Search results for: security design

Authors: Yllka Hysaj, Ylberina Hysaj Arifi

Abstract:

Recently, with BREXIT taking place, organizations and employees have been affected in the way of job and employment security. Career-oriented human resources management (HRM) practices are likely to facilitate self-initiated expatriates’ adjustment to the host country. This was related to the career security (job security and employment security), which were missing in their home country and seemed to be important elements to adjust to the host country. The aim of this study is to assess whether the perception of career security by Frances self-initiated expatriates (SIEs) have changed in the wake of the referendum result. Quantitative research method will be used, and the data will be collected through electronic questionnaires. Data will be analyzed through Statistical Package for the Social Sciences (SPSS). The study variables will include an adjustment to the host country, HRM practices, employability, and job security. Predicted results consist that career-oriented HRM practices are positively related to the adjustment to the host country, employability, and job security. However, with Brexit, there might be a negative relationship between career-oriented HRM practices and job security.

Keywords: migration, self-initiated expatriates, Brexit, job security

Procedia PDF Downloads 139

Authors: Michaela Vašková

Abstract:

The paper is focused on the application of the security audit method on the selected objects of the critical infrastructure. The emphasis is put on security audit method to find gaps in the critical infrastructure security. The theoretical part describes objects of the critical infrastructure. The practical part describes using the security audit method. The main emphasis was put on the protection of the critical infrastructure in the Czech Republic.

Keywords: crisis management, critical infrastructure, object of critical infrastructure, security audit, extraordinary event

Procedia PDF Downloads 400

Authors: E. K. Linsenmayer

Abstract:

Traditional international relations theorists define state security, the principal national interest, as a state’s military force. However, many political theorists argue the current definition of security is not comprehensive and therefore, problematic. This paper argues that women’s physical security is not only linked but also necessary to achieve state security. In today’s unipolar political international system, the United States continues to accredit national security to its military. However, in one of the most militarized countries, women remain insecure. Through a case study method of the United States, this paper illuminates a necessary political prescription: the empowerment of women through an inside-out, feminist theoretical approach that makes state security attainable. The research through empirical testing, drawing from several databases, shows the positive effects of women’s physical security on state security. Women’s physical security is defined in terms of equal legal practices, health, education, and female representation in the government. State security is measured by the relative peace of a state, its involvement in conflict and a state’s relations with neighboring states. This paper shows that empowering women, 50% of the world’s population, is necessary for ending the current vicious circle of militarization, war, and insecurity. Without undoing gender power dynamics at the individual and societal level, security at all levels remains unattainable.

Keywords: gender inequality, politics, state security, women's security

Procedia PDF Downloads 177

Authors: Yuli Paola Cifuentes Sanabria, Lina Paola Beltrán Beltrán, Leonardo Juan Ramírez López

Abstract:

The availability to deploy mobile applications for healthcare is increasing daily thru different mobile app stores. But within these capabilities the number of hacking attacks has also increased, in particular into medical mobile applications. The security vulnerabilities in medical mobile apps can be triggered by errors in code, incorrect logic, poor design, among other parameters. This is usually used by malicious attackers to steal or modify the users’ information. The aim of this research is to analyze the vulnerabilities detected in mobile medical apps according to risk factor standards defined by OWASP in 2014.

Keywords: mHealth apps, OWASP, protocols, security vulnerabilities, risk factors

Procedia PDF Downloads 468

Authors: Seyed Nima Tayarani Bathaie

Abstract:

In this paper, an image-receiving system was designed and implemented through optimization of object detection algorithms using Haar features. This optimized algorithm served as face and eye detection separately. Then, cascading them led to a clear image of the user. Utilization of this feature brought about higher security by preventing fraud. This attribute results from the fact that services will be given to the user on condition that a clear image of his face has already been captured which would exclude the inappropriate person. In order to expedite processing and eliminating unnecessary ones, the input image was compressed, a motion detection function was included in the program, and detection window size was confined.

Keywords: face detection algorithm, Haar features, security of ATM

Procedia PDF Downloads 384

Authors: Homa Parmoon, Narges Hamzeh

Abstract:

Since today's urban spaces are disposed towards behavioral disorders and lack of security, both qualitative and quantitative aspects of security especially social and physical security are considered as basic necessities in urban planning. This research focused on the variable of place of living, examined social security in the old and new textures, and investigated the amount of residents’ social security in Shiraz including safety, financial, emotional and moral security. To this end, two neighborhoods in region 1 of Shiraz- Qasr-Al-Dasht (old texture) and Moalem (new texture)- were examined through a comparative study of 60 samples lived in two neighborhoods. Data were gathered through two-way ANOVA between the variables of residential context and internal and external security. This analysis represents the significance or insignificance of the model as well as the individual effects of each independent variable on the dependent variable. It was tested by ANCOVA and F-test. Research findings indicated place of living has a significant effect on families’ social security. The safety, financial, emotional, and moral security also represented a great impact on social security. As a result, it can be concluded that social security changes with the changing in place of living.

Keywords: social security, damaged area, two-way ANOVA, Shiraz

Procedia PDF Downloads 108

Authors: Ji Lian Yap

Abstract:

This paper will critically consider developments in 2014 in relation to the law relating to security over personal property in Hong Kong. The rules governing the registration of charges under the Hong Kong Companies Ordinance will be examined. Case law relating to personal property security will also be discussed. The transplantation of the floating charge into China’s Property Law will also be considered.

Keywords: personal property, security law, reform of the law, law

Procedia PDF Downloads 394

Authors: Elena A. Troubitsyna

Abstract:

Designers of modern safety-critical control systems are increasingly relying on networking to provide the systems with advanced functionality and satisfy customer’s needs. However, networking nature of modern control systems also brings new technological challenges associated with ensuring system safety in the presence of openness and hence, potential security threats. In this paper, we propose a methodology that relies on systems-theoretic analysis to enable an integrated analysis of safety and security requirements of controlling software. We demonstrate how to create a safety case – a structured argument about system safety – with explicit representation of both safety and security goals. Our approach provides the designers with a systematic approach to analysing safety and security interdependencies while designing safety-critical control systems.

Keywords: controlling software, integrated analysis, security, safety-security co-engineering

Procedia PDF Downloads 464

Authors: Khaled Shehata, Hanady Hussien, Sara Yehia

Abstract:

Securing the data stored on E-passport is a very important issue. RSA encryption algorithm is suitable for such application with low data size. In this paper the design and implementation of 1024 bit-key RSA encryption and decryption module on an FPGA is presented. The module is verified through comparing the result with that obtained from MATLAB tools. The design runs at a frequency of 36.3 MHz on Virtex-5 Xilinx FPGA. The key size is designed to be 1024-bit to achieve high security for the passport information. The whole design is achieved through VHDL design entry which makes it a portable design and can be directed to any hardware platform.

Keywords: RSA, VHDL, FPGA, modular multiplication, modular exponential

Procedia PDF Downloads 347

Authors: Da Eun Sung

Abstract:

In today’s world, cyber security has become an important international agenda. As the information age has arrived, the need for cyber defense against cyber attacks is mounting, and the significance of cyber cooperation in the international community is drawing attention. Through the course, international society has agreed that the institutionalization of international norms dealing with cyber space and cyber security is crucial ever. Nevertheless, the West, led by the United States of America, and 'the East', composed of Russia and China, have shown conflicting views on forming international norms and principles which would regulate and ward off the possible threats in cyber space. Thus, the international community hasn’t yet to reach an agreement on cyber security. In other words, the difference between both sides on the approach and understanding of principles, objects, and the definition has rendered such. Firstly, this dissertation will cover the Russia’s perception, strategy, and definition on cyber security through analyzing primary source. Then, it will delve into the two contrasting cyber security strategy between Russia and the US by comparing them. And in the conclusion, it will seek the possible solution for the cooperation in the field of cyber security. It is quite worthwhile to look into Russia’s views, which is the main counterpart to the US in this field, especially when the efforts to institutionalize cyber security by the US-led international community have met with their boundaries, and when the legitimacy of them have been challenged.

Keywords: cyber security, cyber security strategic, international relation in cyberspace, Russia

Procedia PDF Downloads 273

Authors: Kai Jin, Hua Li, Qing Song

Abstract:

Homeland security and border safety is an issue for any country. This paper takes the border security of US as an example to discuss the usage and efficiency of simulation tools in the homeland security application. In this study, available resources and different illegal infiltration parameters are defined, including their individual behavior and objective, in order to develop a model that describes border patrol system. A simulation model is created in Arena. This simulation model is used to study the dynamic activities in the border security. Possible factors that may affect the effectiveness of the border patrol system are proposed. Individual and factorial analysis of these factors is conducted and some suggestions are made.

Keywords: resource optimization, simulation, modeling, border security

Procedia PDF Downloads 484

Authors: Somayeh Sobati Moghadam

Abstract:

Business processes are crucial for organizations and help businesses to evaluate and optimize their performance and processes against current and future-state business goals. Outsourcing business processes to the cloud becomes popular due to a wide varsity of benefits and cost-saving. However, cloud outsourcing raises enterprise data security concerns, which must be incorporated in Business Process Model and Notation (BPMN). This paper, presents SeCloudBPMN, a lightweight extension for BPMN which extends the BPMN to explicitly support the security threats in the cloud as an outsourcing environment. SeCloudBPMN helps business’s security experts to outsource business processes to the cloud considering different threats from inside and outside the cloud. In this way, appropriate security countermeasures could be considered to preserve data security in business processes outsourcing to the cloud.

Keywords: BPMN, security threats, cloud computing, business processes outsourcing, privacy

Procedia PDF Downloads 238

Authors: Emmanuel Ogala

Abstract:

Cloud computing has been envisioned as the next-generation architecture of Information Technology (IT) enterprise. In contrast to traditional solutions where IT services are under physical, logical and personnel controls, cloud computing moves the application software and databases to the large data centres, where the management of the data and services may not be fully trustworthy. This is due to the fact that the systems are opened to the whole world and as people tries to have access into the system, many people also are there trying day-in day-out on having unauthorized access into the system. This research contributes to the improvement of cloud computing security for better operation. The work is motivated by two problems: first, the observed easy access to cloud computing resources and complexity of attacks to vital cloud computing data system NIC requires that dynamic security mechanism evolves to stay capable of preventing illegitimate access. Second; lack of good methodology for performance test and evaluation of biometric security algorithms for securing records in cloud computing environment. The aim of this research was to evaluate the performance of an integrated security system (ISS) for securing exams records in cloud computing environment. In this research, we designed and implemented an ISS consisting of three security mechanisms of biometric (fingerprint), auto-PIN and password into one stream of access control and used for securing examination records in Kogi State University, Anyigba. Conclusively, the system we built has been able to overcome guessing abilities of hackers who guesses people password or pin. We are certain about this because the added security system (fingerprint) needs the presence of the user of the software before a login access can be granted. This is based on the placement of his finger on the fingerprint biometrics scanner for capturing and verification purpose for user’s authenticity confirmation. The study adopted the conceptual of quantitative design. Object oriented and design methodology was adopted. In the analysis and design, PHP, HTML5, CSS, Visual Studio Java Script, and web 2.0 technologies were used to implement the model of ISS for cloud computing environment. Note; PHP, HTML5, CSS were used in conjunction with visual Studio front end engine design tools and MySQL + Access 7.0 were used for the backend engine and Java Script was used for object arrangement and also validation of user input for security check. Finally, the performance of the developed framework was evaluated by comparing with two other existing security systems (Auto-PIN and password) within the school and the results showed that the developed approach (fingerprint) allows overcoming the two main weaknesses of the existing systems and will work perfectly well if fully implemented.

Keywords: performance evaluation, fingerprint, auto-pin, password-based, security systems, cloud computing environment

Procedia PDF Downloads 111

Authors: Muneera Abdul Haleem Bukhari, Maryam I. Alshirawi, Elsayed S. Elkhamisi

Abstract:

This study aimed at understanding the relationship between psychological security and self-esteem among Adolescent with Mild Intellectual Disability, exploring the levels of psychological security and self-esteem, as well as determining the differences between genders in psychological security and self-esteem. The sample of the study contained (60) Adolescent with Mild Intellectual Disability, (34) males and (26) females who are enrolled in the Vocational and Social Rehabilitation Center and Hope Institute in the Kingdom of Bahrain. Their ages are between (15-23) years old. The Psychological Security Scale and self-Esteem Scale (prepared by James Battle) were used by the researcher. Results showed that levels of psychological security and self-esteem among Adolescents with Mild Intellectual Disability was above average; results also showed the order of the psychological security dimensions in the following manner (future outlook – mood - family security – social security) and the order of the dimensions of self-esteem in the following manner (social self-esteem – personal self-esteem – general self-esteem) among Adolescent with Mild Intellectual Disability; as for the differences between genders, the study showed that there was an increased level of psychological security among males. However, there was no difference in self-esteem between both sexes.

Keywords: psychological security, self-esteem, adolescent, intellectual disability, the Kingdom of Bahrain

Procedia PDF Downloads 358

Authors: Wiriranai Brilliant Masara

Abstract:

The African Peace and Security Architecture is widely celebrated and revered as a paragon of the will to address peace and security challenges in Africa. However, like any other institution, it is embedded with operational and institutional challenges that prevent it from effectively carrying out its mandate and turning goals into achieved results. The article examines the fundamental flaws and weaknesses of the African Peace and Security Architecture by focusing on its institutions, norms, instruments, and its relationship to Africa’s Regional Economic Communities. Therefore, the article reviews the flaws of the five elements of the African Peace and Security Architecture which are the Peace and Security Council, Panel of the Wise, Continental Early Warning System, African Standby Force, and Peace Fund.

Keywords: African Union, African Peace and Security Architecture, peace and security council, continental early warning system, African Standby Force, Panel of the Wise, Peace Fund

Procedia PDF Downloads 100

Authors: Dicky R. Munaf, Ayu Bulan Tisna

Abstract:

Competitive intelligence (business intelligence) is the process of observing the external environment which often conducted by many organizations to get the relevant information which will be used to create the organization policy, whereas, security intelligence is related to the function of the officers who have the duties to protect the country and its people from every criminal actions that might harm the national and individual security. Therefore, the intelligence dimension of maritime security is associated with all the intelligence activities including the subject and the object that connected to the maritime issues. The concept of intelligence business regarding the maritime security perspective is the efforts to protect the maritime security using the analysis of economic movements as the basic strategic plan. Clearly, a weak maritime security will cause high operational cost to all the economic activities which uses the sea as its media. Thus, it affects the competitiveness of a country compared to the other countries that are able to maintain the maritime law enforcement and secure their marine territory. So, the intelligence business within the security intelligence is important to conduct as the beginning process of the identification against the opponent strategy that might happen in the present or in the future. Thereby, the scenario of the potential impact of all the illegal maritime activities, as well as the strategy in preventing the opponent maneuver can be made.

Keywords: competitive intelligence, maritime security intelligence, intelligent systems, information technology

Procedia PDF Downloads 462

Authors: Gabriel A. Orozco

Abstract:

The purpose of this article is to make an approach to the Security Studies, exposing their theories and concepts to understand the role that have had in the interpretation of the changes and continuities of the world order and their impact on policies or decision-making facing the problems of the 21st century. The aim is to build a bridge between the security studies as a subfield and the meaning that has been given to the world order. The idea of epistemic communities serves as a methodological proposal about the different programs of research in security studies, showing their influence in the realities of States, intergovernmental organizations and transnational forces, moving to implement, perpetuate and project a vision of the world order.

Keywords: security studies, epistemic communities, international, relations

Procedia PDF Downloads 241

Authors: Senthuran Manoharan, Rathesan Sivagananalingam

Abstract:

One of the main issues in system security is Authentication. Authentication can be defined as the process of recognizing the user's identity and it is the most important step in the access control process to safeguard data/resources from being accessed by unauthorized users. The static method of authentication cannot ensure the genuineness of the user. Due to this reason, more innovative authentication mechanisms came into play. At first two factor authentication was introduced and later, multi-factor authentication was introduced to enhance the security of the system. It also had some issues and later, adaptive authentication was introduced. In this research paper, the design of an adaptive authentication engine was put forward. The user risk profile was calculated based on the user parameters and then the user was challenged with a suitable authentication method.

Keywords: authentication, adaptive authentication, machine learning, security

Procedia PDF Downloads 198

Authors: Sara Hadad Dabaghi

Abstract:

Iran is among the first five earthquake prone regions of the world. During the past 90 years, more than 85 catastrophic earthquakes have happened in Iran, leaving approximately 120000 casualties. Therefore, it is necessary to apply modern anti-seismic technologies to the construction of building such earthquake prone zones. This is especially the case with the northern regions of this country where the existence Khazar and Alborz Faults necessitate the observation of building construction security. Thus, the goal of this research is to solve this problem and to design earthquake resistant buildings. The present study is descriptive-analytical carried out on a mixed method platform. The study focuses on designing Roudbar Residential Complex adopting an anti-seismic approach. It is a cross-sectional applied research since its findings could be used to solve the security problems of Roudbar building with respect to earthquakes of the regions. The causality relationship in this research could be formulated as follows: the novel anti-seismic technologies increase security and reduce damages caused by earthquakes.

Keywords: design, residential complex, inspiration, anti-seismic technology, Roudbar

Procedia PDF Downloads 260

Authors: Umar Mujahid, Greatzel Unabia, Hongsik Choi, Binh Tran

Abstract:

Radio Frequency Identification (RFID) is one of the most commonly used technologies in IoTs and Wireless Sensor Networks which makes the devices identification and tracking extremely easy to manage. Since RFID uses wireless channel for communication, which is open for all types of adversaries, researchers have proposed many Ultralightweight Mutual Authentication Protocols (UMAPs) to ensure security and privacy in a cost-effective manner. These UMAPs involve simple bitwise logical operators such as XOR, AND, OR & Rot, etc., to design the protocol messages. However, most of these UMAPs were later reported to be vulnerable against many malicious attacks. In this paper, we have presented a detailed overview of some eminent UMAPs and also discussed the many security attacks on them. Finally, some recommendations and suggestions have been discussed, which can improve the design of the UMAPs.

Keywords: RFID, Ultralightweight, UMAP, SASI

Procedia PDF Downloads 111

Authors: Loh Fu Quan, Fong Zi Heng, Burra Venkata Durga Kumar

Abstract:

Cloud computing has completely transformed the way many businesses operate. Traditionally, confidential data of a business is stored in computers located within the premise of the business. Therefore, a lot of business capital is put towards maintaining computing resources and hiring IT teams to manage them. The advent of cloud computing changes everything. Instead of purchasing and managing their infrastructure, many businesses have started to shift towards working with the cloud with the help of a cloud service provider (CSP), leading to cost savings. However, it also introduces security risks. This research paper focuses on the security risks that arise during data migration and user authentication in cloud computing. To overcome this problem, this paper provides a comprehensive framework that includes Transport Layer Security (TLS), user authentication, security tokens and multi-level data encryption. This framework aims to prevent authorized access to cloud resources and data leakage, ensuring the confidentiality of sensitive information. This framework can be used by cloud service providers to strengthen the security of their cloud and instil confidence in their users.

Keywords: Cloud computing, Cloud security, Cloud security issues, Cloud security framework

Procedia PDF Downloads 70

Authors: Kevin Krupski

Abstract:

Private Military Security Companies have grown to become a major force contributor to nations in military operations. Scholars have debated the implications of this in relation to control and efficiency related to the privatization of violence, but there has been little discussion on how these companies affect the profession of arms. Specifically, this paper seeks to address how the privatization of violence influences the military’s stewardship, whether private military security companies are capable of stewardship of the military profession, and whether there are aspects of stewardship of the military profession that private military security companies are capable of emulating. This paper reviews literature on stewardship, the relationship of the military to the state, and private military security companies in order to identify overlap between uniformed military services and the private sector. Then, it offers a typology for determining under what conditions an organization would act as a steward. Ultimately, there are insufficient reasons for private military security companies to act as stewards of the profession of arms.

Keywords: stewardship, military profession, civil-military, security

Procedia PDF Downloads 219

Authors: Arash Heydarian Pashakhanlou

Abstract:

The security dilemma is one of the key concepts in International Relations (IR), and the numerous engagements with it have created a great deal of confusion regarding its essence. That is why this article seeks to dissect the security dilemma and rebuild it from its foundational core. In doing so, the present study highlights that the security dilemma requires interaction among actors that seek to protect themselves from other's capacity for harm under the condition of uncertainty to operate. In this constellation, actors are confronted with the dilemma of motives, power, and action, which they seek to resolve by acquiring information regarding their opponents. The relationship between the parties is shaped by the harm-uncertainty index (HUI) consisting of geographical distance, MAD, and joint democracy that determines the intensity of the security dilemma. These elements define the unified theory of the security dilemma (UTSD) developed here. UTSD challenges the prevailing view that the security dilemma is a unidimensional paradoxical concept, regulated by the offense-defense balance and differentiation that only occurs in anarchic settings with tragic outcomes and is equivalent to the spiral model.

Keywords: security dilemma, revisionism, status quo, anarchy, uncertainty, tragedy, spiral, deterrence

Procedia PDF Downloads 199

Authors: Babatunde Oluwamayokun Soyoye

Abstract:

This technology, whose development revolves round culture, tradition, and prevailing needs of the people, is seen as a solution in promoting development in poor rural communities in many parts of Nigeria. The research was based on one of the food security agenda of the Federal Government of Nigeria by developing a motorized multi-grain crop planter suitable for planting operations in tropical soils. The ergonomic design is tailored towards the ease of planting operations for would-be users, improve crop yields and profitability by minimizing the cost of production. Some properties of the grain crops were determined and were used to develop and assemble the locally-made motorized planter. These properties were used in establishing the design criteria of various components of the planter. The geometric mean diameter of the maize, cowpea, groundnut, and soybean were 8.26 mm, 8.72 mm, 9.51 mm and 6.52 mm respectively, with respective groove depths of 8 mm, 7 mm, 9 mm and 6 mm. The results obtained from the evaluation of the planter confirmed that the planter has a uniform discharge and application rates. The field capacity of the planter was determined to be 0.187 ha/h. Also, the average performance efficiency of the planter was 95.5%, with the average discharge and application rates of 7.86 kg/h and 42.1 kg/ha, respectively. The motorized multi-grain planter can be used in increasing food production, reduce time, cost of production, and can become a major tool to fast-track the food security agenda of the government of Nigeria.

Keywords: design and fabrication, food security, grain crop, motorized planter

Procedia PDF Downloads 103

Authors: Nareshkumar Harale, B. B. Meshram

Abstract:

The continued exponential growth of successful cyber intrusions against today’s businesses has made it abundantly clear that traditional perimeter security measures are no longer adequate and effective. We evolved the network trust architecture from trust-untrust to Zero-Trust, With Zero Trust, essential security capabilities are deployed in a way that provides policy enforcement and protection for all users, devices, applications, data resources, and the communications traffic between them, regardless of their location. Information exchange over the Internet, in spite of inclusion of advanced security controls, is always under innovative, inventive and prone to cyberattacks. TCP/IP protocol stack, the adapted standard for communication over network, suffers from inherent design vulnerabilities such as communication and session management protocols, routing protocols and security protocols are the major cause of major attacks. With the explosion of cyber security threats, such as viruses, worms, rootkits, malwares, Denial of Service attacks, accomplishing efficient and effective intrusion detection and prevention is become crucial and challenging too. In this paper, we propose a design and analysis model for next generation network intrusion detection and protection system as part of layered security strategy. The proposed system design provides intrusion detection for wide range of attacks with layered architecture and framework. The proposed network intrusion classification framework deals with cyberattacks on standard TCP/IP protocol, routing protocols and security protocols. It thereby forms the basis for detection of attack classes and applies signature based matching for known cyberattacks and data mining based machine learning approaches for unknown cyberattacks. Our proposed implemented software can effectively detect attacks even when malicious connections are hidden within normal events. The unsupervised learning algorithm applied to network audit data trails results in unknown intrusion detection. Association rule mining algorithms generate new rules from collected audit trail data resulting in increased intrusion prevention though integrated firewall systems. Intrusion response mechanisms can be initiated in real-time thereby minimizing the impact of network intrusions. Finally, we have shown that our approach can be validated and how the analysis results can be used for detecting and protection from the new network anomalies.

Keywords: network intrusion detection, network intrusion prevention, association rule mining, system analysis and design

Procedia PDF Downloads 198

Authors: Omid Khodabakhshi, Amir Rozdel

Abstract:

The subject of cloud computing security research has allocated a number of challenges and competitions because the data center is comprised of complex private information and are always faced various risks of information disclosure by hacker attacks or internal enemies. Accordingly, the security of virtual machines in the cloud computing infrastructure layer is very important. So far, there are many software solutions to develop security in virtual machines. But using software alone is not enough to solve security problems. The purpose of this article is to examine the challenges and security requirements for accessing and storing data in an insecure cloud environment. In other words, in this article, a structure is proposed for the implementation of highly isolated security-sensitive codes using secure computing hardware in virtual environments. It also allows remote code validation with inputs and outputs. We provide these security features even in situations where the BIOS, the operating system, and even the super-supervisor are infected. To achieve these goals, we will use the hardware support provided by the new Intel and AMD processors, as well as the TPM security chip. In conclusion, the use of these technologies ultimately creates a root of dynamic trust and reduces TCB to security-sensitive codes.

Keywords: code, cloud computing, security, virtual machines

Procedia PDF Downloads 154

Authors: Rossouw De Bruin, Sebastiaan H. Von Solms

Abstract:

The state of national security is an evolving concern. Companies, organizations, governments, states and individuals are aware of the security of their information and their assets however, they may not always be aware of the risks present. These risks are not only limited to non-existence of security procedures. Existing security can be severely flawed, especially if there is non-conformance towards policies, practices and procedures. When looking at humanitarian actions, we can easily identify these flaws. Unfortunately, humanitarian aid has to compete with factors from within the states, countries and continents they are working in. Furthermore, as technology improves, so does our connectivity to the internet and the way in which we use the internet. However, there are times when security is overlooked and humanitarian agencies are some of the agencies that do not always take security into consideration. The purpose of this paper will be to introduce the importance of cybersecurity and cybersecurity governance with respect to humanitarian work. We will also introduce and briefly discuss a model that can be used by humanitarian agencies to assess, manage and maintain their cybersecurity efforts.

Keywords: humanities, cybersecurity, cybersecurity governance, maturity, cybersecurity maturity, maturity model

Procedia PDF Downloads 231

Authors: Malaw Ndiaye, Karim Konate

Abstract:

Smart contracts are computer protocols that facilitate, verify, and execute the negotiation or execution of a contract, or that render a contractual term unnecessary. Blockchain and smart contracts can be used to facilitate almost any financial transaction. Thanks to these smart contracts, the settlement of dividends and coupons could be automated. Smart contracts have become lucrative and profitable targets for attackers because they can hold a great amount of money. Smart contracts, although widely used in blockchain technology, are far from perfect due to security concerns. Since there are recent studies on smart contract security, none of them systematically study the strengths and weaknesses of smart contract security. Some have focused on an analysis of program-related vulnerabilities by providing a taxonomy of vulnerabilities. Other studies are responsible for listing the series of attacks linked to smart contracts. Although a series of attacks are listed, there is a lack of discussions and proposals on improving security. This survey takes stock of smart contract security from a more comprehensive perspective by correlating the level of vulnerability and systematic review of security levels in smart contracts.

Keywords: blockchain, Bitcoin, smart contract, criminal smart contract, security

Procedia PDF Downloads 135

Authors: Serkan Tezgel

Abstract:

The two qualities of the sea, as a medium of transportation and as a resource, necessitate maritime security for economic stability and good order at sea. The borderless nature of the sea makes it one of the best platforms to contribute to regional peace and international order. For this reason, the establishment of maritime security in East Mediterranean will enhance the security-peace-democracy triangle in the region. This paper proposes the application of the Smart Security Concept in the East Mediterranean. Smart Security aims to secure critical infrastructure, such as hydrocarbon platforms, against asymmetrical threats. The concept is based on Anti Asymmetrical Area Denial (A3D) which necessitates limiting freedom of action of maritime terrorists and piracy by founding safe and secure maritime areas through sea lines of communication using short range capabilities. Smart Security is a regional maritime cooperation concept for the narrow seas. Cooperation and interoperability are essential attributes of this regional security concept. Therefore, multinational excellence centers such as Multinational Maritime Security Center of Excellence-Aksaz in Turkey, which will determine necessary capabilities and plan/coordinate workshops, training and exercises, are bound to be the principal characteristic of Smart Security concept and similar regional concepts. Smart Security, a crucial enabler of energy and regional security, can provide an enduring approach for operating in the challenging environment of narrow seas and for countering asymmetrical threats.

Keywords: security, cooperation, asymmetrical, area denial

Procedia PDF Downloads 772

Authors: Saidu I. R., Shittu S. S.

Abstract:

As the trend of personal devices accessing corporate data continues to rise through Bring Your Own Device (BYOD) practices, organizations recognize the potential cost reduction and productivity gains. However, the associated security risks pose a significant threat to these benefits. Often, organizations adopt BYOD environments without fully considering the vulnerabilities introduced by human factors in this context. This study presents an enhanced assessment model that evaluates the security posture of employees in BYOD environments using cyber hygiene principles. The framework assesses users' adherence to best practices and guidelines for maintaining a secure computing environment, employing scales and the Euclidean distance formula. By utilizing this algorithm, the study measures the distance between users' security practices and the organization's optimal security policies. To facilitate user evaluation, a simple and intuitive interface for automated assessment is developed. To validate the effectiveness of the proposed framework, design science research methods are employed, and empirical assessments are conducted using five artifacts to analyze user suitability in BYOD environments. By addressing the human factor vulnerabilities through the assessment of cyber hygiene practices, this study aims to enhance the overall security of BYOD environments and enable organizations to leverage the advantages of this evolving trend while mitigating potential risks.

Keywords: security, BYOD, vulnerability, risk, cyber hygiene

Procedia PDF Downloads 39