Search results for: information security awareness

Authors: Adine Barett, Jermel Watson, Anteneh Girma, Kacem Thabet

Abstract:

In information security, secure communication of data across networks has always been a problem at the forefront. Transfer of information across networks is susceptible to being exploited by attackers engaging in malicious activity. In this paper, we leverage steganography and cryptography to create a layered security solution to protect the information being transmitted. The first layer of security leverages crypto- graphic techniques to scramble the information so that it cannot be deciphered even if the steganography-based layer is compromised. The second layer of security relies on steganography to disguise the encrypted in- formation so that it cannot be seen. We consider three cryptographic cipher methods in the cryptography layer, namely, Playfair cipher, Blowfish cipher, and Hills cipher. Then, the encrypted message is passed through the least significant bit (LSB) to the steganography algorithm for further encryption. Both encryption approaches are combined efficiently to help secure information in transit over a network. This multi-layered encryption is a solution that will benefit cloud platforms, social media platforms and networks that regularly transfer private information such as banks and insurance companies.

Keywords: cryptography, steganography, layered security, Cipher, encryption

Procedia PDF Downloads 51

Authors: Ching-Yu Lin

Abstract:

The number of patients with aphasia has been gradually increasing; however, public awareness of aphasia is still limited. Moreover, surveys about public awareness of aphasia have been conducted in several countries, but there is no research about public awareness of aphasia in Taiwan so far. Therefore, this study aims at the investigation of public awareness of aphasia in Taiwan. In this pilot study, the original English-version questionnaire will be translated into Mandarin Chinese by a speech therapist (the author), and 100 Taiwanese over 18 years old will be recruited to finish the questionnaire. People with an occupation about health or medical will be excluded. In order to reach more people, the questionnaire will be an Internet survey by Google Forms, and the URL of the survey will be distributed by messaging, i.e. e-mail, Facebook Messenger, Instagram DM, or Line. Data will be analyzed via PASW Statistic 18. Descriptive statistics will be used to summarize what proportion of the public have heard of aphasia and what proportion of the public have basic knowledge of aphasia in Taiwan. The sources of information about aphasia will also be investigated. Further, differences in awareness of aphasia due to age, gender, and education level will be discussed.

Keywords: aphasia, public awareness, public knowledge, taiwan

Procedia PDF Downloads 69

Authors: Kalaivani Pachiappan, Sabari Annaji, Nithya Jayakumar

Abstract:

In recent years, Information security has emerged as foremost challenges in many fields. Especially in medical information systems security is a major issue, in handling reports such as patients’ diagnosis and medical images. These sensitive data require confidentiality for transmission purposes. Image sharing is a secure and fault-tolerant method for protecting digital images, which can use the cryptography techniques to reduce the information loss. In this paper, visual sharing method is proposed which embeds the patient’s details into a medical image. Then the medical image can be divided into numerous shared images and protected by various users. The original patient details and medical image can be retrieved by gathering the shared images.

Keywords: information security, medical images, cryptography, visual sharing

Procedia PDF Downloads 375

Authors: J. Waldon

Abstract:

The civil aviation industry plays a crucial role in global transportation, connecting people and goods across the world. Ensuring the safety and security of passengers, crew, and aircraft is of paramount importance. This paper aims to address the aspect of training and human factors, amongst others, necessary for enhancing civil aviation safety and security. In this context, we are focusing on the level of attention exhibited in the checking of luggage and travel credentials, with the aim to identify areas of improvement and avoid compromising security and safety at the Nsimalen Airport Yaoundé, Cameroon. We found that there is a lack of proper awareness among both travelers and some staff on the safety and security of goods and passengers. We suggest that improved training and handling, and sensitization in the form of legible billboards are important. Thus, we recommend refresher courses like this one for staff to keep abreast with the fast-changing security landscape in air transport as well as proper sensitization, including health-related issues. In conclusion, we established that the human factors, as well as the frequency of training and refresher courses, have a positive outlook on safety and security in air transport.

Keywords: safety, security, passengers, cargo

Procedia PDF Downloads 37

Authors: Abeer Al Kalbani

Abstract:

Oman is a sub-tropical country with limited water resources, harsh weather and limited soil fertility, constraining food production. Therefore, it largely depends on international markets to assure supply of food. In the light of these circumstances, food security in Oman is defined as the ability of the country to grant the staple food needs of people (e.g. rice, wheat, lentil, sugar, dates, dairy products, fish and plant or vegetable oils). It also involves exporting local goods with high production rates to exchange them with required food products. This concept of food security includes the availability of food through production and/or importing, stability of the market prices during all circumstances, and the ability of people to meet their needs within their income capabilities. As a result, most of the food security work is focused on availability and access dimensions of the issue. Not much research is focused on the utilization aspect of food security in Oman. Although women play a vital role in food security, there is limited research on women’s role in food security neither in Oman nor in neighboring Gulf countries. Women play an important role not only by carrying the responsibility of feeding their families but also by setting the consumption model for the household. Therefore, the research aims to contribute to the work done on food security in Oman and similar regions of the world by studying the role women play at the utilization level. Methods used in this research include Qualitative unstructured interviews, focus groups, survey questionnaire and an experimental study. Based on the FAO definition of food security, it consists of availability, access, utilization and sustainability. Results from a pilot study conducted for this research on two groups of women in Oman; urban and rural women, showed that women in Oman are responsible for achieving these four pillars at the household level. Moreover, awareness of women increased as their educational level increased. Urban women showed more awareness and openness to adopt healthier and proper food related choices than rural women. Urban women seem also more open than rural women to new ideas and concepts and ways to healthier food. However, both urban and rural women claim that no training and educational programs are available for them and awareness of food security in general remains relatively low in both groups. In the light of these findings, this research attempts to further investigate the social beliefs, practices and attitudes women adopt in relation to food purchase, storage, preparation and consumption as considered as important parts of the food system. It also seeks to examine the effect of educational training programs and media on the level of women awareness on the issue.

Keywords: food security, household food security, utilization, role of women

Procedia PDF Downloads 377

Authors: Dicky R. Munaf, Ayu Bulan Tisna

Abstract:

Competitive intelligence (business intelligence) is the process of observing the external environment which often conducted by many organizations to get the relevant information which will be used to create the organization policy, whereas, security intelligence is related to the function of the officers who have the duties to protect the country and its people from every criminal actions that might harm the national and individual security. Therefore, the intelligence dimension of maritime security is associated with all the intelligence activities including the subject and the object that connected to the maritime issues. The concept of intelligence business regarding the maritime security perspective is the efforts to protect the maritime security using the analysis of economic movements as the basic strategic plan. Clearly, a weak maritime security will cause high operational cost to all the economic activities which uses the sea as its media. Thus, it affects the competitiveness of a country compared to the other countries that are able to maintain the maritime law enforcement and secure their marine territory. So, the intelligence business within the security intelligence is important to conduct as the beginning process of the identification against the opponent strategy that might happen in the present or in the future. Thereby, the scenario of the potential impact of all the illegal maritime activities, as well as the strategy in preventing the opponent maneuver can be made.

Keywords: competitive intelligence, maritime security intelligence, intelligent systems, information technology

Procedia PDF Downloads 466

Authors: Amin Nazerzadeh, Afsaneh Nouri Houshyar , Azadeh Noori Hoshyar

Abstract:

With the rapid growing of information technology, the industry and manufacturing systems are becoming more automated. Therefore, achieving the highly accurate automatic systems with reliable security is becoming more critical. Biometrics that refers to identifying individual based on physiological or behavioral traits are unique identifiers provide high reliability and security in different industrial systems. As biometric cannot easily be transferred between individuals or copied, it has been receiving extensive attention. Due to the importance of security applications, this paper provides an overview on biometrics and discuss about background, types and applications of biometric as an effective tool for the industrial applications.

Keywords: Industial and manufacturing applications, intelligence and security, information technology, recognition; security technology; biometrics

Procedia PDF Downloads 125

Authors: Omid Amini

Abstract:

Nowadays, technology plays the most important role in the life of human beings because people use technology to share data and to communicate with each other, but the challenge is the security of this data. For instance, as more people turn to technology in the world, more data is generated, and more hackers try to steal or infiltrate data. In addition, the data is under the control of the central authority, which can trigger the challenge of losing information and changing information; this can create widespread anxiety for different people in different communities. In this paper, we sought to investigate Blockchain technology that can guarantee information security and eliminate the challenge of central authority access to information. Now a day, people are suffering from the current voting system. This means that the lack of transparency in the voting system is a big problem for society and the government in most countries, but blockchain technology can be the best alternative to the previous voting system methods because it removes the most important challenge for voting. According to the results, this research can be a good start to getting acquainted with this new technology, especially on the security part and familiarity with how to use a voting system based on blockchain in the world. At the end of this research, it is concluded that the use of blockchain technology can solve the major security problem and lead to a secure and transparent election.

Keywords: blockchain, technology, security, information, voting system, transparency

Procedia PDF Downloads 94

Authors: Beenish Urooj, Ubaid Ullah, Sidra Riasat

Abstract:

National Testing Service-Pakistan (NTS) is an agency in Pakistan that conducts student success appraisal examinations. In this research paper, we must present a security model for the NTS organization. The security model will depict certain security countermeasures for a better defense against certain types of breaches and system malware. We will provide a security roadmap, which will help the company to execute its further goals to maintain security standards and policies. We also covered multiple aspects in securing the environment of the organization. We introduced the processes, architecture, data classification, auditing approaches, survey responses, data handling, and also training and awareness of risk for the company. The primary contribution is the Risk Survey, based on the maturity model meant to assess and examine employee training and knowledge of risks in the company's activities.

Keywords: NTS, risk assessment, threat factors, security, services

Procedia PDF Downloads 46

Authors: John Benedict Bernardo

Abstract:

Crowdsourcing is a way of collecting information provided by the volunteers. This crowdsourced information has the capacity to increase the people’s situational awareness in times of disasters. The research reflected in this paper strives to demonstrate the benefits of crowdsourcing during natural disasters and the ways of utilizing it for disaster response. Shared information regarding natural disasters from social media is often scattered as the inputs from these media are uncategorized. For this reason, the study aims to equip the citizens a medium that is solely intended for sharing and/or obtaining natural disaster-related information. Ergo, an android application was developed to gather and publicize this volunteered information. The capability of crowdsourcing and the effectiveness of the application were evaluated and the result shows overwhelming agreement that this study is indeed efficient in increasing the awareness and response initiatives of the citizens during natural disasters.

Keywords: crowdsourcing, natural disasters, mobile application, social media

Procedia PDF Downloads 291

Authors: Masese Chuma Benard, Martin Onsiro Ronald

Abstract:

Businesses have been using cloud computing more frequently recently because they wish to take advantage of its advantages. However, employing cloud computing also introduces new security concerns, particularly with regard to data security, potential risks and weaknesses that could be exploited by attackers, and various tactics and strategies that could be used to lessen these risks. This study examines data security issues on cloud computing amongst sme’s in Nairobi county, Kenya. The study used the sample size of 48, the research approach was mixed methods, The findings show that data owner has no control over the cloud merchant's data management procedures, there is no way to ensure that data is handled legally. This implies that you will lose control over the data stored in the cloud. Data and information stored in the cloud may face a range of availability issues due to internet outages; this can represent a significant risk to data kept in shared clouds. Integrity, availability, and secrecy are all mentioned.

Keywords: data security, cloud computing, information, information security, small and medium-sized firms (SMEs)

Procedia PDF Downloads 53

Authors: Anas Abdulrahman A. Almiman

Abstract:

In recent decades, efforts to combat extremism have focused on non-physical dimensions, as various countries have attempted to raise security awareness or promote authentic and moderate Islamic education. The Kingdom of Saudi Arabia is one of the most successful and unique cases because it has focused on the immunization of Islamic intellectual security to combat extremism. This study aims to define the concept and importance of Islamic intellectual security in the Kingdom of Saudi Arabia through a descriptive-analytical study. It describes the potential role of Islamic intellectual security immunization in reducing extremism in the Kingdom of Saudi Arabia from 1979 to 2019, identifying various factors that connect Islamic intellectual security immunization to extremism reduction. One such factor is the MISK Foundation’s forums and conferences intended to raise Islamic intellectual security and reduce intellectual deviation, thus reducing extremism. It concludes that the common significant factor for Islamic intellectual deviation is direct commands and prohibitions. This study supports the efforts made by the Kingdom of Saudi Arabia to immunize Islamic intellectual security and fight extremism as a consequence.

Keywords: extremism, intellectual security immunization , Saudi Arabia, Islamic

Procedia PDF Downloads 163

Authors: Asmau Zarma Gogaram

Abstract:

The paper examines adult education and how it can be employed as a strategy for transformation and security challenges in Nigeria. It defines the meaning of adult education and its objectives.The issue of the necessity of employing adult education as a strategy for transformation and security challenges was also examined in the paper.In doing this it discussed the different types of adult education programmes, i.e.continuing education, literacy education, retirement and pre-retirement education and civic education. The paper concluded by stating that if the programmes stated are internalizes and applied they can help to raise awareness. Finally the paper proffered some recommendations one of which was that government should at all levels increase their efforts or promoting acquisition of adult education.

Keywords: adult education, transformation and security challenges, Nigeria, education and human development

Procedia PDF Downloads 480

Authors: Omid Khodabakhshi, Amir Rozdel

Abstract:

The subject of cloud computing security research has allocated a number of challenges and competitions because the data center is comprised of complex private information and are always faced various risks of information disclosure by hacker attacks or internal enemies. Accordingly, the security of virtual machines in the cloud computing infrastructure layer is very important. So far, there are many software solutions to develop security in virtual machines. But using software alone is not enough to solve security problems. The purpose of this article is to examine the challenges and security requirements for accessing and storing data in an insecure cloud environment. In other words, in this article, a structure is proposed for the implementation of highly isolated security-sensitive codes using secure computing hardware in virtual environments. It also allows remote code validation with inputs and outputs. We provide these security features even in situations where the BIOS, the operating system, and even the super-supervisor are infected. To achieve these goals, we will use the hardware support provided by the new Intel and AMD processors, as well as the TPM security chip. In conclusion, the use of these technologies ultimately creates a root of dynamic trust and reduces TCB to security-sensitive codes.

Keywords: code, cloud computing, security, virtual machines

Procedia PDF Downloads 159

Authors: Tizian Matschak, Ilja Nastjuk, Stephan Kühnel, Simon Trang

Abstract:

We argue that besides well-known primary effects of information security controls (ISCs), namely confidentiality, integrity, and availability, ISCs can also have secondary effects. For example, while IT can add business value through impacts on business processes, ISCs can be a barrier and distort the relationship between IT and organizational value through the impact on business processes. By applying the Delphi method with 28 experts, we derived 27 business process influence dimensions of ISCs. Defining and understanding these mechanisms can change the common understanding of the cost-benefit valuation of IT security investments and support managers' effective and efficient decision-making.

Keywords: business process dimensions, dark side of information security, Delphi study, IT security controls

Procedia PDF Downloads 76

Authors: Sofia Ahanj Sofia Ahanj, Mahsa Rahmani Mahsa Rahmani, Zahra Sadeghigol, Vida Nobakht Vida Nobakht

Abstract:

Providing security in the electricity industry, as one of the vital infrastructures of the country, is one of the essential operations that must be taken in order to improve the security of the country. Resistant security strategies need to be regularly implemented as a dynamic process to improve security, and security evaluation is one of the most important steps in this process. Methodology in the field of evaluation in both technical and managerial dimensions is discussed in the laboratory. There are various standards in the field of general ICT technical-security evaluation. The most important are ISO / IEC 15408, ISO / IEC 27001 and NIST SP 800-53. In the present paper, these standards are first examined. Then, the standards and reports in the industrial field have been reviewed and compared, and finally, based on the results and special considerations of information and communication technology equipment in the electricity industry, the appropriate methodology has been presented.

Keywords: security standards, ISO/IEC 15408, ISA/IEC 62443 series, NIST SP 800-53, NISTIR 7628

Procedia PDF Downloads 134

Authors: Mohamed Sarrab, Hadj Bourdoucen

Abstract:

Mobile applications are verified to check the correctness or evaluated to check the performance with respect to specific security properties such as availability, integrity, and confidentiality. Where they are made available to the end users of the mobile application is achievable only to a limited degree using software engineering static verification techniques. The more sensitive the information, such as credit card data, personal medical information or personal emails being processed by mobile application, the more important it is to ensure the confidentiality of this information. Monitoring non-trusted mobile application during execution in an environment where sensitive information is present is difficult and unnerving. The paper addresses the issue of monitoring and controlling the flow of confidential information during non-trusted mobile application execution. The approach concentrates on providing a dynamic and usable information security solution by interacting with the mobile users during the run-time of mobile application in response to information flow events.

Keywords: mobile application, run-time verification, usable security, direct information flow

Procedia PDF Downloads 352

Authors: Belbahi Ahlam

Abstract:

With the phenomenal growth in the Internet, network security has become an integral part of computer and information security. In order to come up with measures that make networks more secure, it is important to learn about the vulnerabilities that could exist in a computer network and then have an understanding of the typical attacks that have been carried out in such networks. The first half of this paper will expose the readers to the classical network attacks that have exploited the typical vulnerabilities of computer networks in the past and solutions that have been adopted since then to prevent or reduce the chances of some of these attacks. The second half of the paper will expose the readers to the different network security controls including the network architecture, protocols, standards and software/ hardware tools that have been adopted in modern day computer networks.

Keywords: network security, attacks and controls, computer and information, solutions

Procedia PDF Downloads 418

Authors: Nada Mouchfiq, Ahmed Habbani, Chaimae Benjbara

Abstract:

The security aspect of the IoT occupies a place of great importance especially after the evolution that has known this field lastly because it must take into account the transformations and the new applications .Blockchain is a new technology dedicated to the data sharing. However, this does not work the same way in the different systems with different operating principles. This article will discuss network security using the Blockchain to facilitate the sending of messages and information, enabling the use of new processes and enabling autonomous coordination of devices. To do this, we will discuss proposed solutions to ensure a high level of security in these networks in the work of other researchers. Finally, our article will propose a method of security more adapted to our needs as a team working in the ad hoc networks, this method is based on the principle of the Blockchain and that we named ”MPR Blockchain”.

Keywords: Ad hocs networks, blockchain, MPR, security

Procedia PDF Downloads 147

Authors: Justyna Żywiołek, Marek Matulewski

Abstract:

Data, is information processed by enterprises for primary and secondary purposes as processes. Thanks to processing, the sales process takes place; in the case of the surveyed companies, sales take place online. However, this indirect form of contact with the customer causes many problems for both customers and furniture manufacturers. The article presents solutions that would solve problems related to the analysis of data and information in the order fulfillment process sent to post-warranty service. The article also presents an analysis of threats to the security of this information, both for customers and the enterprise.

Keywords: ordering furniture online, information security, furniture industry, enterprise security, risk analysis

Procedia PDF Downloads 19

Authors: Sara Ibn El Ahrache, Tajje-eddine Rachidi, Hassan Badir, Abderrahmane Sbihi

Abstract:

Recently, there has been increasing confidence for a favorable usage of big data drawn out from the huge amount of information deposited in a cloud computing system. Data kept on such systems can be retrieved through the network at the user’s convenience. However, the data that users send include private information, and therefore, information leakage from these data is now a major social problem. The usage of secret sharing schemes for cloud computing have lately been approved to be relevant in which users deal out their data to several servers. Notably, in a (k,n) threshold scheme, data security is assured if and only if all through the whole life of the secret the opponent cannot compromise more than k of the n servers. In fact, a number of secret sharing algorithms have been suggested to deal with these security issues. In this paper, we present a Mapreduce implementation of Shamir’s secret sharing scheme to increase its performance and to achieve optimal security for cloud data. Different tests were run and through it has been demonstrated the contributions of the proposed approach. These contributions are quite considerable in terms of both security and performance.

Keywords: cloud computing, data security, Mapreduce, Shamir's secret sharing

Procedia PDF Downloads 276

Authors: Sadiq Nasir

Abstract:

The need for strong cybersecurity measures has been brought to light by society's growing reliance on technology. Cybersecurity breaches continue, with the human aspect playing a crucial role, despite the availability of technology remedies. By analyzing the most recent findings in this area of research on awareness, attitudes, and behaviour, this literature review seeks to comprehend the human element in cybersecurity. A thorough overview of the most recent studies and gaps in the body of knowledge will be determined through a systematic examination of the literature. The paper indicates that in order to address the human component in cybersecurity, a socio-technical strategy is required, and it advocates for additional study in order to fully comprehend the consequences of various interventions. The findings of this study will increase our understanding of cybersecurity and have useful ramifications for companies wanting to strengthen their cybersecurity posture.

Keywords: cybersecurity, cybersecurity awareness, human factor in security, human security

Procedia PDF Downloads 54

Authors: Ossama Matrane

Abstract:

Information System has become a strategic lever for enterprises. It contributes effectively to align business processes on strategies of enterprises. It is regarded as an increase in productivity and effectiveness. So, many organizations are currently involved in implementing sustainable Information System. And, a large number of studies have been conducted the last decade in order to define the success factors of information system. Thus, many studies on maturity model have been carried out. Some of this study is referred to the maturity model of Information System. In this article, we report on development of maturity models specifically designed for information system. This model is built based on three components derived from Maturity Model for Information Security Management, OPM3 for Project Management Maturity Model and processes of COBIT for IT governance. Thus, our proposed model defines three maturity stages for corporate a strong Information System to support objectives of organizations. It provides a very practical structure with which to assess and improve Information System Implementation.

Keywords: information system, maturity models, information security management, OPM3, IT governance

Procedia PDF Downloads 417

Authors: G. T. Aigarinova

Abstract:

This article considers the legal issues of food security as a major component of national security of the republic. The problem of food security is the top priority of the economic policy strategy of any state, the effectiveness of this solution influences social, political, and ethnic stability in society. Food security and nutrition is everyone’s business. Food security exists when all people, at all times, have physical, social and economic access to sufficient safe and nutritious food that meets their dietary needs and food preferences for an active and healthy life. By analyzing the existing legislation in the area of food security, the author identifies weaknesses and gaps, suggesting ways to improve it.

Keywords: food security, national security, agriculture, public resources, economic security

Procedia PDF Downloads 389

Authors: Mojtaba Fayaz, Richard Hallal

Abstract:

This study examines the various types of dangers that our virtual environment is vulnerable to, including how it can be attacked and how to avoid/secure our data. The terrain of cyberspace is never completely safe, and Covid- 19 has added to the confusion, necessitating daily periodic checks and evaluations. Cybercriminals have been able to enact with greater skill and undertake more conspicuous and sophisticated attacks while keeping a higher level of finesse by operating from home. Different types of cyberattacks, such as operation-based attacks, authentication-based attacks, and software-based attacks, are constantly evolving, but research suggests that software-based threats, such as Ransomware, are becoming more popular, with attacks expected to increase by 93 percent by 2020. The effectiveness of cyber frameworks has shifted dramatically as the pandemic has forced work and private life to become intertwined, destabilising security overall and creating a new front of cyber protection for security analysis and personal. The high-rise formats in which cybercrimes are carried out, as well as the types of cybercrimes that exist, such as phishing, identity theft, malware, and DDoS attacks, have created a new front of cyber protection for security analysis and personal safety. The overall strategy for 2022 will be the introduction of frameworks that address many of the issues associated with offsite working, as well as education that provides better information about commercialised software that does not provide the highest level of security for home users, allowing businesses to plan better security around their systems.

Keywords: cyber security, authentication, software, hardware, malware, COVID-19, threat actors, awareness, home users, confidentiality, integrity, availability, attacks

Procedia PDF Downloads 93

Authors: Maryam Shayan

Abstract:

Programming frameworks have been utilized as a part of chemical industry process safety operation and configuration to enhance its effectiveness. This paper gives a brief survey and investigation of the best in class and effects of programming frameworks in process security. A study was completed by talking staff accountable for procedure wellbeing practices in the Iranian chemical process industry and diving into writing of innovation for procedure security. This article investigates the useful and operational attributes of programming frameworks for security and endeavors to sort the product as indicated by its level of effect in the administration chain of importance. The study adds to better comprehension of the parts of Information Communication Technology in procedure security, the future patterns and conceivable gaps for innovative work.

Keywords: programming frameworks, chemical industry process, process security, administration chain, information communication technology

Procedia PDF Downloads 338

Authors: Jong-Won Lee

Abstract:

Since Cloud environment has appeared as the most powerful keyword in the computing industry, the growth in VDI (Virtual Desktop Infrastructure) became remarkable in domestic market. In recent years, with the trend that mobile devices such as smartphones and pads spread so rapidly, the strengths of VDI that allows people to access and perform business on the move along with companies' office needs expedite more rapid spread of VDI. However, although this enhanced accessibility and mobility can bring the enhanced productivity, it sometimes conflicts with the security, so there should be more detailed security solution, which is user authentication. In this paper, mobile OTP (One-Time Password) authentication method is proposed to secure mobile device portability through rapid and secure authentication using mobile devices such as mobile phones or pads, which does not require additional purchase or possession of OTP tokens of users. However, in order to use the service continuously and reliably in the cloud environment, both service provider and user have to prepare for security awareness and security threats, and continuously study the conflicting aspect between the improving user convenience and the security and supplement so that cloud service can provide opportunities to develop as a new growth industry in the future and create a new market in IT industry.

Keywords: cloud, OTP, mobility, security, authentication

Procedia PDF Downloads 329

Authors: Jeonghwan Jeon, Mintak Han, Youngjun Kim

Abstract:

Due to the rapid development of information and communication technology (ICT), a substantial transformation is currently happening in the society. As the range of intelligent technologies and services is continuously expanding, ‘things’ are becoming capable of communicating one another and even with people. However, such “Internet of Things” has the technical weakness so that a great amount of such information transferred in real-time may be widely exposed to the threat of security. User’s personal data are a typical example which is faced with a serious security threat. The threats of security will be diversified and arose more frequently because next generation of unfamiliar technology develops. Moreover, as the society is becoming increasingly complex, security vulnerability will be increased as well. In the existing literature, a considerable number of private and public reports that forecast future society have been published as a precedent step of the selection of future technology and the establishment of strategies for competitiveness. Although there are previous studies that forecast security technology, they have focused only on technical issues and overlooked the interrelationships between security technology and social factors are. Therefore, investigations of security threats in the future and security technology that is able to protect people from various threats are required. In response, this study aims to derive potential security threats associated with the development of technology and to explore the security technology that can protect against them. To do this, first of all, private and public reports that forecast future and online documents from technology-related communities are collected. By analyzing the data, future issues are extracted and categorized in terms of STEEP (Society, Technology, Economy, Environment, and Politics), as well as security. Second, the components of potential security threats are developed based on classified future issues. Then, points that the security threats may occur –for example, mobile payment system based on a finger scan technology– are identified. Lastly, alternatives that prevent potential security threats are proposed by matching security threats with points and investigating related security technologies from patent data. Proposed approach can identify the ICT-related latent security menaces and provide the guidelines in the ‘problem – alternative’ form by linking the threat point with security technologies.

Keywords: future society, information and communication technology, security technology, technology forecasting

Procedia PDF Downloads 440

Authors: Sanja Bracun, Nikolina Kasunic

Abstract:

After graduation, the student population of applied sciences will become the population of employees on IT experts’ positions or "just" business users of certain IT technologies for which the level of awareness of existing cybersecurity risks is extremely important. This research results define the current cybersecurity awareness level of students at Zagreb University of Applied Sciences (TVZ), what can be useful not only for teaching staff to form a curriculum related to cybersecurity more accurately but also to employers to know what to expect from their future employees regarding cybersecurity awareness level.

Keywords: student population cybersecurity awareness, cybersecurity awareness, cybersecurity, applied sciences students

Procedia PDF Downloads 218

Authors: Lethola Tshikose, Munyaradzi Katurura

Abstract:

Information and Communication Technology (ICT) plays a critical role in improving daily healthcare processes. The South African healthcare organizations have adopted Information Systems to integrate their patient records. This has made it much easier for healthcare organizations because patient information can now be accessible at any time. The primary purpose of this research study was to investigate the best practices that can be applied to enhance patient security and confidentiality when using e-health systems in South Africa. Security and confidentiality are critical in healthcare organizations as they ensure safety in EHRs. The research study used an inductive research approach that included a thorough literature review; therefore, no data was collected. The research paper’s scope included patient data and possible security threats associated with healthcare systems. According to the study, South African healthcare organizations discovered various patient data security and confidentiality issues. The study also revealed that when it comes to handling patient data, health professionals sometimes make mistakes. Some may not be computer literate, which posed issues and caused data to be tempered with. The research paper recommends that healthcare organizations ensure that security measures are adequately supported and promoted by their IT department. This will ensure that adequate resources are distributed to keep patient data secure and confidential. Healthcare organizations must correctly use standards set up by IT specialists to solve patient data security and confidentiality issues. Healthcare organizations must make sure that their organizational structures are adaptable to improve security and confidentiality.

Keywords: E-health, EHR, security, confidentiality, healthcare

Procedia PDF Downloads 24