Search results for: information security awareness

Authors: Pichamon Chansuchai

Abstract:

The objective of this research were to investigate electronic payment system on the internet and offer the guidelines for proper internal control of the payment system based on international standard security control (ISO/IEC 17799:2005),in a case study of payment of the internet, Thailand. The guidelines covered five important areas: (1) business requirement for access control, (2) information systems acquisition, development and maintenance, (3) information security incident management, (4) business continuity management, and (5) compliance with legal requirement. The findings from this qualitative study revealed the guidelines for proper internet control that were more reliable and allow the same line of business to implement the same system of control.

Keywords: audit, best practice, internet, payment

Procedia PDF Downloads 472

Authors: Laxmi R. Kasaraneni

Abstract:

The Internet connects all the networks, including the nation’s critical infrastructure that are used extensively by not only a nation’s government and military to protect sensitive information and execute missions, but also the primary infrastructure that provides services that enable modern conveniences such as education, potable water, electricity, natural gas, and financial transactions. It has become the central nervous system for the government, the citizens, and the industries. When it is attacked, the effects can ripple far and wide impacts not only to citizens’ well-being but nation’s economy, civil infrastructure, and national security. As such, these critical services may be targeted by malicious hackers during cyber warfare, it is imperative to not only protect them and mitigate any immediate or potential threats, but to also understand the current or potential impacts beyond the IT networks or the organization. The Nation’s IT infrastructure which is now vital for communication, commerce, and control of our physical infrastructure, is highly vulnerable to attack. While existing technologies can address some vulnerabilities, fundamentally new architectures and technologies are needed to address the larger structural insecurities of an infrastructure developed in a more trusting time when mass cyber attacks were not foreseen. This research is intended to improve the core functions of the Internet and critical-sector information systems by providing a clear path to create a safe, secure, and resilient cyber environment that help stakeholders at all levels of government, and the private sector work together to develop the cybersecurity capabilities that are key to our economy, national security, and public health and safety. This research paper also emphasizes the present and future cyber security threats, the capabilities and goals of cyber attackers, a strategic concept and steps to implement cybersecurity for maximum effectiveness, enabling technologies, some strategic assumptions and critical challenges, and the future of cyberspace.

Keywords: critical challenges, critical infrastructure, cyber security, enabling technologies, national security

Procedia PDF Downloads 268

Authors: Hanen Khaldi

Abstract:

This paper aims to study the impact of international migration on human security in the Southeastern region of Asia, especially after Asian Financial Crisis 1997-98. International migration has impacts on many dimensions of security: the state security (sovereignty and autonomy); international relationships security (conflicts, terrorism, etc); and immigrants security. The paper aims to improve our comprehension of the impact of international migration on immigrant security in the region of Southeast Asia, particularly “vulnerable workers’’ whose number is growing very fast in the region. The literature review carried out on this matter led us to ask the following two question: 1) Did the creation of ASEAN Community matter on the evolution of immigrants in the region? And How governments try to resolve the gap between economic objectifs and security of immigrants in the region? To answer these two questions, the paper is subdivided in three parts: Firstly, we will show how the creation of the ASEAN Community, especially ASEAN Economic Community, had a significant impact on the pattern of evolution of immigration in this region. Secondly, we will paint a portrait illustrating the vulnerability of immigrants in Southeast Asia, particularly unskilled workers. Finally, using the theories of regional integration, we will assess how governments try to ensure the security and safety of the immigrants. Overall, our analysis illustrate the significant change of the official discourse of the leaders of the ASEAN member states, now more conciliator and especially more open to cooperation, as well as the proliferation of meetings and initiatives between these countries to control mobility flows in the region, and the ensure immigrants security.

Keywords: migrant workers, human security, human rights

Procedia PDF Downloads 145

Authors: Chupicai Manuel

Abstract:

The purpose of this article is to examine the political economy and history of internal displacement, migration and human security in Zimbabwe from 1800 to present day. The article gives a timeline of major internal displacement, migration trends that took place in Zimbabwe before colonialism, through the colonial period up to the present day and examines the human security context of such periods. In view of the above, a political economy analysis will be employed to examine the different factors that promoted internal displacement and human movements from 1800 to the present day and explore the architecture of human security in Zimbabwe. The ultimate goal of this literature review is to provide a longitudinal analysis of internal displacement, migration and human security regimes that existed in Zimbabwe with the view of promoting social cohesion and nation building.

Keywords: human security, internal displacement, migration, political economy

Procedia PDF Downloads 322

Authors: Kriddikorn Kaewwongsri, Nikom Suvonvorn

Abstract:

In the deep south of Thailand, checkpoints for people verification are necessary for the security management of risk zones, such as official buildings in the conflict area. In this paper, we propose an automatic checkpoint system that verifies persons using information from ID cards and facial features. The methods for a person’s information abstraction and verification are introduced based on useful information such as ID number and name, extracted from official cards, and facial images from videos. The proposed system shows promising results and has a real impact on the local society.

Keywords: face comparison, card recognition, OCR, checkpoint system, authentication

Procedia PDF Downloads 300

Authors: Saba Farheen, Uday Shankar

Abstract:

Background- Attaining equality among all humans and eliminating all forms of discrimination against them are fundamental human rights. These rights are based on the belief that all human beings are born free with equal dignity, esteem, and honour. In India, more than 30 percent politicians are having criminal background. They are also illiterate, which obstacle them in governing the system. They do not know the basic human rights. Because of this, they cannot decide what to do for the sake of the nation. Bihar is the third largest populated state of India and is characterized by corrupt politicians and poor literacy rate. If the politicians can aware about the human rights, then they will show positive attitude towards these. Aim- The main goal of the present research was to study the subjects’ knowledge or awareness towards their human rights. It was an attempt to identify social-psychological conditions that inhibit or facilitate awareness among public representatives towards their human rights in the special context of Bihar, India. Thus the main variable awareness towards human rights has been treated as the main dependent variable. The other two variables-socio economic status and Educational status, have been treated as independent variables. Method- The subjects were 400 public representatives in the age group of 35 to 50 years. They were from High socio economic status (N=150), Middle socio economic status (N=150), and Low socio economic status (N=100). The subjects were either educated (N=200) or Uneducated (N=200). The subjects were selected randomly from the different districts of Bihar, India. “Human Rights Awareness Scale” by Dr. Iftekhar Hossain, Dr. Saba Farheen, and Dr. Uday Shankar was applied in this study. Results- Results have shown that the public representatives have very low level of awareness towards the human rights. Also, the subjects from Middle SES have highest awareness in comparison with subjects of High and Low SES. Uneducated public representatives have less awareness than the educated one about human rights. Conclusion- Conclusively, it can be stated that human rights awareness among the public representatives of India is very low, and it is being affected by their Socio economic status and literacy level.

Keywords: human rights, awareness, public representatives, bihar, India

Procedia PDF Downloads 103

Authors: Alhaji Khuzaima Mohammed Osman, Zaeem Sheikh Abdul Wadudi Haruna

Abstract:

This article aims to explore the crucial link between counter-terrorism efforts and the preservation of human security. As acts of terrorism continue to pose significant threats to societies worldwide, it is imperative to develop effective strategies that mitigate risks while safeguarding the rights and well-being of individuals. This paper discusses key aspects of counter-terrorism and human security, emphasizing the need for a comprehensive approach that integrates intelligence, prevention, response, and resilience-building measures. By highlighting successful case studies and lessons learned, this article provides valuable insights for policymakers, law enforcement agencies, and practitioners in their quest to address terrorism and foster human security.

Keywords: human security, risk mitigation, terrorist activities, civil liberties

Procedia PDF Downloads 50

Authors: Cai Qianyi

Abstract:

In the midst of global digital revolution, the flow of data poses security threats that call China's existing legislative framework for protecting personal information into question. As a preliminary procedure for risk analysis and prevention, the risk assessment of personal data transmission lacks detailed guidelines for support. Existing provisions reveal unclear responsibilities for network operators and weakened rights for data subjects. Furthermore, the regulatory system's weak operability and a lack of industry self-regulation heighten data transmission hazards. This paper aims to compare the regulatory pathways for data information transmission risks between China and Europe from a legal framework and content perspective. It draws on the “Data Protection Impact Assessment Guidelines” to empower multiple stakeholders, including data processors, controllers, and subjects, while also defining obligations. In conclusion, this paper intends to solve China's digital security shortcomings by developing a more mature regulatory framework and industry self-regulation mechanisms, resulting in a win-win situation for personal data protection and the development of the digital economy.

Keywords: personal information data transmission, risk assessment, DPIA, internet service provider, personal information data transimission, risk assessment

Procedia PDF Downloads 24

Authors: Aimen Batool Bint-E-Rashid, Syed Muhammad Dawood Ali Shah, Muhammad Usman Farooq, Mahgul Anwar

Abstract:

As the world is progressing, the needs and demands of the consumer market are also changing. Nowadays the trends of consumer purchase decisions are dependent upon multiple factors. This study aims to identify the influential impact of country of origin over the perception and devotion towards daily personal care products specifically in reference to the knowledge and awareness regarding that particular brand in Pakistan. To corroborate this study, a 30-item brand origin questionnaire has been used with 300 purchase decision makers belonging to different age groups. To illustrate this study, a model has been developed based on brand origin, brand awareness and brand loyalty. Correlation and regression analysis have been used to find out the results which conclude the findings on the perspective of Pakistan’s consumer market as that brand origin has a direct relationship with brand loyalty provided that the consumer has a positive brand awareness. Support for the fact that brand origin impacts brand loyalty through brand awareness has been presented in this study.

Keywords: brand awareness, brand loyalty, brand origin, personal care products, P&G, Unilever

Procedia PDF Downloads 214

Authors: Hussein Lujuo Mohamed

Abstract:

Introduction: Public health has always been influenced by climate and weather. Changes in climate and climate variability, particularly changes in weather extremes affect the environment that provides people with clean air, food, water, shelter, and security. Tanzania is not an exception to the threats of climate change. The health sector is mostly affected due to emergence and proliferation of infectious diseases, thereby affecting health of the population and thus impacting achievement of sustainable development goals. Methodology: A desk review on documented issues pertaining to climate change and health in Tanzania was done using Google search engine. Keywords included climate change, link, health, climate initiatives. In cases where information was not available, documents from Ministry of Health, Vice Presidents Office-Environment, Local Government Authority, Ministry of Water, WHO, research, and training institutions were reviewed. Some of the reviewed documents from these institutions include policy brief papers, fieldwork activity reports, training manuals, and guidelines. Results: Six main climate resilience activities were identified in Tanzania. These were development and implementation of climate resilient water safety plans guidelines both for rural and urban water authorities, capacity building of rural and urban water authorities on implementation of climate-resilient water safety plans, and capacity strengthening of local environmental health practitioners on mainstreaming climate change and health into comprehensive council health plans. Others were vulnerability and adaptation assessment for the health sector, mainstreaming climate change in the National Health Policy, and development of risk communication strategy on climate. In addition information, education, and communication materials on climate change and to create awareness were developed aiming to sensitize and create awareness among communities on climate change issues and its effect on public health. Conclusion: Proper implementation of these interventions will help the country become resilient to many impacts of climate change in the health sector and become a good example for other least developed countries.

Keywords: climate, change, Tanzania, health

Procedia PDF Downloads 91

Authors: Ando Leppiman, Kati Kõrbe Kaare, Ott Koppel

Abstract:

The growing demand for gas has rekindled a debate on gas security of supply due to supply interruptions, increasing gas prices, transportation and distribution bottlenecks and a growing reliance on imports over longer distances. Security of supply is defined mostly as an infrastructure package to satisfy N-1 criteria. In case of Estonia, Finland, Latvia, and Lithuania all the gas infrastructure is built to supply natural gas only from one single supplier, Russia. In 2012, almost 100% of natural gas to the Eastern Baltic Region was supplied by Gazprom. under such circumstances infrastructure N-1 criteria does not guarantee security of supply. In the Eastern Baltic Region, the assessment of risk of gas supply disruption has been worked out by applying the method of risk scenarios. There are various risks to be tackled in Eastern Baltic States in terms of improving security of supply, such as single supplier risk, physical infrastructure risk, regulatory gap, fair price, and competition. The objective of this paper is to evaluate the energy security of the Eastern Baltic Region within the framework of the European Union’s policies and to make recommendations on how to better guarantee the energy security of the region.

Keywords: security of supply, supply routes for natural gas, energy balance, diversified supply options, common regulative package

Procedia PDF Downloads 232

Authors: Alh Rauf Bello Bella

Abstract:

The main purpose of citizenship education if properly executed is to create awareness and enlightenment in the society to bring tolerance and political unity among the people. For the citizenry to have a meaningful participation for the achievement of this objective in a modern society where democracy thrives, all citizens should also have access to information on all matters affecting their lives and well-being. The paper therefore examines the scope of citizenship education and the complementary role of information providers in the quest for political socialization and national unity. It emphasizes some issues of national unity which should be addressed through proper enlightenment of the citizenry and access to relevant and timely information at the grassroots.

Keywords: citizenship education, national unity, political socialization, Nigeria

Procedia PDF Downloads 448

Authors: Violeta Damjanovic-Behrendt

Abstract:

This paper presents an approach for optimal cyber security decisions to protect instances of a federated Internet of Things (IoT) platform in the cloud. The presented solution implements the repeated Stackelberg Security Game (SSG) and a model called Stochastic Human behaviour model with AttRactiveness and Probability weighting (SHARP). SHARP employs the Subjective Utility Quantal Response (SUQR) for formulating a subjective utility function, which is based on the evaluations of alternative solutions during decision-making. We augment the repeated SSG (including SHARP and SUQR) with a reinforced learning algorithm called Naïve Q-Learning. Naïve Q-Learning belongs to the category of active and model-free Machine Learning (ML) techniques in which the agent (either the defender or the attacker) attempts to find an optimal security solution. In this way, we combine GT and ML algorithms for discovering optimal cyber security policies. The proposed security optimization components will be validated in a collaborative cloud platform that is based on the Industrial Internet Reference Architecture (IIRA) and its recently published security model.

Keywords: security, internet of things, cloud computing, stackelberg game, machine learning, naive q-learning

Procedia PDF Downloads 327

Authors: Adriana Salgado, Sandra Castaneda, Ivan Perez

Abstract:

Learning to read and write is a complex process involving several cognitive skills, contextual, and cultural environments. The basis of this development is linguistic skills, such as the ability to name and understand vocabulary, retell a story, phonological awareness, letter knowledge, among others. In children with autism spectrum disorder (ASD), one of the main concerns is related to language disorders. Nevertheless, most of the children with ASD are able to decode written information but have difficulties in reading comprehension. The research of these processes in the Spanish-speaking population is limited. However, the increasing prevalence of this diagnosis (1 in 115 children) in Mexico has implications at different levels. Educational research is an important area of interest in ASD children, such as emergent literacy. Reading and writing expand the possibilities of academic, cultural, and social information access. Taking this information into account, the objective of this research was to identify the relationship between language skills, alphabet knowledge, phonological awareness, and early reading and writing in ASD Spanish-speaking children. The method used for this research was based on tasks that were selected, adapted and in some cases designed to measure initial reading and writing, as well as language skills (naming, receptive vocabulary, and narrative skills), phonological awareness (similar phonological word pairs, beginning sound awareness and spelling) and letter knowledge, in a sample of 45 children (38 boys and 7 girls) with prior diagnosis of ASD. Descriptive analyses, as well as bivariate correlations, cluster analysis, and canonical correspondence, were obtained for the data results. Results showed that variability was large; however, it was possible to characterize the sample in low, medium, and high score groups regarding children performance. The low score group (46.7% of the sample), had a null or deficient performance in language skills and phonological awareness, some could identify up to five letters of the alphabet, showed no early reading skills but they could scribble. The middle score group was characterized by a highly variable performance in different tasks, with better language skills in receptive and naming vocabulary, some narrative, letter knowledge, and phonological awareness (beginning sound awareness) skills. The high score group, (24.4% of the sample) had the best performance in language skills in relation to the sample data, as well as in the rest of the measured skills. Finally, scores were canonically correlated between naming, receptive vocabulary, narrative, phonological awareness, letter knowledge and initial learning of reading and writing skills for the high score group and letter knowledge, naming and receptive vocabulary for the lower score group, which is consistent with previous research in typical and ASD children. In conclusion, the obtained data is consistent with previous studies. Despite large variability, it was possible to identify performance profiles and relations based on linguistic, phonological awareness, and letter knowledge skills. These skills were predictor variables of the initial development of reading and writing. The above has implications for a future program and strategies development that may benefit the acquisition of reading and writing in ASD children.

Keywords: autism, autism spectrum disorders, early literacy, emergent literacy

Procedia PDF Downloads 114

Authors: Maryam M Esfahani

Abstract:

The Internet of Things is a concept that has fundamentally changed the way information technology works and communication environments. This concept, which is referred to as the next revolution in the field of information and communication technology, takes advantage of existing technologies such as wireless sensor networks, RFID, cloud computing, M2M, etc., to the final slogan of providing the possibility of connecting any object anywhere and everywhere. This use of technologies, along with the possibility of providing new services, also inherits their threats, and although the Internet of Things is facing many challenges, it can be said that its most important challenge is security and privacy, and perhaps even a more tangible challenge is privacy. In this article, we will first introduce the definition and concepts related to privacy, and then we will examine some threats against the privacy of the Internet of Things in different layers of a typical architecture. Also, while examining the differences and the relationship between security and privacy, we study different dimensions of privacy, and finally, we review some of the methods and technologies for improving the level of privacy.

Keywords: Iot, privacy, different dimension of privacy, W3model, privacy enhancing technologies

Procedia PDF Downloads 58

Authors: Murat Erdoğdu, Mehmet Öçalan

Abstract:

The main aim of this study is to find out the effects of the concepts of the brand awareness and the brand loyalty of teenagers (13-18) on their criteria to buy the products that attract high interest in the groups that do sports actively and vice versa. The training shoes that are thought to have high interests of teenagers were chosen in the study (because every student uses training shoes at least in physical education lessons) and searching the criteria to choose these products is one of the aims of this study. The sample of the research consisted of 775 teenagers doing sports (218 females, 557 males) and 752 teenagers not doing sports (399 females, 353 males) from the primary and secondary schools in the center of Ankara. 1527 students in total voluntarily participated in the study. When the effects of the brand functions perceived about the sample on the brand awareness was analyzed, it was found out that all of three function types have a positive and significant effect on the brand awareness. It was found out that there was a positive and average relationship between the dependence on a brand and the brand loyalty. It was understood that there was a positive and weak relationship between the brand loyalty and the general brand awareness in training shoes among teenagers. The groups of the teenagers doing sports and of the teenagers not doing sports showed significant differences in their preferences about training shoes. The effects of the criteria to buy training shoes on the brand loyalty showed significant differences in the groups. In addition, it was determined that according to their variables of doing sports actively, the teenagers doing sports actively have significantly higher brand awareness and brand loyalty than the teenagers not doing sports.

Keywords: brand awareness, brand loyalty sports marketing, teenagers, the level of doing sports

Procedia PDF Downloads 420

Authors: Vaibhav Barve

Abstract:

Reversible information hiding has drawn a lot of interest as of late. Being reversible, we can restore unique computerized data totally. It is a plan where mystery data is put away in digital media like image, video, audio to maintain a strategic distance from unapproved access and security reason. By and large JPEG bit stream is utilized to store this key data, first JPEG bit stream is encrypted into all around sorted out structure and then this secret information or key data is implanted into this encrypted region by marginally changing the JPEG bit stream. Valuable pixels suitable for information implanting are computed and as indicated by this key subtle elements are implanted. In our proposed framework we are utilizing RC4 algorithm for encrypting JPEG bit stream. Encryption key is acknowledged by framework user which, likewise, will be used at the time of decryption. We are executing enhanced least significant bit supplanting steganography by utilizing genetic algorithm. At first, the quantity of bits that must be installed in a guaranteed coefficient is versatile. By utilizing proper parameters, we can get high capacity while ensuring high security. We are utilizing logistic map for shuffling of bits and utilization GA (Genetic Algorithm) to find right parameters for the logistic map. Information embedding key is utilized at the time of information embedding. By utilizing precise picture encryption and information embedding key, the beneficiary can, without much of a stretch, concentrate the incorporated secure data and totally recoup the first picture and also the original secret information. At the point when the embedding key is truant, the first picture can be recouped pretty nearly with sufficient quality without getting the embedding key of interest.

Keywords: data embedding, decryption, encryption, reversible data hiding, steganography

Procedia PDF Downloads 267

Authors: Tuba Senel Zor, Oktay Aslan

Abstract:

With current trends in nanoscience and nanotechnology (NST), scientists have paid much attention to education and nanoliteracy in parallel with the developments on these fields. To understand the advances in NST research requires a population with a high degree of science literacy. All citizens should soon need nanoliteracy in order to navigate some of the important science-based issues faced to their everyday lives. While the fields of NST are advancing rapidly and raising their societal significance, general public’s awareness of these fields has remained at a low level. Moreover, students enrolled different education levels and teachers don’t have awareness at expected level. This problem may be stemmed from inadequate education and training. To remove the inadequacy, teachers have greatest duties and responsibilities. Especially science teachers at all levels need to be made aware of these developments and adequately prepared so that they are able to teach about these advances in a developmentally appropriate manner. If the teachers develop understanding and awareness of NST, they can also discuss the topic with their students. Therefore, the awareness and conceptual understandings of both the teachers who will teach science to students and the students who will be introduced about NST should be increased, and the necessary training should be provided. The aim of this study was to examine the effect of NST education on preservice science teachers’ awareness of NST. The study was designed in one group pre-test post-test quasi-experimental pattern. The study was conducted with 32 preservice science teachers attending the Elementary Science Education Program at a large Turkish university in central Anatolia. NST education was given during five weeks as two hours per week. Nanoscience and Nanotechnology Awareness Questionnaire was used as data collected tool and was implemented for pre-test and post-test. The collected data were analyzed using Statistical package for the Social Science (SPSS). The results of data analysis showed that there was a significant difference (z=6.25, p< .05) on NST awareness of preservice science teachers after implemented NST education. The results of the study indicate that NST education has an important effect for improving awareness of preservice science teachers on NST.

Keywords: awareness level, nanoliteracy, nanoscience and nanotechnology education, preservice science teachers

Procedia PDF Downloads 421

Authors: Mitchell Browe, Oriehi Destiny Anyaiwe, Zahraddeen Gwarzo

Abstract:

The Internet of Things (IoT) is a major evolution of technology and of the internet, which has the power to revolutionize the way people live. IoT has the power to change the way people interact with each other and with their homes; It has the ability to give people new ways to interact with and monitor their health; It can alter socioeconomic landscapes by providing new and efficient methods of resource management, saving time and money for both individuals and society as a whole; It even has the potential to save lives through autonomous vehicle technology and smart security measures. Unfortunately, nearly every revolution bears challenges which must be addressed to minimize harm by the new technology upon its adopters. IoT represents an internet technology revolution which has the potential to risk privacy, safety, and security of its users, should devices be developed, implemented, or utilized improperly. This article examines past and current examples of these ethical faults in an attempt to highlight the importance of consumer awareness of potential dangers of these technologies in making informed purchasing and utilization decisions, as well as to reveal how deficiencies and limitations of IoT devices should be better addressed by both companies and by regulatory bodies. Aspects such as consumer trust, corporate transparency, and misuse of individual data are all factors in the implementation of proper ethical boundaries in the IoT.

Keywords: IoT, ethical concerns, privacy, safety, security, smart devices

Procedia PDF Downloads 56

Authors: Bel G Raggad

Abstract:

An e-Learning setting is a distributed computing environment where information resources can be connected to any public network. Public networks are very unsecure which can compromise the reliability of an e-Learning environment. This study is only concerned with the intrusion detection aspect of e-Learning security and how incident responses are planned. The literature reported great advances in intrusion detection system (ids) but neglected to study an important ids weakness: suspected events are detected but an intrusion is not determined because it is not defined in ids databases. We propose an incident response generator (DIRG) that produces incident responses when the working ids system suspects an event that does not correspond to a known intrusion. Data involved in intrusion detection when ample uncertainty is present is often not suitable to formal statistical models including Bayesian. We instead adopt Dempster and Shafer theory to process intrusion data for the unknown event. The DIRG engine transforms data into a belief structure using incident scenarios deduced by the security administrator. Belief values associated with various incident scenarios are then derived and evaluated to choose the most appropriate scenario for which an automatic incident response is generated. This article provides a numerical example demonstrating the working of the DIRG system.

Keywords: decision support system, distributed computing, e-Learning security, incident response, intrusion detection, security risk, statefull inspection

Procedia PDF Downloads 401

Authors: Nurazean Maarop, Noorjan Mohd Mustapha, Rasimah Yusoff, Roslina Ibrahim, Norziha Megat Mohd Zainuddin

Abstract:

The goal of this study is to identify success factors that could influence the ISMS self-implementation in government sector from qualitative perspective. This study is based on a case study in one of the Malaysian government agency. Semi-structured interviews involving five key informants were conducted to examine factors addressed in the conceptual framework. Subsequently, thematic analysis was executed to describe the influence of each factor on the success implementation of ISMS. The result of this study indicates that management commitment, implementer commitment and implementer competency are part of the success factors for ISMS self-implementation in Malaysian Government Sector.

Keywords: ISMS success factors, IT project management, IS success, information security

Procedia PDF Downloads 280

Authors: Sandesh Achar

Abstract:

Cloud computing security is a broad term that covers a variety of security concerns for organizations that use cloud services. Multi-cloud service providers must consider several factors when addressing security for their customers, including identity and access management, data at rest and in transit, egress and ingress traffic control, vulnerability and threat management, and auditing. This paper explores each of these aspects of cloud security in detail and provides recommendations for best practices for multi-cloud service providers. It also discusses the challenges inherent in securing a multi-cloud environment and offers solutions for overcoming these challenges. By the end of this paper, readers should have a good understanding of the various security concerns associated with multi-cloud environments in the context of today’s modern cyber threats and how to address them.

Keywords: multi-cloud service, system organization control, data loss prevention, identity and access management

Procedia PDF Downloads 70

Authors: Musaab Hasan, Farkhund Iqbal, Patrick C. K. Hung, Benjamin C. M. Fung, Laura Rafferty

Abstract:

In modern societies, the smart cities concept raised simultaneously with the projection towards adopting smart devices. A smart grid is an essential part of any smart city as both consumers and power utility companies benefit from the features provided by the power grid. In addition to advanced features presented by smart grids, there may also be a risk when the grids are exposed to malicious acts such as security attacks performed by terrorists. Considering advanced security measures in the design of smart meters could reduce these risks. This paper presents a security study for smart metering systems with a prototype implementation of the user interfaces for future works.

Keywords: security design, smart city, smart meter, smart grid, smart metering system

Procedia PDF Downloads 305

Authors: Kai Qian, Lixin Tao

Abstract:

Mobile devices such as smartphones are getting more and more popular in our daily lives. The security vulnerability and threat attacks become a very emerging and important research and education topic in computing security discipline. There is a need to have an innovative mobile security hands-on laboratory to provide students with real world relevant mobile threat analysis and protection experience. This paper presents an authentic teaching and learning mobile security approach with smartphone devices which covers most important mobile threats in most aspects of mobile security. Each lab focuses on one type of mobile threats, such as mobile messaging threat, and conveys the threat analysis and protection in multiple ways, including lectures and tutorials, multimedia or app-based demonstration for threats analysis, and mobile app development for threat protections. This authentic learning approach is affordable and easily-adoptable which immerse students in a real world relevant learning environment with real devices. This approach can also be applied to many other mobile related courses such as mobile Java programming, database, network, and any security relevant courses so that can learn concepts and principles better with the hands-on authentic learning experience.

Keywords: mobile computing, Android, network, security, labware

Procedia PDF Downloads 378

Authors: Tariq Ahamad, Mohammed S. Al-Kahtani, Taisir Eldos

Abstract:

Optical communications technology has made enormous and steady progress for several decades, providing the key resource in our increasingly information-driven society and economy. Much of this progress has been in finding innovative ways to increase the data carrying capacity of a single optical fiber. In this research article we have explored basic issues in terms of security and reliability for secure and reliable information transfer through the fiber infrastructure. Conspicuously, one potentially enormous source of improvement has however been left untapped in these systems: fibers can easily support hundreds of spatial modes, but today’s commercial systems (single-mode or multi-mode) make no attempt to use these as parallel channels for independent signals. Bandwidth, performance, reliability, cost efficiency, resiliency, redundancy, and security are some of the demands placed on telecommunications today. Since its initial development, fiber optic systems have had the advantage of most of these requirements over copper-based and wireless telecommunications solutions. The largest obstacle preventing most businesses from implementing fiber optic systems was cost. With the recent advancements in fiber optic technology and the ever-growing demand for more bandwidth, the cost of installing and maintaining fiber optic systems has been reduced dramatically. With so many advantages, including cost efficiency, there will continue to be an increase of fiber optic systems replacing copper-based communications. This will also lead to an increase in the expertise and the technology needed to tap into fiber optic networks by intruders. As ever before, all technologies have been subject to hacking and criminal manipulation, fiber optics is no exception. Researching fiber optic security vulnerabilities suggests that not everyone who is responsible for their networks security is aware of the different methods that intruders use to hack virtually undetected into fiber optic cables. With millions of miles of fiber optic cables stretching across the globe and carrying information including but certainly not limited to government, military, and personal information, such as, medical records, banking information, driving records, and credit card information; being aware of fiber optic security vulnerabilities is essential and critical. Many articles and research still suggest that fiber optics is expensive, impractical and hard to tap. Others argue that it is not only easily done, but also inexpensive. This paper will briefly discuss the history of fiber optics, explain the basics of fiber optic technologies and then discuss the vulnerabilities in fiber optic systems and how they can be better protected. Knowing the security risks and knowing the options available may save a company a lot embarrassment, time, and most importantly money.

Keywords: in-house networks, fiber optics, security risk, money

Procedia PDF Downloads 391

Authors: Ahlem Setrallah

Abstract:

Environment has become a phenomenon directly linked to security in recent decades. This security aspect of environment is justified by the challenges that environment problems can have on human life and thus security especially within the scope of human security that is based mainly on the individual rather than on the state. Because Africa is not safe from the global warming and all its consequences on environment, this continent has witnessed many crises related to environment and that have had direct impact on security in Africa. One of those crises is environmental displacement or immigration which was caused by natural disasters like draught, desertification and food shortage to name but a few. This paper aims at shedding light at some important cases in the Africa focusing mainly on the Sahel region. The main research questions that we are trying to answer are the following: 1-What is the relationship between environment and forced immigration in the Sahel region? 2-What is the impact of environmental immigration on Security in the region? 3-How have the states in this region reacted to this crisis? 4-Is the measures taken by those states adequate or not? 5- How to remedy for the limitations of those measures? The paper is based on case study methodology as a way to better understand the relationship between security and environment using library research for data collection and analysis. This paper aims also at presenting some suggesting regarding possible ways of reducing the negative impact of environmental immigration.

Keywords: environment, refugees, Sahel region, security

Procedia PDF Downloads 437

Authors: Lutpi Ginanjar

Abstract:

Environmental hygiene is indispensable for people to live healthy, safe and peaceful. In a small environment, the cleanliness of the environment is very easy to overcome, but on the larger environment requires a more complicated management and considerable investments. In general environmental hygiene are managed by the Department of Hygiene and Landscaper. Found a good management, but much less good management. The difficulties that are often encountered on waste management also caused public awareness itself. In addition, communities have difficulty in making a report about the rubbish because not dibangunnyasistem good information. Essai aims to build information systems environment clean especially the handling of waste in the city of Bandung, West Java province. The system was built with PHP software. Expected results obtained after the construction of the information system of environmental hygiene can be demonstrated to the community will be the health of the environment.

Keywords: information systems, SMS gateway, management, software, PHP

Procedia PDF Downloads 445

Authors: Mohammad A. Alia, Abdelfatah Aref Tamimi, Omaima N. A. Al-Allaf

Abstract:

This paper reviews a comparison study on the most common used authentication methods. Some of these methods are actually based on cryptography. In this study, we show the main cryptographic services. Also, this study presents a specific discussion about authentication service, since the authentication service is classified into several categorizes according to their methods. However, this study gives more about the real life example for each of the authentication methods. It talks about the simplest authentication methods as well about the available biometric authentication methods such as voice, iris, fingerprint, and face authentication.

Keywords: information security, cryptography, system access control, authentication, network security

Procedia PDF Downloads 436

Authors: Kavitha Thamadharan, Nurazean Maarop

Abstract:

The implementation of e-assessment as tool to support the process of teaching and learning in university has become a popular technological means in universities. E-Assessment provides many advantages to the users especially the flexibility in teaching and learning. The e-assessment system has the capability to improve its quality of delivering education. However, there still exists a drawback in terms of security which limits the user acceptance of the online learning system. Even though there are studies providing solutions for identified security threats in e-learning usage, there is no particular model which addresses the factors that influences the acceptance of e-assessment system by lecturers from security perspective. The aim of this study is to explore security aspects of e-assessment in regard to the acceptance of the technology. As a result a conceptual model of secure acceptance of e-assessment is proposed. Both human and security factors are considered in formulation of this conceptual model. In order to increase understanding of critical issues related to the subject of this study, interpretive approach involving convergent mixed method research method is proposed to be used to execute the research. This study will be useful in providing more insightful understanding regarding the factors that influence the user acceptance of e-assessment system from security perspective.

Keywords: secure technology acceptance, e-assessment security, e-assessment, education technology

Procedia PDF Downloads 435

Authors: Hind Bouami, Patrick Millot

Abstract:

Medication dispensing system is a life-critical system whose failure may result in preventable adverse events leading to longer patient stays in hospitals or patient death. Automation has led to great improvements in life-critical systems as it increased safety, efficiency, and comfort. However, critical risks related to medical organization complexity and automated solutions integration can threaten drug dispensing security and performance. Knowledge about the system’s complexity aspects and human machine parameters to control for automated equipment’s security and performance will help operators to secure their automation process and to optimize their system’s reliability. In this context, this study aims to document the operator’s situation awareness about automation risks and parameters involved in automation security and performance. Our risk management approach has been deployed in the North Luxembourg hospital center’s pharmacy, which is equipped with automated drug dispensing systems since 2009. With more than 4 million euros of gains generated, North Luxembourg hospital center’s success story was enabled by the management commitment, pharmacy’s involvement in the implementation and improvement of the automation project, and the close collaboration between the pharmacy and Sinteco’s firm to implement the necessary innovation and organizational actions for automated solutions integration security and performance. An analysis of the actions implemented by the hospital and the parameters involved in automated equipment’s integration security and performance has been made. The parameters to control for automated equipment’s integration security and performance are human aspects (6.25%), technical aspects (50%), and human-machine interaction (43.75%). The implementation of an anthropocentric analysis system before automation would have prevented and optimized the control of risks related to automation.

Keywords: Automated drug delivery systems, Hospitals, Human-centered automated system, Risk management

Procedia PDF Downloads 108