Search results for: risks and vulnerabilities

Authors: Moise A.E., State G., Tudorache M., Custură I., Enea D.N., Osman (Defta) A., Drăgotoiu D.

Abstract:

This scientific paper explores risk management strategies in the food supply chain, with a focus on chicken raw materials, in the context of a company sourcing from the EU and non-EU. The aim of the paper is to adapt the requirements of international standards (IFS, BRC, QS, ITW, FSSC, ISO), proposing efficient methods to identify and remediate non-conformities and corrective and preventive actions. Defining the supply flow and acceptance steps promotes collaboration with suppliers to ensure the quality and safety of raw materials. To assess the risks of suppliers and raw materials, objective criteria are developed and vulnerabilities in the supply chain are analyzed, including the risk of fraud. Active monitoring of international alerts through RASFF helps to identify emerging risks quickly, and regular analysis of international trends and company performance enables continuous adaptation of risk management strategies. Implementing these measures strengthens food safety and consumer confidence in the final products supplied.

Keywords: food supply chain, international standards, quality and safety of raw materials, RASFF

Procedia PDF Downloads 18

Authors: Esteban Alejandro Armas Vega, Ana Lucila Sandoval Orozco, Luis Javier García Villalba

Abstract:

The benchmarking of tools for dynamic analysis of vulnerabilities in web applications is something that is done periodically, because these tools from time to time update their knowledge base and search algorithms, in order to improve their accuracy. Unfortunately, the vast majority of these evaluations are made by software enthusiasts who publish their results on blogs or on non-academic websites and always with the same evaluation methodology. Similarly, academics who have carried out this type of analysis from a scientific approach, the majority, make their analysis within the same methodology as well the empirical authors. This paper is based on the interest of finding answers to questions that many users of this type of tools have been asking over the years, such as, to know if the tool truly test and evaluate every vulnerability that it ensures do, or if the tool, really, deliver a real report of all the vulnerabilities tested and exploited. This kind of questions have also motivated previous work but without real answers. The aim of this paper is to show results that truly answer, at least on the tested tools, all those unanswered questions. All the results have been obtained by changing the common model of benchmarking used for all those previous works.

Keywords: cybersecurity, IDS, security, web scanners, web vulnerabilities

Procedia PDF Downloads 287

Authors: Bassey Odiong Akan

Abstract:

In recent decades potentially significant changes have taken place in the world of work and these have led to the emergence of new challenges in occupational safety and health. The working environment is now not only wroth with concerns about physical, biological and chemical risks but also emerging risks which are completely new risks that have never been seen before or previously known risks that are evolving in unexpected ways with unanticipated consequences. Psychosocial risk factors and its attendant hazards happen to be one of them and can impact health directly or indirectly, mediated by work-related stress. These risks are related to the way work is designed, organised and managed, as well as the economic and social contexts of work. It has become necessary to identify, explore and anticipate the dynamics of these risks factors and hazards with regards to how it affects women. This presentation is a review of information gathered from books of distinguished authors, research work and scientific/professional journals on the psychosocial work environment intended as a guide to stimulate discussion, raise awareness and encourage research and action at different levels.

Keywords: emerging risks, psychosocial hazards, psychosocial risk factors, work related stress

Procedia PDF Downloads 247

Authors: Jasman Tuyon, Zamri Ahmad

Abstract:

Behavioral asset pricing research has been gaining momentum since in 1990s. However, it is still incomplete and has been criticized for some philosophical, theoretical and model specification limitations. Due to these drawbacks, investors’ behaviors as a source of risk in behavioral asset pricing modeling still remains disputable. This paper aims to address these issues with an alternative perspective based on behavioral finance paradigm. Specifically, this paper proposes a theoretical linkages of both fundamental and behavioral risks on stock prices formation and an extension of the multifactor stock pricing model by combining multi-factor fundamentals and behavioral risks factors.

Keywords: behavioral finance, multifactor asset pricing, behavioral risks, fundamental risks

Procedia PDF Downloads 465

Authors: Ibraheem A. K. Mahameed

Abstract:

The aim of this study is to identify the risks affecting time performance of building construction projects in the West Bank in Palestine from contractors’ viewpoint. 38 risks that might affect time performance of building construction projects were defined through a detailed literature review. These risks have been classified into 6 groups: project, managerial, consultant, financial, external, and construction items. A questionnaire survey was performed to rank the considered risks in terms of severity and frequency. The analysis of the survey indicated that the top five risks affecting time performance of building construction projects in Palestine are: award project to the lowest price, political situation, poor communication and coordination between construction parties, change orders, and financial status of contractor.

Keywords: delay, time performance, construction, building

Procedia PDF Downloads 433

Authors: Mohsen Mohammadi, Toshio Fujimi

Abstract:

High population and irregular urban development in Kabul city, Afghanistan's capital, are among factors that increase its vulnerability to earthquake disasters (on top of its location in a high seismic region); this can lead to widespread economic loss and casualties. This study aims to evaluate earthquake risks in Kabul's 13th district based on scientific data. The research data, which include hazard curves of Kabul, vulnerability curves, and a questionnaire survey through sampling in district 13, have been incorporated to develop risk curves. To estimate potential casualties, we used a set of M parameters in a model developed by Coburn and Spence. The results indicate that in the worst case scenario, more than 90% of district 13, which comprises mostly residential buildings, is exposed to high risk; this may lead to nearly 1000 million USD economic loss and 120 thousand casualties (equal to 25.88% of the 13th district's population) for a nighttime earthquake. To reduce risks, we present the reconstruction of the most vulnerable buildings, which are primarily adobe and masonry buildings. A comparison of risk reduction between reconstructing adobe and masonry buildings indicates that rebuilding adobe buildings would be more effective.

Keywords: earthquake risk evaluation, Kabul, mitigation, vulnerability

Procedia PDF Downloads 250

Authors: Lee Li

Abstract:

The strategic management literature posits that the major motive of strategic alliances is to share resources, costs and risks. However, the literature also indicates that such sharing leads to transaction costs which are positively correlated with environmental dynamism. As such, it is not clear why firms are willing to cover high transaction costs for sharing resources, costs and risks. This study categorizes resources into firm-specific and general resource; costs into accounting and non-accounting cost; and risks into visible and invisible risks. Using data from 167 Canadian firms in technology industries, we find that sharing firm-specific resources and non-accounting costs are negatively correlated with environmental dynamism but sharing general resources, accounting costs and visible risks are positively correlated with environmental dynamism. Findings suggest that sharing certain resources, costs and risks do not necessarily incur high transaction costs.

Keywords: environmental dynamism, strategic alliances, resource/cost/risk sharing

Procedia PDF Downloads 338

Authors: Ali Mohaghar, Iman Ghasemian Sahebi, Alireza Arab

Abstract:

In the last decades, increasing in human and natural disaster occurrence had very irreparable effects on human life. Hence, one of the important issues in humanitarian supply chain management is identifying and prioritizing the different risks and finding suitable solutions for encountering them at the time of disaster occurrence. This study is an attempt to provide a comprehensive review of humanitarian supply chain risks in a case study of Tehran Red Crescent Societies. For this purpose, Best-Worst method (BWM) has been used for analyzing the risks of the humanitarian supply chain. 22 risks of the humanitarian supply chain were identified based on the literature and interviews with four experts. According to BWM method, the importance of each risk was calculated. The findings showed that culture contexts, little awareness of people, and poor education system are the most important humanitarian supply chain risks. This research provides a useful guideline for managers so that they can benefit from the results to prioritize their solutions.

Keywords: Best-Worst Method, humanitarian logistics, humanitarian supply chain, risk management

Procedia PDF Downloads 284

Authors: Wesam Hamed

Abstract:

This paper contributes to the existing literature by investigating the impact of political risks on the capital adequacy ratio in the banking sector of Gulf Cooperation Council (GCC) countries, which is the first attempt for this nexus to the best of our knowledge. The dynamic panel data model (System‐GMM) showed that political risks significantly decrease the capital adequacy ratio in the banking sector. For this purpose, we used political risks, bank-specific, profitability, and macroeconomic variables that are utilized from the data stream database for the period 2005-2017. The results also actively support the “too big to fail” hypothesis. Finally, the robustness results confirm the conclusions derived from the baseline System‐GMM model.

Keywords: capital adequacy ratio, system GMM, GCC, political risks

Procedia PDF Downloads 117

Authors: Raphaël Weuts, Mykyta Petik, Anton Vedder

Abstract:

Artificial Intelligence has the potential to create and already creates enormous value in healthcare. Prescriptive systems might be able to make the use of healthcare capacity more efficient. Such systems might entail interpretations that exclude the effect of confounders that brings risks with it. Those risks might be mitigated by regulation that prevents systems entailing such risks to come to market. One modality of regulation is that of legislation, and the European AI Act is an example of such a regulatory instrument that might mitigate these risks. To assess the risk mitigation potential of the AI Act for those risks, this research focusses on a case study of a hypothetical application of medical device software that entails the aforementioned risks. The AI Act refers to the harmonised norms for already existing legislation, here being the European medical device regulation. The issue at hand is a causal link between a confounder and the value the algorithm optimises for by proxy. The research identifies where the AI Act already looks at confounders (i.a. feedback loops in systems that continue to learn after being placed on the market). The research identifies where the current proposal by parliament leaves legal uncertainty on the necessity to check for confounders that do not influence the input of the system, when the system does not continue to learn after being placed on the market. The authors propose an amendment to article 15 of the AI Act that would require high-risk systems to be developed in such a way as to mitigate risks from those aforementioned confounders.

Keywords: AI Act, healthcare, confounders, risks

Procedia PDF Downloads 231

Authors: Muhammad Wasif, Asif Ahmed Shaikh, Sarosh Hashmat Lodi, Muhammad Aslam Bhutto, Riazuddin

Abstract:

Risk Management System is quite popular in profit- based organizations, health and safety and project management fields since the last few decades. But due to rapidly changing environment and requirement of ISO 9001:2015 standards, public-sector institution, especially higher education institutes are also performing risk assessment to monitor the performance of the institution and aligning it with the latest benchmark. In this context, NED University of Engineering and Technology performed research and developed a Standard Operating Procedure (SOP) for the risk assessment, its monitoring and control. In this research, risks are broken into the four sources, namely; Internal Academics Risks, External Academics Risks, Internal Non-academic Risks, External Non-academic Risks. Risks are identified by the management at all levels. Severity and likelihood of the risks are assigned based on the previous audit results and the customer complains. Risk Ratings are calculated to orderly arrange the risk according to the Risk Rating, and controls for the risks are designed, which are assigned to the responsible person. At the end of the article, result and analysis on the different sources of risk are discussed in details and the conclusion is drawn. Discussion on few sample risks are presented in this article. Hence it is presented in the research that the Risk Management System can be applied in a Higher Education Institute to effectively control the risks which might affect the scope and Quality Management System of an organization.

Keywords: higher education, quality management system, risk assessment, risk management

Procedia PDF Downloads 270

Authors: Ali Abdullah Albezaghi

Abstract:

This article aims to introduce a conceptual framework that can facilitate investigations concerning the role of risk management practices in the relationship between construction risks and the construction project's performance. This article is structured based on the extant literature; it reviews theoretical perspectives, highlights the gaps, and illustrates the significance of developing a framework of suggested relationships. Despite growing interest in the role of risks in construction project performance, previous studies have paid little attention to investigating the moderating role of risk management practices on the risk-performance link. This has left researchers and construction project managers with minimal information to explain the conditions under which risk management practices can reduce the impact of project-related risks and improve performance. In this context, this article suggests a viable research model with propositions that assess risk-performance relationships and discusses the potential moderating effects on the domain relationship. This paper adds to the risk management literature by focusing on risk variables that directly impact performance. Further, it also considers the moderating role of risk management practices in such relationships.

Keywords: risk management practices, external risks, internal risks, project risks, project performance

Procedia PDF Downloads 97

Authors: Kevin Wongleedee

Abstract:

Food quality and risks are major concerns for inbound senior tourists when visiting tourist destinations in Thailand. The purposes of this study were to investigate food quality and risks perceived by inbound senior tourists. This paper drew upon data collection from an inbound senior tourist survey conducted in Thailand during summer 2013. Summer time in Thailand is a high season for inbound tourists. It is also a high risk period in which a variety food safety issues and incidents have often occurred. The survey was structured primarily to obtain inbound senior tourists’ concerns toward a variety of food quality and risks they encountered during their trip in Thailand. A total of 400 inbound senior tourists were elicited as data input for mean and standard deviation. The findings revealed that inbound tourists rated the overall food quality at a high level and the three most important perceived food risks were 1) unclean physical cooking facility, 2) toxic chemical handling, and 3) unclean water.

Keywords: food quality, inbound senior tourists, risks, Thailand

Procedia PDF Downloads 361

Authors: Ahmad Baghdadi, Mohammed Kishk

Abstract:

Construction projects are unique and involve different level of complexity. Airports projects, among other construction projects, are considered to be very complex as they face a number of challenges which make them inevitably exposed to risks. However, in Saudi Arabia, the sector of aviation is considered an important sector owing to the fact that it is the first destination for Muslims on an annual basis. As a result the Saudi government has allocated a huge amount of their general budget to this sector through the General Authority of Civil Aviation (GACA). However, it has been found that the projects are still delivered with a significant number of time and cost overruns. These consequences are typically generated from the risks involved in the projects. Thus, there is a need to identify the number of risks thought to cause such overruns in project times and costs, as well as to assess their significances in terms of their likelihoods of occurrence and their impacts. Accordingly, this paper aims to identify risks associated with aviation construction projects in Saudi Arabia, as well as to assess their likelihoods of occurrence and impacts on such projects. In total, forty four risks have been identified through a critical literature review of common risks in similar projects, as well as thirteen semi-structured interviews with expert project managers involved in GACA’s projects. However, the assessment of the identified risks in term of their likelihoods of occurrence and impacts was obtained through the analysis of forty five questionnaires. Respondents of questionnaires include clients, contractors and consultants. The results show the risks of design changes by the client, labour issue, and setting a tight schedule by the client have the highest likelihoods of occurrence in GACA projects, while the risks of earthquakes, design constructability, and corruption have the greatest impacts.

Keywords: aviation construction projects, GACA, risks, risk assessment, Saudi Arabia

Procedia PDF Downloads 516

Authors: Yahya N. Alfraidi, Abdel Halim Boussabaine

Abstract:

Climate change risk impacts are one of the most challenging aspects that faces the built environment now and the near future. The impacts of climate change on buildings are considered in four different dimensions: physical, economic, social, and management. For each of these, the risks are discussed as they arise from various effects linked to climate change, including windstorms, precipitation, temperature change, flooding, and sea-level rise. For example, building assets in cities will be exposed to extreme hot summer days and nights due to the urban heat island effect and pollution. Buildings also could be vulnerable to water, electricity, gas, etc., scarcity. Building materials, fabric and systems could also be stressed by the emerging climate risks. More impotently the building users might experience extreme internal and extern comfort conditions leading to lower productivity, wellbeing and health problems. Thus, the main aim of this paper to document the emerging risks from climate change on building assets. An in-depth discussion on the consequences of these climate change risk is provided. It is expected that the outcome of this research will be a set of risk design indicators for developing and procuring resilient building assets.

Keywords: climate change, risks of climate change, risks on building from climate change, buildings

Procedia PDF Downloads 597

Authors: Adriano Bessa Albuquerque, Francisco Jose Barreto Nunes

Abstract:

Software vulnerabilities are increasing and not only impact services and processes availability as well as information confidentiality, integrity and privacy, but also cause changes that interfere in the development process. Security test could be a solution to reduce vulnerabilities. However, the variety of test techniques with the lack of real case studies of applying tests focusing on software development life cycle compromise its effective use. This paper offers an overview of how a Systematic Mapping Study (MS) about security verification, validation and test (VVT) was performed, besides presenting general results about this study.

Keywords: software test, software security verification validation and test, security test institutionalization, systematic mapping study

Procedia PDF Downloads 355

Authors: Sayor Ajfar Aaron, Md. Mushfiqur Rahman, Sajjat Hossain Abir, Ashif Newaz

Abstract:

This paper examines the transformative potential of quantum computing in the field of cybersecurity, with a focus on advanced penetration testing and forensics. It explores how quantum technologies can be leveraged to identify and exploit vulnerabilities more efficiently than traditional methods and how they can enhance the forensic analysis of cyber-attacks. Through theoretical analysis and practical simulations, this study highlights the enhanced capabilities of quantum algorithms in detecting and responding to sophisticated cyber threats, providing a pathway for developing more resilient cybersecurity infrastructures.

Keywords: cybersecurity, cyber forensics, penetration testing, quantum computing

Procedia PDF Downloads 5

Authors: Farnaz Farzadnia, Ahmad Alibabaei

Abstract:

Enterprise Resource Planning (ERP) systems are considered as complicated information systems. Many organizations failed implementing ERP systems because it is a very difficult, time-consuming and expensive process. Enterprise resource planning system is appropriate for organizations in all economic sectors. As banking is currently considered a non-typical area for ERP usage, there are very little studies on ERP implementation in banking. This paper presents a general risks taxonomy. In this research, after identifying implementation risks, a process quality management method has been applied to identify relations between risks of implementation ERP in banking sectors and implementation phases. Oracle application implementation method titled as AIM used in this research for classifying the risks. These findings will help managers to develop better strategies for supervising and controlling ERP implementation projects.

Keywords: AIM implementation, bank, enterprise resource planning, risk, process quality management method

Procedia PDF Downloads 508

Authors: K. P. Fasalu Rahman

Abstract:

The financial services industry of Islam include large number of institutions, such as investment banks and commercial banks, investment companies and mutual insurance companies. All types of these financial institutions should have to deal with many issues and risks in their field of work. Islamic banks should expect to face two types of risks: risks that are similar to those faced by conventional financial intermediaries and risks that are unique to the Islamic Banks due to their compliance with the Shariah. The use of financial services and products that comply with the Shariah principles cause special issues for supervision and risk management. Risks are uncertain future events that could influence the achievement of the bank’s objectives, including strategic, operational, financial and compliance objectives. In Islamic banks, effective risk management deserves special attention. As an operational problem, risk management is the classification and identification of methods, processes, and risks in banks to supervise, monitor and measure them. In comparison to conventional banks, Islamic banks face big difficulties in identifying and managing risks due to bigger complexities emerging from the profit loss sharing (PLS) concept and nature of particular risks of Islamic financing. As the developing of managing risks tool becomes very essential, especially in Islamic banking as most of the products are depending on PLS principle, identifying and measuring each type of risk is highly important and critical in any Islamic finance based systems. This paper highlights the special and general risks surrounding Islamic banking. And it investigates in detail the need for risk management in Islamic banks. In addition to analyzing the effectiveness of risk management strategies adopted by Islamic financial institutions at present, this research is also suggesting strategies for improving risk management process of Islamic banks in future.

Keywords: Islamic banking, management, risk, risk management

Procedia PDF Downloads 119

Authors: Isah Yahaya Aliyu

Abstract:

Research on Internet use has often approached beneficial uses (online opportunities) of the Internet as separate from the risky encounters (online risks) of young people online. However, empirical evidence from diverse contexts appears to increasingly support the fusion of the two sets of online activities. Hence, the current research investigates the correlation between Internet use (IU) and digital literacy (DL) with online opportunities (OP) and risks (OR), using data from a Nigerian context, where there appears a paucity of research and literature on integrating opportunities and risks in the same study. A web-based data collection method was used to administer a survey to 335 undergraduate students in Northeastern Nigeria. Underpinned to Livingstone and Helsper model, findings are largely consistent with existing literature; IU and DL influence OP (R2 = 0.791, SE = 0.265, F-Stats = 626.566, P-value <.001), equally IU and DL influence OR as well (R2 = 0.343, SE = 0.465, F-Stats = 86.671, P-value <.001). OP and OR were found to strongly correlate positively (r = .667, n = 335, p < 0.01). This study has provided buttressing evidence from a Nigerian context of the fusion of benefits and risks of the Internet among young people. It has also upheld the argument for improved literacy as strategy for minimizing risks/harm rather than restricting use. Other theoretical and policy implications of the findings have been discussed in line with local and global debates about the Internet and its attendant effects.

Keywords: digital, internet, literacy, opportunities, risks

Procedia PDF Downloads 50

Authors: Lin Tang, Xiaoxia Guo, Lingling Zhang

Abstract:

Recent vaccine scandals overshadowed China’s accomplishment of public health, triggering discussions on the causes of vaccine incidents. Through legal interpretation of selected vaccine incidents and analysis of systemic vulnerabilities in vaccine circulation and lot release, a panoramic review of legislative progresses in the vaccine administration sheds the light on this debate. In essence, it is the combination of the lagging legal system and the absence of information technology infrastructure in the process of vaccine administration reform that has led to the recurrence of vaccine incidents. These findings have significant implications for further improvement of vaccine administration and China’s participation in global healthcare.

Keywords: legislation, lot release, public health, reform, vaccine administration, vaccine circulation

Procedia PDF Downloads 121

Authors: Zunaira Zaman, David Bohannon

Abstract:

This study explores the application of machine learning (ML) for detecting security vulnerabilities in source code. The research aims to assist organizations with large application portfolios and limited security testing capabilities in prioritizing security activities. ML-based approaches offer benefits such as increased confidence scores, false positives and negatives tuning, and automated feedback. The initial approach using natural language processing techniques to extract features achieved 86% accuracy during the training phase but suffered from overfitting and performed poorly on unseen datasets during testing. To address these issues, the study proposes using the abstract syntax tree (AST) for Java and C++ codebases to capture code semantics and structure and generate path-context representations for each function. The Code2Vec model architecture is used to learn distributed representations of source code snippets for training a machine-learning classifier for vulnerability prediction. The study evaluates the performance of the proposed methodology using two datasets and compares the results with existing approaches. The Devign dataset yielded 60% accuracy in predicting vulnerable code snippets and helped resist overfitting, while the Juliet Test Suite predicted specific vulnerabilities such as OS-Command Injection, Cryptographic, and Cross-Site Scripting vulnerabilities. The Code2Vec model achieved 75% accuracy and a 98% recall rate in predicting OS-Command Injection vulnerabilities. The study concludes that even partial AST representations of source code can be useful for vulnerability prediction. The approach has the potential for automated intelligent analysis of source code, including vulnerability prediction on unseen source code. State-of-the-art models using natural language processing techniques and CNN models with ensemble modelling techniques did not generalize well on unseen data and faced overfitting issues. However, predicting vulnerabilities in source code using machine learning poses challenges such as high dimensionality and complexity of source code, imbalanced datasets, and identifying specific types of vulnerabilities. Future work will address these challenges and expand the scope of the research.

Keywords: code embeddings, neural networks, natural language processing, OS command injection, software security, code properties

Procedia PDF Downloads 74

Authors: Roman Kulikov, Svetlana Kolesnikova

Abstract:

Last decade Cloud Computing technologies have been rapidly becoming ubiquitous. Each year more and more organizations, corporations, internet services and social networks trust their business sensitive information to Public Cloud. The data storage in Public Cloud is protected by security mechanisms such as firewalls, cryptography algorithms, backups, etc.. In this way, however, only outsider attacks can be prevented, whereas virtualization tools can be easily compromised by insider. The protection of Public Cloud’s critical elements from internal intruder remains extremely challenging. A hypervisor, also called a virtual machine manager, is a program that allows multiple operating systems (OS) to share a single hardware processor in Cloud Computing. One of the hypervisor's functions is to enforce access control policies. Furthermore, it prevents guest OS from disrupting each other and from accessing each other's memory or disk space. Hypervisor is the one of the most critical and vulnerable elements in Cloud Computing infrastructure. Nevertheless, it has been poorly protected from being compromised by insider. By exploiting certain vulnerabilities, privilege escalation can be easily achieved in insider attacks on hypervisor. In this way, an internal intruder, who has compromised one process, is able to gain control of the entire virtual machine. Thereafter, the consequences of insider attacks in Public Cloud might be more catastrophic and significant to virtual tools and sensitive data than of outsider attacks. So far, almost no preventive security countermeasures have been developed. There has been little attention paid for developing models to assist risks mitigation strategies. In this paper formal model of insider attacks on hypervisor is designed. Our analysis identifies critical hypervisor`s vulnerabilities that can be easily compromised by internal intruder. Consequently, possible conditions for successful attacks implementation are uncovered. Hence, development of preventive security countermeasures can be improved on the basis of the proposed model.

Keywords: insider attack, public cloud, cloud computing, hypervisor

Procedia PDF Downloads 336

Authors: Mohamed Saad Ahmed Hussien

Abstract:

This paper discusses the risk management in Islamic banks and aims to determine the difference in the practices and methods of risk management in those banks compared to the conventional banks, and to make a case study of the biggest Islamic bank in Egypt (Faisal Islamic Bank of Egypt) to identify the most important financial risks faced and how to manage those risks. It was found that Islamic banks face two types of risks. The first type is similar to the risks in conventional banks; the second type is the additional risks which facing the Islamic banks only as a result of some Islamic modes of financing. With regard to the risk management, Islamic banks such as conventional banks applied the regulatory rules issued by the Central Banks and the Basel Committee; Islamic banks also applied the instructions and procedures issued by the Islamic Financial Services Board (IFSB). Also, Islamic banks are similar to the conventional banks in the practices and methods which they use to manage the risks. And there are some factors that may affect the risk management in Islamic banks, such as the size of the bank and the efficiency of the administration and the staff of the bank.

Keywords: conventional banks, Faisal Islamic Bank of Egypt, Islamic banks, risk management

Procedia PDF Downloads 429

Authors: Kyriaki G. Giota, George Kleftaras

Abstract:

The purpose of this article is to briefly review the opportunities that social media presents to counselors and psychologists. Particular attention was given to understanding some of the more important common risks inherent in social media and the potential ethical dilemmas which may arise for counselors and psychologists who embrace them in their practice. Key considerations of issues pertinent to an online presence such as multiple relationships, visibility and privacy, maintaining ethical principles and professional boundaries are being discussed.

Keywords: social media, counseling, risks, ethics

Procedia PDF Downloads 391

Authors: Belbahi Ahlam

Abstract:

With the phenomenal growth in the Internet, network security has become an integral part of computer and information security. In order to come up with measures that make networks more secure, it is important to learn about the vulnerabilities that could exist in a computer network and then have an understanding of the typical attacks that have been carried out in such networks. The first half of this paper will expose the readers to the classical network attacks that have exploited the typical vulnerabilities of computer networks in the past and solutions that have been adopted since then to prevent or reduce the chances of some of these attacks. The second half of the paper will expose the readers to the different network security controls including the network architecture, protocols, standards and software/ hardware tools that have been adopted in modern day computer networks.

Keywords: network security, attacks and controls, computer and information, solutions

Procedia PDF Downloads 418

Authors: Ku Aina Afiqah Ku Adzman, Manmeet Mahinderjit Singh, Zarul Fitri Zaaba

Abstract:

NFC operates on low-range 13.56 MHz frequency within a distance from 4cm to 10cm, and the applications can be categorized as touch and go, touch and confirm, touch and connect, and touch and explore. NFC applications are vulnerable to various security and privacy attacks such due to its physical nature; unprotected data stored in NFC tag and insecure communication between its applications. This paper aims to determine the likelihood of security risks happening in an NFC technology and application. We present an NFC technology taxonomy covering NFC standards, types of application and various security and privacy attack. Based on observations and the survey presented to evaluate the risk assessment within the touch and go application demonstrates two security attacks that are high risks namely data corruption and DOS attacks. After the risks are determined, risk countermeasures by using AHP is adopted. The guideline and solutions to these two high risks, attacks are later applied to a secure NFC-enabled Smartphone Attendance System.

Keywords: Near Field Communication (NFC), risk assessment, multi-criteria decision making, Analytical Hierarchy Process (AHP)

Procedia PDF Downloads 272

Authors: Abdullah M. Alzahrani, Abdel Halim Boussabaine

Abstract:

There is an international consensus on the climate change in the entire world and this is as a result of the combination of the natural factors, such as volcanoes and hurricanes with increased of human activity on the earth, such as industrial renaissance. Where this solidarity increases emissions of greenhouse gases GHGs that considered as the main driver of climate change scenarios and related emerging risks and impacts on buildings. These climatic risks including damages, disruption and disquiet are set to increase and it is considered as the main challenges and difficulties facing built environment due to major implications on assets sector. Consequently, the threat from climate change patterns has a significant impact on a variety of complex human decisions, which affect all aspects of living. Understanding the relationship between buildings and such risks arising from climate change scenarios on buildings are the key in insuring the optimal timing and design of policies and systems, which affect all aspects of the built environment. This paper will uncovering this correlation between emerging climate change risks and the building assets. In addition, how these emerging risks can be classified in practical way in terms of their impact type on buildings. Hence, this mapping will assist professionals and interested parties in the building sector to cope with such risks in several systematic ways including development and designing of mitigation and adaptation strategies and processes of design, specification, construction, and operation; all these leads to successful management of assets.

Keywords: climate change, climate change risks, built environment, building sector, impacts

Procedia PDF Downloads 326

Authors: Xinghang Lv, Tao Peng, Jia Chen, Junping Liu, Xinrong Hu, Ruhan He, Minghua Jiang, Wenli Cao

Abstract:

As one of the most dangerous vulnerabilities, effective detection of buffer overflow vulnerabilities is extremely necessary. Traditional detection methods are not accurate enough and consume more resources to meet complex and enormous code environment at present. In order to resolve the above problems, we propose the method for Buffer overflow detection based on Abstract syntax tree, Control flow graph, and Data dependency graph (BodeACD) in C/C++ programs with source code. Firstly, BodeACD constructs the function samples of buffer overflow that are available on Github, then represents them as code representation sequences, which fuse control flow, data dependency, and syntax structure of source code to reduce information loss during code representation. Finally, BodeACD learns vulnerability patterns for vulnerability detection through deep learning. The results of the experiments show that BodeACD has increased the precision and recall by 6.3% and 8.5% respectively compared with the latest methods, which can effectively improve vulnerability detection and reduce False-positive rate and False-negative rate.

Keywords: vulnerability detection, abstract syntax tree, control flow graph, data dependency graph, code representation, deep learning

Procedia PDF Downloads 140

Authors: Mohammed Ketel

Abstract:

This paper discusses the security issues related to Bring Your Own Devices (BYOD) programs, an increasingly popular choice for small and big businesses alike, and explores the benefits, risks, the available controls and solutions to mitigate the inherent security concerns with mobile devices, in general, and BYOD programs specifically. The paper also discusses the approaches that organizations can apply to mitigate the risks, which may include policies, diverse technologies, education, and training.

Keywords: BYOD, security, policies, standards, controls, education

Procedia PDF Downloads 260