Search results for: security management

Authors: Yang Yu, Jian Wang, Jiqiang Liu, Lei Han, Xudong He, Shaohua Lv

Abstract:

As the increasing network attacks become more and more complex, network situation assessment based on log analysis cannot meet the requirements to ensure network security because of the low quality of logs and alerts. This paper addresses the lack of consideration of security attributes of hosts and attacks in the network. Identity and effectiveness of Distributed Denial of Service (DDoS) are hard to be proved in risk assessment based on alerts and flow matching. This paper proposes a multi-dimension threat situation assessment method based on network security attributes. First, the paper offers an improved Common Vulnerability Scoring System (CVSS) calculation, which includes confident risk, integrity risk, availability risk and a weighted risk. Second, the paper introduces deterioration rate of properties collected by sensors in hosts and network, which aimed at assessing the time and level of DDoS attacks. Third, the paper introduces distribution of asset value in security attributes considering features of attacks and network, which aimed at assessing and show the whole situation. Experiments demonstrate that the approach reflects effectiveness and level of DDoS attacks, and the result can show the primary threat in network and security requirement of network. Through comparison and analysis, the method reflects more in security requirement and security risk situation than traditional methods based on alert and flow analyzing.

Keywords: DDoS evaluation, improved CVSS, network security attribute, threat situation assessment

Procedia PDF Downloads 180

Authors: R. Chinnaiyaprabhu, S. Bharanidharan, V. Dharsana, Rajalavanya

Abstract:

The concept of the Metaverse represents a potential evolution in the realm of cyberspace. In the early stages of Web 2.0, we observed a proliferation of online pseudonyms or 'nyms,' which increased the prevalence of fake accounts and made it challenging to establish unique online identities for various roles. However, in the era of Web 3.0, particularly in the context of the Metaverse, an individual's digital identity is intrinsically linked to their real-world identity. Consequently, actions taken in the Metaverse can carry significant consequences in the physical world. In light of these considerations, we propose the development of an innovative authentication system known as 'Metasec.' This system is designed to enhance security for digital assets, online identities, avatars, and user accounts within the Metaverse. Notably, Metasec operates as a password less authentication solution, relying on a multifaceted approach to security, encompassing device attestation, facial recognition, and pattern-based security keys.

Keywords: metaverse, multifactor authentication, security, facial recognition, patten password

Procedia PDF Downloads 33

Authors: Constantinos Adamides, Petros Petrikkos

Abstract:

In the era of growing hybrid threats, small states find themselves in need to re-evaluate existing foreign and defense policies. The pressure to establishing or maintain a status of a reliable partner in the community in which they belong to, vis-à-vis their multilateral relations with other organisations and entities, small states may need to shift their policies in the field to accommodate security needs that are not only pertinent to their security, but also to that of the organisations (bloc) in which they interact. Unlike potential shortcomings in a small state’s mainstream security and defence framework where the threat would be limited to the state itself, in more contemporary times with dominating hybrid threats, the small states’ security shortcomings may also become a security problem for the bloc in which these states belong to. An indicative example is small states like Cyprus and Malta, which belong and 'interact' in the European Union. As a result, the nature of hybrid threats can be utilised to hurt bigger states in a bloc by exploiting the small states’ vulnerabilities and security gaps. Inevitably, both the defensive and foreign policy collaborations of small states with bigger states have been and are constantly re-evaluated to tackle and prevent such problems. In essence, the goal of this ‘re-evaluation’ aims to achieve a twofold goal: The first is the small states’ quest to appear as a reliable partner within the bloc, while the second is to avoid being the weakest security link in the bloc’s defence against hybrid threats. Indeed, the hybrid arena is a security area where they can excel in the bloc, despite the potential and expected conventional military deficiencies. This new environment prompts us to think security from the perspective of small states differently and in relation to their role as members or big organisations. The paper focuses on the case of Cyprus following its accession to the European Union and examines how a country that has had a very focused security orientation –not least due to its ongoing security problems– altered its foreign and defence policies within the European Union to ensure compliance with the rest of the bloc, while at the same time maximizing its role as a security player. Specifically, it examines the methods through which the country shifted its policies as well as the challenges and opportunities that emerged from these security shifts.

Keywords: Cyprus, defence, foreign policy, hybrid threats, ontological security, small states

Procedia PDF Downloads 107

Authors: Ajish Sreedharan

Abstract:

Security in transmission and storage of digital images has its importance in today’s image communications and confidential video conferencing. Due to the increasing use of images in industrial process, it is essential to protect the confidential image data from unauthorized access. Advanced Encryption Standard (AES) is a well known block cipher that has several advantages in data encryption. However, it is not suitable for real-time applications. This paper presents modifications to the Advanced Encryption Standard to reflect a high level security and better image encryption. The modifications are done by adjusting the ShiftRow Transformation and using On Dynamic chaotic S-BOX. In AES the Substitute bytes, Shift row and Mix columns by themselves would provide no security because they do not use the key. In Dynamic chaotic S-BOX Based AES the Substitute bytes provide security because the S-Box is constructed from the key. Experimental results verify and prove that the proposed modification to image cryptosystem is highly secure from the cryptographic viewpoint. The results also prove that with a comparison to original AES encryption algorithm the modified algorithm gives better encryption results in terms of security against statistical attacks.

Keywords: advanced encryption standard (AES), on dynamic chaotic S-BOX, image encryption, security analysis, ShiftRow transformation

Procedia PDF Downloads 401

Authors: Kaltume Kabir Sharrif

Abstract:

Teacher education is the bedrock of educational growth and development of any nation. With development in education all human problems can be overcome. Educational Psychology, on the other hand, is in a strategic position for any programme in teacher education to be successful hence other aspects of societal issues. In other words, no teacher education can be of any help in ensuring transformation and security without adequate study in Educational Psychology. Without adequate knowledge and skills in Educational Psychology the teacher may not function effectively in the course of discharging his duty. It is in view of this, that the paper discusses some aspects of Educational Psychology that are of paramount importance in teacher education for sustainable transformation and security of Nigeria. Some recommendations were offered on the role educational psychology play in resolving security challenges facing the country. These include enriching educational psychology with topics from forensic psychology that will provide the teacher the skills of fighting crime in the school, Behavioural Science Unit should be established in each school to monitor the behavior of students, among others.

Keywords: transformation, security challenges, teacher education, educational psychology

Procedia PDF Downloads 467

Authors: Imen Aouini, Lamia Ben Azzouz

Abstract:

The energy need is growing rapidly due to the population growth and the large new usage of power. Several works put considerable efforts to make the electricity grid more intelligent to reduce essentially energy consumption and provide efficiency and reliability of power systems. The Smart Grid is a complex architecture that covers critical devices and systems vulnerable to significant attacks. Hence, security is a crucial factor for the success and the wide deployment of Smart Grids. In this paper, we present security issues of the Smart Grid architecture and we highlight open issues that will make the Smart Grid security a challenging research area in the future.

Keywords: smart grids, smart meters, home area network, neighbor area network

Procedia PDF Downloads 392

Authors: Cavidan Yakupoglu, Kurt Rohloff

Abstract:

In this study, we aim to provide a novel parameter selection model for the BFVrns scheme, which is one of the prominent FHE schemes. Parameter selection in lattice-based FHE schemes is a practical challenges for experts or non-experts. Towards a solution to this problem, we introduce a hybrid principles-based approach that combines theoretical with experimental analyses. To begin, we use regression analysis to examine the parameters on the performance and security. The fact that the FHE parameters induce different behaviors on performance, security and Ciphertext Expansion Factor (CEF) that makes the process of parameter selection more challenging. To address this issue, We use a multi-objective optimization algorithm to select the optimum parameter set for performance, CEF and security at the same time. As a result of this optimization, we get an improved parameter set for better performance at a given security level by ensuring correctness and security against lattice attacks by providing at least 128-bit security. Our result enables average ~ 5x smaller CEF and mostly better performance in comparison to the parameter sets given in [1]. This approach can be considered a semiautomated parameter selection. These studies are conducted using the PALISADE homomorphic encryption library, which is a well-known HE library. The abstract goes here.

Keywords: lattice cryptography, fully homomorphic encryption, parameter selection, LWE, RLWE

Procedia PDF Downloads 116

Authors: Amina Umulisa

Abstract:

Background: Despite efforts to enhance profitability and project planning, Rwanda has experienced a decline in project success rates, notably in housing projects managed by the Rwanda Social Security Board (RSSB). This study aims to assess the impact of investment strategies and project planning practices on the performance of pension funds projects in Rwanda, focusing on housing projects by RSSB. Methods: Using descriptive and correlational research designs, this study surveyed 109 randomly selected respondents from a pool of 148 workers. Data analysis was conducted using descriptive and inferential statistics in STATA version 18. Results: Findings revealed that 54% of respondents acknowledged the importance of personnel generation. Additionally, 61% agreed with the effectiveness of training programs, and 79% supported the cost of human resource utilization. In terms of project management practices, 65.7% could determine when a project needed adjustments, 65.7% agreed with the approved budget, and 73% supported forecasted expenses. Furthermore, 68% agreed with order placement, 76.0% with using the right materials, and 64.4% with defining project scope. The study found significant associations between order placement and project quality outcomes (r=0.711, P-value <0.001), as well as with time management (Pearson was 0.701 and sing was 0.00) and cost management (r=0.885, P-value <0.001). Moreover, project time targets were found to significantly affect quality management (Pearson was 0.798, sing was 0.000), time management, and cost management (r=0.740, P-value <0.001). Conclusion: The findings highlight the positive association between the project implementation stage and quality management, indicating effective project planning practices among senior staff. However, there is a need to enhance project team collaboration and coordination to improve the performance of constructed houses.

Keywords: project success rates, investment strategies, training programs, cost management

Procedia PDF Downloads 12

Authors: Gholamreza Farrokhi, Behzad Sani

Abstract:

The goals of sustainable agricultural are development, improved nutrition, and food security. Sustainable agriculture must be developed that will meet today’s needs for food and other products, as well as preserving the vital natural resource base that will allow future generations to meet their needs. Sustainable development requires international cooperation and the effective use of technology. Access to sustainable sources of food will remain a preeminent challenge in the decades to come. Based upon current practice and consumption, agricultural production will have to increase by about 70% by 2050 to meet demand. Nuclear techniques are used in developing countries to increase production sustainably by breeding improved crops, enhancing livestock reproduction and nutrition, as well as controlling animal and plant pests and diseases. Post-harvest losses can be reduced and safety increased with nuclear technology. Soil can be evaluated with nuclear techniques to conserve and improve soil productivity and water management.

Keywords: food safety, food security, nuclear techniques, sustainable agriculture, sustainable future

Procedia PDF Downloads 325

Authors: Jakub Kraus, Vladimír Plos, Peter Vittek

Abstract:

This article focuses on the issue of airport emergency plans, which are documents describing reactions to events with impact on aviation safety or aviation security. The article specifically focuses on the use and creation of emergency plans, where could be found a number of disagreements between different stakeholders, for which the airport emergency plan applies. Those are the friction surfaces of interfaces, which is necessary to identify and ensure them smooth process to avoid dangerous situations or delay.

Keywords: airport emergency plan, aviation safety, aviation security, comprehensive management system, friction surfaces of airport emergency plan, interfaces of processes

Procedia PDF Downloads 487

Authors: Abdellahi Cheikh

Abstract:

With the emergence of quantum computers with very powerful capabilities, the security of the exchange of shared keys between two interlocutors poses a big problem in terms of the rapid development of technologies such as computing power and computing speed. Therefore, the Diffie-Hellmann (DH) algorithm is more vulnerable than ever. No mechanism guarantees the security of the key exchange, so if an intermediary manages to intercept it, it is easy to intercept. In this regard, several studies have been conducted to improve the security of key exchange between two interlocutors, which has led to interesting results. The modification made on our model Diffie-Hellman-RSA-AES (DRA), which encrypts the information exchanged between two users using the three-encryption algorithms DH, RSA and AES, by using stenographic photos to hide the contents of the p, g and ClesAES values that are sent in an unencrypted state at the level of DRA model to calculate each user's public key. This work includes a comparative study between the DRA model and all existing solutions, as well as the modification made to this model, with an emphasis on the aspect of reliability in terms of security. This study presents a simulation to demonstrate the effectiveness of the modification made to the DRA model. The obtained results show that our model has a security advantage over the existing solution, so we made these changes to reinforce the security of the DRA model.

Keywords: Diffie-Hellmann, DRA, RSA, advanced encryption standard

Procedia PDF Downloads 62

Authors: Ang Chia Hong, Julian Khoo Xubin, Burra Venkata Durga Kumar

Abstract:

Distributed systems offer many benefits to the healthcare industry. From big data analysis to business intelligence, the increased computational power and efficiency from distributed systems serve as an invaluable resource in the healthcare sector to utilize. However, as the usage of these distributed systems increases, many issues arise. The main focus of this paper will be on security issues. Many security issues stem from distributed systems in the healthcare industry, particularly information security. The data of people is especially sensitive in the healthcare industry. If important information gets leaked (Eg. IC, credit card number, address, etc.), a person’s identity, financial status, and safety might get compromised. This results in the responsible organization losing a lot of money in compensating these people and even more resources expended trying to fix the fault. Therefore, a framework for a blockchain-based healthcare data management system for healthcare was proposed. In this framework, the usage of a blockchain network is explored to store the encryption key of the patient’s data. As for the actual data, it is encrypted and its encrypted data, called ciphertext, is stored in a cloud storage platform. Furthermore, there are some issues that have to be emphasized and tackled for future improvements, such as a multi-user scheme that could be proposed, authentication issues that have to be tackled or migrating the backend processes into the blockchain network. Due to the nature of blockchain technology, the data will be tamper-proof, and its read-only function can only be accessed by authorized users such as doctors and nurses. This guarantees the confidentiality and immutability of the patient’s data.

Keywords: distributed, healthcare, efficiency, security, blockchain, confidentiality and immutability

Procedia PDF Downloads 152

Authors: Dalia Elsheakh, Hala Elsadek

Abstract:

The objective of this paper is to propose a competitive microwave security system that can be applied with reasonable price at museums in Egypt, considering the priceless elements in 23 Egyptian museums countrywide and the lack of good recent security systems even in big ones. The system main goal is to detect valuable targets to ensure their presence in the pre-defined positions in order to protect them from being stolen. The system is based on real time microwave scanning for the required space volume through transmitting RF waves at consecutive angles and detecting the back scattered waves from required objects to detect their existence at pre-specified locations.

Keywords: microwave security system, object locating system, real time locating system (RTLS), antenna array, array electronic scanning

Procedia PDF Downloads 315

Authors: Benn Van Den Ende

Abstract:

Over the last three decades, there has been an exponential increase in developments in implantable technologies such as the cardiac pacemaker, bionic prosthesis, and implantable chips. The effect of these technologies has been well researched in many areas. However, there is a lack of critical research in security studies. This paper will provide preliminary findings to an ongoing research project which aims to examine how implantable technologies effect the practices of governmentality in the context of security. It will do this by looking at the practices and techniques of governmentality along with different implantable technologies which increase, change or otherwise affect governmental practices. The preliminary research demonstrates that implantable technologies have a profound effect on the practices of governmentality, while also paving the way for further research into a potential ‘new’ form of governmentality in relation to these implantable technologies.

Keywords: critical security studies, governmentality, security theory, political theory, Foucault

Procedia PDF Downloads 157

Authors: Nazli W. Hardy

Abstract:

A critical component in the Internet of Things (IoT) ecosystem is the need for secure and appropriate transmission, processing, and storage of the data. Our current forms of authentication, and identity and access management do not suffice because they are not designed to service cohesive, integrated, interconnected devices, and service applications. The seemingly endless opportunities of IoT are in fact circumscribed on multiple levels by concerns such as trust, privacy, security, loss of control, and related issues. This paper considers multi-factor authentication (MFA) mechanisms and cohesive identity relationship management (IRM) standards. It also surveys messaging protocols that are appropriate for the IoT ecosystem.

Keywords: identity relation management, multifactor authentication, protocols, survey of internet of things ecosystem

Procedia PDF Downloads 324

Authors: Itiola Kehinde Adeniran

Abstract:

This paper investigated the influence of harnessing entrepreneurial opportunities on the national security in Nigeria with a specific focus on the security situation of the post-amnesty programmes of the Federal Government in Ondo State. The self-administered structured questionnaire was employed to collect data from one hundred and twenty participants through purposive sampling method. Inferential statistics was used to analyze the data, specifically; ordinary least squares linear regression method was employed with the aid of statistical package for social science (SPSS) version 20 in order to determine the influence of independent variable (entrepreneurial opportunities) on dependent variable (national security). The result showed that business opportunities have a significant influence on the rate of criminal activities. The study also revealed that entrepreneurial opportunity creation and discovery as well as providing a model on how these entrepreneurial opportunities could be effectively and efficiently utilized jointly predict better national security, which counted for 69% variance of crime rate reduction. The paper, therefore, recommended that citizens should be encouraged to develop an interest in the skill-based activities in order to change their mindset towards self-employment which can motivate them in identify entrepreneurial opportunities.

Keywords: entrepreneurship, entrepreneurial opportunities, national security, unemployment

Procedia PDF Downloads 298

Authors: Stephen Wheat

Abstract:

Institutional mobile application governance and distribution processes are essential to mobile app innovation. The absence of effective processes poses a significant barrier to the development and adoption of mobile apps for use within a research enterprise and also impedes the translational science of applying research apps in clinical and engineering settings. To accelerate mobile app innovation and adoption, Emory University and Emory Healthcare implemented a three-pronged strategy including. I) Mobile app review and distribution policies and processes. II) Mobile app management infrastructure and mobile app foundation components. III) A strategic sourcing strategy based on preferred mobile app development firms. The results have been an increase from five to 56 mobile apps in the pipeline over three years; increased engagement from technology transfer, legal counsel, compliance, and information security; articulation of a coordinated mobile app strategy; and allocation of more institutional resources toward specific mobile technology and mobile application goals.

Keywords: mobile app management, governance, distribution, information security

Procedia PDF Downloads 264

Authors: Emmanuel Mugiraneza

Abstract:

Rwanda uses defence diplomacy to pursue international collective security through different mechanisms. This paper shows that with an intent of promoting international collective security, Rwanda has constituted its defense diplomacy policy in three standpoints. First, Rwanda has formed strategic cooperation alliances with state actors, regional and international Organizations that enables her to participate in and promote international collective peace, security and cooperation. Secondary, Rwanda uses defence diplomacy to foster cooperation in to pre-empt, minimize and neutralize potential triggers that would lead to the outbreak of international conflict. Thirdly, Rwanda implements defence diplomacy policy strategy through internationally recognized operational and tactical standards while dispelling hostilities, assisting the friendly nation’s forces and or building and maintaining public confidence and trust in the areas where Rwanda Defence Force deploys for peacekeeping missions in Sudan, South Sudan, Central African Republic and Mozambique for a counterterrorism mission.

Keywords: defence diplomacy, collective security, Rwanda, Peacekeeping

Procedia PDF Downloads 86

Authors: Rebecca Zahra, Joseph G. Vella, Ernest Cachia

Abstract:

The notion of cloud computing is rapidly gaining ground in the IT industry and is appealing mostly due to making computing more adaptable and expedient whilst diminishing the total cost of ownership. This paper focuses on the software as a service (SaaS) architecture of cloud computing which is used for the outsourcing of databases with their associated business processes. One approach for offering SaaS is basing the system’s architecture on multi-tenancy. Multi-tenancy allows multiple tenants (users) to make use of the same single application instance. Their requests and configurations might then differ according to specific requirements met through tenant customisation through the software. Despite the known advantages, companies still feel uneasy to opt for the multi-tenancy with data security being a principle concern. The fact that multiple tenants, possibly competitors, would have their data located on the same server process and share the same database tables heighten the fear of unauthorised access. Security is a vital aspect which needs to be considered by application developers, database administrators, data owners and end users. This is further complicated in cloud-based multi-tenant system where boundaries must be established between tenants and additional access control models must be in place to prevent unauthorised cross-tenant access to data. Moreover, when altering the database state, the transactions need to strictly adhere to the tenant’s known business processes. This paper focuses on the fact that security in cloud databases should not be considered as an isolated issue. Rather it should be included in the initial phases of the database design and monitored continuously throughout the whole development process. This paper aims to identify a number of the most common security risks and threats specifically in the area of multi-tenant cloud systems. Issues and bottlenecks relating to security risks in cloud databases are surveyed. Some techniques which might be utilised to overcome them are then listed and evaluated. After a description and evaluation of the main security threats, this paper produces a list of software requirements to ensure that proper security policies are implemented by a software development team when designing and implementing a multi-tenant based SaaS. This would then assist the cloud service providers to define, implement, and manage security policies as per tenant customisation requirements whilst assuring security for the customers’ data.

Keywords: cloud computing, data management, multi-tenancy, requirements, security

Procedia PDF Downloads 124

Authors: Katie Wood

Abstract:

Cyber criminals are constantly on the lookout for new opportunities to exploit organisation and cause destruction. This could lead to significant cause of economic loss for organisations in the form of destruction in finances, reputation and even the overall survival of the organization. Additionally, this leads to serious consequences on national security. The threat of possible cyber attacks places further pressure on organisations to ensure they are secure, at a time where international scale cyber attacks have occurred in a range of sectors. Stakeholders are wanting confidence that their data is protected. This is only achievable if a business fosters a resilient supply chain strategy which is implemented throughout its supply chain by having a strong cyber leadership culture. This paper will discuss the essential role and need for organisations to adopt a cyber leadership culture and direction to learn about own internal processes to ensure mitigating systemic vulnerability of its supply chains. This paper outlines that to protect national security there is an urgent need for cyber awareness culture change. This is required in all organisations, regardless of their sector or size, to implementation throughout the whole supplier chain to support and protect economic prosperity to make the UK more resilient to cyber-attacks. Through businesses understanding the supply chain and risk management cycle of their own operates has to be the starting point to ensure effective cyber migration strategies.

Keywords: cyber leadership, cyber migration strategies, resilient supply chain strategy, cybersecurity

Procedia PDF Downloads 202

Authors: Omid Amini

Abstract:

Nowadays, technology plays the most important role in the life of human beings because people use technology to share data and to communicate with each other, but the challenge is the security of this data. For instance, as more people turn to technology in the world, more data is generated, and more hackers try to steal or infiltrate data. In addition, the data is under the control of the central authority, which can trigger the challenge of losing information and changing information; this can create widespread anxiety for different people in different communities. In this paper, we sought to investigate Blockchain technology that can guarantee information security and eliminate the challenge of central authority access to information. Now a day, people are suffering from the current voting system. This means that the lack of transparency in the voting system is a big problem for society and the government in most countries, but blockchain technology can be the best alternative to the previous voting system methods because it removes the most important challenge for voting. According to the results, this research can be a good start to getting acquainted with this new technology, especially on the security part and familiarity with how to use a voting system based on blockchain in the world. At the end of this research, it is concluded that the use of blockchain technology can solve the major security problem and lead to a secure and transparent election.

Keywords: blockchain, technology, security, information, voting system, transparency

Procedia PDF Downloads 90

Authors: Radmila Hajkova, Jiri Palecek, Hana Malachova, Alena Oulehlova

Abstract:

Ensuring of continuity of business is the basic strategy of every company. Continuity of organization activities includes comprehensive procedures that help in solving unexpected situations of natural and anthropogenic character (for example flood, blaze, economic situations). Planning of continuity operations is a process that helps identify critical processes and implement plans for the security and recovery of key processes. The aim of this article demonstrates application of system approach to managing business continuity called business continuity management systems in military issues. This article describes the life cycle of business continuity management which is based on the established cycle PDCA (plan-do-check-act). After this is carried out by activities which are making by the University of Defence during activation of forces and means of the Integrated rescue system in case of emergencies - accidents at a nuclear power plant in Czech republic. Activities of various stages of deployment earmarked forces and resources are managed and evaluated by using MCMS application (military continuity management system).

Keywords: business continuity management system, emergency management, military, nuclear safety

Procedia PDF Downloads 426

Authors: Olumide A. Fafore, Khondlo Mtshali

Abstract:

The beginning of the 21st century saw the emergence of new and global threats to national and transnational security in West Africa and the Asia Pacific regions as a result of the spread of jihadist terrorism across borders, a manifestation of the rise of radical Islam. Extremist and armed Islamic movements influenced by Salafism, the Jihad in Afghanistan and the Muslim Brotherhood are prevalent in Northern Nigeria, Niger, Cameroon, Mali, Chad, Pakistan, Afghanistan, and India. Carrying out attacks across borders, including assassinations, murders, armed robberies, and kidnapping, assisted by open and porous borders and large flow of illegal immigrants across borders. This paper examines the effect of Radical Islam on Transnational security through a review of past literature and the social and security consequences on the people of the regions. Our findings indicate that the activities of armed Islamic movements such as Boko Haram, Ansaru and Al-Qaeda are having a negative impact on the economy, development, and security of the states and people of West Africa and the Asia Pacific. It stresses the importance of regional, transnational and international cooperation, as these threats to national and transnational security can no longer be solved in a national or regional framework.

Keywords: Islamic movements, jihadist terrorism, radical Islam, transnational security

Procedia PDF Downloads 129

Authors: S. A. Salau, I. F. Ayanda, I. Afe, M. O. Adesina, N. B. Nofiu

Abstract:

Food insecurity is still a critical challenge among rural and urban households in Nigeria. The country’s food insecurity situation became more pronounced due to frequent conflict between pastoralist and crop farmers. Thus, this study assesses pastoralist-crop farmers’ conflict and food security of farming households in Kwara state, Nigeria. The specific objectives are to measure the food security status of the respondents, quantify pastoralist- crop farmers’ conflict, determine the effect of pastoralist- crop farmers conflict on food security and describe the effective coping strategies adopted by the respondents to reduce the effect of food insecurity. A combination of purposive and simple random sampling techniques will be used to select 250 farming households for the study. The analytical tools include descriptive statistics, Likert-scale, logistic regression, and food security index. Using the food security index approach, the percentage of households that were food secure and insecure will be known. Pastoralist- crop farmers’ conflict will be measured empirically by quantifying loses due to the conflict. The logistic regression will indicate if pastoralist- crop farmers’ conflict is a critical determinant of food security among farming households in the study area. The coping strategies employed by the respondents in cushioning the effects of food insecurity will also be revealed. Empirical studies on the effect of pastoralist- crop farmers’ conflict on food security are rare in the literature. This study will quantify conflict and reveal the direction as well as the extent of the relationship between conflict and food security. It could contribute to the identification and formulation of strategies for the minimization of conflict among pastoralist and crop farmers in an attempt to reduce food insecurity. Moreover, this study could serve as valuable reference material for future researches and open up new areas for further researches.

Keywords: agriculture, conflict, coping strategies, food security, logistic regression

Procedia PDF Downloads 144

Authors: Jiri F. Urbanek, Jiri Barta, Oldrich Svoboda, Jiri J. Urbanek

Abstract:

The organizations of European and Czech critical infrastructure have specific position, mission, characteristics and behaviour in European Union and Czech state/ business environments, regarding specific requirements for regional and global security environments. They must respect policy of national security and global rules, requirements and standards in all their inherent and outer processes of supply-customer chains and networks. A controlling is generalized capability to have control over situational policy. This paper aims and purposes are to introduce the controlling as quite new necessary process attribute providing for critical infrastructure is environment the capability and profit to achieve its commitment regarding to the effectiveness of the quality management system in meeting customer/ user requirements and also the continual improvement of critical infrastructure organization’s processes overall performance and efficiency, as well as its societal security via continual planning improvement via DYVELOP modelling.

Keywords: added value, DYVELOP, controlling, environments, process approach

Procedia PDF Downloads 383

Authors: Ku Aina Afiqah Ku Adzman, Manmeet Mahinderjit Singh, Zarul Fitri Zaaba

Abstract:

NFC operates on low-range 13.56 MHz frequency within a distance from 4cm to 10cm, and the applications can be categorized as touch and go, touch and confirm, touch and connect, and touch and explore. NFC applications are vulnerable to various security and privacy attacks such due to its physical nature; unprotected data stored in NFC tag and insecure communication between its applications. This paper aims to determine the likelihood of security risks happening in an NFC technology and application. We present an NFC technology taxonomy covering NFC standards, types of application and various security and privacy attack. Based on observations and the survey presented to evaluate the risk assessment within the touch and go application demonstrates two security attacks that are high risks namely data corruption and DOS attacks. After the risks are determined, risk countermeasures by using AHP is adopted. The guideline and solutions to these two high risks, attacks are later applied to a secure NFC-enabled Smartphone Attendance System.

Keywords: Near Field Communication (NFC), risk assessment, multi-criteria decision making, Analytical Hierarchy Process (AHP)

Procedia PDF Downloads 271

Authors: Haydar Teymourlouei

Abstract:

It is important to take security measures to protect your computer information, reduce identify theft, and prevent from malicious cyber-attacks. With cyber-attacks on the continuous rise, people need to understand and learn ways to prevent from these attacks. Cyber-attack is an important factor to be considered if one is to be able to protect oneself from malicious attacks. Without proper security measures, most computer technology would hinder home users more than such technologies would help. Knowledge of how cyber-attacks operate and protective steps that can be taken to reduce chances of its occurrence are key to increasing these security measures. The purpose of this paper is to inform home users on the importance of identifying and taking preventive steps to avoid cyberattacks. Throughout this paper, many aspects of cyber-attacks will be discuss: what a cyber-attack is, the affects of cyber-attack for home users, different types of cyber-attacks, methodology to prevent such attacks; home users can take to fortify security of their computer.

Keywords: cyber-attacks, home user, prevention, security, technology

Procedia PDF Downloads 362

Authors: Amal Hussain Alkhaiwani, Ghadah Abdullah Almalki

Abstract:

Recently human errors have increasingly become a very high factor in security breaches that may affect confidential data, and most of the cyber data breaches are caused by human errors. With one individual mistake, the attacker will gain access to the entire network and bypass the implemented access controls without any immediate detection. Unaware employees will be vulnerable to any social engineering cyber-attacks. Providing security awareness to People is part of the company protection process; the cyber risks cannot be reduced by just implementing technology; the human awareness of security will significantly reduce the risks, which encourage changes in staff cyber-awareness. In this paper, we will focus on Human Awareness, human needs to continue the required security education level; we will review human errors and introduce a proposed solution to avoid the breach from occurring again. Recently Saudi Arabia faced many attacks with different methods of social engineering. As Saudi Arabia has become a target to many countries and individuals, we needed to initiate a defense mechanism that begins with awareness to keep our privacy and protect the confidential data against possible intended attacks.

Keywords: cybersecurity, human aspects, human errors, human mistakes, security awareness, Saudi Arabia, security program, security education, social engineering

Procedia PDF Downloads 121

Authors: Dengpan Wu, Dan Liu

Abstract:

In view of the present cloud security problem has increasingly become one of the major obstacles hindering the development of the cloud computing, put forward a kind of memory based on Xen cloud environment security isolation technology implementation. And based on Xen virtual machine monitor system, analysis of the model of memory virtualization is implemented, using Xen memory virtualization system mechanism of super calls and grant table, based on the virtual machine manager internal implementation of access control module (ACM) to design the security isolation system memory. Experiments show that, the system can effectively isolate different customer domain OS between illegal access to memory data.

Keywords: cloud security, memory isolation, xen, virtual machine

Procedia PDF Downloads 361

Authors: Anna Fowler

Abstract:

When considering assets that may need protection, the mind begins to contemplate homes, cars, and investment funds. In most cases, the protection of those assets can be covered through security systems and insurance. Data is not the first thought that comes to mind that would need protection, even though data is at the core of most supply chain operations. It includes trade secrets, management of personal identifiable information (PII), and consumer data that can be used to enhance the overall experience. Data is considered a critical element of success for supply chains and should be one of the most critical areas to protect. In the supply chain industry, there are two major misconceptions about protecting data: (i) We do not manage or store confidential/personally identifiable information (PII). (ii) Reliance on Third-Party vendor security. These misconceptions can significantly derail organizational efforts to adequately protect data across environments. These statistics can be exciting yet overwhelming at the same time. The first misconception, “We do not manage or store confidential/personally identifiable information (PII)” is dangerous as it implies the organization does not have proper data literacy. Enterprise employees will zero in on the aspect of PII while neglecting trade secret theft and the complete breakdown of information sharing. To circumvent the first bullet point, the second bullet point forges an ideology that “Reliance on Third-Party vendor security” will absolve the company from security risk. Instead, third-party risk has grown over the last two years and is one of the major causes of data security breaches. It is important to understand that a holistic approach should be considered when protecting data which should not involve purchasing a Data Loss Prevention (DLP) tool. A tool is not a solution. To protect supply chain data, start by providing data literacy training to all employees and negotiating the security component of contracts with vendors to highlight data literacy training for individuals/teams that may access company data. It is also important to understand the origin of the data and its movement to include risk identification. Ensure processes effectively incorporate data security principles. Evaluate and select DLP solutions to address specific concerns/use cases in conjunction with data visibility. These approaches are part of a broader solutions framework called Data Security Assurance (DSA). The DSA Framework looks at all of the processes across the supply chain, including their corresponding architecture and workflows, employee data literacy, governance and controls, integration between third and fourth-party vendors, DLP as a solution concept, and policies related to data residency. Within cloud environments, this framework is crucial for the supply chain industry to avoid regulatory implications and third/fourth party risk.

Keywords: security by design, data security architecture, cybersecurity framework, data security assurance

Procedia PDF Downloads 58