Search results for: public security
8242 The Implementation of Information Security Audits in Public Sector: Perspective from Indonesia
Authors: Nur Imroatun Sholihat, Gresika Bunga Sylvana
Abstract:
Currently, cyber attack became an incredibly serious problem due to its increasing trend all over the world. Therefore, information security becomes prominent for every organization including public sector organization. In Indonesia, unfortunately, Ministry of Finance (MoF) is the only public sector organization that has already formally established procedure to assess its information security adequacy by performing information security audits (November 2017). We assess the implementation of information security audits in the MoF using qualitative data obtained by interviewing IT auditors and by analysis of related documents. For this reason, information security audit practice in the MoF could become the acceptable benchmark for all other public sector organizations in Indonesia. This study is important because, to the best of the author’s knowledge, our research into information security audits practice in Indonesia’s public sector have not been found yet. Results showed that information security audits performed mostly by doing pentest (penetration testing) to MoF’s critical applications.Keywords: information security audit, information technology, Ministry of Finance of Indonesia, public sector organization
Procedia PDF Downloads 2378241 Public Perception of Energy Security in Lithuania: Between Material Interest and Energy Independence
Authors: Dainius Genys, Vylius Leonavicius, Ricardas Krikstolaitis
Abstract:
Energy security problems in Lithuania are analyzed on a regular basis; however, there is no comprehensive research on the very issue of the concept of public energy security. There is a lack of attention not only to social determinants of perception of energy security, but also a lack of a deeper analysis of the public opinion. This article aims to research the Lithuanian public perception of energy security. Complex tasks were set during the sociological study. Survey questionnaire consisted of different sets of questions: view of energy security (risk perception, political orientation, and energy security; comprehensiveness and energy security); view of energy risks and threats (perception of energy safety factors; individual dependence and burden; disobedience and risk); view of the activity of responsible institutions (energy policy assessment; confidence in institutions and energy security), demographic issues. In this article, we will focus on two aspects: a) We will analyze public opinion on the most important aspects of energy security and social factors influencing them; The hypothesis is made that public perception of energy security is related to value orientations: b) We will analyze how public opinion on energy policy executed by the government and confidence in the government are intertwined with the concept of energy security. Data of the survey, conducted on May 10-19 and June 7-17, 2013, when Seimas and the government consisted of the coalition dominated by Social Democrats with Labor, Order and Justice Parties and the Electoral Action of Poles, were used in this article. It is important to note that the survey was conducted prior to Russia’s occupation of the Crimea.Keywords: energy security, public opinion, risk, energy threat, energy security policy
Procedia PDF Downloads 5108240 COVID-19: A Thread to the Security System of Foreign Investment
Authors: Mehdi Ghaemi
Abstract:
In principle, foreign investment security is enshrined in International Investment Agreements (IIAs) and Bilateral Investment Treaties (BITs) in the form of protection standards such as the Full Protection and Security Standard (FPS). Accordingly, the host countries undertake to provide the necessary security for the economic activities of foreign investment. With the outbreak of coronavirus, the international community called COVID-19 a threat to international peace security, as well as to the public interest and national security of nations; and to deal with, they proposed several solutions, generally including quarantine, creating social distances, and restricting businesses. This article first studies the security of foreign investment in international investment law. In the following, it analyzes the consequences of the COVID-19 pandemic for foreign investment security so that if there is a threat to that security, solutions could be offered to reduce it.Keywords: foreign investment, FPS standard, host country, public health, COVID-19
Procedia PDF Downloads 1058239 Legal Issues of Food Security in Republic of Kazakhstan
Authors: G. T. Aigarinova
Abstract:
This article considers the legal issues of food security as a major component of national security of the republic. The problem of food security is the top priority of the economic policy strategy of any state, the effectiveness of this solution influences social, political, and ethnic stability in society. Food security and nutrition is everyone’s business. Food security exists when all people, at all times, have physical, social and economic access to sufficient safe and nutritious food that meets their dietary needs and food preferences for an active and healthy life. By analyzing the existing legislation in the area of food security, the author identifies weaknesses and gaps, suggesting ways to improve it.Keywords: food security, national security, agriculture, public resources, economic security
Procedia PDF Downloads 4258238 Analyzing and Determining the Ideal Response Force for Combatting Terrorist Groups
Authors: Erhan Turgut, Salih Ergün, Abdülkadir Öz
Abstract:
Terror is a modern war strategy which uses violence as a means of communication in order to achieve political objectives. In today’s security environment narrowing the propaganda field of terrorist organization is the primary goal for the security forces. In this sense, providing and maintaining public support is the most necessary ability for security units. Rather than enemy and threat-oriented approach, homeland security oriented approach is essential to ensure public support. In this study, terror assumed as a homeland security issue and assigning the law enforcement forces with military status is analyzed.Keywords: terrorism, counter-terrorism, military status law-enforcement, terrorist groups
Procedia PDF Downloads 4618237 Detentions in Kashmir: A Review of Impact of J&K PSA, 1978
Authors: Naseer Ahmad Bhat
Abstract:
Jammu and Kashmir Public Safety Act, 1978 provides for administrative detention in Jammu and Kashmir, a disputed region between India & Pakistan, since 1947. This paper shall critically analyse the working of PSA (Public Safety Act) in this J&K since 1978, since its inception. Detentions under this Act traverse between the security of the State and Liberty of citizens but over decades, has this Act served its purpose in Kashmir or not shall be analysed in this paper. J&K PSA is used to detain political workers, Over-Ground Workers and Stone Pelters who pose a direct threat to the ‘security of the State.’ Detentions under J&K PSA are a good measure in the hands of Security agencies to bring calm during periods of turmoil, but it has socio-economic consequences for detainees as well as families. This paper shall highlight the Socio-Economic impact of detentions under J&K PSA on individuals and families.Keywords: detentions, Kashmir, public safety act, liberty, security
Procedia PDF Downloads 2288236 Enhancing Cloud Computing with Security Trust Model
Authors: John Ayoade
Abstract:
Cloud computing is a model that enables the delivery of on-demand computing resources such as networks, servers, storage, applications and services over the internet. Cloud Computing is a relatively growing concept that presents a good number of benefits for its users; however, it also raises some security challenges which may slow down its use. In this paper, we identify some of those security issues that can serve as barriers to realizing the full benefits that cloud computing can bring. One of the key security problems is security trust. A security trust model is proposed that can enhance the confidence that users need to fully trust the use of public and mobile cloud computing and maximize the potential benefits that they offer.Keywords: cloud computing, trust, security, certificate authority, PKI
Procedia PDF Downloads 4848235 Maras and Public Security in Central America in XXI Century
Authors: Michal Stelmach
Abstract:
The aim of this paper is a critical analysis of the security policy in the field of the fight against transnational criminal groups in Central America in XXI century. We are analyzing all taken issues from several perspectives: political, anthropological, sociological and legal which allows me to confront behavior and the attitudes of the political elites against official legislative changes and declared actions, strategies and policies against practice. In the first part of paper we would like to present the genesis and characteristic of transnational gangs, called maras and next we would like to present their activities and roles within chosen sectors of organized crimes. In the second part we will analyze the government’s policy towards transnational criminal groups. The analysis will be concentrated on public safety policy implemented in specific Central American countries as well as regional international cooperation. The main intention of the author is to present the state of the security in Central America in XXI century by emphasizing failures and successes in the fight against transnational criminal organizations. Additionally we want to present and define the challenges currently facing the region now and to show the prediction of the situation’s development within next future and to define the recommendations on the design of public security policies in Central American countries.Keywords: maras, public security, human rights, Central America
Procedia PDF Downloads 3328234 A Holistic Approach to Institutional Cyber Security
Authors: Mehmet Kargaci
Abstract:
It is more important to access information than to get the correct information and to transform it to the knowledge in a proper way. Every person, organizations or governments who have the knowledge now become the target. Cyber security involves the range of measures to be taken from individual to the national level. The National institutions refer to academic, military and major public and private institutions, which are very important for the national security. Thus they need further cyber security measures. It appears that the traditional cyber security measures in the national level are alone not sufficient, while the individual measures remain in a restricted level. It is evaluated that the most appropriate method for preventing the cyber vulnerabilities rather than existing measures are to develop institutional measures. This study examines the cyber security measures to be taken, especially in the national institutions.Keywords: cyber defence, information, critical infrastructure, security
Procedia PDF Downloads 5378233 Assessing the Role of Water Research and Development Investment towards Water Security in South Africa: During the Five Years Period (2009/10 - 2013/14)
Authors: Hlamulo Makelane
Abstract:
The study aims at providing new insights regarding research and development (R&D) public and private activities based on the national R&D survey of the past five years. The main question of the study is what role does water R&D plays on water security; to then analyze what lessons could be extracted to improve the security of water through R&D. In particular, this work concentrates on three main aspects of R&D investments: (i) the level of expenditures, (ii) the sources of funding related to water R&D, and (iii) the personnel working in the field, both for the public and private sectors. The nonlinear regression approached will be used for data analysis based on secondary data gathered from the South African nation R&D survey conducted annually by the Centre for science, technology and innovation indicators (CeSTII).Keywords: water, R&D, investment, public sector, private sector
Procedia PDF Downloads 2378232 Brazilian Public Security: Governability and Constitutional Change
Authors: Gabriel Dolabella, Henrique Rangel, Stella Araújo, Carlos Bolonha, Igor de Lazari
Abstract:
Public security is a common subject on the Brazilian political agenda. The seventh largest economy in the world has high crime and insecurity rates. Specialists try to explain this social picture based on poverty, inequality or public policies addressed to drug trafficking. This excerpt approaches State measures to handle that picture. Therefore, the public security - law enforcement institutions - is at the core of this paper, particularly the relationship among federal and state law enforcement agencies, mainly ruled by a system of urgency. The problems are informal changes on law enforcement management and public opinion collaboration to these changes. Whenever there were huge international events, Brazilian armed forces occupied streets to assure law enforcement - ensuring the order. This logic, considered in the long time, could impact the federal structure of the country. The post-madisonian theorists verify that urgency is often associated to delegation of powers, which is true for Brazilian law enforcement, but here there is a different delegation: States continuously delegate law enforcement powers to the federal government throughout the use of Armed Forces. Therefore, the hypothesis is: Brazil is under a political process of federalization of public security. The political framework addressed here can be explained by the disrespect of legal constraints and the failure of rule of law theoretical models. The methodology of analysis is based on general criteria. Temporally, this study investigates events from 2003, when discussions about the disarmament statute begun. Geographically, this study is limited to Brazilian borders. Materially, the analysis result from the observation of legal resources and political resources (pronouncements of government officials). The main parameters are based on post-madisonianism and federalization of public security can be assessed through credibility and popularity that allow evaluation of this political process of constitutional change. The objective is to demonstrate how the Military Forces are used in public security, not as a random fact or an isolated political event, in order to understand the political motivations and effects that stem from that use from an institutional perspective.Keywords: public security, governability, rule of law, federalism
Procedia PDF Downloads 6778231 Internet-Based Architecture for Machine-to-Machine Communication of a Public Security Network
Authors: Ogwueleka Francisca Nonyelum, Jiya Muhammad
Abstract:
Poor communication between the victims of the burglaries, road and fire accidents and the agencies, and lack of quick emergency response by the agencies is solved through Machine-to-Machine (M2M) communication. A distress caller is expected to make a call through a network to the respective agency for emergency response but due to some challenges, this often becomes arduous and futile. This research puts forth an Internet-based architecture for Machine-to-Machine (M2M) communication to enhance information dissemination in National Public Security Communication System (NPSCS) network. M2M enables the flow of data between machines and machines and ultimately machines and people with information flowing from a machine over a network, and then through a gateway to a system where it is reviewed and acted on. The research findings showed that Internet-based architecture for M2M communication is most suitable for deployment of a public security network which will allow machines to use Internet to talk to each other.Keywords: machine-to-machine (M2M), internet-based architecture, network, gateway
Procedia PDF Downloads 4828230 Forecasting Future Society to Explore Promising Security Technologies
Authors: Jeonghwan Jeon, Mintak Han, Youngjun Kim
Abstract:
Due to the rapid development of information and communication technology (ICT), a substantial transformation is currently happening in the society. As the range of intelligent technologies and services is continuously expanding, ‘things’ are becoming capable of communicating one another and even with people. However, such “Internet of Things” has the technical weakness so that a great amount of such information transferred in real-time may be widely exposed to the threat of security. User’s personal data are a typical example which is faced with a serious security threat. The threats of security will be diversified and arose more frequently because next generation of unfamiliar technology develops. Moreover, as the society is becoming increasingly complex, security vulnerability will be increased as well. In the existing literature, a considerable number of private and public reports that forecast future society have been published as a precedent step of the selection of future technology and the establishment of strategies for competitiveness. Although there are previous studies that forecast security technology, they have focused only on technical issues and overlooked the interrelationships between security technology and social factors are. Therefore, investigations of security threats in the future and security technology that is able to protect people from various threats are required. In response, this study aims to derive potential security threats associated with the development of technology and to explore the security technology that can protect against them. To do this, first of all, private and public reports that forecast future and online documents from technology-related communities are collected. By analyzing the data, future issues are extracted and categorized in terms of STEEP (Society, Technology, Economy, Environment, and Politics), as well as security. Second, the components of potential security threats are developed based on classified future issues. Then, points that the security threats may occur –for example, mobile payment system based on a finger scan technology– are identified. Lastly, alternatives that prevent potential security threats are proposed by matching security threats with points and investigating related security technologies from patent data. Proposed approach can identify the ICT-related latent security menaces and provide the guidelines in the ‘problem – alternative’ form by linking the threat point with security technologies.Keywords: future society, information and communication technology, security technology, technology forecasting
Procedia PDF Downloads 4688229 Analysis on Cyber Threat Actors Targeting Automated Border Security Systems
Authors: Mirko Sailio
Abstract:
Border crossing automatization reduces required human resources in handling people crossing borders. As technology replaces and augments the work done by border officers, new cyber threats arise to threaten border security. This research analyses the current cyber threat actors and their capabilities. The analysis is conducted by gathering the threat actor data from a wide range of public sources. A model for a general border automatization system is presented, and its most significant cyber-security attributes are then compared to threat actor activity and capabilities in order to predict priorities in securing such systems. Organized crime and nation-state actors present the clearest threat to border cyber-security, and additional focus is given to their motivations and activities.Keywords: border automation, cyber-security, threat actors, border cyber-security
Procedia PDF Downloads 2038228 The Influence of an Occupation as a Calling on the Value of Job Security and Its Connection with Wage Levels
Authors: Malul Miki, Rafi Bar-El, Eithan Hourie
Abstract:
In this article, we test the influence of an occupation as a calling on the value of job security and its connection with wage levels. Our sample consists of 495 workers in Israel from 10 occupations in the public sector, who are assumed to have a relatively high level of job security, and the private sector, who are assumed to have less job security or none at all. These 10 occupations are social workers, lecturers, lawyers, administration workers, accountants, high school teachers, bank workers, high-tech worker, nurses and psychologists. Using regression analysis, we find that those who have occupations that the literature has defined as a calling value job security less than those in ordinary employment. In addition, salary level has no effect on this relationship. Finally, those who work in occupations that are regarded as a calling have less status quo bias than those in ordinary employment.Keywords: calling, loss aversion, job security, status quo bias
Procedia PDF Downloads 1048227 Security of Internet of Things: Challenges, Requirements and Future Directions
Authors: Amjad F. Alharbi, Bashayer A. Alotaibi, Fahd S. Alotaibi
Abstract:
The emergence of Internet of Things (IoT) technology provides capabilities for a huge number of smart devices, services and people to be communicate with each other for exchanging data and information over existing network. While as IoT is progressing, it provides many opportunities for new ways of communications as well it introduces many security and privacy threats and challenges which need to be considered for the future of IoT development. In this survey paper, an IoT security issues as threats and current challenges are summarized. The security architecture for IoT are presented from four main layers. Based on these layers, the IoT security requirements are presented to insure security in the whole system. Furthermore, some researches initiatives related to IoT security are discussed as well as the future direction for IoT security are highlighted.Keywords: Internet of Things (IoT), IoT security challenges, IoT security requirements, IoT security architecture
Procedia PDF Downloads 3758226 The Value of Job Security across Various Welfare Policies
Authors: Eithan Hourie, Miki Malul, Raphael Bar-El
Abstract:
To investigate the relationship between various welfare policies and the value of job security, we conducted a study with 201 people regarding their assessments of the value of job security with respect to three elements: income stability, assurance of continuity of employment, and security in the job. The experiment simulated different welfare policy scenarios, such as the amount and duration of unemployment benefits, workfare, and basic income. The participants evaluated the value of job security in various situations. We found that the value of job security is approximately 22% of the starting salary, which is distributed as follows: 13% reflects income security, 8.7% reflects job security, and about 0.3% is for being able to keep their current employment in the future. To the best of our knowledge, this article is one of the pioneers in trying to quantify the value of job security in different market scenarios and at varying levels of welfare policy. Our conclusions may help decision-makers when deciding on a welfare policy.Keywords: job security value, employment protection legislation, status quo bias, expanding welfare policy
Procedia PDF Downloads 1068225 Network Security Attacks and Defences
Authors: Ranbir Singh, Deepinder Kaur
Abstract:
Network security is an important aspect in every field like government offices, Educational Institute and any business organization. Network security consists of the policies adopted to prevent and monitor forbidden access, misuse, modification, or denial of a computer network. Network security is very complicated subject and deal by only well trained and experienced people. However, as more and more people become wired, an increasing number of people need to understand the basics of security in a networked world. The history of the network security included an introduction to the TCP/IP and interworking. Network security starts with authenticating, commonly with a username and a password. In this paper, we study about various types of attacks on network security and how to handle or prevent this attack.Keywords: network security, attacks, denial, authenticating
Procedia PDF Downloads 4048224 Modelling Public Knowledge and Attitude towards Genetically Modified Maize in Kenya
Authors: Ezrah Kipkirui Tonui, George Otieno Orwa
Abstract:
A survey of 138 farmers was conducted in Rift valley, Kenya, in November and December 2013 in three counties (Uasin-gishu, Elgeyo-marakwet, and Tranzoia) to determine public knowledge and attitude towards genetically modified (GM) maize. Above two third (70%) of the respondents had knowledge of GM maize, mostly those educated and male. Female was found to be having low knowledge on GM maize. Public acknowledged the technology’s potential positive impacts, with more than 90% willing to adopt and more than 98% willing to buy GM seedlings at any given price. A small percentage less than 3% were of a negative opinion about willing to buy and adopt GM seeds. We conclude that GM technology has a role to play in food security in Kenya. However, the public needs more information about the technology, which can be provided through established sources of information and training. Finally, public knowledge and attitude on GM maize should be studied on a regular basis, and the survey population broadened to 47 counties.Keywords: public, knowledge, attitudes, GM maize, Kenya
Procedia PDF Downloads 3088223 The Social Perception of National Security Risks: A Comparative Perspective
Authors: Nicula Valentin, Andrei Virginia
Abstract:
Nowadays, the individual plays a central role in the state’s architecture. This is why the subjective dimension of the security represents a key concept in risk assessment. The paper’s scope is to emphasize the discrepancy between expert and lay evaluations of national security hazards, which is caused by key factors like emotions, personal experience, knowledge and media. Therefore, we have chosen to apply, using these two different groups of respondents, the Q-sort method, which reveals individual beliefs, attitudes, preferences hidden behind the subjects’ own way of prioritizing the risks they are confronted with. Our study’s conclusions are meant to unveil significant indicators needed to be taken into consideration by a state’s leadership in order to understand the social perception of national security hazards, to communicate better with the public opinion and prevent or mitigate the overestimation of the severity or probability of these dangers.Keywords: risk perception, Q-sort method, national security hazards, individual beliefs
Procedia PDF Downloads 3098222 Can Empowering Women Farmers Reduce Household Food Insecurity? Evidence from Malawi
Authors: Christopher Manyamba
Abstract:
Women in Malawi produce perform between 50-70 percent of all agricultural tasks and yet the majority remain food insecure. The aim of his paper is to build on existing mixed evidence that indicates that empowering women in agriculture is conducive to improving food security. The WEAI is used to provide evidence on the relationship between women’s empowerment in agriculture and household food security. A multinomial logistic regression is applied to the Women Empowerment in Agriculture Index (WEAI) components and the Household Hunger Scale. The overall results show that the WEAI can be used to determine household food insecurity; however it has to be contextually adapted. Assets ownership, credit, group membership and leisure time are positively associated with food security. Contrary to other literature, empowerment in having control and decisions on income indicate negative association with household food security. These results could potentially better inform public, private and civil society stakeholders’ dialogues in creating the most effective and sustainable interventions to help women attain long-term food security.Keywords: food security, gender, empowerment, agriculture index, framework for African food security, household hunger scale
Procedia PDF Downloads 3688221 e-Learning Security: A Distributed Incident Response Generator
Authors: Bel G Raggad
Abstract:
An e-Learning setting is a distributed computing environment where information resources can be connected to any public network. Public networks are very unsecure which can compromise the reliability of an e-Learning environment. This study is only concerned with the intrusion detection aspect of e-Learning security and how incident responses are planned. The literature reported great advances in intrusion detection system (ids) but neglected to study an important ids weakness: suspected events are detected but an intrusion is not determined because it is not defined in ids databases. We propose an incident response generator (DIRG) that produces incident responses when the working ids system suspects an event that does not correspond to a known intrusion. Data involved in intrusion detection when ample uncertainty is present is often not suitable to formal statistical models including Bayesian. We instead adopt Dempster and Shafer theory to process intrusion data for the unknown event. The DIRG engine transforms data into a belief structure using incident scenarios deduced by the security administrator. Belief values associated with various incident scenarios are then derived and evaluated to choose the most appropriate scenario for which an automatic incident response is generated. This article provides a numerical example demonstrating the working of the DIRG system.Keywords: decision support system, distributed computing, e-Learning security, incident response, intrusion detection, security risk, statefull inspection
Procedia PDF Downloads 4378220 VANETs: Security Challenges and Future Directions
Authors: Jared Oluoch
Abstract:
Connected vehicles are equipped with wireless sensors that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication. These vehicles will in the near future provide road safety, improve transport efficiency, and reduce traffic congestion. One of the challenges for connected vehicles is how to ensure that information sent across the network is secure. If security of the network is not guaranteed, several attacks can occur, thereby compromising the robustness, reliability, and efficiency of the network. This paper discusses existing security mechanisms and unique properties of connected vehicles. The methodology employed in this work is exploratory. The paper reviews existing security solutions for connected vehicles. More concretely, it discusses various cryptographic mechanisms available, and suggests areas of improvement. The study proposes a combination of symmetric key encryption and public key cryptography to improve security. The study further proposes message aggregation as a technique to overcome message redundancy. This paper offers a comprehensive overview of connected vehicles technology, its applications, its security mechanisms, open challenges, and potential areas of future research.Keywords: VANET, connected vehicles, 802.11p, WAVE, DSRC, trust, security, cryptography
Procedia PDF Downloads 3128219 Contemporary Mexican Shadow Politics: The War on Drugs and the Issue of Security
Authors: Lisdey Espinoza Pedraza
Abstract:
Organised crime in Mexico evolves faster that our capacity to understand and explain it. Organised gangs have become successful entrepreneurs in many ways ad they have somehow mimicked the working ways of the authorities and in many cases, they have successfully infiltrated the governmental spheres. This business model is only possible under a clear scheme of rampant impunity. Impunity, however, is not exclusive to the PRI. Nor the PRI, PAN, or PRD can claim the monopoly of corruption, but what is worse is that none can claim full honesty in their acts either. The current security crisis in Mexico shows a crisis in the Mexican political party system. Corruption today is not only a problem of dishonesty and the correct use of public resources. It is the principal threat to Mexican democracy, governance, and national security.Keywords: security, war on drugs, drug trafficking, Mexico, Latin America, United States
Procedia PDF Downloads 4178218 Information Security Dilemma: Employees' Behaviour on Three-Dimensions to Failure
Authors: Dyana Zainudin, Atta Ur-Rahman, Thaier Hamed
Abstract:
This paper explains about human nature concept as to understand the significance of information security in employees’ mentality including leaders in an organisation. By studying on a theory concept of the latest Von Solms fourth waves, information security governance basically refers to the concept of a set of methods, techniques and tools that responsible for protecting resources of a computer system to ensure service availability, confidentiality and integrity of information. However, today’s information security dilemma relates to the acceptance of employees mentality. The major causes are a lack of communication and commitment. These types of management in an organisation are labelled as immoral/amoral management which effects on information security compliance. A recovery action is taken based on ‘learn a lesson from incident events’ rather than prevention. Therefore, the paper critically analysed the Von Solms fourth waves’ theory with current human events and its correlation by studying secondary data and also from qualitative analysis among employees in public sectors. ‘Three-dimensions to failure’ of information security dilemma are explained as deny, don’t know and don’t care. These three-dimensions are the most common vulnerable behaviour owned by employees. Therefore, by avoiding the three-dimensions to failure may improve the vulnerable behaviour of employees which is often related to immoral/amoral management.Keywords: information security management system, information security behaviour, information security governance, information security culture
Procedia PDF Downloads 2088217 The Benefits of Security Culture for Improving Physical Protection Systems at Detection and Radiation Measurement Laboratory
Authors: Ari S. Prabowo, Nia Febriyanti, Haryono B. Santosa
Abstract:
Security function that is called as Physical Protection Systems (PPS) has functions to detect, delay and response. Physical Protection Systems (PPS) in Detection and Radiation Measurement Laboratory needs to be improved continually by using internal resources. The nuclear security culture provides some potentials to support this research. The study starts by identifying the security function’s weaknesses and its strengths of security culture as a purpose. Secondly, the strengths of security culture are implemented in the laboratory management. Finally, a simulation was done to measure its effectiveness. Some changes were happened in laboratory personnel behaviors and procedures. All became more prudent. The results showed a good influence of nuclear security culture in laboratory security functions.Keywords: laboratory, physical protection system, security culture, security function
Procedia PDF Downloads 1858216 Data Confidentiality in Public Cloud: A Method for Inclusion of ID-PKC Schemes in OpenStack Cloud
Authors: N. Nalini, Bhanu Prakash Gopularam
Abstract:
The term data security refers to the degree of resistance or protection given to information from unintended or unauthorized access. The core principles of information security are the confidentiality, integrity and availability, also referred as CIA triad. Cloud computing services are classified as SaaS, IaaS and PaaS services. With cloud adoption the confidential enterprise data are moved from organization premises to untrusted public network and due to this the attack surface has increased manifold. Several cloud computing platforms like OpenStack, Eucalyptus, Amazon EC2 offer users to build and configure public, hybrid and private clouds. While the traditional encryption based on PKI infrastructure still works in cloud scenario, the management of public-private keys and trust certificates is difficult. The Identity based Public Key Cryptography (also referred as ID-PKC) overcomes this problem by using publicly identifiable information for generating the keys and works well with decentralized systems. The users can exchange information securely without having to manage any trust information. Another advantage is that access control (role based access control policy) information can be embedded into data unlike in PKI where it is handled by separate component or system. In OpenStack cloud platform the keystone service acts as identity service for authentication and authorization and has support for public key infrastructure for auto services. In this paper, we explain OpenStack security architecture and evaluate the PKI infrastructure piece for data confidentiality. We provide method to integrate ID-PKC schemes for securing data while in transit and stored and explain the key measures for safe guarding data against security attacks. The proposed approach uses JPBC crypto library for key-pair generation based on IEEE P1636.3 standard and secure communication to other cloud services.Keywords: data confidentiality, identity based cryptography, secure communication, open stack key stone, token scoping
Procedia PDF Downloads 3848215 Challenges of Domestic Water Security for Sustainable Development in North Central Belt of Nigeria
Authors: Samuel Ibbi Ibrahim, Isaiah Ndalassan Ibrahim
Abstract:
Accessibility and availability of good quality water have become a major concern among different users. This paper examines the caustic importance of water security in relation to people’s desire for survival. It observed the democratic ideology of national policy on domestic water supply and demand and its implementation for national and societal development. It used analogy on equilibrium approach to ascertain the household water security. In most communities, it is glaring that several public water management in operation for several years are hardly performing efficiently to reach equilibrium demand. Moreover most settlements being rural or urban lack effective public water system that could ensure regular supplies to the population. The terrain and gradual declining of efficient rainfall northward poses great challenge to the region in managing water supply and demand adequately. This study itemized the need for the government to get clear strategy for a sustainable development on better water efficiency. Partnership in providing workable policy on water security is considered apparently important. It is also suggested that water plant treatment should be established in every medium-sized towns in the country.Keywords: good quality of water, water accessibility, water availability, water sustainable
Procedia PDF Downloads 5278214 Blockchain Solutions for IoT Challenges: Overview
Authors: Amir Ali Fatoorchi
Abstract:
Regardless of the advantage of LoT devices, they have limitations like storage, compute, and security problems. In recent years, a lot of Blockchain-based research in IoT published and presented. In this paper, we present the Security issues of LoT. IoT has three levels of security issues: Low-level, Intermediate-level, and High-level. We survey and compare blockchain-based solutions for high-level security issues and show how the underlying technology of bitcoin and Ethereum could solve IoT problems.Keywords: Blockchain, security, data security, IoT
Procedia PDF Downloads 2108213 Modelling Insider Attacks in Public Cloud
Authors: Roman Kulikov, Svetlana Kolesnikova
Abstract:
Last decade Cloud Computing technologies have been rapidly becoming ubiquitous. Each year more and more organizations, corporations, internet services and social networks trust their business sensitive information to Public Cloud. The data storage in Public Cloud is protected by security mechanisms such as firewalls, cryptography algorithms, backups, etc.. In this way, however, only outsider attacks can be prevented, whereas virtualization tools can be easily compromised by insider. The protection of Public Cloud’s critical elements from internal intruder remains extremely challenging. A hypervisor, also called a virtual machine manager, is a program that allows multiple operating systems (OS) to share a single hardware processor in Cloud Computing. One of the hypervisor's functions is to enforce access control policies. Furthermore, it prevents guest OS from disrupting each other and from accessing each other's memory or disk space. Hypervisor is the one of the most critical and vulnerable elements in Cloud Computing infrastructure. Nevertheless, it has been poorly protected from being compromised by insider. By exploiting certain vulnerabilities, privilege escalation can be easily achieved in insider attacks on hypervisor. In this way, an internal intruder, who has compromised one process, is able to gain control of the entire virtual machine. Thereafter, the consequences of insider attacks in Public Cloud might be more catastrophic and significant to virtual tools and sensitive data than of outsider attacks. So far, almost no preventive security countermeasures have been developed. There has been little attention paid for developing models to assist risks mitigation strategies. In this paper formal model of insider attacks on hypervisor is designed. Our analysis identifies critical hypervisor`s vulnerabilities that can be easily compromised by internal intruder. Consequently, possible conditions for successful attacks implementation are uncovered. Hence, development of preventive security countermeasures can be improved on the basis of the proposed model.Keywords: insider attack, public cloud, cloud computing, hypervisor
Procedia PDF Downloads 361