Search results for: security cost evaluation

Authors: Ahmadu Girgiri, Lawan Gana Ali, Mamman M. Baba

Abstract:

Environmental security clearly articulates the perfections and developments of various communities around the world irrespective of the region, culture, religion or social inclination. Although, the present state of insecurity has become serious issue devastating the peace, unity, stability and progress of man and his physical environment particularly in developing countries. Recently, measure of security and it management in Nigeria has been a bottle-neck to the effectiveness and advancement of various sectors that include; business, education, social relations, politics and above all an economy. Several measures have been considered on mitigating environment insecurity such as surveillance, demarcation, security personnel empowerment and the likes, but still the issue remains disturbing. In this paper, we present the application of new technology that contributes to the improvement of security surveillance known as “Wireless Sensor Network (WSN)”. The system is new, smart and emerging technology that provides monitoring, detection and aggregation of information using sensor nodes and wireless network. WSN detects, monitors and stores information or activities in the deployed area such as schools, environment, business centers, public squares, industries, and outskirts and transmit to end users. This will reduce the cost of security funding and eases security surveillance depending on the nature and the requirement of the deployment.

Keywords: application, environment, insecurity, sensor, wireless sensor network

Procedia PDF Downloads 217

Authors: Babatunde Akeem Lawal

Abstract:

In any organization, the primary aim is to maximize profit, but the major challenges facing them is the increase in cost of operation because of this there is increase in cost of production that could lead to inevitable cost control and cost reduction scheme which make it difficult for most organizations to operate at the cost efficient frontier. The study aims to critically examine and evaluate the application of cost control and cost reduction in organization performance and also to review budget as an effective tool of cost control and cost reduction. A descriptive survey research was adopted. A total number of 40 respondent retrieved were used for the study. The analysis of data collected was undertaken by applying appropriate statistical tools. Regression analysis was used to test the hypothesis with the use of SPSS. Based on the findings; it was evident that cost control has a positive impact on organizational performance and also the style of management has a positive impact on organizational performance.

Keywords: organization, cost reduction, cost control, performance, budget, profit

Procedia PDF Downloads 556

Authors: S. Haque, M. Kanapathy, E. Bollen, I. Younis, A. Mosahebi

Abstract:

Background: Implant loss due to infection is the most devastating complication of implant-based breast reconstruction. The use of negative pressure wound therapy with instillation (NPWTi) for salvage of infected implant-based breast reconstructions has shown promising results to allow early reinsertion of a new implant as an alternative to current management of delayed reinsertion. This study compares the cost implication of NPWTi against current management of delayed reinsertion of infected breast implants. Methods: 20 cases of an infected breast implant treated with NPWTi (V.A.C. VERAFLO™ Therapy) followed by early re-insertion of a new implant were compared with 20 cases who had delayed reinsertion (non-NPWTi). Average cost per person was calculated using total operative expenses, cost of inpatient stay, cost of investigations, cost of antibiotics, and cost of outpatient visits. Results: Treatment with NPWTi allowed for earlier re-insertion of a new implant (NPWTi: 9.04 ± 2.92 days vs. non-NPWTi: 236.25 ± 123.89 days). The average cost per patient for NPWTi and non-NPWTi was £14,343.13 ± £2,786.70 and £8,920.31 ± £3,005.73 respectively. All patients treated with NPWTi had one admission and spent 11.9 ± 4.1days as an inpatient while non-NPWTi patients had 2.1 ± 0.3 admissions with total length of inpatient stay of 7.1 ± 5.8days. Patients treated with NPWTi had more surgeries (NPWTi: 3.35 ± 0.81 vs. non-NPWTi: 2.2 ± 0.41), however 3 non-NPWTi cases required flap reconstruction. Patients treated with NPWTi had fewer total outpatient visits (NPWTi: 12 ± 6 vs. non-NPWTi: 14.2 ± 6.3). Conclusion: Patients treated with NPWTi incurred higher average cost per patient, longer inpatient stay, and more procedures; however, had early re-insertion of new implants and fewer admissions and outpatient visits. A further study on patient-reported outcome is essential to compare cost against patient benefit.

Keywords: breast reconstruction, cost evaluation, infection, negative pressure wound therapy

Procedia PDF Downloads 93

Authors: Jafaru Ibrahim, Tonga Agadi Danladi, Haruna Sani

Abstract:

Many telecommunications industry are looking for new ways to maximize their investment in communication networks while ensuring reliable and secure information transmission. There is a variety of communications medium solutions, the two must popularly in used are wireless technology and wired options, such as copper and fiber-optic cable. Wired network has proven its potential in the olden days but nowadays wireless communication has emerged as a robust and most intellect and preferred communication technique. Each of these types of communication medium has their advantages and disadvantages according to its technological characteristics. Wired and wireless networking has different hardware requirements, ranges, mobility, reliability and benefits. The aim of the paper is to compare both the Wired and Wireless medium on the basis of various parameters such as usability, cost, efficiency, flexibility, coverage, reliability, mobility, speed, security etc.

Keywords: cost, mobility, reliability, speed, security, wired, wireless

Procedia PDF Downloads 439

Authors: Rebecca Zahra, Joseph G. Vella, Ernest Cachia

Abstract:

The notion of cloud computing is rapidly gaining ground in the IT industry and is appealing mostly due to making computing more adaptable and expedient whilst diminishing the total cost of ownership. This paper focuses on the software as a service (SaaS) architecture of cloud computing which is used for the outsourcing of databases with their associated business processes. One approach for offering SaaS is basing the system’s architecture on multi-tenancy. Multi-tenancy allows multiple tenants (users) to make use of the same single application instance. Their requests and configurations might then differ according to specific requirements met through tenant customisation through the software. Despite the known advantages, companies still feel uneasy to opt for the multi-tenancy with data security being a principle concern. The fact that multiple tenants, possibly competitors, would have their data located on the same server process and share the same database tables heighten the fear of unauthorised access. Security is a vital aspect which needs to be considered by application developers, database administrators, data owners and end users. This is further complicated in cloud-based multi-tenant system where boundaries must be established between tenants and additional access control models must be in place to prevent unauthorised cross-tenant access to data. Moreover, when altering the database state, the transactions need to strictly adhere to the tenant’s known business processes. This paper focuses on the fact that security in cloud databases should not be considered as an isolated issue. Rather it should be included in the initial phases of the database design and monitored continuously throughout the whole development process. This paper aims to identify a number of the most common security risks and threats specifically in the area of multi-tenant cloud systems. Issues and bottlenecks relating to security risks in cloud databases are surveyed. Some techniques which might be utilised to overcome them are then listed and evaluated. After a description and evaluation of the main security threats, this paper produces a list of software requirements to ensure that proper security policies are implemented by a software development team when designing and implementing a multi-tenant based SaaS. This would then assist the cloud service providers to define, implement, and manage security policies as per tenant customisation requirements whilst assuring security for the customers’ data.

Keywords: cloud computing, data management, multi-tenancy, requirements, security

Procedia PDF Downloads 127

Authors: Pil Seong Park

Abstract:

Homemade HPC clusters are widely used in many small labs, because they are easy to build and cost-effective. Even though incremental growth is an advantage of clusters, it results in heterogeneous systems anyhow. Instead of adding new nodes to the cluster, we can extend clusters to include some other Internet servers working independently on the same LAN, so that we can make use of their idle times, especially during the night. However extension across a firewall raises some security problems with NFS. In this paper, we propose a method to solve such a problem using SSH tunneling, and suggest a modified structure of the cluster that implements it.

Keywords: extension of HPC clusters, security, NFS, SSH tunneling

Procedia PDF Downloads 394

Authors: Vishnu Pratap Singh Kirar

Abstract:

In the cloud computing hierarchy IaaS is the lowest layer, all other layers are built over it. Thus it is the most important layer of cloud and requisite more importance. Along with advantages IaaS faces some serious security related issue. Mainly Security focuses on Integrity, confidentiality and availability. Cloud computing facilitate to share the resources inside as well as outside of the cloud. On the other hand, cloud still not in the state to provide surety to 100% data security. Cloud provider must ensure that end user/client get a Quality of Service. In this report we describe possible aspects of cloud related security.

Keywords: cloud computing, cloud networking, IaaS, PaaS, SaaS, cloud security

Procedia PDF Downloads 499

Authors: Safiyya A. Abba, Shehu U. R. Aliyu

Abstract:

This paper deals with Islamic social security: a discourse explores the meaning and nature of Islamic social security system. The paper reviews the social security framework and operations during the early period. The paper further identifies the instruments of Islamic social security discusses its principles and objectives. The paper discovers that Islamic social security is a personification of a comprehensive welfare approach in view of its varied instruments that are deeply rooted in the Islamic law, unique principles and realistic and achievable objectives. Furthermore, the Islamic social security system has far reaching socioeconomic implications; social justice, cohesion, equity, a catalyst for poverty eradication, income redistribution, economic growth and development.

Keywords: Islamic social security, basic needs, zakat, socioeconomic justice, equity

Procedia PDF Downloads 403

Authors: Shannon Hearney, Jeffrey Hoch

Abstract:

While all cancers are costly to treat, pancreatic cancer is a notoriously costly and deadly form of cancer. Across the world there are a variety of treatment centers ranging from small clinics to large, high-volume hospitals as well as differing structures of payment and access. It has been noted that centers that treat a high volume of pancreatic cancer patients have higher quality of care, it is unclear if that care is cost-effective. In the US there is no clear consensus on the cost-effectiveness of high-volume centers for the surgical care of pancreatic cancer. Other European countries, like Finland and Italy have shown that high-volume centers have lower mortality rates and can have lower costs, there however, is still a gap in knowledge about these centers cost-effectiveness globally. This paper seeks to review the current literature in Europe and the US to gain a better understanding of the state of high-volume pancreatic surgical centers cost-effectiveness while considering the contextual differences in health system structure. A review of major reference databases such as Medline, Embase and PubMed will be conducted for cost-effectiveness studies on the surgical treatment of pancreatic cancer at high-volume centers. Possible MeSH terms to be included, but not limited to, are: “pancreatic cancer”, “cost analysis”, “cost-effectiveness”, “economic evaluation”, “pancreatic neoplasms”, “surgical”, “Europe” “socialized medicine”, “privatized medicine”, “for-profit”, and “high-volume”. Studies must also have been available in the English language. This review will encompass European scientific literature, as well as those in the US. Based on our preliminary findings, we anticipate high-volume hospitals to provide better care at greater costs. We anticipate that high-volume hospitals may be cost-effective in different contexts depending on the national structure of a healthcare system. Countries with more centralized and socialized healthcare may yield results that are more cost-effective. High-volume centers may differ in their cost-effectiveness of the surgical care of pancreatic cancer internationally especially when comparing those in the United States to others throughout Europe.

Keywords: cost-effectiveness analysis, economic evaluation, pancreatic cancer, scientific literature review

Procedia PDF Downloads 64

Authors: Siti Nur Izati Azmi, Zatil Afifah Omar, Kathi Swaran, Navin Kumar

Abstract:

Organophilic Clays, also known as Organoclays, is used as a viscosifier in Oil based Drilling fluids. Most often, Organophilic clay are produced from modified Sodium and Calcium based Bentonite. Many studies and data show that Organophilic Clay using Hectorite based clays provide the best yield and good fluid loss properties in an oil-based drilling fluid at a higher cost. In terms of the manufacturing process, the two common methods of manufacturing organophilic clays are a Wet Process and a Dry Process. Wet process is known to produce better performance product at a higher cost while Dry Process shorten the production time. Hence, the purpose of this study is to evaluate the various formulation of an organophilic clay and its performance vs. the cost, as well as to determine the most efficient and cost-effective method of manufacturing organophilic clays.

Keywords: organophilic clay, viscosifier, wet process, dry process

Procedia PDF Downloads 198

Authors: Yang Yu, Jian Wang, Jiqiang Liu, Lei Han, Xudong He, Shaohua Lv

Abstract:

As the increasing network attacks become more and more complex, network situation assessment based on log analysis cannot meet the requirements to ensure network security because of the low quality of logs and alerts. This paper addresses the lack of consideration of security attributes of hosts and attacks in the network. Identity and effectiveness of Distributed Denial of Service (DDoS) are hard to be proved in risk assessment based on alerts and flow matching. This paper proposes a multi-dimension threat situation assessment method based on network security attributes. First, the paper offers an improved Common Vulnerability Scoring System (CVSS) calculation, which includes confident risk, integrity risk, availability risk and a weighted risk. Second, the paper introduces deterioration rate of properties collected by sensors in hosts and network, which aimed at assessing the time and level of DDoS attacks. Third, the paper introduces distribution of asset value in security attributes considering features of attacks and network, which aimed at assessing and show the whole situation. Experiments demonstrate that the approach reflects effectiveness and level of DDoS attacks, and the result can show the primary threat in network and security requirement of network. Through comparison and analysis, the method reflects more in security requirement and security risk situation than traditional methods based on alert and flow analyzing.

Keywords: DDoS evaluation, improved CVSS, network security attribute, threat situation assessment

Procedia PDF Downloads 183

Authors: Amanuel Hadera Gebreyesus

Abstract:

In the literature, the study of tenure and food security has largely involved separate lines of inquiry. In effect, the nexus among these has received little attention; and the underinvestment in research related to the relationship between tenure and food security deters generation of tenure-related knowledge and policy guidance for improving food and nutrition security. Drawing from this motivation, we study the relationship among tenure security, agricultural diversity and food security and dietary diversity. We employ IV approaches to examine the effect of tenure security and agricultural diversity on food security and dietary diversity. We find tenure security is inversely related with food insecurity as shown by its negative association with hunger scale, hunger index and hunger category. On the other hand, results suggest that tenure security improves minimum dietary diversity of women while we find no association with child dietary diversity. Moreover, agricultural diversity is positively related with minimum dietary diversity of women, which may point to higher accessibility and consumption of dietary food groups by women. Also, findings suggest that farmers use their human (knowledge and skills) and resource (land) endowments to improve food security and dietary diversity. An implication from this is the importance of not only improving access to land but also long-term tenure security to promote agricultural diversity, food security and dietary diversity.

Keywords: tenure security, food security, agricultural diversity, dietary diversity, women

Procedia PDF Downloads 162

Authors: Majid Azarniush, Soroush Mokallaei

Abstract:

Although robust security software, including anti-viruses, anti spy wares, anti-spam and firewalls, are amalgamated with new technologies such as Safe Zone, Hybrid Cloud, Sand Box etc., and it can be said that they have managed to prepare highest level of security against viruses, spy wares and other malwares in 2012, but in fact hackers' attacks to websites are increasingly becoming more and more complicated. Because of security matters and developments, it can be said that it was expected to happen so. Here in this work, we try to point out to some functional and vital notes to enhance security on the web enabling the user to browse safely in no limit web world and to use virtual space securely.

Keywords: firewalls, security, web services, software

Procedia PDF Downloads 454

Authors: Remzi Saltoglu, Nazmia Humaira, Gokhan Inalhan

Abstract:

During aircraft maintenance scheduling, operator calculates the budget of the maintenance. Usually, this calculation includes only the costs that are directly related to the maintenance process such as cost of labor, material, and equipment. In some cases, overhead cost is also included. However, in some of those, downtime cost is neglected claiming that grounding is a natural fact of maintenance; therefore, it is not considered as part of the analytical decision-making process. Based on the normalized data, we introduce downtime cost with its monetary value and add its seasonal character. We envision that the rest of the model, which works together with the downtime cost, could be checked with the real life cases, through the review of MRO cost and airline spending in the particular and scheduled maintenance events.

Keywords: aircraft maintenance, downtime, downtime cost, maintenance cost

Procedia PDF Downloads 326

Authors: Nahid Tavakoli, Asghar Ehteshami, Akbar Hassanzadeh, Fatemeh Amini

Abstract:

Introduction: The Information security incident management guidelines was been developed to help hospitals to meet their information security event and incident management requirements. The purpose of this Study was to investigate on Information Security Incident Management in Isfahan’s educational hospitals in accordance to ISO/IEC 27002 standards. Methods: This was a cross-sectional study to investigate on Information Security Incident Management of educational hospitals in 2014. Based on ISO/IEC 27002 standards, two checklists were applied to check the compliance with standards on Reporting Information Security Events and Weakness and Management of Information Security Incidents and Improvements. One inspector was trained to carry out the assessments in the hospitals. The data was analyzed by SPSS. Findings: In general the score of compliance Information Security Incident Management requirements in two steps; Reporting Information Security Events and Weakness and Management of Information Security Incidents and Improvements was %60. There was the significant difference in various compliance levels among the hospitals (p-valueKeywords: information security incident management, information security management, standards, hospitals

Procedia PDF Downloads 547

Authors: Kuan-Chou Chen

Abstract:

This paper will demonstrate a simulation model of an information security system by using the systems dynamic approach. The relationships in the system model are designed to be simple and functional and do not necessarily represent any particular information security environments. The purpose of the paper aims to develop a generic system dynamic information security system model with implications on information security research. The interrelated and interdependent relationships of five primary sectors in the system dynamic model will be presented in this paper. The integrated information security systems model will include (1) information security characteristics, (2) users, (3) technology, (4) business functions, and (5) policy and management. Environments, attacks, government and social culture will be defined as the external sector. The interactions within each of these sectors will be depicted by system loop map as well. The proposed system dynamic model will not only provide a conceptual framework for information security analysts and designers but also allow information security managers to remove the incongruity between the management of risk incidents and the management of knowledge and further support information security managers and decision makers the foundation for managerial actions and policy decisions.

Keywords: system thinking, information security systems, security management, simulation

Procedia PDF Downloads 396

Authors: Amir Mohtarami, Hadi Kandjani

Abstract:

The amount of business-critical information in enterprises is growing at an extraordinary rate, and the ability to catalog that information and properly protect it using traditional security mechanisms is not keeping pace. Alongside the Information Technology (IT), information security needs a holistic view in enterprise. In other words, a comprehensive architectural approach is required, focusing on the information itself, understanding what the data are, who owns it, and which business and regulatory policies should be applied to the information. Enterprise Architecture Frameworks provide useful tools to grasp different dimensions of IT in organizations. Usually this is done by the layered views on IT architecture, but not requisite security attention has been held in this frameworks. In this paper, after a brief look at the Enterprise Architecture (EA), we discuss the issue of security in the overall enterprise IT architecture. Due to the increasing importance of security, a rigorous EA program in an enterprise should be able to consider security architecture as an integral part of its processes and gives a visible roadmap and blueprint for this aim.

Keywords: enterprise architecture, architecture framework, security architecture, information systems

Procedia PDF Downloads 667

Authors: Pratyush Vatsala, Sanjay Ahuja

Abstract:

The national security and human rights are related terms as there is nothing like absolute security or absolute human right. If we are committed to security, human right is a problem and also a solution, and if we deliberate on human rights, security is a problem but also part of the solution. Ultimately, we have to maintain a balance between the two co-related terms. As more and more armed forces are being deployed by the government within the nation for maintaining peace and security, using force against its own citizen, the search for a judicious balance between intent and action needs to be emphasized. Notwithstanding that a nation state needs complete political independence; the search for security is a driving force behind unquestioned sovereignty. If security is a human value, it overlaps the value of freedom, order, and solidarity. Now, the question needs to be explored, to what extent human rights can be compromised in the name of security in Kashmir or Mizoram like places. The present study aims to explore the issue of maintaining a balance between the use of power and good governance as human rights, providing security as a human value. This paper has been prepared with an aim of strengthening the understanding of the complex and multifaceted relationship between human rights and security forces operating for conflict management and identifies some of the critical human rights issues raised in the context of security forces operations highlighting the relevant human rights principles and standards in which Security as human value be respected at all times and in particular in the context of security forces operations in India.

Keywords: Kashmir, Mizoram, security, value, human right

Procedia PDF Downloads 245

Authors: Zainab Khalifah, Wong Chiet Bing, Noor Hazarina Hashim

Abstract:

The evolution of customer behavior in purchasing products or services through the Internet leads to airline companies engaging in the e-ticketing process in order to maintain their business. A well-designed website is vitally significant for the airline companies to provide effective communication, support, and competitive advantage. This study was conducted to identify the dimensions of website quality for low cost airline and to investigate the relationship between the website quality and customer e-satisfaction at low cost airline. A total of 381 responses were conveniently collected among local passengers at Low Cost Carrier Terminal, Kuala Lumpur via questionnaire distribution. This study found that the five determinant factors of website quality for AirAsia were Information Content, Navigation, Responsiveness, Personalization, and Security and Privacy. The results of this study revealed that there is a positive relationship between the five dimensions of website quality and customer e-satisfaction, and also information content was the most significant contributor to customer e-satisfaction.

Keywords: website quality, customer e-satisfaction, low cost airline, e-ticketing

Procedia PDF Downloads 390

Authors: Naveed Ghani, Samreen Javed

Abstract:

In today’s heterogeneous network environment, there is a growing demand for distrust clients to jointly execute secure network to prevent from malicious attacks as the defining task of propagating malicious code is to locate new targets to attack. Residual risk is always there no matter what solutions are implemented or whet so ever security methodology or standards being adapted. Security is the first and crucial phase in the field of Computer Science. The main aim of the Computer Security is gathering of information with secure network. No one need wonder what all that malware is trying to do: It's trying to steal money through data theft, bank transfers, stolen passwords, or swiped identities. From there, with the help of our survey we learn about the importance of white listing, antimalware programs, security patches, log files, honey pots, and more used in banks for financial data protection but there’s also a need of implementing the IPV6 tunneling with Crypto data transformation according to the requirements of new technology to prevent the organization from new Malware attacks and crafting of its own messages and sending them to the target. In this paper the writer has given the idea of implementing IPV6 Tunneling Secessions on private data transmission from financial organizations whose secrecy needed to be safeguarded.

Keywords: network worms, malware infection propagating malicious code, virus, security, VPN

Procedia PDF Downloads 328

Authors: Kaleem Ullah, Abd Halid Bin Abdullah

Abstract:

This study examines previous literature on cost overrun in construction projects with the specific aim of determining the frequently observed causes of cost overruns in Malaysian construction projects. Cost overrun is one of the major problems in construction projects. Cost overrun is frequently observed in almost every construction projects. This cost overrun in construction projects occurs due to various reasons and many researchers have carried out various studies to identify the cause factors of this issue. The causes of construction cost overrun could vary from country to country because of the difference in political, economic, social and environmental conditions. Likewise, other countries construction projects in Malaysia have also the issue of cost overrun. The concept of cost overrun in construction projects has attracted much attention in recent years and researches are trying to understand the causes of these overruns and their effects to the construction industry as whole. This paper review various research studies carried out in Malaysia which surveyed the cost performance and cause factors of cost overruns in construction projects in Malaysia.

Keywords: cause of cost overrun, cost overrun, construction industry in Malaysia, effects of cost overrun

Procedia PDF Downloads 251

Authors: H. Gorine, M. Ramadan Elmezughi

Abstract:

In this paper, we investigate security issues and challenges facing researchers in wireless sensor networks and countermeasures to resolve them. The broadcast nature of wireless communication makes Wireless Sensor Networks prone to various attacks. Due to resources limitation constraint in terms of limited energy, computation power and memory, security in wireless sensor networks creates different challenges than wired network security. We will discuss several attempts at addressing the issues of security in wireless sensor networks in an attempt to encourage more research into this area.

Keywords: wireless sensor networks, network security, light weight encryption, threats

Procedia PDF Downloads 487

Authors: Kenichiro Hida, Shin-Ichi Kuribayashi

Abstract:

NFV-based network implements a variety of network functions with software on general-purpose servers, and this allows the network operator to select any capabilities and locations of network functions without any physical constraints. In this paper, we evaluate the influence of the maximum tolerable network delay on the virtual routing function deployment guidelines which the authors proposed previously. Our evaluation results have revealed the following: (1) the more the maximum tolerable network delay condition becomes severe, the more the number of areas where the route selection function is installed increases and the total network cost increases, (2) the higher the routing function cost relative to the circuit bandwidth cost, the increase ratio of total network cost becomes larger according to the maximum tolerable network delay condition.

Keywords: NFV (Network Functions Virtualization), resource allocation, virtual routing function, minimum total network cost

Procedia PDF Downloads 215

Authors: Emmanuel Ogala

Abstract:

Cloud computing has been envisioned as the next-generation architecture of Information Technology (IT) enterprise. In contrast to traditional solutions where IT services are under physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centres, where the management of the data and services may not be fully trustworthy. This is due to the fact that the systems are opened to the whole world and as people tries to have access into the system, many people also are there trying day-in day-out on having unauthorized access into the system. This research contributes to the improvement of cloud computing security for better operation. The work is motivated by two problems: first, the observed easy access to cloud computing resources and complexity of attacks to vital cloud computing data system NIC requires that dynamic security mechanism evolves to stay capable of preventing illegitimate access. Second; lack of good methodology for performance test and evaluation of biometric security algorithms for securing records in cloud computing environment. The aim of this research was to evaluate the performance of an integrated security system (ISS) for securing exams records in cloud computing environment. In this research, we designed and implemented an ISS consisting of three security mechanisms of biometric (fingerprint), auto-PIN and password into one stream of access control and used for securing examination records in Kogi State University, Anyigba. Conclusively, the system we built has been able to overcome guessing abilities of hackers who guesses people password or pin. We are certain about this because the added security system (fingerprint) needs the presence of the user of the software before a login access can be granted. This is based on the placement of his finger on the fingerprint biometrics scanner for capturing and verification purpose for user’s authenticity confirmation. The study adopted the conceptual of quantitative design. Object oriented and design methodology was adopted. In the analysis and design, PHP, HTML5, CSS, Visual Studio Java Script, and web 2.0 technologies were used to implement the model of ISS for cloud computing environment. Note; PHP, HTML5, CSS were used in conjunction with visual Studio front end engine design tools and MySQL + Access 7.0 were used for the backend engine and Java Script was used for object arrangement and also validation of user input for security check. Finally, the performance of the developed framework was evaluated by comparing with two other existing security systems (Auto-PIN and password) within the school and the results showed that the developed approach (fingerprint) allows overcoming the two main weaknesses of the existing systems and will work perfectly well if fully implemented.

Keywords: performance evaluation, fingerprint, auto-pin, password-based, security systems, cloud computing environment

Procedia PDF Downloads 113

Authors: Wanqing You, Kai Qian, Xi He, Ying Qian

Abstract:

In this paper, the potential security issues brought by the virtualization of a Software Defined Networks (SDN) would be analyzed. The virtualization of SDN is achieved by FlowVisor (FV). With FV, a physical network is divided into multiple isolated logical networks while the underlying resources are still shared by different slices (isolated logical networks). However, along with the benefits brought by network virtualization, it also presents some issues regarding security. By examining security issues existing in an OpenFlow network, which uses FlowVisor to slice it into multiple virtual networks, we hope we can get some significant results and also can get further discussions among the security of SDN virtualization.

Keywords: SDN, network, virtualization, security

Procedia PDF Downloads 392

Authors: Ebtehal Aljedaani, Maha Aljohani

Abstract:

Privacy and security patterns are both important for developing software that protects users' data and privacy. Privacy patterns are designed to address common privacy problems, such as unauthorized data collection and disclosure. Security patterns are designed to protect software from attack and ensure reliability and trustworthiness. Using privacy and security patterns, software engineers can implement security and privacy by design principles, which means that security and privacy are considered throughout the software development process. These patterns are available to translate "security & privacy-by-design" into practical advice for software engineering. Previous research on privacy and security patterns has typically focused on one category of patterns at a time. This paper aims to bridge this gap by merging the two categories and identifying their similarities and differences. To do this, the authors conducted a systematic literature review of 25 research papers on privacy and security patterns. The papers were analysed based on the category of the pattern, the classification of the pattern, and the security requirements that the pattern addresses. This paper presents the results of a comprehensive review of privacy and security design patterns. The review is intended to help future IT designers understand the relationship between the two types of patterns and how to use them to design secure and privacy-preserving software. The paper provides a clear classification of privacy and security design patterns, along with examples of each type. The authors found that there is only one widely accepted classification of privacy design patterns, while there are several competing classifications of security design patterns. Three types of security design patterns were found to be the most commonly used.

Keywords: design patterns, security, privacy, classification of patterns, security patterns, privacy patterns

Procedia PDF Downloads 90

Authors: Constantinos Adamides, Petros Petrikkos

Abstract:

In the era of growing hybrid threats, small states find themselves in need to re-evaluate existing foreign and defense policies. The pressure to establishing or maintain a status of a reliable partner in the community in which they belong to, vis-à-vis their multilateral relations with other organisations and entities, small states may need to shift their policies in the field to accommodate security needs that are not only pertinent to their security, but also to that of the organisations (bloc) in which they interact. Unlike potential shortcomings in a small state’s mainstream security and defence framework where the threat would be limited to the state itself, in more contemporary times with dominating hybrid threats, the small states’ security shortcomings may also become a security problem for the bloc in which these states belong to. An indicative example is small states like Cyprus and Malta, which belong and 'interact' in the European Union. As a result, the nature of hybrid threats can be utilised to hurt bigger states in a bloc by exploiting the small states’ vulnerabilities and security gaps. Inevitably, both the defensive and foreign policy collaborations of small states with bigger states have been and are constantly re-evaluated to tackle and prevent such problems. In essence, the goal of this ‘re-evaluation’ aims to achieve a twofold goal: The first is the small states’ quest to appear as a reliable partner within the bloc, while the second is to avoid being the weakest security link in the bloc’s defence against hybrid threats. Indeed, the hybrid arena is a security area where they can excel in the bloc, despite the potential and expected conventional military deficiencies. This new environment prompts us to think security from the perspective of small states differently and in relation to their role as members or big organisations. The paper focuses on the case of Cyprus following its accession to the European Union and examines how a country that has had a very focused security orientation –not least due to its ongoing security problems– altered its foreign and defence policies within the European Union to ensure compliance with the rest of the bloc, while at the same time maximizing its role as a security player. Specifically, it examines the methods through which the country shifted its policies as well as the challenges and opportunities that emerged from these security shifts.

Keywords: Cyprus, defence, foreign policy, hybrid threats, ontological security, small states

Procedia PDF Downloads 108

Authors: Mohan Ramasundaram, Amutha Prabakar Muniyandi

Abstract:

Remote user authentication is one of the important tasks for any kind of remote server applications. Several remote authentication schemes are proposed by the researcher for Telecare Medicine Information System (TMIS). Most of the existing techniques have limitations, vulnerable to various kind attacks, lack of functionalities, information leakage, no perfect forward security and ineffectiveness. Authentication is a process of user verification mechanism for allows him to access the resources of a server. Nowadays, most of the remote authentication protocols are using two-factor authentications. We have made a survey of several remote authentication schemes using three factors and this survey shows that the most of the schemes are inefficient and subject to several attacks. We observed from the experimental evaluation; the proposed scheme is very secure against various known attacks that include replay attack, man-in-the-middle attack. Furthermore, the analysis based on the communication cost and computational cost estimation of the proposed scheme with related schemes shows that our proposed scheme is efficient.

Keywords: Telecare Medicine Information System, elliptic curve cryptography, three-factor, biometric, random oracle

Procedia PDF Downloads 193

Authors: Mehmet Kargaci

Abstract:

It is more important to access information than to get the correct information and to transform it to the knowledge in a proper way. Every person, organizations or governments who have the knowledge now become the target. Cyber security involves the range of measures to be taken from individual to the national level. The National institutions refer to academic, military and major public and private institutions, which are very important for the national security. Thus they need further cyber security measures. It appears that the traditional cyber security measures in the national level are alone not sufficient, while the individual measures remain in a restricted level. It is evaluated that the most appropriate method for preventing the cyber vulnerabilities rather than existing measures are to develop institutional measures. This study examines the cyber security measures to be taken, especially in the national institutions.

Keywords: cyber defence, information, critical infrastructure, security

Procedia PDF Downloads 502

Authors: V. S. S. Kumar, B. Vikram, G. C. S. Reddy

Abstract:

Time and cost are the two critical objectives of construction project management and are not independent but intricately related. Trade-off between project duration and cost are extensively discussed during project scheduling because of practical relevance. Generally when the project duration is compressed, the project calls for an increase in labor and more productive equipments, which increases the cost. Thus, the construction time-cost optimization is defined as a process to identify suitable construction activities for speeding up to attain the best possible savings in both time and cost. As there is hidden tradeoff relationship between project time and cost, it might be difficult to predict whether the total cost would increase or decrease as a result of compressing the schedule. Different combinations of duration and cost for the activities associated with the project determine the best set in the time-cost optimization. Therefore, the contractors need to select the best combination of time and cost to perform each activity, all of which will ultimately determine the project duration and cost. In this paper, the fuzzy set theory is used to model the uncertainties in the project environment for time-cost trade off analysis.

Keywords: fuzzy sets, uncertainty, qualitative factors, decision making

Procedia PDF Downloads 618