Search results for: OSSIM (Open Source Security Information Management tool)

Authors: Djehich Mohamed Yousri

Abstract:

As a result of the destruction and devastation left by the two world wars, the international community worked to establish a global organization based on a contractual basis, in which the Security Council was entrusted with the task of working to maintain international peace and security, and to achieve this, the United Nations Charter assigned the latter a wide authority to adapt everything It would threaten international peace and security, although the examiner of the Charter of the United Nations does not find the slightest definition of the concept of international peace and security, although these two principles are among the basic principles that the Charter stipulated the necessity of achieving, and perhaps this was also what was in the opposite case for them. And by that, we mean cases of a threat to peace, a breach of it, or an act of aggression. These terms were not dealt with in the Charter in explanation and detail, leaving ample room for the Security Council to assess each of these cases separately, and perhaps this is due to the fact that the framers of the Charter intended to set a flexible standard. It does not restrict the authority of the Security Council to carry out the adjustment process on the one hand and, on the other hand, to allow and enable the Security Council to keep pace with new developments and threats to which international peace and security are exposed. There is no doubt that the concept of international peace and security has undergone significant changes during the 70-year period that followed the establishment of the international organization. After the threat to peace and security focused - in the first stage - on cases of war or the threat of war, what distinguishes the post- The new world order is the emergence of other challenges and threats that find their source in economic, social, humanitarian, and environmental instability. Perhaps this is what the member states of the Security Council indicated during the preparation of the Peace Agenda. The expansion of the concept of peace and security is what paved the way for some permanent states to use the Security Council to legitimize and implement their decisions and take the council as a tool to implement their foreign policy and punish states instead of maintaining international peace and security, which prompted some states and jurisprudence to call for the establishment of oversight of the decisions of the Council Security on the one hand, and amending the UN Charter to make it more expressive of the aspirations of the international community, referring to the obstacles that prevent this amendment.

Keywords: peace, security, united nations charter, security council, united nations organization

Procedia PDF Downloads 50

Authors: Mst Shapna Akter, Hossain Shahriar

Abstract:

One of the most important challenges in the field of software code audit is the presence of vulnerabilities in software source code. Every year, more and more software flaws are found, either internally in proprietary code or revealed publicly. These flaws are highly likely exploited and lead to system compromise, data leakage, or denial of service. C and C++ open-source code are now available in order to create a largescale, machine-learning system for function-level vulnerability identification. We assembled a sizable dataset of millions of opensource functions that point to potential exploits. We developed an efficient and scalable vulnerability detection method based on deep neural network models that learn features extracted from the source codes. The source code is first converted into a minimal intermediate representation to remove the pointless components and shorten the dependency. Moreover, we keep the semantic and syntactic information using state-of-the-art word embedding algorithms such as glove and fastText. The embedded vectors are subsequently fed into deep learning networks such as LSTM, BilSTM, LSTM-Autoencoder, word2vec, BERT, and GPT-2 to classify the possible vulnerabilities. Furthermore, we proposed a neural network model which can overcome issues associated with traditional neural networks. Evaluation metrics such as f1 score, precision, recall, accuracy, and total execution time have been used to measure the performance. We made a comparative analysis between results derived from features containing a minimal text representation and semantic and syntactic information. We found that all of the deep learning models provide comparatively higher accuracy when we use semantic and syntactic information as the features but require higher execution time as the word embedding the algorithm puts on a bit of complexity to the overall system.

Keywords: cyber security, vulnerability detection, neural networks, feature extraction

Procedia PDF Downloads 54

Authors: Dana Weimann Saks

Abstract:

This study aimed to examine the use of the internet as a source of health-related information (HRI), as well as the change in attitudes following the online search for HRI. The current study sample included 88 participants, randomly divided into two experimental groups. One was given the name of an unfamiliar disease and told to search for information about it using various search engines, and the second was given a text about the disease from a credible scientific source. The study findings show a large percentage of participants used the internet as a source of HRI. Likewise, no differences were found in the extent to which the internet was used as a source of HRI when demographics were compared. Those who searched for the HRI on the internet had more negative opinions and believed symptoms of the disease were worse than the average opinion among those who obtained the information about the disease from a credible scientific source. The Internet clearly influences the participants’ beliefs, regardless of demographic differences.

Keywords: health-related information, internet, young adults, HRI

Procedia PDF Downloads 93

Authors: Agnieszka A. Malinowska, R. Hejmanowski

Abstract:

A number of European cities are strongly affected by ground movements caused by anthropogenic activities or post-anthropogenic metamorphosis. Those are mainly water pumping, current mining operation, the collapse of post-mining underground voids or mining-induced earthquakes. These activities lead to large and small-scale ground displacements and a ground ruptures. The ground movements occurring in urban areas could considerably affect stability and safety of structures and infrastructures. The complexity of the ground deformation phenomenon in relation to the structures and infrastructures vulnerability leads to considerable constraints in assessing the threat of those objects. However, the increase of access to the free software and satellite data could pave the way for developing new methods and strategies for environmental risk mitigation and management. Open source geographical information systems (OS GIS), may support data integration, management, and risk analysis. Lately, developed methods based on fuzzy logic and experts methods for buildings and infrastructure damage risk assessment could be integrated into OS GIS. Those methods were verified base on back analysis proving their accuracy. Moreover, those methods could be supported by ground displacement observation. Based on freely available data from European Space Agency and free software, ground deformation could be estimated. The main innovation presented in the paper is the application of open source software (OS GIS) for integration developed models and assessment of the threat of urban areas. Those approaches will be reinforced by analysis of ground movement based on free satellite data. Those data would support the verification of ground movement prediction models. Moreover, satellite data will enable our mapping of ground deformation in urbanized areas. Developed models and methods have been implemented in one of the urban areas hazarded by underground mining activity. Vulnerability maps supported by satellite ground movement observation would mitigate the hazards of land displacements in urban areas close to mines.

Keywords: fuzzy logic, open source geographic information science (OS GIS), risk assessment on urbanized areas, satellite interferometry (InSAR)

Procedia PDF Downloads 137

Authors: Payal Abichandani, Rishi Prakash, Paras Nath Barwal, B. K. Murthy

Abstract:

Information generated from various computerization processes is a potential rich source of knowledge for its designated community. To pass this information from generation to generation without modifying the meaning is a challenging activity. To preserve and archive the data for future generations it’s very essential to prove the authenticity of the data. It can be achieved by extracting the metadata from the data which can prove the authenticity and create trust on the archived data. Subsequent challenge is the technology obsolescence. Metadata extraction and standardization can be effectively used to resolve and tackle this problem. Metadata can be categorized at two levels i.e. Technical and Domain level broadly. Technical metadata will provide the information that can be used to understand and interpret the data record, but only this level of metadata isn’t sufficient to create trustworthiness. We have developed a tool which will extract and standardize the technical as well as domain level metadata. This paper is about the different features of the tool and how we have developed this.

Keywords: digital preservation, metadata, OAIS, PDI, XML

Procedia PDF Downloads 370

Authors: Ritsuko Kawasaki (Aiba), Takeshi Hiromatsu

Abstract:

Management is required to understand all information security risks within an organization, and to make decisions on which information security risks should be treated in what level by allocating how much amount of cost. However, such decision-making is not usually easy, because various measures for risk treatment must be selected with the suitable application levels. In addition, some measures may have objectives conflicting with each other. It also makes the selection difficult. Moreover, risks generally have trends and it also should be considered in risk treatment. Therefore, this paper provides the extension of the model proposed in the previous study. The original model supports the selection of measures by applying a combination of weighted average method and goal programming method for multi-objective analysis to find an optimal solution. The extended model includes the notion of weights to the risks, and the larger weight means the priority of the risk.

Keywords: information security risk treatment, selection of risk measures, risk acceptance, multi-objective optimization

Procedia PDF Downloads 430

Authors: Amal S. Al-Badi, Ali H. Al-Badi

Abstract:

Many organizations are opting to adopt Open Source Software (OSS) as it is the current trend to rely on each other rather than on companies (Software vendors). It is a clear shift from organizations to individuals, the concept being to rely on collective participation rather than companies/vendors. The main objectives of this research are 1) to identify the current level of OSS usage in Sultan Qaboos University; 2) to identify the potential benefits of using OSS in educational institutes; 3) to identify the OSS applications that are most likely to be used within an educational institute; 4) to identify the existing and potential barriers to the successful adoption of OSS in education. To achieve these objectives a two-stage research method was conducted. First a rigorous literature review of previously published material was performed (interpretive/descriptive approach), and then a set of interviews were conducted with the IT professionals at Sultan Qaboos University in Oman in order to explore the extent and nature of their usage of OSS.

Keywords: open source software, social software, e-learning 2.0, Web 2.0, connectivism, personal learning environment (PLE), OpenCourseWare

Procedia PDF Downloads 282

Authors: Sarah Baker, Jayati Chaudhuri

Abstract:

Librarians have embraced the open access movement in all disciplines but their own. They are strong advocates on college campuses and curate institutional repositories, yet there are surprisingly few open access LIS journals. Presenters evaluated the open access availability of library and information science literature. After analyzing the top 100 library science journals (the top 50 journals from Scimago and JCR) and finding very few gold open access journals, they then investigated the availability of open access articles from the top 10 closed access journals. Presenters would like to generate a conversation on what type of proactive approach librarians can take to increase open access to literature within our discipline. Librarians like their colleagues in other disciplines are not motivated to submit their articles to their institutional repositories. Presenters have found a similar reluctance from their fellow colleagues regarding open access initiatives on campus. Presenters will describe Open Access Week activities as part of a campus-wide initiative and share some faculty comments, concerns, and misconceptions that came up as a part of this dialog. Presenters will discuss their personal experiences providing access to faculty publications through the California State University Los Angeles institutional repository.

Keywords: faculty scholarship, institutional repositories, library and information science journals, open access

Procedia PDF Downloads 308

Authors: Doaa Abbas Zaher

Abstract:

For the past two decades demand for knowledge has been increasing. Management of society’s knowledge has far reaching effects to economic growth through increased capacity to complete viable activities. Organizations use information technology to effect organizational change. This is a challenge for the less developed nations whose capacity to integrate knowledge in core functions is limited. This creates organizational problems as there is global competition amongst organizations. Cross-cultural perceptions influence difference knowledge Management. This study provides a cross-cultural analysis on the influence in knowledge culture in Japan and Saudi Arabia to effect change in organizations. Since different countries adopt different knowledge management strategies, this dictates the state of organizational development through enriched organizational culture. The research uses a mixed approach design to collect data from primary and secondary sources. Primary source will use the questionnaires while secondary sources uses case analysis from books, articles, reports, and journals. The study will take a period of three years to come up with a complete paper.

Keywords: knowledge management, organizational culture, information, society knowledge

Procedia PDF Downloads 326

Authors: Tim Nedyalkov

Abstract:

A business decision to move to the cloud brings fundamental changes in how an organization develops and delivers its Information Technology solutions. The accelerated pace of digital transformation across businesses and government agencies increases the reliance on cloud-based services. They are collecting, managing, and retaining large amounts of data in cloud environments makes information security and data privacy protection essential. It becomes even more important to understand what key factors drive successful cloud adoption following the commencement of the Privacy Amendment Notifiable Data Breaches (NDB) Act 2017 in Australia as the regulatory changes impact many organizations and industries. This quantitative correlational research investigated the governance, risk management, and compliance factors contributing to cloud security success. The factors influence the adoption of cloud computing within an organizational context after the commencement of the NDB scheme. The results and findings demonstrated that corporate information security policies, data storage location, management understanding of data governance responsibilities, and regular compliance assessments are the factors influencing cloud computing adoption. The research has implications for organizations, future researchers, practitioners, policymakers, and cloud computing providers to meet the rapidly changing regulatory and compliance requirements.

Keywords: cloud compliance, cloud security, data governance, privacy protection

Procedia PDF Downloads 96

Authors: Norshima Humaidi, Saif Hussein Abdallah Alghazo

Abstract:

Cybersecurity threat have become a serious issue recently, and one of the cause is because human error, which is usually constituted by carelessness, ignorance, and failure to practice cybersecurity behaviour adequately. Using a data from a quantitative survey, Partial Least Squares-Structural Equation Modelling (PLS-SEM) analysis was used to determine the factors that affect cybersecurity protective behaviour (CPB). This study adapts cybersecurity protective behaviour model by focusing on two constructs that can enhance CPB: manager’s information security competencies (MISI) and procedural information security countermeasure (PCM) awareness. Theory of leadership competencies were adapted to measure user’s perception towards competencies among security managers/leader in the organization. Confirmatory factor analysis (CFA) testing shows that all the measurement items of each constructs were adequate in their validity individually based on their factor loading value. Moreover, each constructs are valid based on their parameter estimates and statistical significance. The quantitative research findings show that PCM awareness strongly influences CPB compared to MISI. Meanwhile, MISI was significantlyPCM awarenss. This study believes that the research findings can contribute to human behaviour in IS studies and are particularly beneficial to policy makers in improving organizations’ strategic plans in information security, especially in this new era. Most organizations spend time and resources to provide and establish strategic plans of information security; however, if employees are not willing to comply and practice information security behaviour appropriately, then these efforts are in vain.

Keywords: cybersecurity, protection behaviour, information security, information security competencies, countermeasure awareness

Procedia PDF Downloads 69

Authors: Isiya Shinkafi Salihu

Abstract:

Open education resources (OER) are open learning materials in different formats, course content and context to support learning globally. This study investigated the level of awareness of Hospitality and Tourism OER among students in the Department of Tourism and Hotel Management in a University. Specifically, it investigated students’ awareness, use and accessibility of OER in learning. The research design method used was the quantitative approach, using an online questionnaire. The thesis research shows that respondents frequently use OER but with little knowledge of the content and context of the material. Most of the respondents’ have little knowledge about the concept even though they use it. Information and communication technologies are tools for information gathering, social networking and knowledge sharing and transfer. OER are open education materials accessible online such as curriculum, maps, course materials, and videos that users create, adapt, reuse for learning and research. Few of the respondents that used OER in learning faced some challenges such as high cost of data, poor connectivity and lack of proper guidance. The results suggest a lack of awareness of OER among students in the faculty of tourism and the need for support from the teachers in the utilization of OER. The thesis also reveals that some of the international students are accessing the internet as beginners in their studies which require guidance. The research, however, recommends that further studies should be conducted to other faculties.

Keywords: creative commons, open education resources, open licenses, information and communication technology

Procedia PDF Downloads 154

Authors: Sevim Oztimurlenk

Abstract:

This is an exploratory study on the information behavior of human resource managers. This study is conducted by using a questionnaire survey and an interview. The data is gathered from 140 HR managers who are members of the People Management Association of Turkey (PERYÖN), and the 15 interviewees were chosen among those 140 survey participants randomly. The goal of this exploratory study is to investigate the impact of some factors (i.e., gender, age, work experience, number of employee reporting, company size, industry type) on HR managers’ information behavior. More specifically, it examines if there is a relationship between those factors and HR managers’ information behavior in terms of what kind of information sources they consult and reviews and whom they prefer to communicate with for information sharing. It also aims to find out additional factors influencing the information behavior of HR managers. The results of the study show that age and industry type are the two factors affecting the information behavior of HR managers, among other factors investigated in terms of information source, use and share. Moreover, personality, technology, education, organizational culture, and culture are the top five factors among the 24 additional factors suggested by HR managers who participated in this study.

Keywords: information behavior, information use, information source, information share, human resource managers

Procedia PDF Downloads 113

Authors: Gianvito Colucci, Valeria Di Cosmo, Matteo Nicoli, Orsola Maria Robasto, Laura Savoldi

Abstract:

The hydrogen value chain deployment is likely to be boosted in the near term by the energy security measures planned by European countries to face the recent energy crisis. In this context, some countries are recognized to have a crucial role in the geopolitics of hydrogen as importers, consumers and exporters. According to the European Hydrogen Backbone Initiative, Italy would be part of one of the 5 corridors that will shape the European hydrogen market. However, the set targets are very ambitious and require large investments to rapidly develop effective hydrogen policies: in this regard, scenario analysis is becoming increasingly important to support energy planning, and energy system optimization models appear to be suitable tools to quantitively carry on that kind of analysis. The work aims to assess the competitiveness of hydrogen in contributing to the Italian energy security in the coming years, under different price and import conditions, using the energy system model TEMOA-Italy. A wide spectrum of hydrogen technologies is included in the analysis, covering the production, storage, delivery, and end-uses stages. National production from fossil fuels with and without CCS, as well as electrolysis and import of low-carbon hydrogen from North Africa, are the supply solutions that would compete with other ones, such as natural gas, biomethane and electricity value chains, to satisfy sectoral energy needs (transport, industry, buildings, agriculture). Scenario analysis is then used to study the competition under different price and import conditions. The use of TEMOA-Italy allows the work to catch the interaction between the economy and technological detail, which is much needed in the energy policies assessment, while the transparency of the analysis and of the results is ensured by the full accessibility of the TEMOA open-source modeling framework.

Keywords: energy security, energy system optimization models, hydrogen, natural gas, open-source modeling, scenario analysis, TEMOA

Procedia PDF Downloads 76

Authors: M. S. Jimah, A. C. Achuenu, M. Momodu

Abstract:

Group communications over public infrastructure are prone to a lot of security issues. Existing network protocols like Protocol Independent Multicast Sparse Mode (PIM SM) and Protocol Independent Multicast Dense Mode (PIM DM) do not have inbuilt security features. Therefore, any user or node can easily access the group communication as long as the user can send join message to the source nodes, the source node then adds the user to the network group. In this research, a hybrid method of salting and hashing to encrypt information in the source and stub node was designed, and when stub nodes need to connect, they must have the appropriate key to join the group network. Object oriented analysis design (OOAD) was the methodology used, and the result shows that no extra controlled bandwidth overhead cost was added by encrypting and the hybrid model was more securing than the existing PIM SM, PIM DM and Zhang secure PIM SM.

Keywords: group communications, multicast, PIM SM, PIM DM, encryption

Procedia PDF Downloads 138

Authors: Muhammad Umar

Abstract:

Safety and Assets management is considering a backbone of every department. GIS in the Railway become very important to Manage Assets and Security through Digital Maps and Web based GIS Maps. It provides a complete frame of work to the organization for the management of assets. Pakistan Railway is the most common and safest mode of traveling in Pakistan. Due to ever-increasing demand of transporting huge amount of information generated from various sources and this information must be accurate. This creates problems for Passengers and Administration that causes finical and time loss. GIS Solve this problem by Digital Maps & Database. It provides you a real time Spatial and Statistical analysis that helps you to communicate and exchange the information in a sophisticated way to the users. GIS Based Web system provides a facility to different end user to make query at a time as per requirements. This GIS System provides an advancement in an organization for a complete Monitoring, Safety and Decision System for tracks, Stations and Junctions that further use for the Analysis of different areas i.e. analysis of tracks, junctions and Stations in case of reconstruction, Rescue for rail accidents and Natural disasters .This Research work helps to reduce the financial loss and reduce human mistakes helps you provide a complete security and Management system of assets.

Keywords: Geographical Information System (GIS) for assets management, geo spatial database, railway assets management, Pakistan

Procedia PDF Downloads 464

Authors: Ralph Adaimy, Wassim El-Hajj, Ghassen Ben Brahim, Hazem Hajj, Haidar Safa

Abstract:

Huge amounts of data and personal information are being sent to and retrieved from web applications on daily basis. Every application has its own confidentiality and integrity policies. Violating these policies can have broad negative impact on the involved company’s financial status, while enforcing them is very hard even for the developers with good security background. In this paper, we propose a framework that enforces security-by-construction in web applications. Minimal developer effort is required, in a sense that the developer only needs to annotate database attributes by a security class. The web application code is then converted into an intermediary representation, called Extended Program Dependence Graph (EPDG). Using the EPDG, the provided annotations are propagated to the application code and run against generic security enforcement rules that were carefully designed to detect insecure information flows as early as they occur. As a result, any violation in the data’s confidentiality or integrity policies is reported. As a proof of concept, two PHP web applications, Hotel Reservation and Auction, were used for testing and validation. The proposed system was able to catch all the existing insecure information flows at their source. Moreover and to highlight the simplicity of the suggested approaches vs. existing approaches, two professional web developers assessed the annotation tasks needed in the presented case studies and provided a very positive feedback on the simplicity of the annotation task.

Keywords: web applications security, secure information flow, program dependence graph, database annotation

Procedia PDF Downloads 444

Authors: Tejinder Singh

Abstract:

Information system is the flow of data from different levels to different directions for decision making and data operations in information system (IS). Data can be violated by different manner like manual or technical errors, data tampering or loss of integrity. Security system called firewall of IS is effected by such type of violations. The flow of data among various levels of Information System is done by networking system. The flow of data on network is in form of packets or frames. To protect these packets from unauthorized access, virus attacks, and to maintain the integrity level, network security is an important factor. To protect the data to get pirated, various security techniques are used. This paper represents the various security techniques and signifies different harmful attacks with the help of detailed data analysis. This paper will be beneficial for the organizations to make the system more secure, effective, and beneficial for future decisions making.

Keywords: information systems, data integrity, TCP/IP network, vulnerability, decision, data

Procedia PDF Downloads 274

Authors: Pallavi Mane, Nikita Mankar, Shraddha Mazire, Rasika Pashankar

Abstract:

Content sharing sites are very useful in sharing information and images. However, with the increasing demand of content sharing sites privacy and security concern have also increased. There is need to develop a tool for controlling user access to their shared content. Therefore, we are developing an Adaptive Privacy Policy Prediction (A3P) system which is helpful for users to create privacy settings for their images. We propose the two-level framework which assigns the best available privacy policy for the users images according to users available histories on the site.

Keywords: online information services, prediction, security and protection, web based services

Procedia PDF Downloads 336

Authors: Saadoun Abd Errazak, Hafssaoui Abdallah, Fredj Mohamed

Abstract:

Mining operations open induce risks of instability that can cause landslides and collapse at the bleachers slope. These risks may occur both during and after the operation phase. The magnitude of these risks depends on the mechanical and physical characteristics of the rock mass, the geometrical dimensions of ore bodies, their spatial arrangement, and the state of the operated area. If security and technology measures are not taken into account for this purpose, the environment will be affected. The main objective of this work is to assess these risks by analytical and numerical methods. The study is based on the geological, hydrogeological and geotechnical rock mass of the open pit quarry of Chouf Amar M'sila. The results obtained have allowed us to obtain an acceptable factor of safety and stability study of the open pit.

Keywords: stability, land sliding, numerical modeling, safety factor, open-pit quarry

Procedia PDF Downloads 348

Authors: Ruo-Qian Wang

Abstract:

Open-source CFD has become increasingly popular and promising. The recent progress in multiphase flow enables new CFD applications, which provides an economic and flexible research tool for complex flow problems. Our numerical study using four-way coupling Euler-Lagrangian Large-Eddy Simulations to resolve particle cloud dynamics with OpenFOAM and CFDEM will be introduced: The fractioned Navier-Stokes equations are numerically solved for fluid phase motion, solid phase motion is addressed by Lagrangian tracking for every single particle, and total momentum is conserved by fluid-solid inter-phase coupling. The grid convergence test was performed, which proves the current resolution of the mesh is appropriate. Then, we validated the code by comparing numerical results with experiments in terms of particle cloud settlement and growth. A good comparison was obtained showing reliability of the present numerical schemes. The time and height at phase separations were defined and analyzed for a variety of initial release conditions. Empirical formulas were drawn to fit the results.

Keywords: four-way coupling, dredging, land reclamation, multiphase flows, oil spill

Procedia PDF Downloads 402

Authors: Firas A. Al Laban, Mohamed Chabi, Sammani Danwawu Abdullahi

Abstract:

There are a real needs to integrate types of Open Educational Resources (OER) with an intelligent system to extract information and knowledge in the semantic searching level. Those needs raised because most of current learning standard adopted web based learning and the e-learning systems does not always serve all educational goals. Semantic Web systems provide educators, students, and researchers with intelligent queries based on a semantic knowledge management learning system. An ontology-based learning system is an advanced system, where ontology plays the core of the semantic web in a smart learning environment. The objective of this paper is to discuss the potentials of ontologies and mapping different kinds of ontologies; heterogeneous or homogenous to manage and control different types of Open Educational Resources. The important contribution of this research is to approach a methodology uses logical rules and conceptual relations to map between ontologies of different educational resources. We expect from this methodology to establish for an intelligent educational system supporting student tutoring, self and lifelong learning system.

Keywords: knowledge management systems, ontologies, semantic web, open educational resources

Procedia PDF Downloads 468

Authors: N. Nalini, Bhanu Prakash Gopularam

Abstract:

The term data security refers to the degree of resistance or protection given to information from unintended or unauthorized access. The core principles of information security are the confidentiality, integrity and availability, also referred as CIA triad. Cloud computing services are classified as SaaS, IaaS and PaaS services. With cloud adoption the confidential enterprise data are moved from organization premises to untrusted public network and due to this the attack surface has increased manifold. Several cloud computing platforms like OpenStack, Eucalyptus, Amazon EC2 offer users to build and configure public, hybrid and private clouds. While the traditional encryption based on PKI infrastructure still works in cloud scenario, the management of public-private keys and trust certificates is difficult. The Identity based Public Key Cryptography (also referred as ID-PKC) overcomes this problem by using publicly identifiable information for generating the keys and works well with decentralized systems. The users can exchange information securely without having to manage any trust information. Another advantage is that access control (role based access control policy) information can be embedded into data unlike in PKI where it is handled by separate component or system. In OpenStack cloud platform the keystone service acts as identity service for authentication and authorization and has support for public key infrastructure for auto services. In this paper, we explain OpenStack security architecture and evaluate the PKI infrastructure piece for data confidentiality. We provide method to integrate ID-PKC schemes for securing data while in transit and stored and explain the key measures for safe guarding data against security attacks. The proposed approach uses JPBC crypto library for key-pair generation based on IEEE P1636.3 standard and secure communication to other cloud services.

Keywords: data confidentiality, identity based cryptography, secure communication, open stack key stone, token scoping

Procedia PDF Downloads 351

Authors: Ari S. Prabowo, Nia Febriyanti, Haryono B. Santosa

Abstract:

Security function that is called as Physical Protection Systems (PPS) has functions to detect, delay and response. Physical Protection Systems (PPS) in Detection and Radiation Measurement Laboratory needs to be improved continually by using internal resources. The nuclear security culture provides some potentials to support this research. The study starts by identifying the security function’s weaknesses and its strengths of security culture as a purpose. Secondly, the strengths of security culture are implemented in the laboratory management. Finally, a simulation was done to measure its effectiveness. Some changes were happened in laboratory personnel behaviors and procedures. All became more prudent. The results showed a good influence of nuclear security culture in laboratory security functions.

Keywords: laboratory, physical protection system, security culture, security function

Procedia PDF Downloads 152

Authors: Veysel Çelik, Aynur Aker, Ebru Güç

Abstract:

Developments in information and communication technologies have increased both the speed of producing information and the speed of accessing new information. Accordingly, the daily lives of individuals have started to change. New concepts such as e-mail, e-government, e-school, e-signature have emerged. For this reason, prospective teachers who will be future teachers or school administrators are expected to have a high awareness of digital data security. The aim of this study is to reveal the effect of the digital storytelling technique on the data security awareness of pre-service teachers of computer and instructional technology education departments. For this purpose, participants were selected based on the principle of volunteering among third-grade students studying at the Computer and Instructional Technologies Department of the Faculty of Education at Siirt University. In the research, the pretest/posttest half experimental research model, one of the experimental research models, was used. In this framework, a 6-week lesson plan on digital data security awareness was prepared in accordance with the digital narration technique. Students in the experimental group formed groups of 3-6 people among themselves. The groups were asked to prepare short videos or animations for digital data security awareness. The completed videos were watched and evaluated together with prospective teachers during the evaluation process, which lasted approximately 2 hours. In the research, both quantitative and qualitative data collection tools were used by using the digital data security awareness scale and the semi-structured interview form consisting of open-ended questions developed by the researchers. According to the data obtained, it was seen that the digital storytelling technique was effective in creating data security awareness and creating permanent behavior changes for computer and instructional technology students.

Keywords: digital storytelling, self-regulation, digital data security, teacher candidates, self-efficacy

Procedia PDF Downloads 99

Authors: Nurazean Maarop, Noorjan Mohd Mustapha, Rasimah Yusoff, Roslina Ibrahim, Norziha Megat Mohd Zainuddin

Abstract:

The goal of this study is to identify success factors that could influence the ISMS self-implementation in government sector from qualitative perspective. This study is based on a case study in one of the Malaysian government agency. Semi-structured interviews involving five key informants were conducted to examine factors addressed in the conceptual framework. Subsequently, thematic analysis was executed to describe the influence of each factor on the success implementation of ISMS. The result of this study indicates that management commitment, implementer commitment and implementer competency are part of the success factors for ISMS self-implementation in Malaysian Government Sector.

Keywords: ISMS success factors, IT project management, IS success, information security

Procedia PDF Downloads 280

Authors: Yllka Hysaj, Ylberina Hysaj Arifi

Abstract:

Recently, with BREXIT taking place, organizations and employees have been affected in the way of job and employment security. Career-oriented human resources management (HRM) practices are likely to facilitate self-initiated expatriates’ adjustment to the host country. This was related to the career security (job security and employment security), which were missing in their home country and seemed to be important elements to adjust to the host country. The aim of this study is to assess whether the perception of career security by Frances self-initiated expatriates (SIEs) have changed in the wake of the referendum result. Quantitative research method will be used, and the data will be collected through electronic questionnaires. Data will be analyzed through Statistical Package for the Social Sciences (SPSS). The study variables will include an adjustment to the host country, HRM practices, employability, and job security. Predicted results consist that career-oriented HRM practices are positively related to the adjustment to the host country, employability, and job security. However, with Brexit, there might be a negative relationship between career-oriented HRM practices and job security.

Keywords: migration, self-initiated expatriates, Brexit, job security

Procedia PDF Downloads 143

Authors: Martin H¨ausl, Maximilian Auch, Johannes Forster, Peter Mandl, Alexander Schill

Abstract:

In order to survive on the market, companies must constantly develop improved and new products. These products are designed to serve the needs of their customers in the best possible way. The creation of new products is also called innovation and is primarily driven by a company’s internal research and development department. However, a new approach has been taking place for some years now, involving external knowledge in the innovation process. This approach is called open innovation and identifies customer knowledge as the most important source in the innovation process. This paper presents a concept of using social media posts as an external source to support the open innovation approach in its initial phase, the Ideation phase. For this purpose, the social media posts are semantically structured with the help of an ontology and the authors are evaluated using graph-theoretical metrics such as density. For the structuring and evaluation of relevant social media posts, we also use the findings of Natural Language Processing, e. g. Named Entity Recognition, specific dictionaries, Triple Tagger and Part-of-Speech-Tagger. The selection and evaluation of the tools used are discussed in this paper. Using our ontology and metrics to structure social media posts enables users to semantically search these posts for new product ideas and thus gain an improved insight into the external sources such as customer needs.

Keywords: idea ontology, innovation management, semantic search, open information extraction

Procedia PDF Downloads 165

Authors: Sudipto Shanker Dasgupta

Abstract:

One of the largest mining companies wanted to look at health analytics for their driverless trucks. These trucks were the key to their supply chain logistics. The automated trucks had multi-level sub-assemblies which would send out sensor information. The use case that was worked on was to capture the sensor signal from the truck subcomponents and analyze the health of the trucks from repair and replacement purview. Open source software was used to stream the data into a clustered Hadoop setup in Amazon Web Services cloud and Apache Spark SQL was used to analyze the data. All of this was achieved through a 10 node amazon 32 core, 64 GB RAM setup real-time analytics was achieved on ‘300 million records’. To check the scalability of the system, the cluster was increased to 100 node setup. This talk will highlight how Open Source software was used to achieve the above use case and the insights on the high data throughput on a cloud set up.

Keywords: streaming analytics, data science, big data, Hadoop, high throughput, sensor data

Procedia PDF Downloads 380

Authors: Kwame Kodua-Ntim

Abstract:

The study explored the authors self-archiving to create awareness of open-access institutional repositories in universities. The qualitative approach of the study was informed by the interpretive paradigm as well as the case research design. The target population for the study was all twelve (12) open-access institutional repositories managers and administrators purposively selected from the five (5) universities in Ghana. The universities were chosen since they were the only ones listed in the Directory of Open Access Repositories. Interviews were conducted using a semi-structured interview guide and data were analyzed using thematic analysis. The study revealed that academics had some information about self-archiving in open-access institutional repositories and university libraries with open-access institutional repositories were using DSpace software. Managers and administrators of open-access institutional repositories mediated content uploaded and believed that author self-archiving could improve awareness of open-access institutional repositories. The study recommended that universities should fully implement the author’s self-archiving protocol, and academics should be trained to be able to upload research works onto open-access institutional repositories. Furthermore, the university and university library should provide rigorous policies on author self-archiving and incentives for author self-archiving in the open access institutional repositories.

Keywords: author, awareness, institutional repositories, open access, open archive, self-archiving

Procedia PDF Downloads 56