-developed (n=14,272), MetS-recovered (n=7,914), and MetS-persistent (n=16,398). We used the Fine-Gray sub-distribution method, with death as the competing risk, to determine the association between MetS changes and the risk of incident cancer. Results: During the follow-up period, 7,486 individuals had new development of cancer. Compared with the MetS-free group, MetS-persistent individuals had a significantly higher risk of incident cancer (adjusted hazard ratio [aHR], 1.10; 95% confidence interval [CI], 1.03-1.18). Considering the effect of dynamic changes in MetS status on the risk of specific cancer types, MetS persistence was significantly associated with a higher risk of incident colon and rectum, kidney, pancreas, uterus, and thyroid cancer. The risk of kidney, uterus, and thyroid cancer in MetS-recovered individuals was higher than in those who remained MetS but lower than MetS-persistent individuals. Conclusions: Persistent MetS is associated with a higher risk of incident cancer, and recovery from MetS may reduce the risk. The findings of our study suggest that it is imperative for individuals with pre-existing MetS to seek treatment for this condition to reduce the cancer risk.

Keywords: metabolic syndrome change, cancer, risk factor, cohort study

Procedia PDF Downloads 50

Authors: Riddhi Shah

Abstract:

Centre-state relations in India are a fascinating area of studies. The structure of the relationship has an effect on every single aspect of life as we know it in India. This paper is an attempt to study centre-state relations in the context of India’s maritime counter-terrorism strategy. Although the Government of India has not publicly stated its counter-terrorism strategy on the sea; intelligence, information sharing, crisis response, finances for internal security and the nation’s legislation for battling terrorism together comprise of India’s maritime-terrorism strategy. Through study of these areas, the paper argues that the centre-state divide has had systemic implications on India’s maritime security and has largely done more harm than good to collective initiatives that aspire to prevent future risk of terrorism from the sea or on the sea.

Keywords: counter-terrorism, maritime terrorism, India, federalism, centre-state relations

Procedia PDF Downloads 575

Authors: Sewe Silvanus Odhiambo

Abstract:

Globally, many governments have publicly recognized private security firms as essential services providers. The private security firms face a lot of challenges, but the COVID-19 situation also has exacerbated them to another level. This paper locates its relevance in the post-coronavirus era. The COVID-19 pandemic has redefined the world operation, which shows a higher impact on the security field. Accordingly, the purpose of the study was to examine the role of corporate governance on the performance of private security firms in a post-covid pandemic era in Kenya. The study employed a descriptive research design, which included a quantitative approach and secondary data. The study was carried in the month of July 2021 from the registered private security firms. After targeting all private security firms, only 54 firms had disclosed their annual report by the time of conducting the study. The results depicted that pandemic has affected the performance of private security firms measures unfavorably. Further, boards of directors show a positive association with security firm performance. The study recommends that there is need board of directors to enhance management’s risk assessments in the midst of COVID-19; ensure that there are business continuity plans; there is organizational resilience; there is need for the development of new digital strategies; enabling the digital workforce in the firms and have effective communication plans with both internal and external stakeholders to deal with uncertainties and develop more post-COVID practices for boards of directors to improve performance of private security firms in Kenya. The practical implications of the study are that the research outcomes might assist regulatory bodies, investors, policymakers, and the security sector in general in their formulation of public and corporate governance strategies concerning future emergency preparedness and responses. This study also provides a unique contribution to the literature of COVID-19 and security firm performance in emerging economies context.

Keywords: COVID-19, corporate governance, firm performance, private security firms

Procedia PDF Downloads 135

Authors: Ralph Adaimy, Wassim El-Hajj, Ghassen Ben Brahim, Hazem Hajj, Haidar Safa

Abstract:

Huge amounts of data and personal information are being sent to and retrieved from web applications on daily basis. Every application has its own confidentiality and integrity policies. Violating these policies can have broad negative impact on the involved company’s financial status, while enforcing them is very hard even for the developers with good security background. In this paper, we propose a framework that enforces security-by-construction in web applications. Minimal developer effort is required, in a sense that the developer only needs to annotate database attributes by a security class. The web application code is then converted into an intermediary representation, called Extended Program Dependence Graph (EPDG). Using the EPDG, the provided annotations are propagated to the application code and run against generic security enforcement rules that were carefully designed to detect insecure information flows as early as they occur. As a result, any violation in the data’s confidentiality or integrity policies is reported. As a proof of concept, two PHP web applications, Hotel Reservation and Auction, were used for testing and validation. The proposed system was able to catch all the existing insecure information flows at their source. Moreover and to highlight the simplicity of the suggested approaches vs. existing approaches, two professional web developers assessed the annotation tasks needed in the presented case studies and provided a very positive feedback on the simplicity of the annotation task.

Keywords: web applications security, secure information flow, program dependence graph, database annotation

Procedia PDF Downloads 445

Authors: Suvorov Vasyl, Filipchuk Viktor

Abstract:

Background: If non-surgical treatment of developmental dysplasia of the hip (DDH) fails or if DDH is late-detected, surgery is necessary. Salter pelvic osteotomy (SPO) is an effective surgical option for such cases. The objectives of this study were to assess the results after SPO, evaluate risk factors, and reveal those radiological parameters that may correlate with the results. Mid- and long-term postoperative results after SPO in 17 patients (22 hip joints) were analyzed. Risk factors included those that do not depend on the surgeon (patient's age, value of the acetabular index (AI) preoperatively, DDH Tonnis grade) and those that depend on the surgeon (amount of AI correction). To radiological parameters which may correlate with the amount of AI correction, we referred distance "d" and the lateral rotation angle. Results: SPO allows performing AI correction in ranges 24.1 ± 6.5°. Excellent and good clinical results were obtained in 95.5% of patients; excellent and good radiological results in 86.4% of patients. Risk factors that do not depend on the surgeon were older patient’s age and higher preoperative AI values (p < 0.05). The risk factor that depends on the surgeon was the amount of AI correction (p < 0.05). The distance "d" was recognized as a radiological parameter that may indicate sufficient AI correction (p < 0.05). Conclusion: In older patients with a higher preoperative AI value, the results will be predictably worse. The surgeon may influence the result with a greater amount of AI correction (which may also be indicated radiologically by the distance "d" values).

Keywords: developmental dysplasia of the hip, results, risk factor, pelvic osteotomy, salter osteotomy

Procedia PDF Downloads 106

Authors: Tariq Ahamad, Mohammed S. Al-Kahtani, Taisir Eldos

Abstract:

Optical communications technology has made enormous and steady progress for several decades, providing the key resource in our increasingly information-driven society and economy. Much of this progress has been in finding innovative ways to increase the data carrying capacity of a single optical fiber. In this research article we have explored basic issues in terms of security and reliability for secure and reliable information transfer through the fiber infrastructure. Conspicuously, one potentially enormous source of improvement has however been left untapped in these systems: fibers can easily support hundreds of spatial modes, but today’s commercial systems (single-mode or multi-mode) make no attempt to use these as parallel channels for independent signals. Bandwidth, performance, reliability, cost efficiency, resiliency, redundancy, and security are some of the demands placed on telecommunications today. Since its initial development, fiber optic systems have had the advantage of most of these requirements over copper-based and wireless telecommunications solutions. The largest obstacle preventing most businesses from implementing fiber optic systems was cost. With the recent advancements in fiber optic technology and the ever-growing demand for more bandwidth, the cost of installing and maintaining fiber optic systems has been reduced dramatically. With so many advantages, including cost efficiency, there will continue to be an increase of fiber optic systems replacing copper-based communications. This will also lead to an increase in the expertise and the technology needed to tap into fiber optic networks by intruders. As ever before, all technologies have been subject to hacking and criminal manipulation, fiber optics is no exception. Researching fiber optic security vulnerabilities suggests that not everyone who is responsible for their networks security is aware of the different methods that intruders use to hack virtually undetected into fiber optic cables. With millions of miles of fiber optic cables stretching across the globe and carrying information including but certainly not limited to government, military, and personal information, such as, medical records, banking information, driving records, and credit card information; being aware of fiber optic security vulnerabilities is essential and critical. Many articles and research still suggest that fiber optics is expensive, impractical and hard to tap. Others argue that it is not only easily done, but also inexpensive. This paper will briefly discuss the history of fiber optics, explain the basics of fiber optic technologies and then discuss the vulnerabilities in fiber optic systems and how they can be better protected. Knowing the security risks and knowing the options available may save a company a lot embarrassment, time, and most importantly money.

Keywords: in-house networks, fiber optics, security risk, money

Procedia PDF Downloads 395

Authors: Se-Han Lee, Kwang-Woo Go, Gwang-Hyun Ahn, Hee-Sung Park, Cheol-Kyu Han, Jun-Bo Shim, Geun-Chul Kang, Hyun-Jung Lee

Abstract:

In recent years, with the advent of smart cars and the expansion of the market, the announcement of 'Adventures in Automotive Networks and Control Units' at the DEFCON21 conference in 2013 revealed that cars are not safe from hacking. As a result, the HEAVENS model considering not only the functional safety of the vehicle but also the security has been suggested. However, the HEAVENS model only presents a simple process, and there are no detailed procedures and activities for each process, making it difficult to apply it to the actual vehicle security vulnerability check. In this paper, we propose an automated attack database that systematically summarizes attack vectors, attack types, and vulnerable vehicle models to prepare for various car hacking attacks, and data flow diagrams that can detect various vulnerabilities and suggest a way to materialize the HEAVENS model.

Keywords: automotive security, HEAVENS, car hacking, security model, information security

Procedia PDF Downloads 327

Authors: Hind Bouami, Patrick Millot

Abstract:

Medication dispensing system is a life-critical system whose failure may result in preventable adverse events leading to longer patient stays in hospitals or patient death. Automation has led to great improvements in life-critical systems as it increased safety, efficiency, and comfort. However, critical risks related to medical organization complexity and automated solutions integration can threaten drug dispensing security and performance. Knowledge about the system’s complexity aspects and human machine parameters to control for automated equipment’s security and performance will help operators to secure their automation process and to optimize their system’s reliability. In this context, this study aims to document the operator’s situation awareness about automation risks and parameters involved in automation security and performance. Our risk management approach has been deployed in the North Luxembourg hospital center’s pharmacy, which is equipped with automated drug dispensing systems since 2009. With more than 4 million euros of gains generated, North Luxembourg hospital center’s success story was enabled by the management commitment, pharmacy’s involvement in the implementation and improvement of the automation project, and the close collaboration between the pharmacy and Sinteco’s firm to implement the necessary innovation and organizational actions for automated solutions integration security and performance. An analysis of the actions implemented by the hospital and the parameters involved in automated equipment’s integration security and performance has been made. The parameters to control for automated equipment’s integration security and performance are human aspects (6.25%), technical aspects (50%), and human-machine interaction (43.75%). The implementation of an anthropocentric analysis system before automation would have prevented and optimized the control of risks related to automation.

Keywords: Automated drug delivery systems, Hospitals, Human-centered automated system, Risk management

Procedia PDF Downloads 112

Authors: Mohamad Ibrahim Al Ladan

Abstract:

Social networks, such as Facebook, Myspace, LinkedIn, Google+, and Twitter have experienced exponential growth and a remarkable adoption rate in recent years. They provide attractive means of online social interactions and communications with family, friends, and colleagues from around the corner or across the globe, and they have become an important part of daily digital interactions for more than one and a half billion users around the world. The various personal information sharing practices that social network providers encourage have led to their success as innovative social interaction platforms. However, these practices have resulted in ample concerns with respect to privacy and security from different stakeholders. Addressing these privacy and security concerns in social networks is a must for these networks to be sustainable. Existing security and privacy tools may not be enough to address existing concerns. Some guidelines should be followed to protect users from the existing risks. In this paper, we have investigated and discussed the various privacy and security issues and concerns pertaining to social networks. Moreover, we have classified these privacy and security issues and presented a thorough discussion of the implications of these issues and concerns on the future of the social networks. In addition, we have presented a set of guidelines as precaution measures that users can consider to address these issues and concerns.

Keywords: social networks privacy issues, social networks security issues, social networks privacy precautions measures, social networks security precautions measures

Procedia PDF Downloads 274

Authors: Sri Yusnita Irda Sari, Deni Kurniadi Sunjaya, Ardini Saptaningsih Raksanagara

Abstract:

Water is one of the fundamental basic needs for human life, particularly drinking water sources. Although water quality is getting better, fecal-contamination of water is still found around the world, especially in the slum area of mid-low income countries. Drinking water source contamination in urban slum dwellers increases the risk of water borne diseases. Low level of sanitation and poor drinking water supply known as risk factors for diarrhea, moreover bacteria-contaminated drinking water source is the main cause of diarrhea in developing countries. This study aimed to assess risk infection due to Fecal Coliform contamination in various drinking water sources in urban area by applying Quantitative Microbiological Risk Assessment (QMRA). A Cross-sectional survey was conducted in a period of August to October 2015. Water samples were taken by simple random sampling from households in Cikapundung river basin which was one of urban slum area in the center of Bandung city, Indonesia. About 379 water samples from 199 households and 15 common wells were tested. Half of the households used treated drinking water from water gallon mostly refill water gallon which was produced in drinking water refill station. Others used raw water sources which need treatment before consume as drinking water such as tap water, borehole, dug well and spring water source. Annual risk to get infection due to Fecal Coliform contamination from highest to lowest risk was dug well (1127.9 x 10-5), spring water (49.7 x 10-5), borehole (1.383 x 10-5) and tap water (1.121 x 10-5). Annual risk infection of refill drinking water was 1.577 x 10-5 which is comparable to borehole and tap water. Household water treatment and storage to make raw water sources drinkable is essential to prevent risk of water borne diseases. Strong regulation and intense monitoring of refill water gallon quality should be prioritized by the government; moreover, distribution of tap water should be more accessible and affordable especially in urban slum area.

Keywords: drinking water, quantitative microbiological risk assessment, slum, urban

Procedia PDF Downloads 253

Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla

Abstract:

Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.

Keywords: Denial-of-Service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities

Procedia PDF Downloads 173

Authors: Ali Abdullah Albezaghi

Abstract:

This article aims to introduce a conceptual framework that can facilitate investigations concerning the role of risk management practices in the relationship between construction risks and the construction project's performance. This article is structured based on the extant literature; it reviews theoretical perspectives, highlights the gaps, and illustrates the significance of developing a framework of suggested relationships. Despite growing interest in the role of risks in construction project performance, previous studies have paid little attention to investigating the moderating role of risk management practices on the risk-performance link. This has left researchers and construction project managers with minimal information to explain the conditions under which risk management practices can reduce the impact of project-related risks and improve performance. In this context, this article suggests a viable research model with propositions that assess risk-performance relationships and discusses the potential moderating effects on the domain relationship. This paper adds to the risk management literature by focusing on risk variables that directly impact performance. Further, it also considers the moderating role of risk management practices in such relationships.

Keywords: risk management practices, external risks, internal risks, project risks, project performance

Procedia PDF Downloads 101

Authors: Ashit Syngle, Nidhi Garg, Pawan Krishan

Abstract:

Objective: Bone marrow derived stem cells, endothelial progenitor cells (EPCs), protect against atherosclerotic vascular damage. However, EPCs are depleted in AS and contribute to the enhanced cardiovascular risk. Statins have a protective effect in CAD and diabetes by enhancing the proliferation, migration and survival of EPCs. Therapeutic potential of augmenting EPCs to treat the heightened cardiovascular risk of AS has not yet been exploited. We aimed to investigate the effect of rosuvastatin on EPCs population and inflammation in AS. Methods: 30 AS patients were randomized to receive 6 months of treatment with rosuvastatin (10 mg/day, n=15) and placebo (n=15) as an adjunct to existing stable anti-rheumatic drugs. EPCs (CD34+/CD133+) were quantified by Flow Cytometry. Inflammatory measures (BASDAI, BASFI, CRP and ESR), pro-inflammatory cytokines (TNF-α, IL-6 and IL-1) and lipids were measured at baseline and after treatment. Results: At baseline, inflammatory measures and pro-inflammatory cytokines were elevated and EPCs depleted among both groups. EPCs increased significantly (p < 0.01) after treatment with rosuvastatin. At 6 months, BASDAI, BASFI, ESR, CRP, TNF-α, and IL-6 improved significantly in rosuvastatin group. Significant negative correlation was observed between EPCs and BASDAI, CRP and IL-6 after rosuvastatin treatment. Conclusion: First study to show that rosuvastatin augments EPCs population in AS. This defines a novel mechanism of rosuvastatin treatment in AS: the augmentation of EPCs with improvement in proinflammatory cytokines and inflammatory disease activity. The augmentation of EPCs by rosuvastatin may provide a novel strategy to prevent cardiovascular events in AS.

Keywords: ankylosing spondylitis, Endothelial Progenitor Cells, inflammation, pro-inflammatory cytokines, rosuvastatin

Procedia PDF Downloads 333

Authors: Nataliya Venelinova

Abstract:

The paper proposes a new interdisciplinary model of reconsidering the role of mass communication effects by coverage of terrorism. The idea of 4P model is based on the synergy, created by the information strategy of threat, predominantly used by terrorist groups, the effects of mediating the symbolic action of the terrorist attacks or the taking of responsibility of any attacks, and the reshaped public perception for security after the attacks being mass communicated. The paper defines the mass communication cycle of terrorism, which leads not only to re-agenda setting of the societies, but also spirally amplifying the effect of propagating fears by over-informing on terrorism attacks. This finally results in the outlining of the so called 4P-model of information terrorism: mass propaganda, panic, paranoia and pandemic.

Keywords: information terrorism, mass communication cycle, public perception, security

Procedia PDF Downloads 147

Authors: Vishnu Pratap Singh Kirar

Abstract:

In the cloud computing hierarchy IaaS is the lowest layer, all other layers are built over it. Thus it is the most important layer of cloud and requisite more importance. Along with advantages IaaS faces some serious security related issue. Mainly Security focuses on Integrity, confidentiality and availability. Cloud computing facilitate to share the resources inside as well as outside of the cloud. On the other hand, cloud still not in the state to provide surety to 100% data security. Cloud provider must ensure that end user/client get a Quality of Service. In this report we describe possible aspects of cloud related security.

Keywords: cloud computing, cloud networking, IaaS, PaaS, SaaS, cloud security

Procedia PDF Downloads 504

Authors: Mohammad A. Alia

Abstract:

With the rapid evolution of the internet applications, cloud computing becomes one of today’s hottest research areas due to its ability to reduce costs associated with computing. Cloud is, therefore, increasing flexibility and scalability for computing services in the internet. Cloud computing is Internet based computing due to shared resources and information which are dynamically delivered to consumers. As cloud computing share resources via the open network, hence cloud outsourcing is vulnerable to attack. Therefore, this paper will explore data security of cloud computing by implementing chaotic cryptography. The proposal scenario develops a problem transformation technique that enables customers to secretly transform their information. This work proposes the chaotic cryptographic algorithms have been applied to enhance the security of the cloud computing accessibility. However, the proposed scenario is secure, easy and straightforward process. The chaotic encryption and digital signature systems ensure the security of the proposed scenario. Though, the choice of the key size becomes crucial to prevent a brute force attack.

Keywords: chaos, cloud computing, security, cryptography

Procedia PDF Downloads 316

Authors: Roman Graf, Sergiu Gordea, Heather M. Ryan

Abstract:

This paper presents an approach for easy creation and classification of institutional risk profiles supporting endangerment analysis of file formats. The main contribution of this work is the employment of data mining techniques to support set up of the most important risk factors. Subsequently, risk profiles employ risk factors classifier and associated configurations to support digital preservation experts with a semi-automatic estimation of endangerment group for file format risk profiles. Our goal is to make use of an expert knowledge base, accuired through a digital preservation survey in order to detect preservation risks for a particular institution. Another contribution is support for visualisation of risk factors for a requried dimension for analysis. Using the naive Bayes method, the decision support system recommends to an expert the matching risk profile group for the previously selected institutional risk profile. The proposed methods improve the visibility of risk factor values and the quality of a digital preservation process. The presented approach is designed to facilitate decision making for the preservation of digital content in libraries and archives using domain expert knowledge and values of file format risk profiles. To facilitate decision-making, the aggregated information about the risk factors is presented as a multidimensional vector. The goal is to visualise particular dimensions of this vector for analysis by an expert and to define its profile group. The sample risk profile calculation and the visualisation of some risk factor dimensions is presented in the evaluation section.

Keywords: linked open data, information integration, digital libraries, data mining

Procedia PDF Downloads 400