Search results for: communication security

Authors: Vikram Prabhu, Mohammad Shikh Bahaei

Abstract:

This paper depicts the implementation of a new infallible technique to protect an Unmanned Aerial Vehicle from cyber-attacks. An Unmanned Aerial Vehicle (UAV) could be vulnerable to cyber-attacks because of jammers or eavesdroppers over the network which pose as a threat to the security of the UAV. In the field of network security, there are quite a few protocols which can be used to establish a secure connection between UAVs and their Operators. In this paper, we discuss how the Interlock Protocol could be implemented to foil the Man-in-the-Middle Attack. In this case, Wireshark has been used as the sniffer (man-in-the-middle). This paper also shows a comparison between the Interlock Protocol and the TCP Protocols using cryptcat and netcat and at the same time highlights why the Interlock Protocol is the most efficient security protocol to prevent eavesdropping over the communication channel.

Keywords: interlock protocol, Diffie-Hellman algorithm, unmanned aerial vehicles, control station, man-in-the-middle attack, Wireshark

Procedia PDF Downloads 279

Authors: Sewe Silvanus Odhiambo

Abstract:

Globally, many governments have publicly recognized private security firms as essential services providers. The private security firms face a lot of challenges, but the COVID-19 situation also has exacerbated them to another level. This paper locates its relevance in the post-coronavirus era. The COVID-19 pandemic has redefined the world operation, which shows a higher impact on the security field. Accordingly, the purpose of the study was to examine the role of corporate governance on the performance of private security firms in a post-covid pandemic era in Kenya. The study employed a descriptive research design, which included a quantitative approach and secondary data. The study was carried in the month of July 2021 from the registered private security firms. After targeting all private security firms, only 54 firms had disclosed their annual report by the time of conducting the study. The results depicted that pandemic has affected the performance of private security firms measures unfavorably. Further, boards of directors show a positive association with security firm performance. The study recommends that there is need board of directors to enhance management’s risk assessments in the midst of COVID-19; ensure that there are business continuity plans; there is organizational resilience; there is need for the development of new digital strategies; enabling the digital workforce in the firms and have effective communication plans with both internal and external stakeholders to deal with uncertainties and develop more post-COVID practices for boards of directors to improve performance of private security firms in Kenya. The practical implications of the study are that the research outcomes might assist regulatory bodies, investors, policymakers, and the security sector in general in their formulation of public and corporate governance strategies concerning future emergency preparedness and responses. This study also provides a unique contribution to the literature of COVID-19 and security firm performance in emerging economies context.

Keywords: COVID-19, corporate governance, firm performance, private security firms

Procedia PDF Downloads 134

Authors: Nahid Tavakoli, Asghar Ehteshami, Akbar Hassanzadeh, Fatemeh Amini

Abstract:

Introduction: The Information security incident management guidelines was been developed to help hospitals to meet their information security event and incident management requirements. The purpose of this Study was to investigate on Information Security Incident Management in Isfahan’s educational hospitals in accordance to ISO/IEC 27002 standards. Methods: This was a cross-sectional study to investigate on Information Security Incident Management of educational hospitals in 2014. Based on ISO/IEC 27002 standards, two checklists were applied to check the compliance with standards on Reporting Information Security Events and Weakness and Management of Information Security Incidents and Improvements. One inspector was trained to carry out the assessments in the hospitals. The data was analyzed by SPSS. Findings: In general the score of compliance Information Security Incident Management requirements in two steps; Reporting Information Security Events and Weakness and Management of Information Security Incidents and Improvements was %60. There was the significant difference in various compliance levels among the hospitals (p-valueKeywords: information security incident management, information security management, standards, hospitals

Procedia PDF Downloads 548

Authors: Kuan-Chou Chen

Abstract:

This paper will demonstrate a simulation model of an information security system by using the systems dynamic approach. The relationships in the system model are designed to be simple and functional and do not necessarily represent any particular information security environments. The purpose of the paper aims to develop a generic system dynamic information security system model with implications on information security research. The interrelated and interdependent relationships of five primary sectors in the system dynamic model will be presented in this paper. The integrated information security systems model will include (1) information security characteristics, (2) users, (3) technology, (4) business functions, and (5) policy and management. Environments, attacks, government and social culture will be defined as the external sector. The interactions within each of these sectors will be depicted by system loop map as well. The proposed system dynamic model will not only provide a conceptual framework for information security analysts and designers but also allow information security managers to remove the incongruity between the management of risk incidents and the management of knowledge and further support information security managers and decision makers the foundation for managerial actions and policy decisions.

Keywords: system thinking, information security systems, security management, simulation

Procedia PDF Downloads 399

Authors: Yiyang Su, Jörg Neumann, Jan Wetzlich, Florian Thiel

Abstract:

Smart grid is a term used to describe the next generation power grid. New challenges such as integration of renewable and decentralized energy sources, the requirement for continuous grid estimation and optimization, as well as the use of two-way flows of energy have been brought to the power gird. In order to achieve efficient, reliable, sustainable, as well as secure delivery of electric power more and more information and communication technologies are used for the monitoring and the control of power grids. Consequently, the need for cybersecurity is dramatically increased and has converged into several standards which will be presented here. These standards for the smart grid must be designed to satisfy both performance and reliability requirements. An in depth investigation of the effect of retrospectively embedded security in existing grids on it’s dynamic behavior is required. Therefore, a retrofitting plan for existing meters is offered, and it’s performance in a test low voltage microgrid is investigated. As a result of this, integration of security measures into measurement architectures of smart grids at the design phase is strongly recommended.

Keywords: cyber security, performance, protocols, security standards, smart grid

Procedia PDF Downloads 295

Authors: Amir Mohtarami, Hadi Kandjani

Abstract:

The amount of business-critical information in enterprises is growing at an extraordinary rate, and the ability to catalog that information and properly protect it using traditional security mechanisms is not keeping pace. Alongside the Information Technology (IT), information security needs a holistic view in enterprise. In other words, a comprehensive architectural approach is required, focusing on the information itself, understanding what the data are, who owns it, and which business and regulatory policies should be applied to the information. Enterprise Architecture Frameworks provide useful tools to grasp different dimensions of IT in organizations. Usually this is done by the layered views on IT architecture, but not requisite security attention has been held in this frameworks. In this paper, after a brief look at the Enterprise Architecture (EA), we discuss the issue of security in the overall enterprise IT architecture. Due to the increasing importance of security, a rigorous EA program in an enterprise should be able to consider security architecture as an integral part of its processes and gives a visible roadmap and blueprint for this aim.

Keywords: enterprise architecture, architecture framework, security architecture, information systems

Procedia PDF Downloads 668

Authors: Pratyush Vatsala, Sanjay Ahuja

Abstract:

The national security and human rights are related terms as there is nothing like absolute security or absolute human right. If we are committed to security, human right is a problem and also a solution, and if we deliberate on human rights, security is a problem but also part of the solution. Ultimately, we have to maintain a balance between the two co-related terms. As more and more armed forces are being deployed by the government within the nation for maintaining peace and security, using force against its own citizen, the search for a judicious balance between intent and action needs to be emphasized. Notwithstanding that a nation state needs complete political independence; the search for security is a driving force behind unquestioned sovereignty. If security is a human value, it overlaps the value of freedom, order, and solidarity. Now, the question needs to be explored, to what extent human rights can be compromised in the name of security in Kashmir or Mizoram like places. The present study aims to explore the issue of maintaining a balance between the use of power and good governance as human rights, providing security as a human value. This paper has been prepared with an aim of strengthening the understanding of the complex and multifaceted relationship between human rights and security forces operating for conflict management and identifies some of the critical human rights issues raised in the context of security forces operations highlighting the relevant human rights principles and standards in which Security as human value be respected at all times and in particular in the context of security forces operations in India.

Keywords: Kashmir, Mizoram, security, value, human right

Procedia PDF Downloads 249

Authors: Rong Guo, Mengshi Huang, Yujing Bai

Abstract:

With the rapid development of urbanization, the urban population increases and urban sprawl appeared. And these issues led to a sharp deterioration of the ecological environment. So, the urban ecological security evaluation was imminent. The weights identify of index was a key step of the research of ecological security evaluation. The AHP was widely used in the extensive research of weights identify of ecological security index. The characteristics of authority and quantitative can fully reflect the views of relevant experts. On the basis of building the ecological security evaluation index of Harbin, the paper combed and used the basic principle of the AHP, and calculated the weights of Harbin ecological security evaluation index through the process of the expert opinions “summary-feedback-summary”. And lay a foundation of future study of Harbin ecological security index, and guide the quantitative evaluation of Harbin ecological security.

Keywords: AHP, ecological security, evaluation Index, weights identify, harbin

Procedia PDF Downloads 468

Authors: Jamel Miri, Bechir Nsiri, Ridha Bouallegue

Abstract:

Ultra WidBand-IR physical layer technology has seen a great development during the last decade which makes it a promising candidate for short range wireless communications, as they bring considerable benefits in terms of connectivity and mobility. However, like all wireless communication they suffer from vulnerabilities in terms of security because of the open nature of the radio channel. To face these attacks, distance bounding protocols are the most popular counter measures. In this paper, we presented a protocol based on distance bounding to thread the most popular attacks: Distance Fraud, Mafia Fraud and Terrorist fraud. In our work, we study the way to adapt the best secure distance bounding protocols to mapping code of ultra-wideband (TH-UWB) radios. Indeed, to ameliorate the performances of the protocol in terms of security communication in TH-UWB, we combine the modified protocol to ultra-wideband impulse radio technology (IR-UWB). The security and the different merits of the protocols are analyzed.

Keywords: distance bounding, mapping code ultrawideband, terrorist fraud, physical layer technology

Procedia PDF Downloads 265

Authors: Pedram Behyar, Zahra Bayat

Abstract:

The internet and web are changing ways of “far reaching scope and potential for transformation of the marketing functions”. The web is developing in a faster rate than any previous new communication medium. The website of destination has become a crucial branding channel, that is why all businesses are changing their way to communicate with their customers to encounter their needs and wants in better ways. Website provides numerous opportunities for businesses to strengthen their relationship with their customers. One of these opportunities is website component that enables internet users to make two-way communication with the businesses.

Keywords: marketing communication, brand image, usability, privacy and security, personalization and customization, responsiveness, customer online web experience

Procedia PDF Downloads 461

Authors: Andrei Bogdan Stanescu, Robert Stana

Abstract:

Creating private and secure communication channels between employees has become a critical aspect in order to ensure organizational integrity and avoid leaks of sensitive information. With the widespread use of modern methods of disrupting communication between users, real use-cases of advanced encryption mechanisms have emerged to avoid cyber-attackers that are willing to intercept private conversations between critical employees in an organization. This paper aims to present a custom implementation of a messaging application named “Whisper” that uses end-to-end encryption (E2EE) mechanisms and blockchain-related components to protect sensitive conversations and mitigate the risks of information breaches inside organizations. The results of this research paper aim to expand the areas of applicability of E2EE algorithms and integrations with private blockchains in chat applications as a viable method of enhancing intra-organizational communication privacy.

Keywords: end-to-end encryption, mobile communication, cryptography, communication security, data privacy

Procedia PDF Downloads 53

Authors: Maryam M Esfahani

Abstract:

The Internet of Things is a concept that has fundamentally changed the way information technology works and communication environments. This concept, which is referred to as the next revolution in the field of information and communication technology, takes advantage of existing technologies such as wireless sensor networks, RFID, cloud computing, M2M, etc., to the final slogan of providing the possibility of connecting any object anywhere and everywhere. This use of technologies, along with the possibility of providing new services, also inherits their threats, and although the Internet of Things is facing many challenges, it can be said that its most important challenge is security and privacy, and perhaps even a more tangible challenge is privacy. In this article, we will first introduce the definition and concepts related to privacy, and then we will examine some threats against the privacy of the Internet of Things in different layers of a typical architecture. Also, while examining the differences and the relationship between security and privacy, we study different dimensions of privacy, and finally, we review some of the methods and technologies for improving the level of privacy.

Keywords: Iot, privacy, different dimension of privacy, W3model, privacy enhancing technologies

Procedia PDF Downloads 57

Authors: Amani A. Saad, Ahmed A. El-Farag, El-Sayed A. Helali

Abstract:

Cloud computing is an important and promising field in the recent decade. Cloud computing allows sharing resources, services and information among the people of the whole world. Although the advantages of using clouds are great, but there are many risks in a cloud. The data security is the most important and critical problem of cloud computing. In this research a new security model for cloud computing is proposed for ensuring secure communication system, hiding information from other users and saving the user's times. In this proposed model Blowfish encryption algorithm is used for exchanging information or data, and SHA-2 cryptographic hash algorithm is used for data integrity. For user authentication process a user-name and password is used, the password uses SHA-2 for one way encryption. The proposed system shows an improvement of the processing time of uploading and downloading files on the cloud in secure form.

Keywords: cloud Ccomputing, data security, SAAS, PAAS, IAAS, Blowfish

Procedia PDF Downloads 451

Authors: Wanqing You, Kai Qian, Xi He, Ying Qian

Abstract:

In this paper, the potential security issues brought by the virtualization of a Software Defined Networks (SDN) would be analyzed. The virtualization of SDN is achieved by FlowVisor (FV). With FV, a physical network is divided into multiple isolated logical networks while the underlying resources are still shared by different slices (isolated logical networks). However, along with the benefits brought by network virtualization, it also presents some issues regarding security. By examining security issues existing in an OpenFlow network, which uses FlowVisor to slice it into multiple virtual networks, we hope we can get some significant results and also can get further discussions among the security of SDN virtualization.

Keywords: SDN, network, virtualization, security

Procedia PDF Downloads 392

Authors: Chieh-Fu Chang, Wan-Hsin Hsieh

Abstract:

We have proposed a novel scheme— iterative word-extension (IWE) to enhance the cliff effect of Reed-Solomon codes regarding the error performance at a specific Eb/N0. The scheme can be readily extended to block codes and the important properties of IWE are further investigated here. In order to select proper block codes specifying the desired cliff Eb/N0, the associated features of IWE are explored. These properties and features grant IWE ability to enhance security regarding the received Eb/N0 in physical layer so that IWE scheme can cooperate with the traditional presentation layer approach — cryptography, to meet the secure requirements in diverse applications. The features and feasibility of IWE scheme in satellite communication are finally discussed.

Keywords: security, IWE, cliff effect, space communications

Procedia PDF Downloads 391

Authors: Ebtehal Aljedaani, Maha Aljohani

Abstract:

Privacy and security patterns are both important for developing software that protects users' data and privacy. Privacy patterns are designed to address common privacy problems, such as unauthorized data collection and disclosure. Security patterns are designed to protect software from attack and ensure reliability and trustworthiness. Using privacy and security patterns, software engineers can implement security and privacy by design principles, which means that security and privacy are considered throughout the software development process. These patterns are available to translate "security & privacy-by-design" into practical advice for software engineering. Previous research on privacy and security patterns has typically focused on one category of patterns at a time. This paper aims to bridge this gap by merging the two categories and identifying their similarities and differences. To do this, the authors conducted a systematic literature review of 25 research papers on privacy and security patterns. The papers were analysed based on the category of the pattern, the classification of the pattern, and the security requirements that the pattern addresses. This paper presents the results of a comprehensive review of privacy and security design patterns. The review is intended to help future IT designers understand the relationship between the two types of patterns and how to use them to design secure and privacy-preserving software. The paper provides a clear classification of privacy and security design patterns, along with examples of each type. The authors found that there is only one widely accepted classification of privacy design patterns, while there are several competing classifications of security design patterns. Three types of security design patterns were found to be the most commonly used.

Keywords: design patterns, security, privacy, classification of patterns, security patterns, privacy patterns

Procedia PDF Downloads 94

Authors: Jonghoon Kim, Gilwon Yoon

Abstract:

A wrist-band type biosignal measurement system and its data transfer through human body communication (HBC) were investigated. An HBC method based on pulses of ultra-wide band instead of using frequency or amplitude modulations was studied and implemented since the system became very compact and it was more suited for personal or mobile health monitoring. Our system measured photo-plethysmogram (PPG) and measured PPG signals were transmitted through a finger to a monitoring PC system. The device was compact and low-power consuming. HBC communication has very strong security measures since it does not use wireless network. Furthermore, biosignal monitoring system becomes handy because it does not need to have wire connections.

Keywords: biosignal, human body communication, mobile health, PPG, ultrawide band

Procedia PDF Downloads 448

Authors: Faisal Al Yahmadi, Muhammad R. Ahmed

Abstract:

Electric power is a fundamental necessity in the 21^st century. Consequently, any break in electric power is probably going to affect the general activity. To make the power supply smooth and efficient, a smart grid network is introduced which uses communication technology. In any communication network, security is essential. It has been observed from several recent incidents that adversary causes an interruption to the operation of networks. In order to resolve the issues, it is vital to understand the threats and vulnerabilities associated with the smart grid networks. In this paper, we have investigated the threats and vulnerabilities in Smart Grid Networks (SGN) and the few solutions in the literature. Proposed solutions showed developments in electricity theft countermeasures, Denial of services attacks (DoS) and malicious injection attacks detection model, as well as malicious nodes detection using watchdog like techniques and other solutions.

Keywords: smart grid network, security, threats, vulnerabilities

Procedia PDF Downloads 112

Authors: Mehmet Kargaci

Abstract:

It is more important to access information than to get the correct information and to transform it to the knowledge in a proper way. Every person, organizations or governments who have the knowledge now become the target. Cyber security involves the range of measures to be taken from individual to the national level. The National institutions refer to academic, military and major public and private institutions, which are very important for the national security. Thus they need further cyber security measures. It appears that the traditional cyber security measures in the national level are alone not sufficient, while the individual measures remain in a restricted level. It is evaluated that the most appropriate method for preventing the cyber vulnerabilities rather than existing measures are to develop institutional measures. This study examines the cyber security measures to be taken, especially in the national institutions.

Keywords: cyber defence, information, critical infrastructure, security

Procedia PDF Downloads 505

Authors: H. Parveen Begam, M. A. Maluk Mohamed

Abstract:

Mobile Grid Computing is an environment that allows sharing and coordinated use of diverse resources in dynamic, heterogeneous and distributed environment using different types of electronic portable devices. In a grid environment the security issues are like authentication, authorization, message protection and delegation handled by GSI (Grid Security Infrastructure). Proving better security between mobile devices and grid infrastructure is a major issue, because of the open nature of wireless networks, heterogeneous and distributed environments. In a mobile grid environment, the individual computing devices may be resource-limited in isolation, as an aggregated sum, they have the potential to play a vital role within the mobile grid environment. Some adaptive methodology or solution is needed to solve the issues like authentication of a base station, security of information flowing between a mobile user and a base station, prevention of attacks within a base station, hand-over of authentication information, communication cost of establishing a session key between mobile user and base station, computing complexity of achieving authenticity and security. The sharing of resources of the devices can be achieved only through the trusted relationships between the mobile hosts (MHs). Before accessing the grid service, the mobile devices should be proven authentic. This paper proposes the dynamic certificate based mutual authentication protocol between two mobile hosts in a mobile grid environment. The certificate generation process is done by CA (Certificate Authority) for all the authenticated MHs. Security (because of validity period of the certificate) and dynamicity (transmission time) can be achieved through the secure service certificates. Authentication protocol is built on communication services to provide cryptographically secured mechanisms for verifying the identity of users and resources.

Keywords: mobile grid computing, certificate authority (CA), SSL/TLS protocol, secured service certificates

Procedia PDF Downloads 281

Authors: Stefan Bauer, Josef Frysak

Abstract:

According to the scientific information management literature, the improper use of information technology (e.g. personal computers) by employees are one main cause for operational and information security loss events. Therefore, organizations implement information security awareness programs to increase employees’ awareness to further prevention of loss events. However, in many cases these information security awareness programs consist of conventional delivery methods like posters, leaflets, or internal messages to make employees aware of information security policies. We assume that a viral information security awareness video might be more effective medium than conventional methods commonly used by organizations. The purpose of this research is to develop a viral video artifact to improve employee security behavior concerning information technology.

Keywords: information security awareness, delivery methods, viral videos, employee security behavior

Procedia PDF Downloads 518

Authors: Shruti Kohli

Abstract:

The sophistication and pervasiveness of cyber-attacks are constantly growing, driven partly by technological progress, profitable applications in organized crime and state-sponsored innovation. The modernization of rail control systems has resulted in an increasing reliance on digital technology and increased the potential for security breaches and cyber-attacks. This research track showcases the need for developing a secure reusable scalable framework for enhancing cyber security of rail assets. A cyber security framework has been proposed that is being developed to detect the tell-tale signs of cyber-attacks against industrial assets.

Keywords: cyber security, rail asset, security threat, cyber ontology

Procedia PDF Downloads 406

Authors: Thomas Adi Purnomo Sidhi

Abstract:

Nowadays, network is an essential need in almost every part of human daily activities. People now can seamlessly connect to others through the Internet. With advanced technology, our personal data now can be more easily accessed. One of many components we are concerned for delivering the best network is a security issue. This paper is proposing a method that provides more options for security. This research aims to improve network security by focusing on the physical layer which is the first layer of the OSI model. The layer consists of the basic networking hardware transmission technologies of a network. With the use of observation method, the research produces a schematic design for enhancing the network security through the gray code converter.

Keywords: network, network security, grey code, physical layer

Procedia PDF Downloads 471

Authors: Arenca Trashani

Abstract:

20 years after its first entrance in a General Assembly of the United Nation’s Resolution, human security has became a very important tool in a global debate affecting directly the whole main rules and regulations in international law and more closely in international human rights law. This paper will cover a very important issue of today at how the human security has its impact to the development of international human rights law, not as far as a challenge as it is seen up now but a tool of moving toward development and globalization. In order to analyze the impact of human security to the global agenda, we need to look to the main pillars of the international legal order which are affected by the human security in itself and its application in the policy making for this international legal order global and regional ones. This paper will focus, also, on human security, as a new and very important tool of measuring development, stability and the level of democratic consolidation and the respect for human rights especially in developing countries such as Albania. The states are no longer capable to monopolize the use of human security just within their boundaries and separated from the other principles of a functioning democracy. In this context, human security would be best guaranteed under the respect of the rule of law and democratization. During the last two decades the concept security has broadly developed, from a state-centric to a more human-centric approach: from state security to respect for human rights, to economic security, to environmental security as well. Last but not least we would see that human rights could be affected by human security not just at their promotion but also at their enforcement and mainly at the international institutions, which are entitled to promote and to protect human rights.

Keywords: human security, international human rights law, development, Albania, international law

Procedia PDF Downloads 723

Authors: S. M. Tavakoli Sani, M. Sabbet Moghadam, Y. Khorram Farhadi, Iraj Rezayi Nejad

Abstract:

The concept of national security in Iran is a permanently effective factor in acceptance or rejection of many international obligations. These obligations had been defined according to the type of legislation of Iran in many aspects. Therefore, there are several treaties at international level which requires Iran’s security to come in contact with obligations in these treaties in a way that an obstacle to join to them and their passage in parliament. This issue is a typical category which every country pays attention to be accepted in treaties or to include their national security in that treaties and also they can see the related treaties from this perspective, but this issue that 'what is the concept of Iran’s national security', and 'To what extent it is changed in recent years, especially after Islamic Revolution' are important issues that can be criticized. Thus, this study is trying to assess singed treaties from the perspective of Iran’s national security according of the true meaning of treaty and to investigate how the international treaties may be in conflict with Iran’s national security.

Keywords: treaties, national security, Iran, Islamic Revolution

Procedia PDF Downloads 441

Authors: Hamid Sharif, Nazish Saleem Abbas, Muhammad Haris Jamil

Abstract:

Visible light communication is an emerging technology for almost a decade now; there is a growing need for VLC systems to overcome the challenges faced by radio frequency RF communication systems. With the advancement in the development of solid-state sources, in the future would replace incandescent and fluorescent light sources. These solid-state devices are not only to be used for illumination but can also be employed for communication and navigational purposes. The replacement of conventional illumination sources with highly efficient light-emitting diodes (LED's) (generally white light) will reduce energy consumption as well as environmental pollution. White LEDs dissipate very less power as compared to conventional light sources. The use of LED's is not only beneficial in terms of power consumption, but it also has an intrinsic capability for indoor wireless communication as compared to indoor RF communication. It is considerably low in cost to operate than the RF systems such as Wi-Fi routers, allows convenient means of reusing the bandwidth, and there is a huge potential for high data rate transmissions with enhanced data security. This paper provides an overview of some of the current challenges with VLC and proposes a possible solution to deal with these challenges; it also examines some joint protocols to optimize the joint illumination and communication functionality.

Keywords: visible light communication, line of sight, root mean square delay spread, light emitting diodes

Procedia PDF Downloads 43

Authors: Amani A. Saad, Ahmed A. El-Farag, El-Sayed A. Helali

Abstract:

Cloud computing is an important and promising field in the recent decade. Cloud computing allows sharing resources, services and information among the people of the whole world. Although the advantages of using clouds are great, but there are many risks in a cloud. The data security is the most important and critical problem of cloud computing. In this research a new security model for cloud computing is proposed for ensuring secure communication system, hiding information from other users and saving the user's times. In this proposed model Blowfish encryption algorithm is used for exchanging information or data, and SHA-2 cryptographic hash algorithm is used for data integrity. For user authentication process a simple user-name and password is used, the password uses SHA-2 for one way encryption. The proposed system shows an improvement of the processing time of uploading and downloading files on the cloud in secure form.

Keywords: cloud computing, data security, SAAS, PAAS, IAAS, Blowfish

Procedia PDF Downloads 324

Authors: Nur Imroatun Sholihat, Gresika Bunga Sylvana

Abstract:

Currently, cyber attack became an incredibly serious problem due to its increasing trend all over the world. Therefore, information security becomes prominent for every organization including public sector organization. In Indonesia, unfortunately, Ministry of Finance (MoF) is the only public sector organization that has already formally established procedure to assess its information security adequacy by performing information security audits (November 2017). We assess the implementation of information security audits in the MoF using qualitative data obtained by interviewing IT auditors and by analysis of related documents. For this reason, information security audit practice in the MoF could become the acceptable benchmark for all other public sector organizations in Indonesia. This study is important because, to the best of the author’s knowledge, our research into information security audits practice in Indonesia’s public sector have not been found yet. Results showed that information security audits performed mostly by doing pentest (penetration testing) to MoF’s critical applications.

Keywords: information security audit, information technology, Ministry of Finance of Indonesia, public sector organization

Procedia PDF Downloads 198

Authors: Tamil Chelvi Vadivelu, Nurazean Maarop, Rasimah Che Yusoff, Farhana Aini Saludin

Abstract:

Implementing a remote healthcare system needs to consider many security features. Therefore, before any deployment of the remote healthcare system, a feasibility study from the security perspective is crucial. Remote healthcare system using WBAN technology has been used in other countries for medical purposes but in Malaysia, such projects are still not yet implemented. This study was conducted qualitatively. The interview results involving five healthcare practitioners are further elaborated. The study has addressed four important security features in order to incorporate remote healthcare system using WBAN in Malaysian government hospitals.

Keywords: remote healthcare, IT security, security features, wireless sensor application

Procedia PDF Downloads 273

Authors: Karmveer Sheoran

Abstract:

To make wireless communication a vast success is to use sunlight for wireless communication. We can use sunlight in upper atmosphere to encode messages to efficiently use sunlight. This use of sunlight for wireless communication will need encoders which will encode sunlight according to our message and then resultant will be spread in all atmospheres wherever sunlight goes, it will take our messages with it. With minimum requirement of cost in equipment used at the edge of atmosphere is where sunlight is being encoded. In this way a very high efficient wireless communication system can be designed. On receiver side we will need light detectors which will detect sunlight variations and will finally give the information contained i it. Sunlight can be encoded at a very high speed that nobody will be annoyed by flickering. It will be most sophisticated and efficient wireless communication ever designed. There are far more possibilities in this sunlight communication. Let us call it “Sunlight Communication".

Keywords: sunlight communication, emerging trends, wireless communication, wifi

Procedia PDF Downloads 372