Search results for: information security competencies

Authors: Deborah O. Ajumobi, Michael Kyobe

Abstract:

Studies show that women entrepreneurs are constrained and faced with challenges that inhibit the growth and performance of their businesses. However, with their human competencies, mobile technology and the appropriate business strategy, women-led SMEs can steer their businesses to better performance. While the need for SMEs to align these three elements has been suggested, there is limited knowledge on how SMEs can achieve this and no studies to the authors’ knowledge have examined this in women-led SMEs. This study therefore seeks to fill this gap by investigating how Women-led SMEs can best align these three elements to enhance business performance. In light of this, extensive literature review and theoretical work on the phenomenon has been conducted. Given the existence of the interplay between these three elements, we argue that the perspective of alignment as gestalts is most appropriate in determining the best way women-Led SMEs may align these aspects.

Keywords: women-led SMEs, human Competencies, mobile technology, business strategy, alignment

Procedia PDF Downloads 473

Authors: A. A. A. Indira Pratyaksa, Achmad Zaki

Abstract:

In every organization, there would be a demographic of young employees. They see themselves are the future leaders of the company. A special program needs to be prepared for them as a form of retention programs. Early Professional Program (EPD) must address challenges in the future. Aspects of the development of competence of young employees also become one of the answers in accelerating existing business processes. The role of the supervisor is the key success of EPD. Pertamina, thus, is better prepared to realize the vision and mission.

Keywords: young employee, competencies, development, leader, coaching

Procedia PDF Downloads 513

Authors: L. Pigon, S. Kot, J. K. Grabara

Abstract:

Nowadays, with organizations facing the challenges of increasing competitiveness, human capital accumulated by the organization is one of the elements that strongly differentiate between companies. Efficient management in the competition area requires to manage the competencies of their employees to be suitable to the market fluctuations. The aim of the paper was to determine how employee training to improve their competencies is verified. The survey was conducted among 37 respondents involved in selection of training providers and training programs in their enterprises. The results showed that all organizations use training survey as a basic method for evaluation of training effectiveness. Depending on the training contents and organization, the questionnaires contain various questions. Most of these surveys are composed of the three basic blocks: the trainer's assessment, the evaluation of the training contents, the assessment of the materials and the place of the organisation. None of the organization surveys conducted regular job-related observations or examined the attitudes of the training participants.

Keywords: human capital, competencies, training effectiveness, sale department

Procedia PDF Downloads 146

Authors: Jac J. W. Andrews, James B. Hale

Abstract:

Effective practicing psychologists require ongoing skill development that is constructivist and recursive in nature, with mentor, colleague, co-worker, and patient feedback critical to successful acquisition and maintenance of professional competencies. This paper will provide an overview of the nature and scope of psychologist skill development through multisource feedback (MSF) or 360 degree evaluation, present a rationale for its use for assessing practicing psychologist performance, and advocate its use in psychology given the demonstrated model utility in other health professions. The paper will conclude that an international research design is needed to assess the feasibility, reliability, and validity of MSF system ratings intended to solicit feedback from mentors, colleagues, coworkers, and patients about psychologist competencies. If adopted, the MSF model could lead to enhanced skill development that fosters patient satisfaction within and across countries.

Keywords: psychologist, multisource feedback, psychologist competency, professionalism

Procedia PDF Downloads 416

Authors: Randolf Von N. Salindo

Abstract:

The study was conducted to measure the logistics integration capabilities of selected companies in the Bahrain construction industry using the Supply Chain 2000 framework; and, determine the extent and direction of influence of these logistics capabilities and integration competencies on the supply chain performance of the firm. A total of 50 executive respondents (from supervisor to managing director level) from 22 construction and construction supplier firms participated in the study from September to November 2014. The results reveal that respondent Bahraini construction firms have significantly lower levels of logistics capabilities, but higher levels of logistics integration competencies compared to international benchmarks. Using stepwise multiple regression analysis, eight logistics capabilities of Bahraini constructions firms were identified to be positively associated with firm performance; with comprehensive metrics as the most positively dominant influential logistics capability. Activity based and total cost methodology is found to be the most negatively dominant influential logistics capability. In terms of logistics integration competencies, the study revealed that that customer integration, internal integration, and, measurement integration are negatively associated with firm performance. There was no logistics integration competency found to be positively associated with the supply chain performance among the companies who participated in the study. The research reveals that there are areas for improvement in supply chain capabilities and logistics integration competencies of the construction firms in the Kingdom of Bahrain to improve their supply chain performance to a global level.

Keywords: comprehensive metrics, customer integration, logistics integration capabilities, logistics integration competencies

Procedia PDF Downloads 605

Authors: Adriano Bessa Albuquerque, Francisco Jose Barreto Nunes

Abstract:

Software vulnerabilities are increasing and not only impact services and processes availability as well as information confidentiality, integrity and privacy, but also cause changes that interfere in the development process. Security test could be a solution to reduce vulnerabilities. However, the variety of test techniques with the lack of real case studies of applying tests focusing on software development life cycle compromise its effective use. This paper offers an overview of how a Systematic Mapping Study (MS) about security verification, validation and test (VVT) was performed, besides presenting general results about this study.

Keywords: software test, software security verification validation and test, security test institutionalization, systematic mapping study

Procedia PDF Downloads 358

Authors: Saleh Alumaran, Giampaolo Bella, Feng Chen

Abstract:

The study of organisations’ information security cultures has attracted scholars as well as healthcare services industry to research the topic and find appropriate tools and approaches to develop a positive culture. The vast majority of studies in Saudi national health services are on the use of technology to protect and secure health services information. On the other hand, there is a lack of research on the role and impact of an organisation’s cultural dimensions on information security. This research investigated and analysed the role and impact of cultural dimensions on information security in Saudi Arabia health service. Hypotheses were tested and two surveys were carried out in order to collect data and information from three major hospitals in Saudi Arabia (SA). The first survey identified the main cultural-dimension problems in SA health services and developed an initial information security culture framework model. The second survey evaluated and tested the developed framework model to test its usefulness, reliability and applicability. The model is based on human behaviour theory, where the individual’s attitude is the key element of the individual’s intention to behave as well as of his or her actual behaviour. The research identified six cultural dimensions: Saudi national culture, Saudi health service leadership, employees’ trust, technology, multicultural interactions and employees’ job roles. The research also identified a set of cultural sub-dimensions. These include working values and norms, tribe values and norms, attitudes towards women, power sharing, vision, social interaction, respect and understanding, hospital intra-net, hospital employees’ language(s) used, multi-national culture, communication system, employees’ job satisfaction and job security. The research identified that (a) the human behaviour towards medical information in SA is one of the main threats to information security and one of the main challenges to SA health authority, (b) The current situation of SA hospitals’ IS cultures is falling short in protecting medical information due to the current value and norms towards information security, (c) Saudi national culture and employees’ job role are the main dimensions playing major roles in the employees’ attitude, and technology is the least important dimension playing a role in the employees’ attitudes.

Keywords: cultural dimension, electronic health record, information security, privacy

Procedia PDF Downloads 329

Authors: Tai Mei Kin, Omar Abdull Kareem

Abstract:

In light of globalization, educational reform has become a top priority for many countries. However, the task of leading change effectively requires a multidimensional set of competencies. Over the past two decades, technical competencies of principal change leadership have been extensively analysed and discussed. Comparatively, little research has been conducted in Malaysian education context on non-technical competencies or popularly known as emotional intelligence, which is equally crucial for the success of change. This article provides a validation of the Principal Change Leadership Non-Technical Competencies (PCLnTC) Scale, a tool that practitioners can easily use to assess school principals’ level of change leadership non-technical competencies that facilitate change and maximize change effectiveness. The overall coherence of the PCLnTC model was constructed by incorporating three theories: a)the change leadership theory whereby leading change is the fundamental role of a leader; b)competency theory in which leadership can be taught and learned; and c)the concept of emotional intelligence whereby it can be developed, fostered and taught. An exploratory factor analysis (EFA) was used to determine the underlying factor structure of PCLnTC model. Before conducting EFA, five important pilot test approaches were conducted to ensure the validity and reliability of the instrument: a)reviewed by academic colleagues; b)verification and comments from panel; c)evaluation on questionnaire format, syntax, design, and completion time; d)evaluation of item clarity; and e)assessment of internal consistency reliability. A total of 335 teachers from 12 High Performing Secondary School in Malaysia completed the survey. The PCLnTCS with six points Liker-type scale were subjected to Principal Components Analysis. The analysis yielded a three-factor solution namely, a)Interpersonal Sensitivity; b)Flexibility; and c)Motivation, explaining a total 74.326 per cent of the variance. Based on the results, implications for instrument revisions are discussed and specifications for future confirmatory factor analysis are delineated.

Keywords: exploratory factor analysis, principal change leadership non-technical competencies (PCLnTC), interpersonal sensitivity, flexibility, motivation

Procedia PDF Downloads 400

Authors: Ari S. Prabowo, Nia Febriyanti, Haryono B. Santosa

Abstract:

Security function that is called as Physical Protection Systems (PPS) has functions to detect, delay and response. Physical Protection Systems (PPS) in Detection and Radiation Measurement Laboratory needs to be improved continually by using internal resources. The nuclear security culture provides some potentials to support this research. The study starts by identifying the security function’s weaknesses and its strengths of security culture as a purpose. Secondly, the strengths of security culture are implemented in the laboratory management. Finally, a simulation was done to measure its effectiveness. Some changes were happened in laboratory personnel behaviors and procedures. All became more prudent. The results showed a good influence of nuclear security culture in laboratory security functions.

Keywords: laboratory, physical protection system, security culture, security function

Procedia PDF Downloads 147

Authors: Kim Lytle, Tim Talty, Alan Michaels, Jeff Reed

Abstract:

Implantable medical devices (IMDs) are medically necessary devices embedded in the human body that monitor chronic disorders or automatically deliver therapies. Most IMDs have wireless capabilities that allow them to share data with an offboard programming device to help medical providers monitor the patient’s health while giving the patient more insight into their condition. However, serious security concerns have arisen as researchers demonstrated these devices could be hacked to obtain sensitive information or harm the patient. Cooperative jamming can be used to prevent privileged information leaks by maintaining an adequate signal-to-noise ratio at the intended receiver while minimizing signal power elsewhere. This paper uses ray tracing to demonstrate how a low number of friendly nodes abiding by Bluetooth Low Energy (BLE) transmission regulations can enhance IMD communication security in an office environment, which in turn may inform how companies and individuals can protect their proprietary and personal information.

Keywords: implantable biomedical devices, communication system security, array signal processing, ray tracing

Procedia PDF Downloads 70

Authors: Amir Ali Fatoorchi

Abstract:

Regardless of the advantage of LoT devices, they have limitations like storage, compute, and security problems. In recent years, a lot of Blockchain-based research in IoT published and presented. In this paper, we present the Security issues of LoT. IoT has three levels of security issues: Low-level, Intermediate-level, and High-level. We survey and compare blockchain-based solutions for high-level security issues and show how the underlying technology of bitcoin and Ethereum could solve IoT problems.

Keywords: Blockchain, security, data security, IoT

Procedia PDF Downloads 178

Authors: Mohammad Hadi Khorashadi Zadeh

Abstract:

Many new applications and internet services have been emerged since the innovation of mobile networks and devices. However, these applications have problems of security, management, and performance in business environments. Cloud systems provide information transfer, management facilities, and security for virtual environments. Therefore, an innovative internet service and a business model are proposed in the present study for creating a secure and consolidated environment for managing the mobile information of organizations based on cloud virtual phones (CVP) infrastructures. Using this method, users can run Android and web applications in the cloud which enhance performance by connecting to other CVP users and increases privacy. It is possible to combine the CVP with distributed protocols and central control which mimics the behavior of human societies. This mix helps in dealing with sensitive data in mobile devices and facilitates data management with less application overhead.

Keywords: BYOD, mobile cloud computing, mobile security, information management

Procedia PDF Downloads 278

Authors: Arenkala Kichu

Abstract:

This paper consolidates and tries to bring out the findings that investigated in Kohima and Mokokchung districts in Nagaland, which is in the northeastern part of India. The aim of this paper is to test the speaking and writing skills of the undergraduate learners who opt functional English as one of their papers. functional English is taught in just two colleges; Fazl Ali College and Kohima Colleges, out of 15 government and 36 private colleges in the state. This research (based on several observations made by Naga researchers) hypothesizes that functional English enhances competencies at the undergraduate level, which would open doors to work, learn more and better prospects. It is expected that learners in Functional English class, which follows the communicative language teaching method, might be the answers to those problems, as to why proficiency level still leaves much to be desired, in spite of the advent of the education over a hundred years ago. This type of teaching follows only in functional English class in these two colleges.

Keywords: enhancing competencies, speaking skills, undergraduate level, writing skills

Procedia PDF Downloads 296

Authors: Patrizia Poscic, Sanja Candrlic, Danijela Jaksic

Abstract:

The University of Rijeka, Department of Informatics participated in the Stand4Info project, co-financed by the European Union, with the main idea of an alignment of study programs with occupational and qualifications standards in the field of Informatics. A brief overview of our research methodology, goals and deliverables is shown. Our main research and project objectives were: a) development of occupational standards, qualification standards and study programs based on the Croatian Qualifications Framework (CROQF), b) higher education quality improvement in the field of information and communication sciences, c) increasing the employability of students of information and communication technology (ICT) and science, and d) continuously improving competencies of teachers in accordance with the principles of CROQF. CROQF is a reform instrument in the Republic of Croatia for regulating the system of qualifications at all levels through qualifications standards based on learning outcomes and following the needs of the labor market, individuals and society. The central elements of CROQF are learning outcomes - competences acquired by the individual through the learning process and proved afterward. The place of each acquired qualification is set by the level of the learning outcomes belonging to that qualification. The placement of qualifications at respective levels allows the comparison and linking of different qualifications, as well as linking of Croatian qualifications' levels to the levels of the European Qualifications Framework and the levels of the Qualifications framework of the European Higher Education Area. This research has made 3 proposals of occupational standards for undergraduate study level (System Analyst, Developer, ICT Operations Manager), and 2 for graduate (master) level (System Architect, Business Architect). For each occupational standard employers have provided a list of key tasks and associated competencies necessary to perform them. A set of competencies required for each particular job in the workplace was defined and each set of competencies as described in more details by its individual competencies. Based on sets of competencies from occupational standards, sets of learning outcomes were defined and competencies from the occupational standard were linked with learning outcomes. For each learning outcome, as well as for the set of learning outcomes, it was necessary to specify verification method, material, and human resources. The task of the project was to suggest revision and improvement of the existing study programs. It was necessary to analyze existing programs and determine how they meet and fulfill defined learning outcomes. This way, one could see: a) which learning outcomes from the qualifications standards are covered by existing courses, b) which learning outcomes have yet to be covered, c) are they covered by mandatory or elective courses, and d) are some courses unnecessary or redundant. Overall, the main research results are: a) completed proposals of qualification and occupational standards in the field of ICT, b) revised curricula of undergraduate and master study programs in ICT, c) sustainable partnership and association stakeholders network, d) knowledge network - informing the public and stakeholders (teachers, students, and employers) about the importance of CROQF establishment, and e) teachers educated in innovative methods of teaching.

Keywords: study program, qualification standard, occupational standard, higher education, informatics and computer science

Procedia PDF Downloads 115

Authors: M. Sandhya, R. M. Madhumitha, Sharmila Sankar

Abstract:

Interoperable medical devices (IMDs) face threats due to the increased attack surface accessible by interoperability and the corresponding infrastructure. Initiating networking and coordination functionalities primarily modify medical systems' security properties. Understanding the threats is a vital first step in ultimately crafting security solutions for such systems. The key to this problem is coming up with some common types of threats or attacks with those of security and privacy, and providing this information as a roadmap. This paper analyses the security issues in interoperability of devices and presents the main types of threats that have to be considered to build a secured system.

Keywords: interoperability, threats, attacks, medical devices

Procedia PDF Downloads 304

Authors: Ahmadu Girgiri, Lawan Gana Ali, Mamman M. Baba

Abstract:

Environmental security clearly articulates the perfections and developments of various communities around the world irrespective of the region, culture, religion or social inclination. Although, the present state of insecurity has become serious issue devastating the peace, unity, stability and progress of man and his physical environment particularly in developing countries. Recently, measure of security and it management in Nigeria has been a bottle-neck to the effectiveness and advancement of various sectors that include; business, education, social relations, politics and above all an economy. Several measures have been considered on mitigating environment insecurity such as surveillance, demarcation, security personnel empowerment and the likes, but still the issue remains disturbing. In this paper, we present the application of new technology that contributes to the improvement of security surveillance known as “Wireless Sensor Network (WSN)”. The system is new, smart and emerging technology that provides monitoring, detection and aggregation of information using sensor nodes and wireless network. WSN detects, monitors and stores information or activities in the deployed area such as schools, environment, business centers, public squares, industries, and outskirts and transmit to end users. This will reduce the cost of security funding and eases security surveillance depending on the nature and the requirement of the deployment.

Keywords: application, environment, insecurity, sensor, wireless sensor network

Procedia PDF Downloads 217

Authors: Okike Benjamin, Garba Ejd

Abstract:

Today, it has been observed security of information along the superhighway is often compromised by those who are not authorized to have access to such information. In order to ensure the security of information along the superhighway, such information should be encrypted by some means to conceal the real meaning of the information. There are many encryption techniques out there in the market. However, some of these encryption techniques are often easily decrypted by adversaries. The researcher has decided to develop an encryption technique that may be more difficult to decrypt. This may be achieved by splitting the message to be encrypted into parts and encrypting each part separately and swapping the positions before transmitting the message along the superhighway. The method is termed Merged Irregular Transposition Cipher. Also, the research would determine the complexity level in respect to the number of splits of the message.

Keywords: transposition cipher, merged irregular cipher, encryption, complexity level

Procedia PDF Downloads 317

Authors: Chandan Deep Singh

Abstract:

In present days, companies are facing the rapid competition in terms of customer requirements to be satisfied, new technologies to be integrated into future products, new safety regulations to be followed, new computer-based tools to be introduced into design activities that becomes more scientific. In today’s highly competitive market, survival focuses on various factors such as quality, innovation, adherence to standards, and rapid response as the basis for competitive advantage. For competitive advantage, companies have to produce various competencies: for improving the capability of suppliers and for strengthening the process of integrating technology. For more competitiveness, organizations should operate in a strategy driven way and have a strategic architecture for developing core competencies. Traditional ways to take such experience and develop competencies tend to take a lot of time and they are expensive. A new learning environment, which is built around a gaming engine, supports the development of competences in specific subject areas. Technology competencies have a significant role in firm innovation and competitiveness; they interact with the competitive environment. Technological competencies vary according to the type of competitive environment, thus enhancing firm innovativeness. Technological competency is gained through extensive experimentation and learning in its research, development and employment in manufacturing. This is a review paper based on competency and strategic success of automobile industry. The aim here is to study strategy formulation and competency tools in the industry. This work is a review of literature related to competency and strategy in automobile industry. This study involves review of 34 papers related to competency and strategy.

Keywords: manufacturing competency, strategic success, competitiveness, strategy formulation

Procedia PDF Downloads 286

Authors: M. S. Razana, Z. W. Shafiuddin

Abstract:

Internal auditing is one of the most important activities for organizations that implement information security management systems (ISMS). The purpose of internal audits is to ensure the ISMS implementation is in accordance to the ISO/IEC 27001 standard and the organization’s own requirements for its ISMS. Competent internal auditors are the main element that contributes to the effectiveness of internal auditing activities. To realize this need, CyberSecurity Malaysia is now in the process of becoming a certification body that certifies ISMS internal auditors. The certification scheme will assess the competence of internal auditors in generic knowledge and skills in management systems, and also in ISMS-specific knowledge and skills. The certification assessment is based on the ISO/IEC 19011 Guidelines for auditing management systems, ISO/IEC 27007 Guidelines for information security management systems auditing and ISO/IEC 27001 Information security management systems requirements. The certification scheme complies with the ISO/IEC 17024 General requirements for bodies operating certification systems of persons. Candidates who pass the exam will be certified as an ISMS Internal Auditor, whose competency will be evaluated every three years.

Keywords: ISMS internal audit, ISMS internal auditor, ISO/IEC 17024, competence, certification

Procedia PDF Downloads 213

Authors: Barbara Covarrubias Venegas, Sabine Groblschegg, Bernhard Klaus, Julia Domnanovich

Abstract:

Research Objectives: The roles and activities of human resource management (HRM) have changed a lot in the past years. Driven by a changing environment and therefore, new business requirements, the scope of human resource (HR) activities has widened. The extent to which these activities should focus on strategic issues to support the long-term success of a company has been discussed in science for many years. As many economies of Central and Eastern Europe (CEE) experienced a phase of transition after the socialist era and are now recovering from the 2008 global crisis it is needed to examine the current state of HR positioning. Furthermore, a trend in HR work developing from rather administrative units to being strategic partners of management can be noticed. This leads to the question of better understanding the underlying competencies which are necessary to support organisations. This topic was addressed by the international study “HR Competencies in international comparison”. The quantitative survey was conducted by the Institute for Human Resources & Organisation of FHWien University of Applied Science of WKW (A) in cooperation with partner universities in the countries Bosnia-Herzegovina, Croatia, Serbia and Slovenia. Methodology: Using the questionnaire developed by Dave Ulrich we tested whether the HR Competency model can be used for Austria, Bosnia and Herzegovina, Croatia, Serbia and Slovenia. After performing confirmatory and exploratory factor analysis for the whole data set containing all five countries we could clearly distinguish between four competencies. In a further step, our analysis focused on median and average comparisons between the HR competency dimensions. Conclusion: Our literature review, in alignment with other studies, shows a relatively rapid pace of development of HR Roles and HR Competencies in BCSS in the past decades. Comparing data from BCSS and Austria we still can notice that regards strategic orientation there is a lack in BCSS countries, thus competencies are not as developed as in Austria. This leads us to the tentative conclusion that HR has undergone a rapid change but is still in a State of Transition from being a rather administrative unit to performing the role of a strategic partner.

Keywords: comparative study, HR competencies, HRM, HR roles

Procedia PDF Downloads 287

Authors: Magdaléna Náplavová, Tomáš Ludík, Petr Hrůza, František Božek

Abstract:

The use of IT equipment has become a part of every day. However, each device that is part of cyberspace should be secured against unauthorized use. It is very important to know the basics of these security devices, but also the basics of safe conduct their owners. This information should be part of every curriculum computer science education in primary and secondary schools. Therefore, the work focuses on the education of pupils in primary and secondary schools on the Internet. Analysis of the current state describes approaches to the education of pupils in security issues on the Internet. The paper presents a questionnaire-based survey which was carried out in the Czech Republic, whose task was to ascertain the level of opinion pupils in primary and secondary schools on the issue of communication in social networks. The research showed that awareness of socio-pathological phenomena on the Internet environment is very low. Based on the results it was proposed appropriate ways of teaching to this issue and its inclusion a proposal of curriculum for primary and secondary schools.

Keywords: information security, cyber space, general awareness, questionnaire, socio-pathological phenomena, educational system

Procedia PDF Downloads 359

Authors: Reza Taherian, Naziasadat Naseri, Elham Fariborzi, Faride Hashmiannejad

Abstract:

Effective management plays a crucial role in the success of educational institutions and training organizations. This study aims to develop and validate a professional competency model for managers in the education and training sector of Khorasan Razavi Province using a mindfulness approach based on Langerian theory. Employing a mixed exploratory design, the research involved qualitative data collection from experts and top national and provincial managers, as well as quantitative data collection using a researcher-developed questionnaire. The findings revealed that 81% of the competency of education and training managers is influenced by the dimensions of Langerian mindfulness, including engagement, seeking, producing, and flexibility. These dimensions were found to be predictive of the competencies of education and training managers, which encompass specialized knowledge, professional skills, pedagogical knowledge, commitment to Islamic values, personal characteristics, and creativity. This research provides valuable insights into the essential role of mindfulness in shaping the competencies of education and training managers, shedding light on the specific dimensions that significantly contribute to managerial success in Khorasan Razavi province.

Keywords: school managers, school manager’s competencies, mindfulness, Langerian mindfulness

Procedia PDF Downloads 22

Authors: Mehdi Ghaemi

Abstract:

In principle, foreign investment security is enshrined in International Investment Agreements (IIAs) and Bilateral Investment Treaties (BITs) in the form of protection standards such as the Full Protection and Security Standard (FPS). Accordingly, the host countries undertake to provide the necessary security for the economic activities of foreign investment. With the outbreak of coronavirus, the international community called COVID-19 a threat to international peace security, as well as to the public interest and national security of nations; and to deal with, they proposed several solutions, generally including quarantine, creating social distances, and restricting businesses. This article first studies the security of foreign investment in international investment law. In the following, it analyzes the consequences of the COVID-19 pandemic for foreign investment security so that if there is a threat to that security, solutions could be offered to reduce it.

Keywords: foreign investment, FPS standard, host country, public health, COVID-19

Procedia PDF Downloads 72

Authors: Okike Benjami, Garba Ejd

Abstract:

Today, it has been observed security of information along the superhighway is often compromised by those who are not authorized to have access to such information. In other to ensure the security of information along the superhighway, such information should be encrypted by some means to conceal the real meaning of the information. There are many encryption techniques out there in the market. However, some of these encryption techniques are often decrypted by adversaries with ease. The researcher has decided to develop an encryption technique that may be more difficult to decrypt. This may be achieved by splitting the message to be encrypted into parts and encrypting each part separately and swapping the positions before transmitting the message along the superhighway. The method is termed Okike’s Merged Irregular Transposition Cipher. Also, the research would determine the complexity level in respect to the number of splits of the message.

Keywords: transposition cipher, merged irregular cipher, encryption, complexity level

Procedia PDF Downloads 264

Authors: John Ayoade

Abstract:

Cloud computing is a model that enables the delivery of on-demand computing resources such as networks, servers, storage, applications and services over the internet. Cloud Computing is a relatively growing concept that presents a good number of benefits for its users; however, it also raises some security challenges which may slow down its use. In this paper, we identify some of those security issues that can serve as barriers to realizing the full benefits that cloud computing can bring. One of the key security problems is security trust. A security trust model is proposed that can enhance the confidence that users need to fully trust the use of public and mobile cloud computing and maximize the potential benefits that they offer.

Keywords: cloud computing, trust, security, certificate authority, PKI

Procedia PDF Downloads 453

Authors: Volker Koch

Abstract:

This paper deals with the education of purchasing professionals in Austria. In this education, equivalent and measurable criteria are collected in order to create a comparison. The comparison shows the problem. To make the aforementioned comparison possible, methodologies such as KODE-Competence Atlas or presentations in a matrix form are used. The result shows the content taught and whether there are any similarities or interesting differences in the current Austrian purchasers’ formations. Purchasing professionals learning competencies are also illustrated in the study result.

Keywords: competencies, education, purchasing professional, technological-oriented

Procedia PDF Downloads 275

Authors: Andrei Bogdan Stanescu, Laura Diaconescu

Abstract:

With the increasing concerns about data breaches and privacy violations, organizations seek robust security measures to protect sensitive information. This research paper highlights the importance of implementing the Zero-Trust Security methodology using Passwordless Authentication Gateways that leverage Keycloak, an open-source Identity and Access Management (IAM) software, as a solution to address the security challenges these organizations face. The paper presents the successful implementation and deployment of such a solution in a mid-size, privacy-oriented organization. The implementation resulted in significant security improvements, reducing the risk of unauthorized access and potential data breaches. Moreover, user feedback indicated enhanced convenience and streamlined authentication experiences. The results of this study bring solid contributions in the field of cybersecurity and provide practical insights for organizations aiming to strengthen their security practices.

Keywords: identity and access management, passwordless authentication, privacy, zero-trust security

Procedia PDF Downloads 59

Authors: Jefferson Camacho Mejía, Jenny Paola Forero Pachón, Luis Carlos Gómez Flórez

Abstract:

Action research is a qualitative research methodology, which leads the researcher to delve into the problems of a community in order to understand its needs in depth and finally, to propose actions that lead to a change of social paradigm. Although this methodology had its beginnings in the human sciences, it has attracted increasing interest and acceptance in the field of information systems research since the 1990s. The countless possibilities offered nowadays by the use of Information Technologies (IT) in the development of different socio-economic activities have meant a change of social paradigm and the emergence of the so-called information and knowledge society. According to this, governments, large corporations, small entrepreneurs and in general, organizations of all kinds are using IT to virtualize their processes, taking them from the physical environment to the digital environment. However, there is a potential risk for organizations related with exposing valuable information without an appropriate framework for protecting it. This paper shows progress in the development of a methodological design to manage the information security risks associated with the IT-based processes virtualization, by applying the principles of the action research methodology and it is the result of a systematic review of the scientific literature. This design consists of seven fundamental stages. These are distributed in the three stages described in the action research methodology: 1) Observe, 2) Analyze and 3) Take actions. Finally, this paper aims to offer an alternative tool to traditional information security management methodologies with a view to being applied specifically in the planning stage of IT-based process virtualization in order to foresee risks and to establish security controls before formulating IT solutions in any type of organization.

Keywords: action research, information security, information technology, methodological design, process virtualization, risk management

Procedia PDF Downloads 135

Authors: Adawati Suhaili, Kamisah Osman, Mohd Effendi, Ewan Mohd Matore

Abstract:

The global education reform has prompted Malaysia to transform the education system in Malaysia through the Malaysian Education Blueprint (MEB) 2013-2025. This transformation is aimed to achieve the top one-third rank in international assessment. The low achievement of student scientific literacy in TIMMS (Trends in International Mathematics and Science Study ) and PISA (Programme for International Student Assessment) has caused concern to the Ministry Of Education (MOE) despite various reform efforts. Therefore, an alternative action by enhancing the role of the Head of Science Panels (HoSPs) as a key change agent in catalyzing the improvement of student performance should be considered. Highlights of previous studies have shown that subject leadership is able to enhance teacher teaching quality in order to increase student learning. To lead the Science department and guide Science teachers more effectively, HoSPs need to strengthen their leadership skills. However, the issue of weaknesses in the leadership competencies of HoSPs in Malaysia has caused them to lack confidence and ability in leading the Science Department. The main objective of this study is to explore the factors that contribute to the problems faced by HoSPs at Sarawak in their leadership roles. This study used a qualitative design framework and using a semi-structured interview method for data collection. There were six informants involved in the interview consisting of lecturers, Senior Administrative Assistant Teacher and HoSPs. The findings of the study had been identified four main factors that contribute to problems in the leadership competencies of HoSPs in Sarawak, namely leadership practices, leadership structure, academic subjects and school change. The results are significant to the MOE in strengthening the leadership competencies of HoSPs in a more focus for improving the achievement of scientific literacy of students in Malaysia. This study can help improve the Hosps' leadership competencies in Malaysia.

Keywords: issues, problems, Malaysia education blueprint, leadership competencies, head of science panels

Procedia PDF Downloads 167

Authors: Ralph Adaimy, Wassim El-Hajj, Ghassen Ben Brahim, Hazem Hajj, Haidar Safa

Abstract:

Huge amounts of data and personal information are being sent to and retrieved from web applications on daily basis. Every application has its own confidentiality and integrity policies. Violating these policies can have broad negative impact on the involved company’s financial status, while enforcing them is very hard even for the developers with good security background. In this paper, we propose a framework that enforces security-by-construction in web applications. Minimal developer effort is required, in a sense that the developer only needs to annotate database attributes by a security class. The web application code is then converted into an intermediary representation, called Extended Program Dependence Graph (EPDG). Using the EPDG, the provided annotations are propagated to the application code and run against generic security enforcement rules that were carefully designed to detect insecure information flows as early as they occur. As a result, any violation in the data’s confidentiality or integrity policies is reported. As a proof of concept, two PHP web applications, Hotel Reservation and Auction, were used for testing and validation. The proposed system was able to catch all the existing insecure information flows at their source. Moreover and to highlight the simplicity of the suggested approaches vs. existing approaches, two professional web developers assessed the annotation tasks needed in the presented case studies and provided a very positive feedback on the simplicity of the annotation task.

Keywords: web applications security, secure information flow, program dependence graph, database annotation

Procedia PDF Downloads 439