Search results for: security audit

Authors: Jong-Won Lee

Abstract:

Since Cloud environment has appeared as the most powerful keyword in the computing industry, the growth in VDI (Virtual Desktop Infrastructure) became remarkable in domestic market. In recent years, with the trend that mobile devices such as smartphones and pads spread so rapidly, the strengths of VDI that allows people to access and perform business on the move along with companies' office needs expedite more rapid spread of VDI. However, although this enhanced accessibility and mobility can bring the enhanced productivity, it sometimes conflicts with the security, so there should be more detailed security solution, which is user authentication. In this paper, mobile OTP (One-Time Password) authentication method is proposed to secure mobile device portability through rapid and secure authentication using mobile devices such as mobile phones or pads, which does not require additional purchase or possession of OTP tokens of users. However, in order to use the service continuously and reliably in the cloud environment, both service provider and user have to prepare for security awareness and security threats, and continuously study the conflicting aspect between the improving user convenience and the security and supplement so that cloud service can provide opportunities to develop as a new growth industry in the future and create a new market in IT industry.

Keywords: cloud, OTP, mobility, security, authentication

Procedia PDF Downloads 327

Authors: Razuana Rahim, Abdul Aziz Abdul Raman

Abstract:

In this work, a study was conducted to evaluate the feasibility of using Cleaner Production (CP) strategy to reduce carbon dioxide emission (CO2) in a plant that produces Otoshimi. CP strategy is meant to reduce CO2 emission while taking into consideration the economic aspect. For this purpose, a CP audit was conducted and the information obtained were analyzed and major contributors of CO2 emission inside the boundary of the production plant was identified. Electricity, water and fuel consumption and generation of solid waste and wastewater were identified as the main contributors. Total CO2 emission generated was 0.27 kg CO2 per kg of Otoshimi produced, where 68% was contributed by electricity consumption. Subsequently, a total of three CP options were generated and implementations of these options are expected to reduce the CO2 emission from electricity consumption to 0.16 kg CO2 per kg of Otoshimi produced, a reduction of about 14%. The study proves that CP strategy can be implemented even without any investment to reduce CO2 for a plant that produces Otoshimi.

Keywords: carbon dioxide emission, cleaner production audit, cleaner production options, otoshimi production

Procedia PDF Downloads 390

Authors: Amirhossein Safi

Abstract:

Internet of things (IOT) is a kind of advanced information technology which has drawn societies’ attention. Sensors and stimulators are usually recognized as smart devices of our environment. Simultaneously, IOT security brings up new issues. Internet connection and possibility of interaction with smart devices cause those devices to involve more in human life. Therefore, safety is a fundamental requirement in designing IOT. IOT has three remarkable features: overall perception, reliable transmission, and intelligent processing. Because of IOT span, security of conveying data is an essential factor for system security. Hybrid encryption technique is a new model that can be used in IOT. This type of encryption generates strong security and low computation. In this paper, we have proposed a hybrid encryption algorithm which has been conducted in order to reduce safety risks and enhancing encryption's speed and less computational complexity. The purpose of this hybrid algorithm is information integrity, confidentiality, non-repudiation in data exchange for IOT. Eventually, the suggested encryption algorithm has been simulated by MATLAB software, and its speed and safety efficiency were evaluated in comparison with conventional encryption algorithm.

Keywords: internet of things, security, hybrid algorithm, privacy

Procedia PDF Downloads 426

Authors: Sewe Silvanus Odhiambo

Abstract:

Globally, many governments have publicly recognized private security firms as essential services providers. The private security firms face a lot of challenges, but the COVID-19 situation also has exacerbated them to another level. This paper locates its relevance in the post-coronavirus era. The COVID-19 pandemic has redefined the world operation, which shows a higher impact on the security field. Accordingly, the purpose of the study was to examine the role of corporate governance on the performance of private security firms in a post-covid pandemic era in Kenya. The study employed a descriptive research design, which included a quantitative approach and secondary data. The study was carried in the month of July 2021 from the registered private security firms. After targeting all private security firms, only 54 firms had disclosed their annual report by the time of conducting the study. The results depicted that pandemic has affected the performance of private security firms measures unfavorably. Further, boards of directors show a positive association with security firm performance. The study recommends that there is need board of directors to enhance management’s risk assessments in the midst of COVID-19; ensure that there are business continuity plans; there is organizational resilience; there is need for the development of new digital strategies; enabling the digital workforce in the firms and have effective communication plans with both internal and external stakeholders to deal with uncertainties and develop more post-COVID practices for boards of directors to improve performance of private security firms in Kenya. The practical implications of the study are that the research outcomes might assist regulatory bodies, investors, policymakers, and the security sector in general in their formulation of public and corporate governance strategies concerning future emergency preparedness and responses. This study also provides a unique contribution to the literature of COVID-19 and security firm performance in emerging economies context.

Keywords: COVID-19, corporate governance, firm performance, private security firms

Procedia PDF Downloads 129

Authors: Mamta Thakur, Dr. Shashi Mawar, Ms. Levis Murry, Dr. D.k.sharma

Abstract:

Aim: The aim of this study is to develop nephrology nursing procedure protocol after clinical audit of current nephrology nursing practices. Materials and methods: This descriptive observational study was conducted on 40 nurses who were working in Nephrology Department of AIIMS, New Delhi to observe their current practices to assess the existing gaps in the practice. The nurses were enrolled through total enumerative sampling. Sociodemographic profile of nurses and clinical profile for site of procedure was collected. Observation checklist was formed on the basis of standard nursing practices, which included 7 dimensions for hemodialysis procedure and 3 dimensions for procedure of assisting renal biopsy. Based on the gaps identified, nephrology nursing procedure protocol will be developed. Nurses were observed during two shifts, and each nurse was observed once. Scoring of items were done in each dimension, and for acceptable practices, nurses have to score ≥80% in each dimension. Results: Data was analyzed using descriptive statistics. Majority of nurses (73.7%) in nephrology ward and (80.9%) in hemodialysis unit have not undergone any special training in nephrology. Most of nurses (80.9%) followed the acceptable nursing practices for procedure of connection for hemodialysis. None of nurses followed the acceptable level (≥80%) of nursing practices for the procedure of predialysis assessment, the procedure for site preparation, during dialysis assessment and post dialysis assessment. None (100%) showed the acceptable level of nursing practices for all the dimensions of assisting renal biopsy procedure. Nephrology nursing procedure protocol was developed by researcher following a rigorous process, and this will reduce the gaps in the nursing practice. Conclusion: Clinical audit found that there were gaps in the existing nursing practices compared to the standardised nursing practices for procedure of hemodialysis and assisting renal biopsy, and these gaps have been addressed by the development of the protocol.

Keywords: nursing practice, nephrology nursing procedure, nursing protocol, renal biopsy, hemodialysis

Procedia PDF Downloads 63

Authors: Norshima Humaidi, Saif Hussein Abdallah Alghazo

Abstract:

Cybersecurity threat have become a serious issue recently, and one of the cause is because human error, which is usually constituted by carelessness, ignorance, and failure to practice cybersecurity behaviour adequately. Using a data from a quantitative survey, Partial Least Squares-Structural Equation Modelling (PLS-SEM) analysis was used to determine the factors that affect cybersecurity protective behaviour (CPB). This study adapts cybersecurity protective behaviour model by focusing on two constructs that can enhance CPB: manager’s information security competencies (MISI) and procedural information security countermeasure (PCM) awareness. Theory of leadership competencies were adapted to measure user’s perception towards competencies among security managers/leader in the organization. Confirmatory factor analysis (CFA) testing shows that all the measurement items of each constructs were adequate in their validity individually based on their factor loading value. Moreover, each constructs are valid based on their parameter estimates and statistical significance. The quantitative research findings show that PCM awareness strongly influences CPB compared to MISI. Meanwhile, MISI was significantlyPCM awarenss. This study believes that the research findings can contribute to human behaviour in IS studies and are particularly beneficial to policy makers in improving organizations’ strategic plans in information security, especially in this new era. Most organizations spend time and resources to provide and establish strategic plans of information security; however, if employees are not willing to comply and practice information security behaviour appropriately, then these efforts are in vain.

Keywords: cybersecurity, protection behaviour, information security, information security competencies, countermeasure awareness

Procedia PDF Downloads 62

Authors: Lethola Tshikose, Munyaradzi Katurura

Abstract:

Information and Communication Technology (ICT) plays a critical role in improving daily healthcare processes. The South African healthcare organizations have adopted Information Systems to integrate their patient records. This has made it much easier for healthcare organizations because patient information can now be accessible at any time. The primary purpose of this research study was to investigate the best practices that can be applied to enhance patient security and confidentiality when using e-health systems in South Africa. Security and confidentiality are critical in healthcare organizations as they ensure safety in EHRs. The research study used an inductive research approach that included a thorough literature review; therefore, no data was collected. The research paper’s scope included patient data and possible security threats associated with healthcare systems. According to the study, South African healthcare organizations discovered various patient data security and confidentiality issues. The study also revealed that when it comes to handling patient data, health professionals sometimes make mistakes. Some may not be computer literate, which posed issues and caused data to be tempered with. The research paper recommends that healthcare organizations ensure that security measures are adequately supported and promoted by their IT department. This will ensure that adequate resources are distributed to keep patient data secure and confidential. Healthcare organizations must correctly use standards set up by IT specialists to solve patient data security and confidentiality issues. Healthcare organizations must make sure that their organizational structures are adaptable to improve security and confidentiality.

Keywords: E-health, EHR, security, confidentiality, healthcare

Procedia PDF Downloads 23

Authors: Dhananjay Singh, M. Abdullah-Al-Wadud

Abstract:

The Internet of Things is a concept of a large scale ecosystem of wireless actuators. The actuators are defined as things in the IoT, those which contribute or produces some data to the ecosystem. However, ubiquitous data collection, data security, privacy preserving, large volume data processing, and intelligent analytics are some of the key challenges into the IoT technologies. In order to solve the security requirements, challenges and threats in the IoT, we have discussed a message authentication mechanism for IoT applications. Finally, we have discussed data encryption mechanism for messages authentication before propagating into IoT networks.

Keywords: Internet of Things (IoT), message authentication, privacy, security

Procedia PDF Downloads 339

Authors: Arvind Dhingra, Tejinder Singh Saggu

Abstract:

As the energy demands rise and the pollution levels grow, it becomes imperative for us to save energy in all the fields in which it is used. The industrial sector is the major commercial energy consuming sector in India, where electrical energy is the most common and widely used type of energy. As the demand and price of energy are increasing day by day, therefore, the subject of energy conservation is a concern for most energy users particularly industry. Judicious use of energy becomes imperative for third world developing country being presence of energy crisis. This paper provides some measure for energy saving that can be commonly recommended for a rolling unit of steel industry. A case of hot rolling unit in JSL Stainless Ltd., Hisar for energy conservation is given. Overall improvement in energy consumption in light of the stated recommendation is illustrated along with the proposed utilization of the techniques and their applications. Energy conservation in conventional motor with replacement or use of star delta star converter, reduction in cable losses, replacement of filament of LED lamps, replacement of conventional transformer with cast resin dry type transformer and provision of energy management system for energy conservation and per unit production cost reduction are elaborated in this paper.

Keywords: energy audit, energy conservation, energy efficient motors

Procedia PDF Downloads 491

Authors: Khalid Javed, Rashid Mahmood

Abstract:

The constitution empowers the Federal Government to collect taxes on income other than agricultural income, taxes on capital value, customs, excise duties and sales taxes. The Central Board of Revenue (CBR) and its subordinate departments administer the tax system. Each of the three principal taxes has a different history and different set of issues. For a large number of income tax payers the core of the business process is pre-audit and assessment by a tax official. This process gives considerable discretion to tax officials, with potential for abuse. Moreover, this process is also not tenable as the number of taxpayers increase. The report is focused on a total overhaul of the process and organization of income tax. Sales tax is recent and its process and organization is adjusted to the needs of an expanding tax base. These are based on self-assessment and selective audit. Similarly, in customs the accent is on accelerating and broadening the changes begun in recent years. Before long, central excise will be subsumed in sales tax. During the nineties, despite many changes in the tax regime and introduction of withholding and presumptive taxes, Federal Government tax to GDP ratio has varied narrowly around eleven percent. The tax base has grown but still remains narrow and skewed. The number of income tax filers is around one million.

Keywords: central board of revenue, GDP, sale tax, income tax

Procedia PDF Downloads 399

Authors: Maleh Yassine, Ezzati Abdellah

Abstract:

Wireless Sensor Networks (WSNs) are currently used in different industrial and consumer applications, such as earth monitoring, health related applications, natural disaster prevention, and many other areas. Security is one of the major aspects of wireless sensor networks due to the resource limitations of sensor nodes. However, these networks are facing several threats that affect their functioning and their life. In this paper we present security attacks in wireless sensor networks, and we focus on a review and analysis of the recent Intrusion Detection schemes in WSNs.

Keywords: wireless sensor networks, security attack, denial of service, IDS, cluster-based model, signature based IDS, hybrid IDS

Procedia PDF Downloads 340

Authors: Victor Au, Khin Maung Than, Zaw Win Aung, Linawati Jumat

Abstract:

Background & Objectives: Cardiac arrests can occur anywhere or anytime, and most of the cases will be brought to the emergency department except the cases that happened in at in-patient setting. Raja IsteriPangiran Anak Saleha (RIPAS) Hospital is the only tertiary government hospital which located in Brunei Muara district and received all referral from other Brunei districts. Data of cardiac arrests in Brunei Darussalam scattered between Emergency Medical Ambulance Services (EMAS), Emergency Department (ED), general inpatient wards, and Intensive Care Unit (ICU). In this audit, we only focused on cardiac arrest cases which had happened or presented to the emergency department RIPAS Hospital. Theobjectives of this audit were to look at demographic of cardiac arrest cases and the survival to discharge rate of In-Hospital Cardiac Arrest (IHCA) and Out-Hospital Cardiac Arrest (OHCA). Methodology: This audit retrospective study was conducted on all cardiac arrest cases that underwent Cardiopulmonary Resuscitation (CPR) in ED RIPAS Hospital, Brunei Muara, in the year 2019-2020. All cardiac arrest cases that happened or were brought in to emergency department were included. All the relevant data were retrieved from ED visit registry book and electronic medical record “Bru-HIMS” with keyword diagnosis of “cardiac arrest”. Data were analyzed and tabulated using Excel software. Result: 313 cardiac arrests were recorded in the emergency department in year 2019-2020. 92% cases were categorized as OHCA, and the remaining 8% as IHCA. Majority of the cases were male with age between 50-60 years old. In OHCA subgroup, only 12.4% received bystander CPR, and 0.4% received Automatic External Defibrillator (AED) before emergency medical personnel arrived. Initial shockable rhythm in IHCA group accounted for 12% compare to 4.9% in OHCA group. Outcome of ED resuscitation, 32% of IHCA group achieved return of spontaneous circulation (ROSC) with a survival to discharge rate was 16%. For OHCA group, 12.35% achieved ROSC, but unfortunately, none of them survive till discharge. Conclusion: Standardized registry for cardiac arrest in the emergency department is required to provide valid baseline data to measure the quality and outcome of cardiac arrest. Zero survival rate for out hospital cardiac arrest is very concerning, and it might represent the significant breach in cardiac arrest chains of survival. Systematic prospective data collection is needed to identify contributing factors and to improve resuscitation outcome.

Keywords: cardiac arrest, OHCA, IHCA, resuscitation, emergency department

Procedia PDF Downloads 55

Authors: Carlos Gonzalez, Neil Slatcher, Marcus Properzi, Kan Seah

Abstract:

In many underground mining operations, shotcrete is used for permanent rock support. Shotcrete thickness is a critical measure of the success of this process. 3D Laser Mapping, in conjunction with Jetcrete, has developed a 3D laser scanning system specifically for measuring the thickness of shotcrete. The system is mounted on the shotcrete spraying machine and measures the rock faces before and after spraying. The calculated difference between the two 3D surface models is measured as the thickness of the sprayed concrete. Typical work patterns for the shotcrete process required a rapid and automatic system. The scanning takes place immediately before and after the application of the shotcrete so no convergence takes place in the interval between scans. Automatic alignment of scans without targets was implemented which allows for the possibility of movement of the spraying machine between scans. Case studies are presented where accuracy tests are undertaken and automatic audit reports are calculated. The use of 3D imaging data for the calculation of shotcrete thickness is an important tool for geotechnical engineers and contract managers, and this could become the new state-of-the-art methodology for the mining industry.

Keywords: 3D imaging, shotcrete, surface model, tunnel stability

Procedia PDF Downloads 265

Authors: Chalee Thammarat

Abstract:

Mobile phones are equipped with increased short-range communication functionality called Near Field Communication (or NFC for short). NFC needs no pairing between devices but suitable for little amounts of data in a very restricted area. A number of researchers presented authentication techniques for NFC communications, however, they still lack necessary authentication, particularly mutual authentication and security qualifications. This paper suggests a new authentication protocol for NFC communication that gives mutual authentication between devices. The mutual authentication is a one of property, of security that protects replay and man-in-the-middle (MitM) attack. The proposed protocols deploy a limited-use offline session key generation and use of distribution technique to increase security and make our protocol lightweight. There are four sub-protocols: NFCAuthv1 is suitable for identification and access control and NFCAuthv2 is suitable for the NFC-enhanced phone by a POS terminal for digital and physical goods and services.

Keywords: cryptographic protocols, NFC, near field communications, security protocols, mutual authentication, network security

Procedia PDF Downloads 397

Authors: Helyeh Doutaghi

Abstract:

The United Nations Security Council (UNSC) is one of the six principal organs of the United Nations. Under the Charter of the United Nations (UN Charter), the UNSC’s primary responsibility is maintaining international peace and security, which it does through establishing and adopting a Security Council resolution. United Nations resolutions are formal expressions of the opinion or will of United Nations organs. However, there have been times when powerful politicians (or governments with great political power) had the first say in situations where the UNSC should have had jurisdiction based on the principle of rule of law, which is the notion that people are governed by the law rather than by officials. This paper will assess the effectiveness of the UNSC by analyzing its actions during the Iran-Iraq war for it has been found that one of the major reasons for the prolongation of the war was a result of the one-sided positions taken by the UNSC and many nations. The UNSC’s success in achieving its primary goal during the war will be discussed, including an examination of the duties and structure of the UNSC by reviewing the articles in the UN Charter; this will include examples of the UNSC’s role in other international disputes as well.

Keywords: UN Security Council, Iran, Iraq, charter, international law

Procedia PDF Downloads 420

Authors: Ghazwan Al-Haji, Adeyemi Adedokun

Abstract:

Traffic safety at intersections is highly represented, given the fact that accidents occur randomly in time and space. It is necessary to judge whether the intersection is dangerous or not based on short-term observations, and not waiting for many years of assessing historical accident data. There are active and pro-active road infrastructure safety methods for assessing safety at intersections. This study aims to investigate the use of quantitative and qualitative pre-observational methods as the best practice for accident prediction, future black spot identification, and treatment. Historical accident data from STRADA (the Swedish Traffic Accident Data Acquisition) was used within Norrkoping city in Sweden. The ADT (Average Daily Traffic), capacity and speed were used to predict accident rates. Locations with the highest accident records and predicted accident counts were identified and hence audited qualitatively by using Street Audit. The results from these quantitative and qualitative methods were analyzed, validated and compared. The paper provides recommendations on the used methods as well as on how to reduce the accident occurrence at the chosen intersections.

Keywords: intersections, traffic conflict, traffic safety, street audit, accidents predictions

Procedia PDF Downloads 190

Authors: Asmau Zarma Gogaram

Abstract:

The paper examines adult education and how it can be employed as a strategy for transformation and security challenges in Nigeria. It defines the meaning of adult education and its objectives.The issue of the necessity of employing adult education as a strategy for transformation and security challenges was also examined in the paper.In doing this it discussed the different types of adult education programmes, i.e.continuing education, literacy education, retirement and pre-retirement education and civic education. The paper concluded by stating that if the programmes stated are internalizes and applied they can help to raise awareness. Finally the paper proffered some recommendations one of which was that government should at all levels increase their efforts or promoting acquisition of adult education.

Keywords: adult education, transformation and security challenges, Nigeria, education and human development

Procedia PDF Downloads 479

Authors: Rabih Nehme, Abdullah Al Mutawa

Abstract:

The general goal behind this research is to gain a better understanding of factors leading to dysfunctional behavior of auditors. Recent accounting scandals -Enron, Waste Management Inc., WorldCom, Xerox Corporation, etc. -provided an ample proof of how the role of auditors has become the basis of controversial debates in many circles and instances in our modern time. The majority of lawsuits and accounting scandals seem to have a central topic in focus, namely the question ''Where were the auditors? The survey we offer up for research is made up of 34 questions that are designed to analyse the perception of auditors and the cause of dysfunctional behavior. The object of this research is comprised of auditors positioned and employed at the Big Four audit firms in Kuwait. Dysfunctional behavior (DB) is measured against two signal proxies of dysfunctional behavior; premature sign-off and under reporting of chargeable time. DB is analysed against time budget pressure and time deadline pressure. The research results' suggest that the general belief among auditors is that the profession of accountancy predetermines their tendency to commit certain patterns of dysfunctional behavior. Having our investigation conducted at the Big Four audit firms, we have come to the conclusion that there is a general difference in behavior patterns among perceptions of dysfunctional behavior and normal skeptic professional behavior.

Keywords: big four, dysfunctional behavior, time budget, time deadline

Procedia PDF Downloads 429

Authors: Sipumle Qapeshu, Bongiwe Mcata, Ajuruchukwu Obi

Abstract:

Subsistence farmers practice farming for survival while commercial farmers produce to feed themselves and larger society with the motive to achieve highest profit. These types of farmers are characterised by growing what they eat, live without making regular purchases in the markets. The main objective of subsistence/peasant farmers is to ensure food security at household level. Cabbage is a crop that has been identified to have vital food nutrient sources like Vitamin A, B and C, protein, calcium, iron and antioxidative compounds beneficial for preventing cancer. This paper, therefore, looks at the potential that cabbage production has in enhancing household food security and also the challenges encountered by these cabbage producers. Primary data was obtained from 50 respondents, and linear regression model was used to analyse the data used. Income was used as food security measure. The results showed that three variables were statistically significant and they are gender (10%), education (5%) and household size (5%). Meaning that these are variables that influenced cabbage production by these households, and it also affects their food security status since income is affected.

Keywords: subsistence farmers, food security, cabbage, farming

Procedia PDF Downloads 264

Authors: Hayley Lawrence, Nabi Shah, Sarah Dyer

Abstract:

Aims: Lumbar punctures are a common bedside procedure performed in acute medicine. Published guidance exists on the standardised documentation of invasive procedures in order to reduce the risk of complications. The audit aim was to assess current standards of documentation in accordance with both the GMC and the National Standards for Invasive Procedures guidelines. A second cycle was conducted after introducing a standardised sticker created using current guidelines. This would assess whether the sticker improved documentation, aiming for 100% standard in each step of the procedure. Methods: An initial prospective audit of current practice was conducted over a 3-month period. Patients were identified by their presenting complaints and by colleagues assessing acute medical patients. Initial findings were presented locally, and a further prospective audit was conducted following the implementation of a standardised sticker. Results: 19 lumbar punctures were included in the first cycle and 13 procedures in the second. Pre-procedure documentation was collected for each cycle, whereby documentation of ‘Indication’ improved from 5.3% to 84.6%, ‘Consent’ from 84.2% to 100%, ‘Coagulopathy’ from 0% to 61.5%, ‘Drug Chart checked’ from 0% to 100%, ‘Position of patient’ from 26.3% to 100% and use of ‘Aseptic Technique’ from 83.3% to 100% from the first to the second cycle respectively. ‘Level of Doctor’ and ‘Supervision’ decreased from 53% to 31% and 53% to 46%, respectively, in the second cycle. Documentation of the procedure itself also demonstrated improvements, with ‘Level of Insertion’ 15.8% to 100%, ‘Name of Antiseptic Used’ 11.1% to 69.2%, ‘Local Anaesthetic Used’ 26.3% to 53.8%, ‘Needle Gauge’ 42.1% to 76.9%, ‘Number of Attempts’ 78.9% to 100% and ‘Traumatic/Atraumatic’ procedure 26.3% to 92.3%, respectively. A similar number of opening pressures were documented in each cycle at 57.9% and 53.8%, respectively, but its documentation was deemed ‘Not Applicable’ in a higher number of patients in the second cycle. Post-procedure documentation improved, with ‘Number of Samples obtained’ increasing from 52.6% to 92.3% and documentation of ‘Immediate Complications’ increasing from 78.9% to 100%. ‘Dressing Applied’ was poorly documented in the first cycle at 16.7%. This was not included on the standardised sticker, resulting in 0% documentation in the second cycle. Documentation of Clinicians’ Name and Bleep reduced from 63.2% to 15.4%, but when the name only was analysed, this increased to 84.6%. Conclusions: Standardised stickers for lumbar punctures do improve documentation and hence should result in improved patient safety. There is still room for improvement to reach 100% standard in each area, especially with respect to the clinician’s name and contact details being documented. Final adjustments will be made to the sticker before being included in a lumbar puncture kit, which will be made readily available in the acute medical wards. Future audits could be extended to include other common bedside procedures performed in acute medicine to ensure documentation of all these procedures reaches 100% standard.

Keywords: invasive procedure, lumbar puncture, medical record keeping, procedure checklist, procedure documentation, standardised documentation

Procedia PDF Downloads 55

Authors: Yunyong Guo, Man Wang, Bryan Guo, Nathan Guo

Abstract:

This paper introduces an advanced security and privacy model tailored for Telehealth systems, emphasizing end-to-end protection across IoT, Fog, and Cloud components. The proposed model integrates encryption, key management, intrusion detection, and privacy-preserving measures to safeguard patient data. A comprehensive simulation study evaluates the model's effectiveness in scenarios such as unauthorized access, physical breaches, and insider threats. Results indicate notable success in detecting and mitigating threats yet underscore areas for refinement. The study contributes insights into the intricate balance between security and usability in Telehealth environments, setting the stage for continued advancements.

Keywords: cloud, enhancing security, fog, IoT, telehealth

Procedia PDF Downloads 33

Authors: Michel Berthiaume, Daniel Chamberland-Tremblay, Elaine Paiva Mosconi, Jérôme Blanchet-Brisson

Abstract:

This presentation documents the overall failure of North-American universities to build an effective IT Policies communication with their primary users: the students. A sample of 12 universities was selected. A set of indicators based on usability principles to assess the content of IT Policies vas devised. Then, IT Policies were rated according to the indicators and the results analyzed to build an overall picture of the potential of communication problems in policy communication. The initial finding is that network security professionals in Universities have to reach a delicate balance between asset protection, asset valorization and user security awareness.

Keywords: computer security, IT policy, security awareness, network user rules

Procedia PDF Downloads 528

Authors: Erdianta S, Chastiti M. Wulolo, IDK Kerta Widana

Abstract:

Perang Semesta strategy is a national security system used by Republic of Indonesia. It comes from local wisdom, cultural, and hereditary of Indonesia itself. This system involves all people and all nation resources, and it is early prepared by government and conducted totality, integratedly, directly, and continously to enforce a sovereignty of country, teritorial integrity and the safety of the whole nation from threats. This study uses a qualitative content analysis method by studying, recording, and analyzing government policy. The Perang Semesta strategy divided into main, backup, and supporting components. Every component has its function and responsibility in security perspective. So when an attack comes, all people of Indonesia will voluntary to defend the country. Perang Semesta strategy is a national security system which becomes the most reliable strategy toward geography and demography of Indonesia.

Keywords: Indonesia, Perang Semesta strategy, national security, local wisdom

Procedia PDF Downloads 416

Authors: Debalina Ghoshal

Abstract:

Nuclear security is the ‘prevention and detection of, and response to unauthorised removal, sabotage, unauthorised access, illegal transfer or other malicious acts involving nuclear or radiological material or their associated facilities.’ Ever since the end of Cold War, nuclear materials security has remained a concern for global security. However, with the increase in terrorist attacks not just in India especially, security of nuclear materials remains a priority. Therefore, India has made continued efforts to tighten its security on nuclear materials to prevent nuclear theft and radiological terrorism. Nuclear security is different from nuclear safety. Physical security is also a serious concern and India had been careful of the physical security of its nuclear materials. This is more so important since India is expanding its nuclear power capability to generate electricity for economic development. As India targets 60,000 MW of electricity production by 2030, it has a range of reactors to help it achieve its goal. These include indigenous Pressurised Heavy Water Reactors, now standardized at 700 MW per reactor Light Water Reactors, and the indigenous Fast Breeder Reactors that can generate more fuel for the future and enable the country to utilise its abundant thorium resource. Nuclear materials security can be enhanced through two important ways. One is through proliferation resistant technologies and diplomatic efforts to take non proliferation initiatives. The other is by developing technical means to prevent any leakage in nuclear materials in the hands of asymmetric organisations. New Delhi has already implemented IAEA Safeguards on their civilian nuclear installations. Moreover, the IAEA Additional Protocol has also been ratified by India in order to enhance its transparency of nuclear material and strengthen nuclear security. India is a party to the IAEA Conventions on Nuclear Safety and Security, and in particular the 1980 Convention on the Physical Protection of Nuclear Material and its amendment in 2005, Code of Conduct in Safety and Security of Radioactive Sources, 2006 which enables the country to provide for the highest international standards on nuclear and radiological safety and security. India's nuclear security approach is driven by five key components: Governance, Nuclear Security Practice and Culture, Institutions, Technology and International Cooperation. However, there is still scope for further improvements to strengthen nuclear materials and nuclear security. The NTI Report, ‘India’s improvement reflects its first contribution to the IAEA Nuclear Security Fund etc. in the future, India’s nuclear materials security conditions could be further improved by strengthening its laws and regulations for security and control of materials, particularly for control and accounting of materials, mitigating the insider threat, and for the physical security of materials during transport. India’s nuclear materials security conditions also remain adversely affected due to its continued increase in its quantities of nuclear material, and high levels of corruption among public officials.’ This paper would study briefly the progress made by India in nuclear and nuclear material security and the step ahead for India to further strengthen this.

Keywords: India, nuclear security, nuclear materials, non proliferation

Procedia PDF Downloads 318

Authors: Ying Zhu

Abstract:

Recent years have witnessed a boom of foreign investments in the field of artificial intelligence (AI). Foreign investments provide critical capital for AI development but also trigger national security concerns of host states. A notable example is an increasing number of cases in which the Committee on Foreign Investment in the United States (CFIUS) has denied Chinese acquisitions of US technology companies on national security grounds. On July 19, 2018, the Congress has reached a deal on the final draft of a new provision to strengthen CFIUS’s authority to review overseas transactions involving sensitive US technology. The question is: how to reconcile the emerging tension between, on the one hand, foreign AI investors’ expectations of a predictable investment environment, and on the other hand, host states’ regulatory power on national security? This paper provides a methodology to reconcile this tension under international investment law. Based on an examination, the national security exception clauses in international investment treaties and the application of national security justification in investor-state arbitration jurisprudence, the paper argues that a traditional interpretation of the national security exception, based on the necessity concept in customary international law, fails to take into account new risks faced by countries, including security concerns over strategic industries such as AI. To overcome this shortage, the paper proposes to incorporate an integrated national security clause in international investment treaties, which includes a two-tier test: a ‘self-judging’ test in the pre-establishment period and a ‘proportionality’ test in the post-establishment period. At the end, the paper drafts a model national security clause for future treaty-drafting practice.

Keywords: foreign investment, artificial intelligence, international investment law, national security exception

Procedia PDF Downloads 121

Authors: Mardiyansyah Mardiyansyah, Hendrik Maulana, Eka Kurnia Sari, Imam Baehaki, Mohammad Agus Prihandono

Abstract:

Mobile device has become a key feature in Indonesian society and the economy, including government and private sector. Enterprises and government agencies already have a concern about mobile device security. However, small and medium enterprises (SME) do not have that sense yet, especially the new startups company. Indonesia has several laws, regulations, and standards for managing security in mobile devices. Currently, Indonesian information security policies have not been harmonized, each government organization and large enterprise has its own rules and policies. It leads to a conflict of interest among government agencies. This will certainly cause ineffectiveness in the implementation of policies. Therefore, an analysis of various government policies, regulations, and standards related to information security, especially on mobile devices, is carried out. This analysis is conducted to map the existing regulatory policies and standards into practical guidelines regarding NIST's information security to show the effectiveness of NIST SP 1800-4 towards existing policies. This work focused on the mapping of the NIST SP 1800-4 framework towards existing regulations, standards, and guidelines in Indonesia. The research approach is literature study to identify existing regulations, standards, and guidelines then the regulation mapped into the NIST SP 1800-4 framework and analyzed whether the framework could be applied to the organization in Indonesia. Finally, the finding and recommendations by documenting the security characteristics can be concluded. Based on the research finding, some of the regulations, standards, and guidelines in Indonesia are relevant to the elements in the NIST SP 1800-4 framework. From mapping analysis, the strength and weakness of mobile device security in Indonesia can be reported. It also can be concluded that the application of NIST SP 1800-4 can improve the effectiveness of mobile device security policies in Indonesia.

Keywords: mobile security, mobile security framework, NIST SP 1800-4, regulations

Procedia PDF Downloads 120

Authors: Hesham A. El Zouka, Mustafa M. Hosni ka

Abstract:

The Radio Frequency Identification (RFID) technology has a diverse base of applications, but it is also prone to security threats. There are different types of security attacks that limit the range of the RFID applications. For example, deploying the RFID networks in insecure environments could make the RFID system vulnerable to many types of attacks such as spoofing attack, location traceability attack, physical attack and many more. Therefore, security is often an important requirement for RFID systems. In this paper, RFID mutual authentication protocol is implemented based on mobile agent technology and timestamp, which are used to provide strong authentication and integrity assurances to both the RFID readers and their corresponding RFID tags. The integration of mobile agent technology and timestamp provides promising results towards achieving this goal and towards reducing the security threats in RFID systems.

Keywords: RFID, security, authentication protocols, privacy, agent-based architecture, time-stamp, digital signature

Procedia PDF Downloads 224

Authors: Petar Kurecic, Josipa Penic

Abstract:

The paper represents a product of mentor-graduate student cooperation, developed at the graduate study of Business Economics, major Tourism. The analysis was made through the anonymous questionnaire filled by the respondents from Croatia. Following the latest threatening events and having in mind those yet to come, it can be concluded that no country can benefit from the tourism industry if at the same time does not develop its security system as an integral part of the standard tourist offer. Analyzing the trends in contemporary tourism, the safety and security issues became the decisive factors for the choice of a certain destination. Consequently, countries must not perceive security systems and measures as an unnecessary expense but as an essential element in organizing their tourist services. All hotels and respectable tourist agencies should have a crisis management, with detailed, thoroughly elaborated procedures for emergency situations. Tourists should be timely informed about the potential dangers and risks and the measures taken to prevent them, as well as on procedures for emergency situations. Additionally, it would be good to have mobile applications that would enable tourists to make direct emergency calls with instructions on behavior in crisis situations. It is also essential to implement and put into effect sophisticated security measures such as using surveillance cameras, controlling access to buildings, information exchange with colleagues and neighbors, reporting the suspicious occurrences to the security services, and training staff for crisis management. The security issue is definitely one of the crucial factors in the development of tourism in a certain country.

Keywords: security, security measures in tourism, tourism, tourist destinations

Procedia PDF Downloads 246

Authors: Mireille Elhajj, Washington Ochieng, Deeph Chana

Abstract:

The challenges of the rapid growth in the demand for transport has traditionally been seen within the context of the problems of congestion, air quality, climate change, safety, and affordability. However, there are increasing threats including those related to crime such as cyber-attacks that threaten the security of the transport of people and goods. To the best of the authors’ knowledge, this paper presents for the first time, a comprehensive framework for the assessment of the current and future security issues of multi-modal transport systems. The approach or method proposed is based on a structured framework starting with a detailed specification of the transport asset map (transport system architecture), followed by the identification of vulnerabilities. The asset map and vulnerabilities are used to identify the various approaches for exploitation of the vulnerabilities, leading to the creation of a set of threat scenarios. The threat scenarios are then transformed into risks and their categories, and include insights for their mitigation. The consideration of the mitigation space is holistic and includes the formulation of appropriate policies and tactics and/or technical interventions. The quality of the framework is ensured through a structured and logical process that identifies the stakeholders, reviews the relevant documents including policies and identifies gaps, incorporates targeted surveys to augment the reviews, and uses subject matter experts for validation. The approach to categorising security risks is an extension of the current methods that are typically employed. Specifically, the partitioning of risks into either physical or cyber categories is too limited for developing mitigation policies and tactics/interventions for transport systems where an interplay between physical and cyber processes is very often the norm. This interplay is rapidly taking on increasing significance for security as the emergence of cyber-physical technologies, are shaping the future of all transport modes. Examples include: Connected Autonomous Vehicles (CAVs) in road transport; the European Rail Traffic Management System (ERTMS) in rail transport; Automatic Identification System (AIS) in maritime transport; advanced Communications, Navigation and Surveillance (CNS) technologies in air transport; and the Internet of Things (IoT). The framework adopts a risk categorisation scheme that considers risks as falling within the following threat→impact relationships: Physical→Physical, Cyber→Cyber, Cyber→Physical, and Physical→Cyber). Thus the framework enables a more complete risk picture to be developed for today’s transport systems and, more importantly, is readily extendable to account for emerging trends in the sector that will define future transport systems. The framework facilitates the audit and retro-fitting of mitigations in current transport operations and the analysis of security management options for the next generation of Transport enabling strategic aspirations such as systems with security-by-design and co-design of safety and security to be achieved. An initial application of the framework to transport systems has shown that intra-modal consideration of security measures is sub-optimal and that a holistic and multi-modal approach that also addresses the intersections/transition points of such networks is required as their vulnerability is high. This is in-line with traveler-centric transport service provision, widely accepted as the future of mobility services. In summary, a risk-based framework is proposed for use by the stakeholders to comprehensively and holistically assess the security of transport systems. It requires a detailed understanding of the transport architecture to enable a detailed vulnerabilities analysis to be undertaken, creates threat scenarios and transforms them into risks which form the basis for the formulation of interventions.

Keywords: mitigations, risk, transport, security, vulnerabilities

Procedia PDF Downloads 130

Authors: Sara Ibn El Ahrache, Tajje-eddine Rachidi, Hassan Badir, Abderrahmane Sbihi

Abstract:

Recently, there has been increasing confidence for a favorable usage of big data drawn out from the huge amount of information deposited in a cloud computing system. Data kept on such systems can be retrieved through the network at the user’s convenience. However, the data that users send include private information, and therefore, information leakage from these data is now a major social problem. The usage of secret sharing schemes for cloud computing have lately been approved to be relevant in which users deal out their data to several servers. Notably, in a (k,n) threshold scheme, data security is assured if and only if all through the whole life of the secret the opponent cannot compromise more than k of the n servers. In fact, a number of secret sharing algorithms have been suggested to deal with these security issues. In this paper, we present a Mapreduce implementation of Shamir’s secret sharing scheme to increase its performance and to achieve optimal security for cloud data. Different tests were run and through it has been demonstrated the contributions of the proposed approach. These contributions are quite considerable in terms of both security and performance.

Keywords: cloud computing, data security, Mapreduce, Shamir's secret sharing

Procedia PDF Downloads 275