Search results for: secure e-voting system

Authors: Temitope O. Tokosi, Visvanathan Naicker

Abstract:

Patient health records contain sensitive information for which an electronic patient record (EPR) system can safely secure and transmit amongst clinicians for use in improving health delivery. Clinician’s use of the behaviour of these systems is under scrutiny to assess their attributes towards health technology. South Africa (SA) clinicians responded to a pilot study survey to assess their understanding of EPR, what attributes are important towards technology use and more importantly streamlining the survey for a larger study. Descriptive statistics using mean scores was used because of the small sample size of 11 clinicians who completed the survey. Nine (9) constructs comprising 62 items were used and a Cronbach alpha score of 0.883 was obtained. Limitations and discussions conclude the study.

Keywords: EPR, clinicians, pilot study, South Africa

Procedia PDF Downloads 241

Authors: Paul Essel, Eric T. Glover, Gustav Gbeddy, Yaw Adjei-Kyereme, Abdallah M. A. Dawood, Evans M. Ameho, Emmanuel A. Aberikae

Abstract:

Radioactive materials mainly in the form of Sealed Radioactive Sources are being used in various sectors (medicine, agriculture, industry, research, and teaching) for the socio-economic development of Ghana. The use of these beneficial radioactive materials has resulted in an inventory of Disused Sealed Radioactive Sources (DSRS) in storage. Most of the DSRS are legacy/historic sources which cannot be returned to their manufacturer or country of origin. Though small in volume, DSRS can be intensively radioactive and create a significant safety and security liability. They need to be managed in a safe and secure manner in accordance with the fundamental safety objective. The Radioactive Waste Management Center (RWMC) of the Ghana Atomic Energy Commission (GAEC) is currently storing a significant volume of DSRS. The initial activities of the DSRS range from 7.4E+5 Bq to 6.85E+14 Bq. If not managed properly, such DSRS can represent a potential hazard to human health and the environment. Storage is an important interim step, especially for DSRS containing very short-lived radionuclides, which can decay to exemption levels within a few years. Long-term storage, however, is considered an unsustainable option for DSRS with long half-lives hence the need for a disposal facility. The GAEC intends to use the International Atomic Energy Agency’s (IAEA’s) Borehole Disposal System (BDS) to provide a safe, secure, and cost-effective disposal option to dispose of its DSRS in storage. The proposed site for implementation of the BDS is on the GAEC premises at Kwabenya. The site has been characterized to gain a general understanding in terms of its regional setting, its past evolution and likely future natural evolution over the assessment time frame. Due to the long half-lives of some of the radionuclides to be disposed of (Ra-226 with half-life of 1600 years), the engineered barriers of the system must be robust to contain these radionuclides for this long period before they decay to harmless levels. There is the need to assess the safety related functions of the engineered barriers of this disposal system.

Keywords: radionuclides, disposal, radioactive waste, engineered barrier

Procedia PDF Downloads 32

Authors: Hiroshi Yamaguchi, Phillip C. Y. Sheu, Ryo Fujita, Shigeo Tsujii

Abstract:

In this paper, the secure BioSemantic Scheme is presented to bridge biological/biomedical research problems and computational solutions via semantic computing. Due to the diversity of problems in various research fields, the semantic capability description language (SCDL) plays and important role as a common language and generic form for problem formalization. SCDL is expected the essential for future semantic and logical computing in Biosemantic field. We show several example to Biomedical problems in this paper. Moreover, in the coming age of cloud computing, the security problem is considered to be crucial issue and we presented a practical scheme to cope with this problem.

Keywords: biomedical applications, private information retrieval (PIR), semantic capability description language (SCDL), semantic computing

Procedia PDF Downloads 366

Authors: Mohammed A. M. Ibrahim

Abstract:

This paper investigate the utilization of wire and wireless networks to be platform for distributed educational monitoring system. Universities in developing countries suffer from a lot of shortages(staff, equipment, and finical budget) and optimal utilization of the wire and wireless network, so universities can mitigate some of the mentioned problems and avoid the problems that maybe humble the education processes in many universities by using our implementation of the examinations system as a test-bed to utilize the network as a solution to the shortages for academic staff in Taiz University. This paper selects a two areas first one quizzes activities is only a test bed application for wireless network learning environment system to be distributed among students. Second area is the features and the security of wireless, our tested application implemented in a promising area which is the use of WLAN in higher education for leering environment.

Keywords: networking wire and wireless technology, wireless network security, distributed computing, algorithm, encryption and decryption

Procedia PDF Downloads 304

Authors: Saddikuti Venkataramanaiah, N Ravichandran

Abstract:

The main focus of this paper is to highlight the challenges faced by the world’s largest pilgrimage center in providing free-of-cost luggage handling services to visiting pilgrims. The service was managed by a third-party agency selected based on a competitive bidding process. The third-party agency is responsible for providing timely, reliable, and secure services to the pilgrims. The methodology includes field visits and interaction with pilgrims, service providers, and other stakeholders of the system. Based on a detailed analysis of the information/data gathered, various innovations implemented and implications for policy making and sustainable service delivery were suggested.

Keywords: luggage handling, sustainable, service delivery, third party logistics, innovation

Procedia PDF Downloads 54

Authors: Meshari Aljohani, Stephan Olariu, Ravi Mukkamala

Abstract:

Data is essential for enhancing the quality of life. Its value creates chances for users to profit from data sales and purchases. Users in data marketplaces, however, must share and trade data in a secure and trusted environment while maintaining their privacy. The first main contribution of this paper is to identify enabling technologies and challenges facing the development of decentralized data marketplaces. The second main contribution is to propose a decentralized data marketplace framework based on blockchain technology. The proposed framework enables sellers and buyers to transact with more confidence. Using a security deposit, the system implements a unique approach for enforcing honesty in data exchange among anonymous individuals. Before the transaction is considered complete, the system has a time frame. As a result, users can submit disputes to the arbitrators which will review them and respond with their decision. Use cases are presented to demonstrate how these technologies help data marketplaces handle issues and challenges.

Keywords: blockchain, data, data marketplace, smart contract, reputation system

Procedia PDF Downloads 136

Authors: Husen Ahmed Tura

Abstract:

There are strong links between secure land rights and food security in Africa. However, as land is owned by governments, land users do not have adequate legislative protection. This article explores normative and implementation gaps in relation to small-scale farmers’ land rights under the Ethiopia’s law. It finds that the law facilitates eviction of small-scale farmers and indigenous peoples from their land without adequate alternative means of livelihood. It argues that as access to land and other natural resources is strongly linked to the right to adequate food, Ethiopia should reform its land laws in the light of its legal obligations under international human rights law to respect, protect and fulfill the right to adequate food and ensure freedom from hunger.

Keywords: smallholder, secure land rights , food security, right to food, land grabbing, forced evictions

Procedia PDF Downloads 277

Authors: Umesh Kumar Singh, Chanchala Joshi

Abstract:

With increasing dependency on IT infrastructure, the main objective of a system administrator is to maintain a stable and secure network, with ensuring that the network is robust enough against malicious network users like attackers and intruders. Security risk management provides a way to manage the growing threats to infrastructures or system. This paper proposes a framework for risk level estimation which uses vulnerability database National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS). The proposed framework measures the frequency of vulnerability exploitation; converges this measured frequency with standard CVSS score and estimates the security risk level which helps in automated and reasonable security management. In this paper equation for the Temporal score calculation with respect to availability of remediation plan is derived and further, frequency of exploitation is calculated with determined temporal score. The frequency of exploitation along with CVSS score is used to calculate the security risk level of the system. The proposed framework uses the CVSS vectors for risk level estimation and measures the security level of specific network environment, which assists system administrator for assessment of security risks and making decision related to mitigation of security risks.

Keywords: CVSS score, risk level, security measurement, vulnerability category

Procedia PDF Downloads 295

Authors: Aditya Verma

Abstract:

E-voting using blockchain provides us with a distributed system where data is present on each node present in the network and is reliable and secure too due to its immutability property. This work compares various blockchain consensus algorithms used for e-voting applications in the past, based on performance and node scalability, and chooses the optimal one and improves on one such previous implementation by proposing solutions for the loopholes of the optimally working blockchain consensus algorithm, in our chosen application, e-voting.

Keywords: blockchain, parallel bft, consensus algorithms, performance

Procedia PDF Downloads 127

Authors: Hasna Elalaoui Elabdallaoui, Abdelaziz Elfazziki, Mohamed Sadgal

Abstract:

Outlines: The social economy is a moral approach to solidarity applied to the projects’ development. To reconcile economic activity and social equity, crowdfunding is as an alternative means of financing social projects. Several collaborative blockchain platforms exist. It eliminates the need for a central authority or an inconsiderate middleman. Also, the costs for a successful crowdfunding campaign are reduced, since there is no commission to be paid to the intermediary. It improves the transparency of record keeping and delegates authority to authorities who may be prone to corruption. Objectives: The objectives are: to define a software infrastructure for projects’ participatory financing within a social and solidarity economy, allowing transparent, secure, and fair management and to have a financial mechanism that improves financial inclusion. Methodology: The proposed methodology is: crowdfunding platforms literature review, financing mechanisms literature review, requirements analysis and project definition, a business plan, Platform development process and implementation technology, and testing an MVP. Contributions: The solution consists of proposing a new approach to crowdfunding based on Islamic financing, which is the principle of Mousharaka inspired by Islamic financing, which presents a financial innovation that integrates ethics and the social dimension into contemporary banking practices. Conclusion: Crowdfunding platforms need to secure projects and allow only quality projects but also offer a wide range of options to funders. Thus, a framework based on blockchain technology and Islamic financing is proposed to manage this arbitration between quality and quantity of options. The proposed financing system, "Musharaka", is a mode of financing that prohibits interests and uncertainties. The implementation is offered on the secure Ethereum platform as investors sign and initiate transactions for contributions using their digital signature wallet managed by a cryptography algorithm and smart contracts. Our proposal is illustrated by a crop irrigation project in the Marrakech region.

Keywords: social economy, Musharaka, blockchain, smart contract, crowdfunding

Procedia PDF Downloads 53

Authors: Monica Ginn

Abstract:

Providing recovery-oriented practice in forensic settings is often a contentious issue. This paper focuses on recovery with how it is influenced by the forensic population and how it is impacted by forensic nurses’ attitudes and practices. Understanding the culture of forensic nursing and how forensic nurses experience and perceive recovery for forensic patients provided insights into how forensic nurses use recovery-oriented practices to enhance nursing care in secure settings and facilitate successful reintegration back into community care and society. Interviews were completed with nurses who work with the Not Criminally Responsible patient population in an inpatient setting to discuss and explore how they use recovery-oriented practice in their practice in spite of their role in assessing and managing risk.

Keywords: forensic nursing culture, not criminally responsible, offender recovery, recovery-oriented practice, secure recovery

Procedia PDF Downloads 70

Authors: Yashas Bedre Raghavendra, Pim Vullers

Abstract:

This study presents the design and implementation of an abstract cryptographic coprocessor, leveraging AMBA(Advanced Microcontroller Bus Architecture) protocols - APB (Advanced Peripheral Bus) and AHB (Advanced High-performance Bus), to enable seamless integration with the main CPU(Central processing unit) and enhance the coprocessor’s algorithm flexibility. The primary objective is to create a versatile coprocessor that can execute various cryptographic algorithms, including ECC(Elliptic-curve cryptography), RSA(Rivest–Shamir–Adleman), and AES (Advanced Encryption Standard) while providing a robust and secure solution for modern secure embedded systems. To achieve this goal, the coprocessor is equipped with a tightly coupled memory (TCM) for rapid data access during cryptographic operations. The TCM is placed within the coprocessor, ensuring quick retrieval of critical data and optimizing overall performance. Additionally, the program memory is positioned outside the coprocessor, allowing for easy updates and reconfiguration, which enhances adaptability to future algorithm implementations. Direct links are employed instead of DMA(Direct memory access) for data transfer, ensuring faster communication and reducing complexity. The AMBA-based communication architecture facilitates seamless interaction between the coprocessor and the main CPU, streamlining data flow and ensuring efficient utilization of system resources. The abstract nature of the coprocessor allows for easy integration of new cryptographic algorithms in the future. As the security landscape continues to evolve, the coprocessor can adapt and incorporate emerging algorithms, making it a future-proof solution for cryptographic processing. Furthermore, this study explores the addition of custom instructions into RISC-V ISE (Instruction Set Extension) to enhance cryptographic operations. By incorporating custom instructions specifically tailored for cryptographic algorithms, the coprocessor achieves higher efficiency and reduced cycles per instruction (CPI) compared to traditional instruction sets. The adoption of RISC-V 128-bit architecture significantly reduces the total number of instructions required for complex cryptographic tasks, leading to faster execution times and improved overall performance. Comparisons are made with 32-bit and 64-bit architectures, highlighting the advantages of the 128-bit architecture in terms of reduced instruction count and CPI. In conclusion, the abstract cryptographic coprocessor presented in this study offers significant advantages in terms of algorithm flexibility, security, and integration with the main CPU. By leveraging AMBA protocols and employing direct links for data transfer, the coprocessor achieves high-performance cryptographic operations without compromising system efficiency. With its TCM and external program memory, the coprocessor is capable of securely executing a wide range of cryptographic algorithms. This versatility and adaptability, coupled with the benefits of custom instructions and the 128-bit architecture, make it an invaluable asset for secure embedded systems, meeting the demands of modern cryptographic applications.

Keywords: abstract cryptographic coprocessor, AMBA protocols, ECC, RSA, AES, tightly coupled memory, secure embedded systems, RISC-V ISE, custom instructions, instruction count, cycles per instruction

Procedia PDF Downloads 43

Authors: Mattias Bergstrom

Abstract:

Significance of the Study: This research will provide new insights into the risks with digital embedded infrastructure. Through this research, we will analyze each risk and its potential negation strategies, especially for AI and autonomous automation. Moreover, the analysis that is presented in this paper will convey valuable information for future research that can create more stable, secure, and efficient autonomous systems. To learn and understand the risks, a large IoT system was envisioned, and risks with hardware, tampering, and cyberattacks were collected, researched, and evaluated to create a comprehensive understanding of the potential risks. Potential solutions have then been evaluated on an open source IoT hardware setup. This list shows the identified passive and active risks evaluated in the research. Passive Risks: (1) Hardware failures- Critical Systems relying on high rate data and data quality are growing; SCADA systems for infrastructure are good examples of such systems. (2) Hardware delivers erroneous data- Sensors break, and when they do so, they don’t always go silent; they can keep going, just that the data they deliver is garbage, and if that data is not filtered out, it becomes disruptive noise in the system. (3) Bad Hardware injection- Erroneous generated sensor data can be pumped into a system by malicious actors with the intent to create disruptive noise in critical systems. (4) Data gravity- The weight of the data collected will affect Data-Mobility. (5) Cost inhibitors- Running services that need huge centralized computing is cost inhibiting. Large complex AI can be extremely expensive to run. Active Risks: Denial of Service- It is one of the most simple attacks, where an attacker just overloads the system with bogus requests so that valid requests disappear in the noise. Malware- Malware can be anything from simple viruses to complex botnets created with specific goals, where the creator is stealing computer power and bandwidth from you to attack someone else. Ransomware- It is a kind of malware, but it is so different in its implementation that it is worth its own mention. The goal with these pieces of software is to encrypt your system so that it can only be unlocked with a key that is held for ransom. DNS spoofing- By spoofing DNS calls, valid requests and data dumps can be sent to bad destinations, where the data can be extracted for extortion or to corrupt and re-inject into a running system creating a data echo noise loop. After testing multiple potential solutions. We found that the most prominent solution to these risks was to use a Peer 2 Peer consensus algorithm over a blockchain to validate the data and behavior of the devices (sensors, storage, and computing) in the system. By the devices autonomously policing themselves for deviant behavior, all risks listed above can be negated. In conclusion, an Internet middleware that provides these features would be an easy and secure solution to any future autonomous IoT deployments. As it provides separation from the open Internet, at the same time, it is accessible over the blockchain keys.

Keywords: IoT, security, infrastructure, SCADA, blockchain, AI

Procedia PDF Downloads 72

Authors: Hashim Ali, Sheheryar Khan

Abstract:

Security for applications is always been a keen issue of concern. In general, security is to allow access of grant to legal user or to deny non-authorized access to the system. Shoulder surfing is an observation technique to hack an account or to enter into a system. When a malicious observer is capturing or recording the fingers of a user while he is entering sensitive inputs (PIN, Passwords etc.) and may be able to observe user’s password credential. It is very rigorous for a novice user to prevent himself from shoulder surfing or unaided observer in a public place while accessing his account. In order to secure the user account, there are five factors of authentication; they are: “(i) something you have, (ii) something you are, (iii) something you know, (iv) somebody you know, (v) something you process”. A technique has been developed of fifth-factor authentication “something you process” to provide novel approach to the user. In this paper, we have applied position based operational code authentication in such a way to more easy and user friendly to the user.

Keywords: shoulder surfing, malicious observer, sensitive inputs, authentication

Procedia PDF Downloads 239

Authors: Saransh Sharma, Atharv Dekhne

Abstract:

Passwords stored on central services and hashed are prone to cyberattacks and hacks. Hence, given all these nuisances, there’s a need to eliminate character-based authentication protocols, which would ultimately benefit all developers as well as end-users.To replace this conventional but antiquated protocol with a secure alternative would be Passwordless Authentication. The meta root.id system creates a public and private key, of which the user is only able to access the private key. Further, after signing the key, the user sends the information over the API to the server, which checks its validity with the public key and grants access accordingly.

Keywords: passwordless, OAuth, bitcoin, ZKP, SIN, BIP

Procedia PDF Downloads 63

Authors: Shinji Kawakura, Ryosuke Shibasaki

Abstract:

We have been grouping and developing various kinds of practical, promising sensing applied systems concerning agricultural advancement and technical tradition (guidance). These include advanced devices to secure real-time data related to worker motion, and we analyze by methods of various advanced statistics and human dynamics (e.g. primary component analysis, Ward system based cluster analysis, and mapping). What is more, we have been considering worker daily health and safety issues. Targeted fields are mainly common farms, meadows, and gardens. After then, we observed and discussed time-line style, changing data. And, we made some suggestions. The entire plan makes it possible to improve both the aforementioned applied systems and farms.

Keywords: advanced statistical analysis, wearable sensing system, tradition of skill, supporting for workers, detecting crisis

Procedia PDF Downloads 371

Authors: Reza Johari Fard, Najmeh Cheraghi, Parvin Ehtesham Zadeh, Parviz Asgari

Abstract:

The aim of this study was to investigate and comparison of the effectiveness of schema mode therapy and emotionally focused couples therapy in attachment styles (secure, avoidant, and anxious) in couples with marital conflict in a quasiexperimental method in a pretest, posttest, and follow up design with a control group. The statistical population of the study included all the couples with marital conflict who visited the Mehrana counseling center in 2019 in Ahvaz, Iran 45 couples were selected by voluntary sampling method and randomly divided into two experimental groups and one control group (15 pairs in each group). The participants completed the Adult Attachment Scale (Hazan and Shaver). The experimental groups underwent schema mode therapy and emotionally focused couples therapy for 12 sessions, but the control group did not receive any intervention. The data were analyzed by the statistical analysis of repeated measures in SPSS-19 software. The results showed that both schema mode therapy and emotionally focused couples therapy are effective in increasing the secure attachment style and reducing avoidant and ambivalent attachment styles in couples with marital conflict. There was no significant difference between the schema mode therapy group and the emotionally focused couple's therapy group in attachment styles. Therefore, it is recommended that therapists and family counselors use these therapies along with other therapeutic interventions to increase secure attachment styles and reduce marital conflicts.

Keywords: schema mode therapy, emotional focused couple therapy, attachment styles, marital conflict

Procedia PDF Downloads 80

Authors: Ralph Adaimy, Wassim El-Hajj, Ghassen Ben Brahim, Hazem Hajj, Haidar Safa

Abstract:

Huge amounts of data and personal information are being sent to and retrieved from web applications on daily basis. Every application has its own confidentiality and integrity policies. Violating these policies can have broad negative impact on the involved company’s financial status, while enforcing them is very hard even for the developers with good security background. In this paper, we propose a framework that enforces security-by-construction in web applications. Minimal developer effort is required, in a sense that the developer only needs to annotate database attributes by a security class. The web application code is then converted into an intermediary representation, called Extended Program Dependence Graph (EPDG). Using the EPDG, the provided annotations are propagated to the application code and run against generic security enforcement rules that were carefully designed to detect insecure information flows as early as they occur. As a result, any violation in the data’s confidentiality or integrity policies is reported. As a proof of concept, two PHP web applications, Hotel Reservation and Auction, were used for testing and validation. The proposed system was able to catch all the existing insecure information flows at their source. Moreover and to highlight the simplicity of the suggested approaches vs. existing approaches, two professional web developers assessed the annotation tasks needed in the presented case studies and provided a very positive feedback on the simplicity of the annotation task.

Keywords: web applications security, secure information flow, program dependence graph, database annotation

Procedia PDF Downloads 443

Authors: Wasmi Woishi

Abstract:

Smart card technology is a secure and safe technology that is expanding its capabilities day by day in terms of holding important information without alteration. It is readily available, and its ease of portability makes it more efficient in terms of its usage. The smart card is in use by many industries such as financial, insurance, governmental industries, personal identification, to name a few. Smart card technology is popular for its wide familiarity, adaptability, accessibility, benefits, and portability. This research aims to find out the perception toward the application of a cloud-based healthcare system through a smart card in KSA. The research has compiled the countries using a smart card or smart healthcare card and indicated the potential benefits of implementing smart healthcare cards. 120 participants from Riyadh city were surveyed by the means of a closed-ended questionnaire. Data were analyzed through SPSS. This research extends the research body in the healthcare system. Empirical evidence regarding smart healthcare cards is scarce and hence undertaken in this study. The study provides a useful insight into collecting, storing, analyzing, manipulating, and accessibility of medical information regarding smart healthcare cards. Research findings can help achieve KSA's Vision 2030 goals in terms of the digitalization of healthcare systems in improving its efficiency and effectiveness in storing and accessing healthcare data.

Keywords: smart card technology, healthcare using smart cards, smart healthcare cards, KSA healthcare information system, cloud-based healthcare cards

Procedia PDF Downloads 140

Authors: Mohammad Hadi Khorashadi Zadeh

Abstract:

Many new applications and internet services have been emerged since the innovation of mobile networks and devices. However, these applications have problems of security, management, and performance in business environments. Cloud systems provide information transfer, management facilities, and security for virtual environments. Therefore, an innovative internet service and a business model are proposed in the present study for creating a secure and consolidated environment for managing the mobile information of organizations based on cloud virtual phones (CVP) infrastructures. Using this method, users can run Android and web applications in the cloud which enhance performance by connecting to other CVP users and increases privacy. It is possible to combine the CVP with distributed protocols and central control which mimics the behavior of human societies. This mix helps in dealing with sensitive data in mobile devices and facilitates data management with less application overhead.

Keywords: BYOD, mobile cloud computing, mobile security, information management

Procedia PDF Downloads 281

Authors: Pratama R. Yunia, Firmansyah, I., Ariani, Ulfa R. Maharani, Fikri M. Al

Abstract:

Nowadays, notwithstanding that the role of SMS as a means of communication has been largely replaced by online applications such as WhatsApp, Telegram, and others, the fact that SMS is still used for certain and important communication needs is indisputable. Among them is for sending one time password (OTP) as an authentication media for various online applications ranging from chatting, shopping to online banking applications. However, the usage of SMS does not pretty much guarantee the security of transmitted messages. As a matter of fact, the transmitted messages between BTS is still in the form of plaintext, making it extremely vulnerable to eavesdropping, especially if the message is confidential, for instance, the OTP. One solution to overcome this problem is to use an SMS application which provides security services for each transmitted message. Responding to this problem, in this study, an automatic key SMS encryption scheme was designed as a means to secure SMS communication. The proposed scheme allows SMS sending, which is automatically encrypted with keys that are constantly changing (automatic key update), automatic key exchange, and automatic key generation. In terms of the security method, the proposed scheme applies cryptographic techniques with a hybrid cryptosystem mechanism. Proofing the proposed scheme, a client to client SMS encryption application was developed using Java platform with AES-256 as encryption algorithm, RSA-768 as public and private key generator and SHA-256 for message hashing function. The result of this study is a secure automatic key SMS encryption scheme using hybrid cryptosystem which can guarantee the security of every transmitted message, so as to become a reliable solution in sending confidential messages through SMS although it still has weaknesses in terms of processing time.

Keywords: encryption scheme, hybrid cryptosystem, one time password, SMS security

Procedia PDF Downloads 106

Authors: Nadir A. Carreon, Christa Sonderer, Aakarsh Rao, Roman Lysecky

Abstract:

With the advent of complex software and increased connectivity, the security of life-critical medical devices is becoming an increasing concern, particularly with their direct impact on human safety. Security is essential, but it is impossible to develop completely secure and impenetrable systems at design time. Therefore, it is important to assess the potential impact on the security and safety of exploiting a vulnerability in such critical medical systems. The common vulnerability scoring system (CVSS) calculates the severity of exploitable vulnerabilities. However, for medical devices it does not consider the unique challenges of impacts to human health and privacy. Thus, the scoring of a medical device on which human life depends (e.g., pacemakers, insulin pumps) can score very low, while a system on which human life does not depend (e.g., hospital archiving systems) might score very high. In this paper, we propose a medical vulnerability scoring system (MVSS) that extends CVSS to address the health and privacy concerns of medical devices. We propose incorporating two new parameters, namely health impact, and sensitivity impact. Sensitivity refers to the type of information that can be stolen from the device, and health represents the impact on the safety of the patient if the vulnerability is exploited (e.g., potential harm, life-threatening). We evaluate fifteen different known vulnerabilities in medical devices and compare MVSS against two state-of-the-art medical device-oriented vulnerability scoring systems and the foundational CVSS.

Keywords: common vulnerability system, medical devices, medical device security, vulnerabilities

Procedia PDF Downloads 132

Authors: Amjad Nusayr

Abstract:

Software security is a general term used to any type of software architecture or model in which security aspects are incorporated in this architecture. These aspects are not part of the main logic of the underlying program. Software security can be achieved using a combination of approaches, including but not limited to secure software designs, third part component validation, and secure coding practices. Memory safety is one feature in software security where we ensure that any object in memory has a valid pointer or a reference with a valid type. Aspect-Oriented Programming (AOP) is a paradigm that is concerned with capturing the cross-cutting concerns in code development. AOP is generally used for common cross-cutting concerns like logging and DB transaction managing. In this paper, we introduce the concepts that enable AOP to be used for the purpose of memory and type safety. We also present ideas for extending AOP in software security practices.

Keywords: aspect oriented programming, programming languages, software security, memory and type safety

Procedia PDF Downloads 103

Authors: Nunziata Ivana Guarneri, Arcangelo Bruna, Giuseppe Spampinato, Antonio Buemi

Abstract:

In the last decade, automotive companies have invested a lot in terms of innovation about many aspects regarding the automatic driver assistance systems. One innovation regards the usage of a smart camera placed on the car’s side mirror for monitoring the back and lateral road situation. A common road scenario is the overtaking of the preceding car and, in this case, a brief distraction or a loss of concentration can lead the driver to undertake this action, even if there is an already overtaking vehicle, leading to serious accidents. A valid support for a secure drive can be a smart camera system, which is able to automatically analyze the road scenario and consequentially to warn the driver when another vehicle is overtaking. This paper describes a method for monitoring the side view of a vehicle by using camera optical flow motion vectors. The proposed solution detects the presence of incoming vehicles, assesses their distance from the host car, and warns the driver through different levels of alert according to the estimated distance. Due to the low complexity and computational cost, the proposed system ensures real time performances.

Keywords: camera calibration, ego-motion, Kalman filters, object tracking, real time systems

Procedia PDF Downloads 199

Authors: Phuong Nguyen

Abstract:

Along with the ongoing energy transition, the electrical power system is getting more vulnerable with the increasing penetration of renewable energy sources (RES). By replacing a large amount of fossil fuel-based power plants with RES, the rotating mass of the power grid is decreasing drastically, which has been reported by a number of system operators. This leads to a huge challenge for operators to secure the operation of their grids in all-time horizon ranges, from sub-seconds to minutes and even hours. There is a need to revise the grid capabilities in dealing with transient (angle) stability and voltage dynamics. While the traditional approaches relied on deterministic scenarios (worst-case scenarios), there is also a need to cover a whole range of probabilities regarding a wide range of uncertainties coming from massive RES units. To contribute to handle these issues, this paper aims to focus on developing a new analytical approach for transient stability.

Keywords: transient stability, uncertainties, renewable energy sources, analytical approach

Procedia PDF Downloads 44

Authors: M. Doumi, A. Miloudi, A.G. Aissaoui, K. Tahir, C. Belfedal, S. Tahir

Abstract:

The studies on the photovoltaic system are extensively increasing because of a large, secure, essentially exhaustible and broadly available resource as a future energy supply. However, the output power induced in the photovoltaic modules is influenced by an intensity of solar cell radiation, temperature of the solar cells and so on. Therefore, to maximize the efficiency of the photovoltaic system, it is necessary to track the maximum power point of the PV array, for this Maximum Power Point Tracking (MPPT) technique is used. These algorithms are based on the Perturb-Observe, Conductance-Increment and the Fuzzy Logic methods. These techniques vary in many aspects as: simplicity, convergence speed, digital or analogical implementation, sensors required, cost, range of effectiveness, and in other aspects. This paper presents a comparative study of three widely-adopted MPPT algorithms; their performance is evaluated on the energy point of view, by using the simulation tool Simulink®, considering different solar irradiance variations. MPPT using fuzzy logic shows superior performance and more reliable control to the other methods for this application.

Keywords: photovoltaic system, MPPT, perturb and observe (P&O), incremental conductance (INC), Fuzzy Logic (FLC)

Procedia PDF Downloads 378

Authors: Eduardo P. Wiechmann, Jorge A. Henríquez, Pablo E. Aqueveque, Luis G. Muñoz

Abstract:

PV energy prices are declining rapidly. To take advantage of the benefits of those prices and lower the carbon footprint, operational practices must be modified. Undoubtedly, it challenges the electrowinning practice to operate at constant current throughout the day. This work presents a technology that contributes in providing modulation capacity to the electrode current distribution system. This is to raise the day time dc current and lower it at night. The system is a triple intercell bar that operates in current-source mode. The design is a capping board free dogbone type of bar that ensures an operation free of short circuits, hot swapability repairs and improved current balance. This current-source system eliminates the resetting currents circulating in equipotential bars. Twin auxiliary connectors are added to the main connectors providing secure current paths to bypass faulty or impaired contacts. All system conductive elements are positioned over a baseboard offering a large heat sink area to the ventilation of a facility. The system works with lower temperature than a conventional busbar. Of these attributes, the cathode current balance property stands out and is paramount for day/night modulation and the use of photovoltaic energy. A design based on a 3D finite element method model predicting electric and thermal performance under various industrial scenarios is presented. Preliminary results obtained in an electrowinning facility with industrial prototypes are included.

Keywords: electrowinning, intercell bars, PV energy, current modulation

Procedia PDF Downloads 124

Authors: Muhammad Rana, Quazi Mamun, Rafiqul Islam

Abstract:

In the Internet of Things (IoT), many devices are connected and accumulate a sheer amount of data. These Internet-driven raw data need to be transferred securely to the end-users via dependable networks. Consequently, the challenges of IoT security in various IoT domains are paramount. Cryptography is being applied to secure the networks for authentication, confidentiality, data integrity and access control. However, due to the resource constraint properties of IoT devices, the conventional cipher may not be suitable in all IoT networks. This paper designs a robust and effective lightweight cipher to secure the IoT environment and meet the resource-constrained nature of IoT devices. We also propose a symmetric and block-cipher based lightweight cryptographic algorithm. The proposed algorithm increases the complexity of the block cipher, maintaining the lowest computational requirements possible. The proposed algorithm efficiently constructs the key register updating technique, reduces the number of encryption rounds, and adds a new layer between the encryption and decryption processes.

Keywords: internet of things, cryptography block cipher, S-box, key management, security, network

Procedia PDF Downloads 73

Authors: Nicola Wakelin-Theron

Abstract:

This study focuses on higher education institutions in South Africa, with the view to understanding how tourism as a study discipline has evolved over the years, as well as the influence of employability skills on graduates’ ability to secure jobs in the tourism industry. Indeed, the employability landscape is becoming more complex; hence, it is imperative for higher education institutions to equip students with employability skills while going through their academic programmes and during their transition from higher education to the world of work. Employability – which is regarded as an empowerment mechanism and a key to job security – is a set of achievements which increases the probability for graduates to find and maintain employment. A quantitative research method was used to obtain the necessary information. Data were collected through a web-based, online survey questionnaire directed to academics from various public higher education institutions in South Africa that offer tourism as a qualification. The key findings revealed that academics are of the opinion that there are 5 skills that are influential in obtaining a position within the tourism industry.

Keywords: employability, industry skills, tourism industry, tourism qualification

Procedia PDF Downloads 378

Authors: M. S. Jimah, A. C. Achuenu, M. Momodu

Abstract:

Group communications over public infrastructure are prone to a lot of security issues. Existing network protocols like Protocol Independent Multicast Sparse Mode (PIM SM) and Protocol Independent Multicast Dense Mode (PIM DM) do not have inbuilt security features. Therefore, any user or node can easily access the group communication as long as the user can send join message to the source nodes, the source node then adds the user to the network group. In this research, a hybrid method of salting and hashing to encrypt information in the source and stub node was designed, and when stub nodes need to connect, they must have the appropriate key to join the group network. Object oriented analysis design (OOAD) was the methodology used, and the result shows that no extra controlled bandwidth overhead cost was added by encrypting and the hybrid model was more securing than the existing PIM SM, PIM DM and Zhang secure PIM SM.

Keywords: group communications, multicast, PIM SM, PIM DM, encryption

Procedia PDF Downloads 138