Search results for: security of organisations
2988 Practice of Social Innovation in School Education: A Study of Third Sector Organisations in India
Authors: Prakash Chittoor
Abstract:
In the recent past, it is realised especially in third sector that employing social innovation is crucial for achieving viable and long lasting social transformation. In this context, education is one among many sectors that have opened up itself for such move where employing social innovation emerges as key for reaching out to the excluded sections who are often failed to get support from either policy or market interventions. In fact, education is being as a crucial factor for social development is well understood at both academic and policy level. In order to move forward to achieve better results, interventions from multiple sectors may be required as its reach cultivates capabilities and skill of the deprived in order to ensure both market and social participation in the long run. Despite state’s intervention, it is found that still millions of children are out of school due to lack of political will, lapses in policy implementation and neoliberal intervention of marketization. As a result, universalisation of elementary education became as an elusive goal to poor and marginalised sections where state obtain constant pressure by corporate sector to withdraw from education sector that led convince in providing quality education. At this juncture, the role of third sector organizations plays is quite remarkable. Especially, it has evolved as a key player in education sector to reach out to the poor and marginalised in the far-flung areas. These organisations work in resources constrain environment, yet, in order to achieve larger social impact they adopt various social innovations from time to time to reach out to the unreached. Their attempts not only limited to just approaching the unreached children but to retain them for long-time in the schooling system in order to ripe the results for their families and communities. There is a need to highlight various innovative ways adopted and practiced by the third sector organisations in India to achieve the elusive goal of universal access of primary education with quality. With this background, the paper primarily attempts to present an in-depth understanding about innovative practices employed by third sectors organisations like Isha Vidya through government schools adoption programme in India where it engages itself with government and build capabilities among the government teachers to promote state run schooling with quality and better infrastructure. Further, this paper assess whether such innovative attempts succeeded in to achieving universal quality education in the areas where it operates and draws implications for State policy.Keywords: school education, third sector organisations, social innovation, market domination
Procedia PDF Downloads 2622987 The Acceptance of E-Assessment Considering Security Perspective: Work in Progress
Authors: Kavitha Thamadharan, Nurazean Maarop
Abstract:
The implementation of e-assessment as tool to support the process of teaching and learning in university has become a popular technological means in universities. E-Assessment provides many advantages to the users especially the flexibility in teaching and learning. The e-assessment system has the capability to improve its quality of delivering education. However, there still exists a drawback in terms of security which limits the user acceptance of the online learning system. Even though there are studies providing solutions for identified security threats in e-learning usage, there is no particular model which addresses the factors that influences the acceptance of e-assessment system by lecturers from security perspective. The aim of this study is to explore security aspects of e-assessment in regard to the acceptance of the technology. As a result a conceptual model of secure acceptance of e-assessment is proposed. Both human and security factors are considered in formulation of this conceptual model. In order to increase understanding of critical issues related to the subject of this study, interpretive approach involving convergent mixed method research method is proposed to be used to execute the research. This study will be useful in providing more insightful understanding regarding the factors that influence the user acceptance of e-assessment system from security perspective.Keywords: secure technology acceptance, e-assessment security, e-assessment, education technology
Procedia PDF Downloads 4572986 Engaging with Security and State from a Gendered Lens in the South Asian Context: Indian State’s Construction of Internal Security and State Responses
Authors: Pooja Bakshi
Abstract:
In the following paper, an attempt would be made to engage with the relationship between the state and the imperatives of security from a gendered lens. This will be juxtaposed with the feminist engagement with International Law. Theorizations from the literature on South Asian politics and Global politics would be applied to the manner in which the Indian state has defined and proposed to deal with concerns of internal security pertaining to the ‘Left Wing Extremism’ in 2010-2011. It would be argued that the state needs to be disaggregated into the legislature, executive and the judiciary; since there are times when some institutional parts of the state provide space for progressive democratic engagement whilst other institutions don’t. The specific contours of violence faced by women and children at the hands of the state, in the above-mentioned discourse would also be examined. In the end, implications of the security state discourse on debates in International Law would be elaborated.Keywords: feminist engagement, human rights, state response to left extremism, security studies in South Asia
Procedia PDF Downloads 4932985 An Exploration of Anti-Terrorism Laws in Nigeria
Authors: Sani Mohammed Adam
Abstract:
This work seeks to review the security challenges facing Nigeria and explore the relevance of laws and policies in tackling the menace. The work looks at the adequacy of available legislations and the functionality of relevant institutions such as the Armed Forces, the Nigeria Police Force, the State Security Service, the Defence Intelligence Agency and the Nigerian Intelligence Agency etc. Comparisons would be made with other jurisdictions, such as inter alia, the Homeland Security in the USA and Counter Terrorism Laws of the United Kingdom. Recommendations would be made on how to strengthen both institutions and laws to curtail the growth of Terrorism in Nigeria.Keywords: legislations, Nigeria, security, terrorism
Procedia PDF Downloads 6772984 A Tutorial on Network Security: Attacks and Controls
Authors: Belbahi Ahlam
Abstract:
With the phenomenal growth in the Internet, network security has become an integral part of computer and information security. In order to come up with measures that make networks more secure, it is important to learn about the vulnerabilities that could exist in a computer network and then have an understanding of the typical attacks that have been carried out in such networks. The first half of this paper will expose the readers to the classical network attacks that have exploited the typical vulnerabilities of computer networks in the past and solutions that have been adopted since then to prevent or reduce the chances of some of these attacks. The second half of the paper will expose the readers to the different network security controls including the network architecture, protocols, standards and software/ hardware tools that have been adopted in modern day computer networks.Keywords: network security, attacks and controls, computer and information, solutions
Procedia PDF Downloads 4542983 Ethical, Legal and Societal Aspects of Unmanned Aircraft in Defence
Authors: Henning Lahmann, Benjamyn I. Scott, Bart Custers
Abstract:
Suboptimal adoption of AI in defence organisations carries risks for the protection of the freedom, safety, and security of society. Despite the vast opportunities that defence AI-technology presents, there are also a variety of ethical, legal, and societal concerns. To ensure the successful use of AI technology by the military, ethical, legal, and societal aspects (ELSA) need to be considered, and their concerns continuously addressed at all levels. This includes ELSA considerations during the design, manufacturing and maintenance of AI-based systems, as well as its utilisation via appropriate military doctrine and training. This raises the question how defence organisations can remain strategically competitive and at the edge of military innovation, while respecting the values of its citizens. This paper will explain the set-up and share preliminary results of a 4-year research project commissioned by the National Research Council in the Netherlands on the ethical, legal, and societal aspects of AI in defence. The project plans to develop a future-proof, independent, and consultative ecosystem for the responsible use of AI in the defence domain. In order to achieve this, the lab shall devise a context-dependent methodology that focuses on the ‘analysis’, ‘design’ and ‘evaluation’ of ELSA of AI-based applications within the military context, which include inter alia unmanned aircraft. This is bolstered as the Lab also recognises and complements the existing methods in regards to human-machine teaming, explainable algorithms, and value-sensitive design. Such methods will be modified for the military context and applied to pertinent case-studies. These case-studies include, among others, the application of autonomous robots (incl. semi- autonomous) and AI-based methods against cognitive warfare. As the perception of the application of AI in the military context, by both society and defence personnel, is important, the Lab will study how these perceptions evolve and vary in different contexts. Furthermore, the Lab will monitor – as they may influence people’s perception – developments in the global technological, military and societal spheres. Although the emphasis of the research project is on different forms of AI in defence, it focuses on several case studies. One of these case studies is on unmanned aircraft, which will also be the focus of the paper. Hence, ethical, legal, and societal aspects of unmanned aircraft in the defence domain will be discussed in detail, including but not limited to privacy issues. Typical other issues concern security (for people, objects, data or other aircraft), privacy (sensitive data, hindrance, annoyance, data collection, function creep), chilling effects, PlayStation mentality, and PTSD.Keywords: autonomous weapon systems, unmanned aircraft, human-machine teaming, meaningful human control, value-sensitive design
Procedia PDF Downloads 912982 Analysis of Threats in Interoperability of Medical Devices
Authors: M. Sandhya, R. M. Madhumitha, Sharmila Sankar
Abstract:
Interoperable medical devices (IMDs) face threats due to the increased attack surface accessible by interoperability and the corresponding infrastructure. Initiating networking and coordination functionalities primarily modify medical systems' security properties. Understanding the threats is a vital first step in ultimately crafting security solutions for such systems. The key to this problem is coming up with some common types of threats or attacks with those of security and privacy, and providing this information as a roadmap. This paper analyses the security issues in interoperability of devices and presents the main types of threats that have to be considered to build a secured system.Keywords: interoperability, threats, attacks, medical devices
Procedia PDF Downloads 3292981 Securing Healthcare IoT Devices and Enabling SIEM Integration: Addressing
Authors: Mubarak Saadu Nabunkari, Abdullahi Abdu Ibrahim, Muhammad Ilyas
Abstract:
This study looks at how Internet of Things (IoT) devices are used in healthcare to monitor and treat patients better. However, using these devices in healthcare comes with security problems. The research explores using Security Information and Event Management (SIEM) systems with healthcare IoT devices to solve these security challenges. Reviewing existing literature shows the current state of IoT security and emphasizes the need for better protection. The main worry is that healthcare IoT devices can be easily hacked, putting patient data and device functionality at risk. To address this, the research suggests a detailed security framework designed for these devices. This framework, based on literature and best practices, includes important security measures like authentication, data encryption, access controls, and anomaly detection. Adding SIEM systems to this framework helps detect threats in real time and respond quickly to incidents, making healthcare IoT devices more secure. The study highlights the importance of this integration and offers guidance for implementing healthcare IoT securely, efficiently, and effectively.Keywords: cyber security, threat intelligence, forensics, heath care
Procedia PDF Downloads 622980 Security Design of Root of Trust Based on RISC-V
Authors: Kang Huang, Wanting Zhou, Shiwei Yuan, Lei Li
Abstract:
Since information technology develops rapidly, the security issue has become an increasingly critical for computer system. In particular, as cloud computing and the Internet of Things (IoT) continue to gain widespread adoption, computer systems need to new security threats and attacks. The Root of Trust (RoT) is the foundation for providing basic trusted computing, which is used to verify the security and trustworthiness of other components. Design a reliable Root of Trust and guarantee its own security are essential for improving the overall security and credibility of computer systems. In this paper, we discuss the implementation of self-security technology based on the RISC-V Root of Trust at the hardware level. To effectively safeguard the security of the Root of Trust, researches on security safeguard technology on the Root of Trust have been studied. At first, a lightweight and secure boot framework is proposed as a secure mechanism. Secondly, two kinds of memory protection mechanism are built to against memory attacks. Moreover, hardware implementation of proposed method has been also investigated. A series of experiments and tests have been carried on to verify to effectiveness of the proposed method. The experimental results demonstrated that the proposed approach is effective in verifying the integrity of the Root of Trust’s own boot rom, user instructions, and data, ensuring authenticity and enabling the secure boot of the Root of Trust’s own system. Additionally, our approach provides memory protection against certain types of memory attacks, such as cache leaks and tampering, and ensures the security of root-of-trust sensitive information, including keys.Keywords: root of trust, secure boot, memory protection, hardware security
Procedia PDF Downloads 2132979 Intersectionality and Sensemaking: Advancing the Conversation on Leadership as the Management of Meaning
Authors: Clifford Lewis
Abstract:
This paper aims to advance the conversation of an alternative view of leadership, namely ‘leadership as the management of meaning’. Here, leadership is considered as a social process of the management of meaning within an employment context, as opposed to a psychological trait, set of behaviours or relational consequence as seen in mainstream leadership research. Specifically, this study explores the relationship between intersectional identities and the management of meaning. Design: Semi-structured, one-on-one interviews were conducted with women and men of colour working in the South African private sector organisations in various leadership positions. Employing an intersectional approach using gender and race, participants were selected by using purposive and snowball sampling concurrently. Thematic and Axial coding was used to identify dominant themes. Findings: Findings suggest that, both gender and race shape how leaders manage meaning. Findings also confirm that intersectionality is an appropriate approach when studying the leadership experiences of those groups who are underrepresented in organisational leadership structures. The findings points to the need for further research into the differential effects of intersecting identities on organisational leadership experiences and that ‘leadership as the management of meaning’ is an appropriate approach for addressing this knowledge gap. Theoretical Contribution: There is a large body of literature on the complex challenges faced by women and people of colour in leadership but there is relatively little empirical work on how identity influences the management of meaning. This study contributes to the leadership literature by providing insight into how intersectional identities influence the management of meaning at work and how this impacts the leadership experiences of largely marginalised groups. Practical Implications: Understanding the leadership experiences of underrepresented groups is important because of both legal mandates and for building diverse talent for organisations and societies. Such an understanding assists practitioners in being sensitive to simplistic notions of challenges individuals might face in accessing and practicing leadership in organisations. Advancing the conversation on leadership as the management of meaning allows for a better understanding of complex challenges faced by women and people of colour and an opportunity for organisations to systematically remove unfair structural obstacles and develop their diverse leadership capacity.Keywords: intersectionality, diversity, leadership, sensemaking
Procedia PDF Downloads 2722978 Foreign Policy and National Security Dilemma: Examining Nigerian Experience
Authors: Shuaibu Umar Abdul
Abstract:
The essence of any state as well as government is to ensure and advance the security of lives and property of its citizens. As a result, providing security in all spheres ranging from safeguarding the territorial integrity, security of lives and property of the citizens as well as economic emancipation have constitute the core objectives cum national interest of virtually all country’s foreign policy in the world. In view of this imperative above, Nigeria has enshrined in the early part of her 1999 constitution as amended, as its duty and responsibility as a state, to ensure security of lives and property of its citizens. Yet, it does not make any significant shift as it relates to the country’s fundamental security needs as exemplified by the current enormous security challenges that reduced the country’s fortune to the background in all ramifications. The study chooses realist paradigm as theoretical underpinning which emphasizes that exigency of the moment should always take priority in the pursuit of foreign policy. The study is historical, descriptive and narrative in method and character. Data for the study was sourced from secondary sources and analysed via content analysis. The study found out that it is lack of political will on the side of the government to guarantee a just and egalitarian society that will be of benefit to all citizens. This could be more appreciated when looking at the gaps between the theory in Nigerian foreign policy and the practice as exemplified by the action or inaction of the government to ensure security in the state. On this account, the study recommends that until the leaderships in Nigerian foreign policy recognized the need for political will and respect for constitutionalism to ensure security of its citizens and territory, otherwise achieving great Nigeria will remain an illusion.Keywords: foreign policy, nation, national security, Nigeria, security
Procedia PDF Downloads 5132977 Can Empowering Women Farmers Reduce Household Food Insecurity? Evidence from Malawi
Authors: Christopher Manyamba
Abstract:
Women in Malawi produce perform between 50-70 percent of all agricultural tasks and yet the majority remain food insecure. The aim of his paper is to build on existing mixed evidence that indicates that empowering women in agriculture is conducive to improving food security. The WEAI is used to provide evidence on the relationship between women’s empowerment in agriculture and household food security. A multinomial logistic regression is applied to the Women Empowerment in Agriculture Index (WEAI) components and the Household Hunger Scale. The overall results show that the WEAI can be used to determine household food insecurity; however it has to be contextually adapted. Assets ownership, credit, group membership and leisure time are positively associated with food security. Contrary to other literature, empowerment in having control and decisions on income indicate negative association with household food security. These results could potentially better inform public, private and civil society stakeholders’ dialogues in creating the most effective and sustainable interventions to help women attain long-term food security.Keywords: food security, gender, empowerment, agriculture index, framework for African food security, household hunger scale
Procedia PDF Downloads 3672976 A Study on Automotive Attack Database and Data Flow Diagram for Concretization of HEAVENS: A Car Security Model
Authors: Se-Han Lee, Kwang-Woo Go, Gwang-Hyun Ahn, Hee-Sung Park, Cheol-Kyu Han, Jun-Bo Shim, Geun-Chul Kang, Hyun-Jung Lee
Abstract:
In recent years, with the advent of smart cars and the expansion of the market, the announcement of 'Adventures in Automotive Networks and Control Units' at the DEFCON21 conference in 2013 revealed that cars are not safe from hacking. As a result, the HEAVENS model considering not only the functional safety of the vehicle but also the security has been suggested. However, the HEAVENS model only presents a simple process, and there are no detailed procedures and activities for each process, making it difficult to apply it to the actual vehicle security vulnerability check. In this paper, we propose an automated attack database that systematically summarizes attack vectors, attack types, and vulnerable vehicle models to prepare for various car hacking attacks, and data flow diagrams that can detect various vulnerabilities and suggest a way to materialize the HEAVENS model.Keywords: automotive security, HEAVENS, car hacking, security model, information security
Procedia PDF Downloads 3612975 VANETs: Security Challenges and Future Directions
Authors: Jared Oluoch
Abstract:
Connected vehicles are equipped with wireless sensors that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication. These vehicles will in the near future provide road safety, improve transport efficiency, and reduce traffic congestion. One of the challenges for connected vehicles is how to ensure that information sent across the network is secure. If security of the network is not guaranteed, several attacks can occur, thereby compromising the robustness, reliability, and efficiency of the network. This paper discusses existing security mechanisms and unique properties of connected vehicles. The methodology employed in this work is exploratory. The paper reviews existing security solutions for connected vehicles. More concretely, it discusses various cryptographic mechanisms available, and suggests areas of improvement. The study proposes a combination of symmetric key encryption and public key cryptography to improve security. The study further proposes message aggregation as a technique to overcome message redundancy. This paper offers a comprehensive overview of connected vehicles technology, its applications, its security mechanisms, open challenges, and potential areas of future research.Keywords: VANET, connected vehicles, 802.11p, WAVE, DSRC, trust, security, cryptography
Procedia PDF Downloads 3122974 Towards a Security Model against Denial of Service Attacks for SIP Traffic
Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla
Abstract:
Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.Keywords: Denial-of-Service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities
Procedia PDF Downloads 2022973 A Biometric Template Security Approach to Fingerprints Based on Polynomial Transformations
Authors: Ramon Santana
Abstract:
The use of biometric identifiers in the field of information security, access control to resources, authentication in ATMs and banking among others, are of great concern because of the safety of biometric data. In the general architecture of a biometric system have been detected eight vulnerabilities, six of them allow obtaining minutiae template in plain text. The main consequence of obtaining minutia templates is the loss of biometric identifier for life. To mitigate these vulnerabilities several models to protect minutiae templates have been proposed. Several vulnerabilities in the cryptographic security of these models allow to obtain biometric data in plain text. In order to increase the cryptographic security and ease of reversibility, a minutiae templates protection model is proposed. The model aims to make the cryptographic protection and facilitate the reversibility of data using two levels of security. The first level of security is the data transformation level. In this level generates invariant data to rotation and translation, further transformation is irreversible. The second level of security is the evaluation level, where the encryption key is generated and data is evaluated using a defined evaluation function. The model is aimed at mitigating known vulnerabilities of the proposed models, basing its security on the impossibility of the polynomial reconstruction.Keywords: fingerprint, template protection, bio-cryptography, minutiae protection
Procedia PDF Downloads 1682972 Human Development as an Integral Part of Human Security within the Responsibility to Rebuild
Authors: Themistoklis Tzimas
Abstract:
The proposed paper focuses on a triangular relationship, between human security, human development and responsibility to rebuild. This relationship constitutes the innovative contribution to the debate about human security. Human security constitutes a generic and legally binding notion, which orientates from an integrated approach the UN Charter principles and of the collective security system. Such an approach brings at the forefront of international law and of international relations not only states but non- state actors as well. Several doctrines attempt to implement the fore-mentioned approach among which the Responsibility to Protect- hereinafter R2P- doctrine and its aspect of Responsibility to Rebuild- hereinafter R2R. In this sense, R2P in general and R2R are supposed to be guided by human security imperatives. Human security because of its human- centered approach encompasses as an integral part of it, human development. Human development constitutes part of the backbone of human security, since it deals with the social and economic root- causes of the threats, which human security attempts to confront. In this sense, doctrines which orientate from human security, such as R2P and its R2R aspect should also take into account human development imperatives, in order to improve their efficiency. On the contrary though, R2R is more often linked with market- orientated policies, which are often imposed under transitional authorities, regardless of local needs. The implementation of such policies can be identified as a cause for striking failures in the framework of R2R. In addition it is a misinterpretation of the essence of human security and subsequently of R2P as well. The findings of the article, on the basis of the fore-mentioned argument is that a change must take place from a market- orientated misinterpretation of R2R to an approach attempting to implement human development doctrines, since the latter lie at the heart of human security and can be proven more effective in dealing with the root- causes of conflicts. Methodologically, the article begins with an examination of human security and of its binding nature on the basis of its orientation from the UN Charter. It also examines its significance in the framework of the collective security system. Then, follows the analysis of why and how human development constitutes an integral part of human security. At the next part it is proven that R2P in general and R2R more specifically constitute or should constitute an attempt to implement human security doctrines within the collective security system. Having built this triangular relationship it is argued that human development is proven to be the most suitable notion, so that the spirit of human security and the scopes of R2P are successfully implemented.Keywords: human security, un charter, responsibility to protect, responsibility to rebuild, human development
Procedia PDF Downloads 2782971 Human Security and Human Trafficking Related Corruption
Authors: Ekin D. Horzum
Abstract:
The aim of the proposal is to examine the relationship between human trafficking related corruption and human security. The proposal suggests that the human trafficking related corruption is about willingness of the states to turn a blind eye to the human trafficking cases. Therefore, it is important to approach human trafficking related corruption in terms of human security and human rights violation to find an effective way to fight against human trafficking. In this context, the purpose of this proposal is to examine the human trafficking related corruption as a safe haven in which trafficking thrives for perpetrators.Keywords: human trafficking, human security, human rights, corruption, organized crime
Procedia PDF Downloads 4732970 Optimizing the Passenger Throughput at an Airport Security Checkpoint
Authors: Kun Li, Yuzheng Liu, Xiuqi Fan
Abstract:
High-security standard and high efficiency of screening seem to be contradictory to each other in the airport security check process. Improving the efficiency as far as possible while maintaining the same security standard is significantly meaningful. This paper utilizes the knowledge of Operation Research and Stochastic Process to establish mathematical models to explore this problem. We analyze the current process of airport security check and use the M/G/1 and M/G/k models in queuing theory to describe the process. Then we find the least efficient part is the pre-check lane, the bottleneck of the queuing system. To improve passenger throughput and reduce the variance of passengers’ waiting time, we adjust our models and use Monte Carlo method, then put forward three modifications: adjust the ratio of Pre-Check lane to regular lane flexibly, determine the optimal number of security check screening lines based on cost analysis and adjust the distribution of arrival and service time based on Monte Carlo simulation results. We also analyze the impact of cultural differences as the sensitivity analysis. Finally, we give the recommendations for the current process of airport security check process.Keywords: queue theory, security check, stochatic process, Monte Carlo simulation
Procedia PDF Downloads 1992969 A Framework for Security Risk Level Measures Using CVSS for Vulnerability Categories
Authors: Umesh Kumar Singh, Chanchala Joshi
Abstract:
With increasing dependency on IT infrastructure, the main objective of a system administrator is to maintain a stable and secure network, with ensuring that the network is robust enough against malicious network users like attackers and intruders. Security risk management provides a way to manage the growing threats to infrastructures or system. This paper proposes a framework for risk level estimation which uses vulnerability database National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS). The proposed framework measures the frequency of vulnerability exploitation; converges this measured frequency with standard CVSS score and estimates the security risk level which helps in automated and reasonable security management. In this paper equation for the Temporal score calculation with respect to availability of remediation plan is derived and further, frequency of exploitation is calculated with determined temporal score. The frequency of exploitation along with CVSS score is used to calculate the security risk level of the system. The proposed framework uses the CVSS vectors for risk level estimation and measures the security level of specific network environment, which assists system administrator for assessment of security risks and making decision related to mitigation of security risks.Keywords: CVSS score, risk level, security measurement, vulnerability category
Procedia PDF Downloads 3192968 Extending the AOP Joinpoint Model for Memory and Type Safety
Authors: Amjad Nusayr
Abstract:
Software security is a general term used to any type of software architecture or model in which security aspects are incorporated in this architecture. These aspects are not part of the main logic of the underlying program. Software security can be achieved using a combination of approaches, including but not limited to secure software designs, third part component validation, and secure coding practices. Memory safety is one feature in software security where we ensure that any object in memory has a valid pointer or a reference with a valid type. Aspect-Oriented Programming (AOP) is a paradigm that is concerned with capturing the cross-cutting concerns in code development. AOP is generally used for common cross-cutting concerns like logging and DB transaction managing. In this paper, we introduce the concepts that enable AOP to be used for the purpose of memory and type safety. We also present ideas for extending AOP in software security practices.Keywords: aspect oriented programming, programming languages, software security, memory and type safety
Procedia PDF Downloads 1262967 Data Security: An Enhancement of E-mail Security Algorithm to Secure Data Across State Owned Agencies
Authors: Lindelwa Mngomezulu, Tonderai Muchenje
Abstract:
Over the decades, E-mails provide easy, fast and timely communication enabling businesses and state owned agencies to communicate with their stakeholders and with their own employees in real-time. Moreover, since the launch of Microsoft office 365 and many other clouds based E-mail services, many businesses have been migrating from the on premises E-mail services to the cloud and more precisely since the beginning of the Covid-19 pandemic, there has been a significant increase of E-mails utilization, which then leads to the increase of cyber-attacks. In that regard, E-mail security has become very important in the E-mail transportation to ensure that the E-mail gets to the recipient without the data integrity being compromised. The classification of the features to enhance E-mail security for further from the enhanced cyber-attacks as we are aware that since the technology is advancing so at the cyber-attacks. Therefore, in order to maximize the data integrity we need to also maximize security of the E-mails such as enhanced E-mail authentication. The successful enhancement of E-mail security in the future may lessen the frequency of information thefts via E-mails, resulting in the data of South African State-owned agencies not being compromised.Keywords: e-mail security, cyber-attacks, data integrity, authentication
Procedia PDF Downloads 1352966 Design and Implementation of Security Middleware for Data Warehouse Signature, Framework
Authors: Mayada Al Meghari
Abstract:
Recently, grid middlewares have provided large integrated use of network resources as the shared data and the CPU to become a virtual supercomputer. In this work, we present the design and implementation of the middleware for Data Warehouse Signature, DWS Framework. The aim of using the middleware in our DWS framework is to achieve the high performance by the parallel computing. This middleware is developed on Alchemi.Net framework to increase the security among the network nodes through the authentication and group-key distribution model. This model achieves the key security and prevents any intermediate attacks in the middleware. This paper presents the flow process structures of the middleware design. In addition, the paper ensures the implementation of security for DWS middleware enhancement with the authentication and group-key distribution model. Finally, from the analysis of other middleware approaches, the developed middleware of DWS framework is the optimal solution of a complete covering of security issues.Keywords: middleware, parallel computing, data warehouse, security, group-key, high performance
Procedia PDF Downloads 1182965 Managing Education through, Effective School Community Relationships/Participation for National Security
Authors: Shehu S. Janguza
Abstract:
The need for national security cannot be over Emphasis, which should be pursued by any means. Thus the need for effective management of education through effective school community Relationship/participation. In preparing and implementing only effort to promote community involvement in manning Education, it is importance to understand the whole picture of community participation, how it works, what forms are used, what benefit it can yield and what we should expect in the process of carrying out the efforts finally emphasis will be made on how effective school community relationship/participation and lead to national security.Keywords: community participation, managing, school community, national security
Procedia PDF Downloads 5922964 Security Issues and Primary School Participation in Kenya
Authors: Rose Mwanza
Abstract:
This paper investigates security factors influencing primary school pupils’ school participation in Kenya. Schools, communities and the Government all have roles to play in enhancing primary school pupil’s school participation. The effective security system of a country provides the necessary avenues to facilitate improved health services protection of children and allows free movement of the country’s citizens which leads to a conducive atmosphere for school participation. Kenya is a signatory to international commitments and conventions related to security such as the National Policy on Peace Building and Conflict Management, United Nations Development Assistance Framework and Key Security Unity, which enable primary school pupils to participate in education. The paper also looks at the strategies the Government of Kenya has put in place to ensure effective pupil school participation.Keywords: ethnicity, social media, participation in school, poverty, terrorism
Procedia PDF Downloads 582963 Survey on Data Security Issues Through Cloud Computing Amongst Sme’s in Nairobi County, Kenya
Authors: Masese Chuma Benard, Martin Onsiro Ronald
Abstract:
Businesses have been using cloud computing more frequently recently because they wish to take advantage of its advantages. However, employing cloud computing also introduces new security concerns, particularly with regard to data security, potential risks and weaknesses that could be exploited by attackers, and various tactics and strategies that could be used to lessen these risks. This study examines data security issues on cloud computing amongst sme’s in Nairobi county, Kenya. The study used the sample size of 48, the research approach was mixed methods, The findings show that data owner has no control over the cloud merchant's data management procedures, there is no way to ensure that data is handled legally. This implies that you will lose control over the data stored in the cloud. Data and information stored in the cloud may face a range of availability issues due to internet outages; this can represent a significant risk to data kept in shared clouds. Integrity, availability, and secrecy are all mentioned.Keywords: data security, cloud computing, information, information security, small and medium-sized firms (SMEs)
Procedia PDF Downloads 832962 Maintaining User-Level Security in Short Message Service
Authors: T. Arudchelvam, W. W. E. N. Fernando
Abstract:
Mobile phone has become as an essential thing in our life. Therefore, security is the most important thing to be considered in mobile communication. Short message service is the cheapest way of communication via the mobile phones. Therefore, security is very important in the short message service as well. This paper presents a method to maintain the security at user level. Different types of encryption methods are used to implement the user level security in mobile phones. Caesar cipher, Rail Fence, Vigenere cipher and RSA are used as encryption methods in this work. Caesar cipher and the Rail Fence methods are enhanced and implemented. The beauty in this work is that the user can select the encryption method and the key. Therefore, by changing the encryption method and the key time to time, the user can ensure the security of messages. By this work, while users can safely send/receive messages, they can save their information from unauthorised and unwanted people in their own mobile phone as well.Keywords: SMS, user level security, encryption, decryption, short message service, mobile communication
Procedia PDF Downloads 3942961 Applications of AI, Machine Learning, and Deep Learning in Cyber Security
Authors: Hailyie Tekleselase
Abstract:
Deep learning is increasingly used as a building block of security systems. However, neural networks are hard to interpret and typically solid to the practitioner. This paper presents a detail survey of computing methods in cyber security, and analyzes the prospects of enhancing the cyber security capabilities by suggests that of accelerating the intelligence of the security systems. There are many AI-based applications used in industrial scenarios such as Internet of Things (IoT), smart grids, and edge computing. Machine learning technologies require a training process which introduces the protection problems in the training data and algorithms. We present machine learning techniques currently applied to the detection of intrusion, malware, and spam. Our conclusions are based on an extensive review of the literature as well as on experiments performed on real enterprise systems and network traffic. We conclude that problems can be solved successfully only when methods of artificial intelligence are being used besides human experts or operators.Keywords: artificial intelligence, machine learning, deep learning, cyber security, big data
Procedia PDF Downloads 1252960 A CM-Based Model for 802.11 Networks Security Policies Enforcement
Authors: Karl Mabiala Dondia, Jing Ma
Abstract:
In recent years, networks based on the 802.11 standards have gained a prolific deployment. The reason for this massive acceptance of the technology by both home users and corporations is assuredly due to the "plug-and-play" nature of the technology and the mobility. The lack of physical containment due to inherent nature of the wireless medium makes maintenance very challenging from a security standpoint. This study examines via continuous monitoring various predictable threats that 802.11 networks can face, how they are executed, where each attack may be executed and how to effectively defend against them. The key goal is to identify the key components of an effective wireless security policy.Keywords: wireless LAN, IEEE 802.11 standards, continuous monitoring, security policy
Procedia PDF Downloads 3772959 Global Peace and Security: The Role of International Peace and Security Organizations and the Need for Institutional and Operational Reforms
Authors: Saint C. Nguedjip
Abstract:
This paper is an analytical review a set of 20 literatures as required by the assignment prompt. The review centers on global peace and security. What role do international organizations play in global peace and security? The review centers around three main points. First, I examine global peace and security impacts on global governance. Secondly, it highlights the role traditional international community and security organizations such as the United Nations (UN), the North Atlantic Treaty Organization (NATO), and others play in providing the globe with peace and collective security. Third, it suggests a way forward as those institutions seek betterment and improvement. The review begins by defining some concepts and addressing the ambivalent meaning of peace and war. Scholars and researchers have conducted extensive research on the importance of international organizations. Yet, there is still a lot to consider if betterment and improvement are on the agenda. The review will shed light on the failures and challenges that these organizations. Those challenges are continuously undermining peacebuilding and peacekeeping actions of a great number among those institutions created with an ultimate mission of keeping the world order organized and coordinated for peace and security regardless of differences, cultures, and backgrounds. Women face violence on a daily basis, while racism and discrimination cause klm; ]]];inflammations worldwide. The chaotic situation in Ukraine is a wake-up call on scholarship and practitioners alike to come up with suggestions as well as recommendations that help mitigate insecurity while promoting peace and security, not only for Ukrainians but also for all countries facing wars and others issues. This paper will point the audience toward the right direction.Keywords: security, peace, global governance, global peace and security, peacekeeping, international organizations, human rights, multilateralism, and unilateralism, gender, women
Procedia PDF Downloads 103