Search results for: security and authentication

Authors: Anastasios Papathanasiou, George Liontos, Athanasios Katsouras, Vasiliki Liagkou, Euripides Glavas

Abstract:

Email remains a crucial communication tool due to its efficiency, accessibility and cost-effectiveness, enabling rapid information exchange across global networks. However, the global adoption of email has also made it a prime target for cyber threats, including phishing, malware and Business Email Compromise (BEC) attacks, which exploit its integral role in personal and professional realms in order to perform fraud and data breaches. To combat these threats, this research advocates for a multi-layered defense strategy incorporating advanced technological tools such as anti-spam and anti-malware software, machine learning algorithms and authentication protocols. Moreover, we developed an artificial intelligence model specifically designed to analyze email headers and assess their security status. This AI-driven model examines various components of email headers, such as "From" addresses, ‘Received’ paths and the integrity of SPF, DKIM and DMARC records. Upon analysis, it generates comprehensive reports that indicate whether an email is likely to be malicious or benign. This capability empowers users to identify potentially dangerous emails promptly, enhancing their ability to avoid phishing attacks, malware infections and other cyber threats.

Keywords: email security, artificial intelligence, header analysis, threat detection, phishing, DMARC, DKIM, SPF, ai model

Procedia PDF Downloads 11

Authors: E. K. Linsenmayer

Abstract:

Traditional international relations theorists define state security, the principal national interest, as a state’s military force. However, many political theorists argue the current definition of security is not comprehensive and therefore, problematic. This paper argues that women’s physical security is not only linked but also necessary to achieve state security. In today’s unipolar political international system, the United States continues to accredit national security to its military. However, in one of the most militarized countries, women remain insecure. Through a case study method of the United States, this paper illuminates a necessary political prescription: the empowerment of women through an inside-out, feminist theoretical approach that makes state security attainable. The research through empirical testing, drawing from several databases, shows the positive effects of women’s physical security on state security. Women’s physical security is defined in terms of equal legal practices, health, education, and female representation in the government. State security is measured by the relative peace of a state, its involvement in conflict and a state’s relations with neighboring states. This paper shows that empowering women, 50% of the world’s population, is necessary for ending the current vicious circle of militarization, war, and insecurity. Without undoing gender power dynamics at the individual and societal level, security at all levels remains unattainable.

Keywords: gender inequality, politics, state security, women's security

Procedia PDF Downloads 179

Authors: Homa Parmoon, Narges Hamzeh

Abstract:

Since today's urban spaces are disposed towards behavioral disorders and lack of security, both qualitative and quantitative aspects of security especially social and physical security are considered as basic necessities in urban planning. This research focused on the variable of place of living, examined social security in the old and new textures, and investigated the amount of residents’ social security in Shiraz including safety, financial, emotional and moral security. To this end, two neighborhoods in region 1 of Shiraz- Qasr-Al-Dasht (old texture) and Moalem (new texture)- were examined through a comparative study of 60 samples lived in two neighborhoods. Data were gathered through two-way ANOVA between the variables of residential context and internal and external security. This analysis represents the significance or insignificance of the model as well as the individual effects of each independent variable on the dependent variable. It was tested by ANCOVA and F-test. Research findings indicated place of living has a significant effect on families’ social security. The safety, financial, emotional, and moral security also represented a great impact on social security. As a result, it can be concluded that social security changes with the changing in place of living.

Keywords: social security, damaged area, two-way ANOVA, Shiraz

Procedia PDF Downloads 110

Authors: Ji Lian Yap

Abstract:

This paper will critically consider developments in 2014 in relation to the law relating to security over personal property in Hong Kong. The rules governing the registration of charges under the Hong Kong Companies Ordinance will be examined. Case law relating to personal property security will also be discussed. The transplantation of the floating charge into China’s Property Law will also be considered.

Keywords: personal property, security law, reform of the law, law

Procedia PDF Downloads 395

Authors: Elena A. Troubitsyna

Abstract:

Designers of modern safety-critical control systems are increasingly relying on networking to provide the systems with advanced functionality and satisfy customer’s needs. However, networking nature of modern control systems also brings new technological challenges associated with ensuring system safety in the presence of openness and hence, potential security threats. In this paper, we propose a methodology that relies on systems-theoretic analysis to enable an integrated analysis of safety and security requirements of controlling software. We demonstrate how to create a safety case – a structured argument about system safety – with explicit representation of both safety and security goals. Our approach provides the designers with a systematic approach to analysing safety and security interdependencies while designing safety-critical control systems.

Keywords: controlling software, integrated analysis, security, safety-security co-engineering

Procedia PDF Downloads 466

Authors: Da Eun Sung

Abstract:

In today’s world, cyber security has become an important international agenda. As the information age has arrived, the need for cyber defense against cyber attacks is mounting, and the significance of cyber cooperation in the international community is drawing attention. Through the course, international society has agreed that the institutionalization of international norms dealing with cyber space and cyber security is crucial ever. Nevertheless, the West, led by the United States of America, and 'the East', composed of Russia and China, have shown conflicting views on forming international norms and principles which would regulate and ward off the possible threats in cyber space. Thus, the international community hasn’t yet to reach an agreement on cyber security. In other words, the difference between both sides on the approach and understanding of principles, objects, and the definition has rendered such. Firstly, this dissertation will cover the Russia’s perception, strategy, and definition on cyber security through analyzing primary source. Then, it will delve into the two contrasting cyber security strategy between Russia and the US by comparing them. And in the conclusion, it will seek the possible solution for the cooperation in the field of cyber security. It is quite worthwhile to look into Russia’s views, which is the main counterpart to the US in this field, especially when the efforts to institutionalize cyber security by the US-led international community have met with their boundaries, and when the legitimacy of them have been challenged.

Keywords: cyber security, cyber security strategic, international relation in cyberspace, Russia

Procedia PDF Downloads 275

Authors: Kai Jin, Hua Li, Qing Song

Abstract:

Homeland security and border safety is an issue for any country. This paper takes the border security of US as an example to discuss the usage and efficiency of simulation tools in the homeland security application. In this study, available resources and different illegal infiltration parameters are defined, including their individual behavior and objective, in order to develop a model that describes border patrol system. A simulation model is created in Arena. This simulation model is used to study the dynamic activities in the border security. Possible factors that may affect the effectiveness of the border patrol system are proposed. Individual and factorial analysis of these factors is conducted and some suggestions are made.

Keywords: resource optimization, simulation, modeling, border security

Procedia PDF Downloads 485

Authors: Aditi Chauhan, Neethu S. Mohan

Abstract:

In the modern era, the advancement and digitalization in technology have taken place during an investigation of crime scene. The rapid enhancement and investigative techniques have changed the mean of identification of suspect. Identification of the person is one of the significant aspects, and personal authentication is the key of security and reliability in society. Since early 90 s, people have relied on comparing handwriting through its class and individual characteristics. But in today’s 21st century we need more reliable means to identify individual through handwriting. An approach employing computer modalities have lately proved itself auspicious enough in exploration of hieroglyphics substantial in investigating the case. Various software’s such as FISH, WRITEON, and PIKASO, CEDAR-FOX SYSTEM identify and verify the associated quantitative measure of the similarity between two samples. The research till date has been confined to identify the authorship of the concerned samples. But prospects associated with the use of computational modalities might help to identify disguised writing, forged handwriting or say altered or modified writing. Considering the applications of such modal, similar work is sure to attract plethora of research in immediate future. It has a promising role in national security too. Documents exchanged among terrorist can also be brought under the radar of surveillance, bringing forth their source of existence.

Keywords: documents, identity, computational system, suspect

Procedia PDF Downloads 151

Authors: Somayeh Sobati Moghadam

Abstract:

Business processes are crucial for organizations and help businesses to evaluate and optimize their performance and processes against current and future-state business goals. Outsourcing business processes to the cloud becomes popular due to a wide varsity of benefits and cost-saving. However, cloud outsourcing raises enterprise data security concerns, which must be incorporated in Business Process Model and Notation (BPMN). This paper, presents SeCloudBPMN, a lightweight extension for BPMN which extends the BPMN to explicitly support the security threats in the cloud as an outsourcing environment. SeCloudBPMN helps business’s security experts to outsource business processes to the cloud considering different threats from inside and outside the cloud. In this way, appropriate security countermeasures could be considered to preserve data security in business processes outsourcing to the cloud.

Keywords: BPMN, security threats, cloud computing, business processes outsourcing, privacy

Procedia PDF Downloads 241

Authors: Muneera Abdul Haleem Bukhari, Maryam I. Alshirawi, Elsayed S. Elkhamisi

Abstract:

This study aimed at understanding the relationship between psychological security and self-esteem among Adolescent with Mild Intellectual Disability, exploring the levels of psychological security and self-esteem, as well as determining the differences between genders in psychological security and self-esteem. The sample of the study contained (60) Adolescent with Mild Intellectual Disability, (34) males and (26) females who are enrolled in the Vocational and Social Rehabilitation Center and Hope Institute in the Kingdom of Bahrain. Their ages are between (15-23) years old. The Psychological Security Scale and self-Esteem Scale (prepared by James Battle) were used by the researcher. Results showed that levels of psychological security and self-esteem among Adolescents with Mild Intellectual Disability was above average; results also showed the order of the psychological security dimensions in the following manner (future outlook – mood - family security – social security) and the order of the dimensions of self-esteem in the following manner (social self-esteem – personal self-esteem – general self-esteem) among Adolescent with Mild Intellectual Disability; as for the differences between genders, the study showed that there was an increased level of psychological security among males. However, there was no difference in self-esteem between both sexes.

Keywords: psychological security, self-esteem, adolescent, intellectual disability, the Kingdom of Bahrain

Procedia PDF Downloads 359

Authors: Wiriranai Brilliant Masara

Abstract:

The African Peace and Security Architecture is widely celebrated and revered as a paragon of the will to address peace and security challenges in Africa. However, like any other institution, it is embedded with operational and institutional challenges that prevent it from effectively carrying out its mandate and turning goals into achieved results. The article examines the fundamental flaws and weaknesses of the African Peace and Security Architecture by focusing on its institutions, norms, instruments, and its relationship to Africa’s Regional Economic Communities. Therefore, the article reviews the flaws of the five elements of the African Peace and Security Architecture which are the Peace and Security Council, Panel of the Wise, Continental Early Warning System, African Standby Force, and Peace Fund.

Keywords: African Union, African Peace and Security Architecture, peace and security council, continental early warning system, African Standby Force, Panel of the Wise, Peace Fund

Procedia PDF Downloads 104

Authors: Dicky R. Munaf, Ayu Bulan Tisna

Abstract:

Competitive intelligence (business intelligence) is the process of observing the external environment which often conducted by many organizations to get the relevant information which will be used to create the organization policy, whereas, security intelligence is related to the function of the officers who have the duties to protect the country and its people from every criminal actions that might harm the national and individual security. Therefore, the intelligence dimension of maritime security is associated with all the intelligence activities including the subject and the object that connected to the maritime issues. The concept of intelligence business regarding the maritime security perspective is the efforts to protect the maritime security using the analysis of economic movements as the basic strategic plan. Clearly, a weak maritime security will cause high operational cost to all the economic activities which uses the sea as its media. Thus, it affects the competitiveness of a country compared to the other countries that are able to maintain the maritime law enforcement and secure their marine territory. So, the intelligence business within the security intelligence is important to conduct as the beginning process of the identification against the opponent strategy that might happen in the present or in the future. Thereby, the scenario of the potential impact of all the illegal maritime activities, as well as the strategy in preventing the opponent maneuver can be made.

Keywords: competitive intelligence, maritime security intelligence, intelligent systems, information technology

Procedia PDF Downloads 469

Authors: Zhiyong Shan, Preethi Santhanam, Vinod Namboodiri, Rajiv Bagai

Abstract:

In recent years, the emerging network worms and attacks have distributive characteristics, which can spread globally in a very short time. Security management crossing networks to co-defense network-wide attacks and improve the efficiency of security administration is urgently needed. We propose a hierarchical distributed network security management system (HD-NSMS), which can integrate security management across multiple networks. First, we describe the system in macrostructure and microstructure; then discuss three key problems when building HD-NSMS: device model, alert mechanism, and emergency response mechanism; lastly, we describe the implementation of HD-NSMS. The paper is valuable for implementing NSMS in that it derives from a practical network security management system (NSMS).

Keywords: network security management, device organization, emergency response, cross-network

Procedia PDF Downloads 133

Authors: Gabriel A. Orozco

Abstract:

The purpose of this article is to make an approach to the Security Studies, exposing their theories and concepts to understand the role that have had in the interpretation of the changes and continuities of the world order and their impact on policies or decision-making facing the problems of the 21st century. The aim is to build a bridge between the security studies as a subfield and the meaning that has been given to the world order. The idea of epistemic communities serves as a methodological proposal about the different programs of research in security studies, showing their influence in the realities of States, intergovernmental organizations and transnational forces, moving to implement, perpetuate and project a vision of the world order.

Keywords: security studies, epistemic communities, international, relations

Procedia PDF Downloads 242

Authors: Emma K. Sales

Abstract:

Durian is the flagship fruit of Mindanao and there is an abundance of several cultivars with many confusing identities/ names. The project was conducted to develop procedure for reliable and rapid detection and sorting of durian planting materials. Moreover, it is also aimed to establish specific genetic or DNA markers for routine testing and authentication of durian cultivars in question. The project developed molecular procedures for routine testing. SSR primers were also screened and identified for their utility in discriminating durian cultivars collected. Results of the study showed the following accomplishments; 1. Twenty (29) SSR primers were selected and identified based on their ability to discriminate durian cultivars, 2. Optimized and established standard procedure for identification and authentication of Durian cultivars 3. Genetic profile of durian is now available at Biotech Unit. Our results demonstrate the relevance of using molecular techniques in evaluating and identifying durian clones. The most polymorphic primers tested in this study could be useful tools for detecting variation even at the early stage of the plant especially for commercial purposes. The process developed combines the efficiency of the microsatellites development process with the optimization of non-radioactive detection process resulting in a user-friendly protocol that can be performed in two (2) weeks and easily incorporated into laboratories about to start microsatellite development projects. This can be of great importance to extend microsatellite analyses to other crop species where minimal genetic information is currently available. With this, the University can now be a service laboratory for routine testing and authentication of durian clones.

Keywords: DNA, SSR analysis, genotype, genetic diversity, cultivars

Procedia PDF Downloads 426

Authors: Kevin Krupski

Abstract:

Private Military Security Companies have grown to become a major force contributor to nations in military operations. Scholars have debated the implications of this in relation to control and efficiency related to the privatization of violence, but there has been little discussion on how these companies affect the profession of arms. Specifically, this paper seeks to address how the privatization of violence influences the military’s stewardship, whether private military security companies are capable of stewardship of the military profession, and whether there are aspects of stewardship of the military profession that private military security companies are capable of emulating. This paper reviews literature on stewardship, the relationship of the military to the state, and private military security companies in order to identify overlap between uniformed military services and the private sector. Then, it offers a typology for determining under what conditions an organization would act as a steward. Ultimately, there are insufficient reasons for private military security companies to act as stewards of the profession of arms.

Keywords: stewardship, military profession, civil-military, security

Procedia PDF Downloads 220

Authors: Arash Heydarian Pashakhanlou

Abstract:

The security dilemma is one of the key concepts in International Relations (IR), and the numerous engagements with it have created a great deal of confusion regarding its essence. That is why this article seeks to dissect the security dilemma and rebuild it from its foundational core. In doing so, the present study highlights that the security dilemma requires interaction among actors that seek to protect themselves from other's capacity for harm under the condition of uncertainty to operate. In this constellation, actors are confronted with the dilemma of motives, power, and action, which they seek to resolve by acquiring information regarding their opponents. The relationship between the parties is shaped by the harm-uncertainty index (HUI) consisting of geographical distance, MAD, and joint democracy that determines the intensity of the security dilemma. These elements define the unified theory of the security dilemma (UTSD) developed here. UTSD challenges the prevailing view that the security dilemma is a unidimensional paradoxical concept, regulated by the offense-defense balance and differentiation that only occurs in anarchic settings with tragic outcomes and is equivalent to the spiral model.

Keywords: security dilemma, revisionism, status quo, anarchy, uncertainty, tragedy, spiral, deterrence

Procedia PDF Downloads 202

Authors: Omid Khodabakhshi, Amir Rozdel

Abstract:

The subject of cloud computing security research has allocated a number of challenges and competitions because the data center is comprised of complex private information and are always faced various risks of information disclosure by hacker attacks or internal enemies. Accordingly, the security of virtual machines in the cloud computing infrastructure layer is very important. So far, there are many software solutions to develop security in virtual machines. But using software alone is not enough to solve security problems. The purpose of this article is to examine the challenges and security requirements for accessing and storing data in an insecure cloud environment. In other words, in this article, a structure is proposed for the implementation of highly isolated security-sensitive codes using secure computing hardware in virtual environments. It also allows remote code validation with inputs and outputs. We provide these security features even in situations where the BIOS, the operating system, and even the super-supervisor are infected. To achieve these goals, we will use the hardware support provided by the new Intel and AMD processors, as well as the TPM security chip. In conclusion, the use of these technologies ultimately creates a root of dynamic trust and reduces TCB to security-sensitive codes.

Keywords: code, cloud computing, security, virtual machines

Procedia PDF Downloads 161

Authors: Rossouw De Bruin, Sebastiaan H. Von Solms

Abstract:

The state of national security is an evolving concern. Companies, organizations, governments, states and individuals are aware of the security of their information and their assets however, they may not always be aware of the risks present. These risks are not only limited to non-existence of security procedures. Existing security can be severely flawed, especially if there is non-conformance towards policies, practices and procedures. When looking at humanitarian actions, we can easily identify these flaws. Unfortunately, humanitarian aid has to compete with factors from within the states, countries and continents they are working in. Furthermore, as technology improves, so does our connectivity to the internet and the way in which we use the internet. However, there are times when security is overlooked and humanitarian agencies are some of the agencies that do not always take security into consideration. The purpose of this paper will be to introduce the importance of cybersecurity and cybersecurity governance with respect to humanitarian work. We will also introduce and briefly discuss a model that can be used by humanitarian agencies to assess, manage and maintain their cybersecurity efforts.

Keywords: humanities, cybersecurity, cybersecurity governance, maturity, cybersecurity maturity, maturity model

Procedia PDF Downloads 234

Authors: Malaw Ndiaye, Karim Konate

Abstract:

Smart contracts are computer protocols that facilitate, verify, and execute the negotiation or execution of a contract, or that render a contractual term unnecessary. Blockchain and smart contracts can be used to facilitate almost any financial transaction. Thanks to these smart contracts, the settlement of dividends and coupons could be automated. Smart contracts have become lucrative and profitable targets for attackers because they can hold a great amount of money. Smart contracts, although widely used in blockchain technology, are far from perfect due to security concerns. Since there are recent studies on smart contract security, none of them systematically study the strengths and weaknesses of smart contract security. Some have focused on an analysis of program-related vulnerabilities by providing a taxonomy of vulnerabilities. Other studies are responsible for listing the series of attacks linked to smart contracts. Although a series of attacks are listed, there is a lack of discussions and proposals on improving security. This survey takes stock of smart contract security from a more comprehensive perspective by correlating the level of vulnerability and systematic review of security levels in smart contracts.

Keywords: blockchain, Bitcoin, smart contract, criminal smart contract, security

Procedia PDF Downloads 136

Authors: Serkan Tezgel

Abstract:

The two qualities of the sea, as a medium of transportation and as a resource, necessitate maritime security for economic stability and good order at sea. The borderless nature of the sea makes it one of the best platforms to contribute to regional peace and international order. For this reason, the establishment of maritime security in East Mediterranean will enhance the security-peace-democracy triangle in the region. This paper proposes the application of the Smart Security Concept in the East Mediterranean. Smart Security aims to secure critical infrastructure, such as hydrocarbon platforms, against asymmetrical threats. The concept is based on Anti Asymmetrical Area Denial (A3D) which necessitates limiting freedom of action of maritime terrorists and piracy by founding safe and secure maritime areas through sea lines of communication using short range capabilities. Smart Security is a regional maritime cooperation concept for the narrow seas. Cooperation and interoperability are essential attributes of this regional security concept. Therefore, multinational excellence centers such as Multinational Maritime Security Center of Excellence-Aksaz in Turkey, which will determine necessary capabilities and plan/coordinate workshops, training and exercises, are bound to be the principal characteristic of Smart Security concept and similar regional concepts. Smart Security, a crucial enabler of energy and regional security, can provide an enduring approach for operating in the challenging environment of narrow seas and for countering asymmetrical threats.

Keywords: security, cooperation, asymmetrical, area denial

Procedia PDF Downloads 777

Authors: Lakshmidevi Sreeramareddy, Komalpreet Kaur, Nane Pothier

Abstract:

Graphical-based passwords have existed for decades. Their major advantage is that they are easier to remember than an alphanumeric password. However, their disadvantage (especially recognition-based passwords) is the smaller password space, making them more vulnerable to brute force attacks. Graphical passwords are also highly susceptible to the shoulder-surfing effect. The gesture-based password method that we developed is a grid-free, template-free method. In this study, we evaluated the gesture-based passwords for usability and vulnerability. The results of the study are significant. We developed a gesture-based password application for data collection. Two modes of data collection were used: Creation mode and Replication mode. In creation mode (Session 1), users were asked to create six different passwords and reenter each password five times. In replication mode, users saw a password image created by some other user for a fixed duration of time. Three different duration timers, such as 5 seconds (Session 2), 10 seconds (Session 3), and 15 seconds (Session 4), were used to mimic the shoulder-surfing attack. After the timer expired, the password image was removed, and users were asked to replicate the password. There were 74, 57, 50, and 44 users participated in Session 1, Session 2, Session 3, and Session 4 respectfully. In this study, the machine learning algorithms have been applied to determine whether the person is a genuine user or an imposter based on the password entered. Five different machine learning algorithms were deployed to compare the performance in user authentication: namely, Decision Trees, Linear Discriminant Analysis, Naive Bayes Classifier, Support Vector Machines (SVMs) with Gaussian Radial Basis Kernel function, and K-Nearest Neighbor. Gesture-based password features vary from one entry to the next. It is difficult to distinguish between a creator and an intruder for authentication. For each password entered by the user, four features were extracted: password score, password length, password speed, and password size. All four features were normalized before being fed to a classifier. Three different classifiers were trained using data from all four sessions. Classifiers A, B, and C were trained and tested using data from the password creation session and the password replication with a timer of 5 seconds, 10 seconds, and 15 seconds, respectively. The classification accuracies for Classifier A using five ML algorithms are 72.5%, 71.3%, 71.9%, 74.4%, and 72.9%, respectively. The classification accuracies for Classifier B using five ML algorithms are 69.7%, 67.9%, 70.2%, 73.8%, and 71.2%, respectively. The classification accuracies for Classifier C using five ML algorithms are 68.1%, 64.9%, 68.4%, 71.5%, and 69.8%, respectively. SVMs with Gaussian Radial Basis Kernel outperform other ML algorithms for gesture-based password authentication. Results confirm that the shorter the duration of the shoulder-surfing attack, the higher the authentication accuracy. In conclusion, behavioral features extracted from the gesture-based passwords lead to less vulnerable user authentication.

Keywords: authentication, gesture-based passwords, machine learning algorithms, shoulder-surfing attacks, usability

Procedia PDF Downloads 78

Authors: Rasheed Gbenga Jimoh, Akinbowale Nathaniel Babatunde

Abstract:

The use of Automated Teller Machine (ATM) has become an important tool among commercial banks, customers of banks have come to depend on and trust the ATM conveniently meet their banking needs. Although the overwhelming advantages of ATM cannot be over-emphasized, its alarming fraud rate has become a bottleneck in it’s full adoption in Nigeria. This study examined the menace of ATM in the society another cost of running ATM services by banks in the country. The researcher developed a prototype of an enhanced Automated Teller Machine Authentication using Short Message Service (SMS) Verification. The developed prototype was tested by Ten (10) respondents who are users of ATM cards in the country and the data collected was analyzed using Statistical Package for Social Science (SPSS). Based on the results of the analysis, it is being envisaged that the developed prototype will go a long way in reducing the alarming rate of ATM fraud in Nigeria.

Keywords: ATM, ATM fraud, e-banking, prototyping

Procedia PDF Downloads 279

Authors: N. Nalini, Bhanu Prakash Gopularam

Abstract:

The term data security refers to the degree of resistance or protection given to information from unintended or unauthorized access. The core principles of information security are the confidentiality, integrity and availability, also referred as CIA triad. Cloud computing services are classified as SaaS, IaaS and PaaS services. With cloud adoption the confidential enterprise data are moved from organization premises to untrusted public network and due to this the attack surface has increased manifold. Several cloud computing platforms like OpenStack, Eucalyptus, Amazon EC2 offer users to build and configure public, hybrid and private clouds. While the traditional encryption based on PKI infrastructure still works in cloud scenario, the management of public-private keys and trust certificates is difficult. The Identity based Public Key Cryptography (also referred as ID-PKC) overcomes this problem by using publicly identifiable information for generating the keys and works well with decentralized systems. The users can exchange information securely without having to manage any trust information. Another advantage is that access control (role based access control policy) information can be embedded into data unlike in PKI where it is handled by separate component or system. In OpenStack cloud platform the keystone service acts as identity service for authentication and authorization and has support for public key infrastructure for auto services. In this paper, we explain OpenStack security architecture and evaluate the PKI infrastructure piece for data confidentiality. We provide method to integrate ID-PKC schemes for securing data while in transit and stored and explain the key measures for safe guarding data against security attacks. The proposed approach uses JPBC crypto library for key-pair generation based on IEEE P1636.3 standard and secure communication to other cloud services.

Keywords: data confidentiality, identity based cryptography, secure communication, open stack key stone, token scoping

Procedia PDF Downloads 348

Authors: Andrew John Zeller, Francis Pouatcha

Abstract:

Working according to the DevOps principle has gained in popularity over the past decade. While its extension DevSecOps started to include elements of cybersecurity, most real-life projects do not focus risk and security until the later phases of a project as teams are often more familiar with engineering and infrastructure services. To help bridge the gap between security and engineering, this paper will take six building blocks of cybersecurity and apply them to the DevOps approach. After giving a brief overview of the stages in the DevOps lifecycle, the main part discusses to what extent six cybersecurity blocks can be utilized in various stages of the lifecycle. The paper concludes with an outlook on how to stay up to date in the dynamic world of cybersecurity.

Keywords: information security, data security, cybersecurity, devOps, IT management

Procedia PDF Downloads 70

Authors: Wen Shyong Hsieh, Chih Hsueh Lin

Abstract:

In this paper, we combine the concepts of chameleon hash function (CHF) and identification based cryptography (IBC) to build a message authentication environment for VANET under sparse RSUs. Based on the CHF, TA keeps two common secrets that will be embedded to all identities to be as the evidence of mutual trusting. TA will issue one original identity to every RSU and vehicle. An identity contains one public ID and one private key. The public ID, includes three components: pseudonym, random key, and public key, is used to present one entity and can be verified to be a legal one. The private key is used to claim the ownership of the public ID. Based on the concept of IBC, without any negotiating process, a CHF pairing key multiplied by one private key and other’s public key will be used for mutually trusting and to be utilized as the session key of secure communicating between RSUs and vehicles. To help the vehicles to do message authenticating, the RSUs are assigned to response the vehicle’s temple identity request using two short time secretes that are broadcasted by TA. To light the loading of request information, one day is divided into M time slots. At every time slot, TA will broadcast two short time secretes to all valid RSUs for that time slot. Any RSU can response the temple identity request from legal vehicles. With the collected announcement of public IDs from the neighbor vehicles, a vehicle can set up its neighboring set, which includes the information about the neighbor vehicle’s temple public ID and temple CHF pairing key that can be derived by the private key and neighbor’s public key and will be used to do message authenticating or secure communicating without the help of RSU.

Keywords: Internet of Vehicles (IOV), Vehicular Ad-hoc Networks (VANETs), Chameleon Hash Function (CHF), message authentication

Procedia PDF Downloads 359

Authors: H. P. Kerry

Abstract:

Drone technology has become a significant discourse in a nation’s national security, while this technology could constitute a danger to national security on the one hand, on the other hand, it is used in developed and developing countries for border security, and in some cases, for protection of security agents and migrants. In the case of Nigeria, drones are used by the military to monitor and tighten security around the borders. However, terrorist groups have devised a means to utilize the technology to their advantage. Therefore, the potential danger in the widespread proliferation of this technology has become a myriad of risks. The research on the effects of cross-border use of drones in Nigerian national security looks at the negative and positive consequences of using drone technology. The study employs the use of interviews and relevant documents to obtain data while the study applied the Just War theory to justify the reason why countries use force; it further buttresses the points with what the realist theory thinks about the use of force. In conclusion, the paper recommends that the Nigerian government through the National Assembly should pass a bill for the establishment of a law that will guide the use of armed and unarmed drones in Nigeria enforced by the Nigeria Civil Aviation Authority and the office of the National Security Adviser.

Keywords: armed drones, drones, cross-border, national security

Procedia PDF Downloads 131

Authors: Endang Jati Mat Sahid, Hussain Ali Bekhet

Abstract:

Robust economic growth, increasing population, and personal consumption are the main drivers for the rapid increase of energy demand in Malaysia. Increasing demand has compounded the issue of national energy security due to over-dependence on fossil fuel, depleting indigenous domestic conventional energy resources which in turns has increased the country’s energy import dependence. In order to improve its energy security, Malaysia has seriously embarked on a renewable energy journey. Many initiatives on renewable energy have been introduced in the past decade. These strategies have resulted in the exploding growth of renewable energy deployment in Malaysia. Therefore, this study investigated the impact of renewable energy deployment on energy security. Secondary data was used to calculate the energy security indicators. The study also compared the results of applying different energy security indicators namely availability, applicability, affordability and acceptability dimension of energy resources. The evaluation shows that Malaysia will experience slight improvement in availability and acceptability dimension of energy security. This study suggests that energy security level could be further enhanced by efficient utilization of energy, reducing carbon content of energy and facilitating low-carbon industries.

Keywords: energy policy, energy security, Malaysia, renewable energy

Procedia PDF Downloads 208

Authors: Dainius Genys, Vylius Leonavicius, Ricardas Krikstolaitis

Abstract:

Energy security problems in Lithuania are analyzed on a regular basis; however, there is no comprehensive research on the very issue of the concept of public energy security. There is a lack of attention not only to social determinants of perception of energy security, but also a lack of a deeper analysis of the public opinion. This article aims to research the Lithuanian public perception of energy security. Complex tasks were set during the sociological study. Survey questionnaire consisted of different sets of questions: view of energy security (risk perception, political orientation, and energy security; comprehensiveness and energy security); view of energy risks and threats (perception of energy safety factors; individual dependence and burden; disobedience and risk); view of the activity of responsible institutions (energy policy assessment; confidence in institutions and energy security), demographic issues. In this article, we will focus on two aspects: a) We will analyze public opinion on the most important aspects of energy security and social factors influencing them; The hypothesis is made that public perception of energy security is related to value orientations: b) We will analyze how public opinion on energy policy executed by the government and confidence in the government are intertwined with the concept of energy security. Data of the survey, conducted on May 10-19 and June 7-17, 2013, when Seimas and the government consisted of the coalition dominated by Social Democrats with Labor, Order and Justice Parties and the Electoral Action of Poles, were used in this article. It is important to note that the survey was conducted prior to Russia’s occupation of the Crimea.

Keywords: energy security, public opinion, risk, energy threat, energy security policy

Procedia PDF Downloads 475

Authors: Jayaprakash Kar, Daniyal M. Alghazzawi

Abstract:

The article proposes a novel construction of signcryption scheme with provable security which is most suited to implement on smart card. It is secure in random oracle model and the security relies on Decisional Bilinear Diffie-Hellmann Problem. The proposed scheme is secure against adaptive chosen ciphertext attack (indistiguishbility) and adaptive chosen message attack (unforgebility). Also, it is inspired by zero-knowledge proof. The two most important security goals for smart card are Confidentiality and authenticity. These functions are performed in one logical step in low computational cost.

Keywords: random oracle, provable security, unforgebility, smart card

Procedia PDF Downloads 567