Search results for: security model
18342 A Comprehensive Framework to Ensure Data Security in Cloud Computing: Analysis, Solutions, and Approaches
Authors: Loh Fu Quan, Fong Zi Heng, Burra Venkata Durga Kumar
Abstract:
Cloud computing has completely transformed the way many businesses operate. Traditionally, confidential data of a business is stored in computers located within the premise of the business. Therefore, a lot of business capital is put towards maintaining computing resources and hiring IT teams to manage them. The advent of cloud computing changes everything. Instead of purchasing and managing their infrastructure, many businesses have started to shift towards working with the cloud with the help of a cloud service provider (CSP), leading to cost savings. However, it also introduces security risks. This research paper focuses on the security risks that arise during data migration and user authentication in cloud computing. To overcome this problem, this paper provides a comprehensive framework that includes Transport Layer Security (TLS), user authentication, security tokens and multi-level data encryption. This framework aims to prevent authorized access to cloud resources and data leakage, ensuring the confidentiality of sensitive information. This framework can be used by cloud service providers to strengthen the security of their cloud and instil confidence in their users.Keywords: Cloud computing, Cloud security, Cloud security issues, Cloud security framework
Procedia PDF Downloads 7418341 Implications of Private Military Security Companies on Stewardship of the Profession of Arms
Authors: Kevin Krupski
Abstract:
Private Military Security Companies have grown to become a major force contributor to nations in military operations. Scholars have debated the implications of this in relation to control and efficiency related to the privatization of violence, but there has been little discussion on how these companies affect the profession of arms. Specifically, this paper seeks to address how the privatization of violence influences the military’s stewardship, whether private military security companies are capable of stewardship of the military profession, and whether there are aspects of stewardship of the military profession that private military security companies are capable of emulating. This paper reviews literature on stewardship, the relationship of the military to the state, and private military security companies in order to identify overlap between uniformed military services and the private sector. Then, it offers a typology for determining under what conditions an organization would act as a steward. Ultimately, there are insufficient reasons for private military security companies to act as stewards of the profession of arms.Keywords: stewardship, military profession, civil-military, security
Procedia PDF Downloads 22118340 Culture Dimensions of Information Systems Security in Saudi Arabia National Health Services
Authors: Saleh Alumaran, Giampaolo Bella, Feng Chen
Abstract:
The study of organisations’ information security cultures has attracted scholars as well as healthcare services industry to research the topic and find appropriate tools and approaches to develop a positive culture. The vast majority of studies in Saudi national health services are on the use of technology to protect and secure health services information. On the other hand, there is a lack of research on the role and impact of an organisation’s cultural dimensions on information security. This research investigated and analysed the role and impact of cultural dimensions on information security in Saudi Arabia health service. Hypotheses were tested and two surveys were carried out in order to collect data and information from three major hospitals in Saudi Arabia (SA). The first survey identified the main cultural-dimension problems in SA health services and developed an initial information security culture framework model. The second survey evaluated and tested the developed framework model to test its usefulness, reliability and applicability. The model is based on human behaviour theory, where the individual’s attitude is the key element of the individual’s intention to behave as well as of his or her actual behaviour. The research identified six cultural dimensions: Saudi national culture, Saudi health service leadership, employees’ trust, technology, multicultural interactions and employees’ job roles. The research also identified a set of cultural sub-dimensions. These include working values and norms, tribe values and norms, attitudes towards women, power sharing, vision, social interaction, respect and understanding, hospital intra-net, hospital employees’ language(s) used, multi-national culture, communication system, employees’ job satisfaction and job security. The research identified that (a) the human behaviour towards medical information in SA is one of the main threats to information security and one of the main challenges to SA health authority, (b) The current situation of SA hospitals’ IS cultures is falling short in protecting medical information due to the current value and norms towards information security, (c) Saudi national culture and employees’ job role are the main dimensions playing major roles in the employees’ attitude, and technology is the least important dimension playing a role in the employees’ attitudes.Keywords: cultural dimension, electronic health record, information security, privacy
Procedia PDF Downloads 32918339 Application of Directed Acyclic Graphs for Threat Identification Based on Ontologies
Authors: Arun Prabhakar
Abstract:
Threat modeling is an important activity carried out in the initial stages of the development lifecycle that helps in building proactive security measures in the product. Though there are many techniques and tools available today, one of the common challenges with the traditional methods is the lack of a systematic approach in identifying security threats. The proposed solution describes an organized model by defining ontologies that help in building patterns to enumerate threats. The concepts of graph theory are applied to build the pattern for discovering threats for any given scenario. This graph-based solution also brings in other benefits, making it a customizable and scalable model.Keywords: directed acyclic graph, ontology, patterns, threat identification, threat modeling
Procedia PDF Downloads 11118338 An Effective Route to Control of the Safety of Accessing and Storing Data in the Cloud-Based Data Base
Authors: Omid Khodabakhshi, Amir Rozdel
Abstract:
The subject of cloud computing security research has allocated a number of challenges and competitions because the data center is comprised of complex private information and are always faced various risks of information disclosure by hacker attacks or internal enemies. Accordingly, the security of virtual machines in the cloud computing infrastructure layer is very important. So far, there are many software solutions to develop security in virtual machines. But using software alone is not enough to solve security problems. The purpose of this article is to examine the challenges and security requirements for accessing and storing data in an insecure cloud environment. In other words, in this article, a structure is proposed for the implementation of highly isolated security-sensitive codes using secure computing hardware in virtual environments. It also allows remote code validation with inputs and outputs. We provide these security features even in situations where the BIOS, the operating system, and even the super-supervisor are infected. To achieve these goals, we will use the hardware support provided by the new Intel and AMD processors, as well as the TPM security chip. In conclusion, the use of these technologies ultimately creates a root of dynamic trust and reduces TCB to security-sensitive codes.Keywords: code, cloud computing, security, virtual machines
Procedia PDF Downloads 16318337 Understanding the Effect of Fall Armyworm and Integrated Pest Management Practices on the Farm Productivity and Food Security in Malawi
Authors: Innocent Pangapanga, Eric Mungatana
Abstract:
Fall armyworm (FAW) (Spodoptera frugiperda), an invasive lepidopteran pest, has caused substantial yield loss since its first detection in September 2016, thereby threatening the farm productivity food security and poverty reduction initiatives in Malawi. Several stakeholders, including households, have adopted chemical pesticides to control FAW without accounting for its costs on welfare, health and the environment. Thus, this study has used panel data endogenous switching regression model to investigate the impact of FAW and the integrated pest management (IPM) –related practices on-farm productivity and food security. The study finds that FAW substantively reduces farm productivity by seven (7) percent and influences the adoption of IPM –related practices, namely, intercropping, mulching, and agroforestry, by 6 percent, ceteris paribus. Interestingly, multiple adoptions of the IPM -related practices noticeably increase farm productivity by 21 percent. After accounting for potential endogeneity through the endogenous switching regression model, the IPM practices further demonstrate tenfold more improvement on food security, implying the role of the IPM –related practices in containing the effect of FAW at the household level.Keywords: hunger, invasive fall army worms, integrated pest management practices, farm productivity, endogenous switching regression
Procedia PDF Downloads 10718336 A Survey on the Blockchain Smart Contract System: Security Strengths and Weaknesses
Authors: Malaw Ndiaye, Karim Konate
Abstract:
Smart contracts are computer protocols that facilitate, verify, and execute the negotiation or execution of a contract, or that render a contractual term unnecessary. Blockchain and smart contracts can be used to facilitate almost any financial transaction. Thanks to these smart contracts, the settlement of dividends and coupons could be automated. Smart contracts have become lucrative and profitable targets for attackers because they can hold a great amount of money. Smart contracts, although widely used in blockchain technology, are far from perfect due to security concerns. Since there are recent studies on smart contract security, none of them systematically study the strengths and weaknesses of smart contract security. Some have focused on an analysis of program-related vulnerabilities by providing a taxonomy of vulnerabilities. Other studies are responsible for listing the series of attacks linked to smart contracts. Although a series of attacks are listed, there is a lack of discussions and proposals on improving security. This survey takes stock of smart contract security from a more comprehensive perspective by correlating the level of vulnerability and systematic review of security levels in smart contracts.Keywords: blockchain, Bitcoin, smart contract, criminal smart contract, security
Procedia PDF Downloads 13718335 Smart Security Concept in the East Mediterranean: Anti Asymmetrical Area Denial (A3D)
Authors: Serkan Tezgel
Abstract:
The two qualities of the sea, as a medium of transportation and as a resource, necessitate maritime security for economic stability and good order at sea. The borderless nature of the sea makes it one of the best platforms to contribute to regional peace and international order. For this reason, the establishment of maritime security in East Mediterranean will enhance the security-peace-democracy triangle in the region. This paper proposes the application of the Smart Security Concept in the East Mediterranean. Smart Security aims to secure critical infrastructure, such as hydrocarbon platforms, against asymmetrical threats. The concept is based on Anti Asymmetrical Area Denial (A3D) which necessitates limiting freedom of action of maritime terrorists and piracy by founding safe and secure maritime areas through sea lines of communication using short range capabilities. Smart Security is a regional maritime cooperation concept for the narrow seas. Cooperation and interoperability are essential attributes of this regional security concept. Therefore, multinational excellence centers such as Multinational Maritime Security Center of Excellence-Aksaz in Turkey, which will determine necessary capabilities and plan/coordinate workshops, training and exercises, are bound to be the principal characteristic of Smart Security concept and similar regional concepts. Smart Security, a crucial enabler of energy and regional security, can provide an enduring approach for operating in the challenging environment of narrow seas and for countering asymmetrical threats.Keywords: security, cooperation, asymmetrical, area denial
Procedia PDF Downloads 77918334 Food Security in the Middle East and North Africa
Authors: Sara D. Garduno-Diaz, Philippe Y. Garduno-Diaz
Abstract:
To date, one of the few comprehensive indicators for the measurement of food security is the Global Food Security Index. This index is a dynamic quantitative and qualitative bench marking model, constructed from 28 unique indicators, that measures drivers of food security across both developing and developed countries. Whereas the Global Food Security Index has been calculated across a set of 109 countries, in this paper we aim to present and compare, for the Middle East and North Africa (MENA), 1) the Food Security Index scores achieved and 2) the data available on affordability, availability, and quality of food. The data for this work was taken from the latest (2014) report published by the creators of the GFSI, which in turn used information from national and international statistical sources. According to the 2014 Global Food Security Index, MENA countries rank from place 17/109 (Israel, although with resent political turmoil this is likely to have changed) to place 91/109 (Yemen) with household expenditure spent in food ranging from 15.5% (Israel) to 60% (Egypt). Lower spending on food as a share of household consumption in most countries and better food safety net programs in the MENA have contributed to a notable increase in food affordability. The region has also however experienced a decline in food availability, owing to more limited food supplies and higher volatility of agricultural production. In terms of food quality and safety the MENA has the top ranking country (Israel). The most frequent challenges faced by the countries of the MENA include public expenditure on agricultural research and development as well as volatility of agricultural production. Food security is a complex phenomenon that interacts with many other indicators of a country’s well-being; in the MENA it is slowly but markedly improving.Keywords: diet, food insecurity, global food security index, nutrition, sustainability
Procedia PDF Downloads 32418333 Adding Security Blocks to the DevOps Lifecycle
Authors: Andrew John Zeller, Francis Pouatcha
Abstract:
Working according to the DevOps principle has gained in popularity over the past decade. While its extension DevSecOps started to include elements of cybersecurity, most real-life projects do not focus risk and security until the later phases of a project as teams are often more familiar with engineering and infrastructure services. To help bridge the gap between security and engineering, this paper will take six building blocks of cybersecurity and apply them to the DevOps approach. After giving a brief overview of the stages in the DevOps lifecycle, the main part discusses to what extent six cybersecurity blocks can be utilized in various stages of the lifecycle. The paper concludes with an outlook on how to stay up to date in the dynamic world of cybersecurity.Keywords: information security, data security, cybersecurity, devOps, IT management
Procedia PDF Downloads 7118332 Integration Multi-Layer Security Modeling with Fuzzy Logic in Service-Oriented Architectures
Authors: Zeinab Ranjbar
Abstract:
Service-oriented architecture in the world today, it is proposed to exchange information and services of interest to those such as IT managers, business managers, designers and system builders scene. The basic architecture of the software used to provide service to all users.the worries of all people (managers, business managers, designers, and system builders scene) effectiveness of this model, how reliable it is in security transactions.To increase the reliability of multi-layer fuzzy logic Architectures used.Keywords: SOA, service oriented architecture, fuzzy logic, multi layer, SOA security
Procedia PDF Downloads 34618331 The Effects of Cross-Border Use of Drones in Nigerian National Security
Authors: H. P. Kerry
Abstract:
Drone technology has become a significant discourse in a nation’s national security, while this technology could constitute a danger to national security on the one hand, on the other hand, it is used in developed and developing countries for border security, and in some cases, for protection of security agents and migrants. In the case of Nigeria, drones are used by the military to monitor and tighten security around the borders. However, terrorist groups have devised a means to utilize the technology to their advantage. Therefore, the potential danger in the widespread proliferation of this technology has become a myriad of risks. The research on the effects of cross-border use of drones in Nigerian national security looks at the negative and positive consequences of using drone technology. The study employs the use of interviews and relevant documents to obtain data while the study applied the Just War theory to justify the reason why countries use force; it further buttresses the points with what the realist theory thinks about the use of force. In conclusion, the paper recommends that the Nigerian government through the National Assembly should pass a bill for the establishment of a law that will guide the use of armed and unarmed drones in Nigeria enforced by the Nigeria Civil Aviation Authority and the office of the National Security Adviser.Keywords: armed drones, drones, cross-border, national security
Procedia PDF Downloads 13318330 Standard Resource Parameter Based Trust Model in Cloud Computing
Authors: Shyamlal Kumawat
Abstract:
Cloud computing is shifting the approach IT capital are utilized. Cloud computing dynamically delivers convenient, on-demand access to shared pools of software resources, platform and hardware as a service through internet. The cloud computing model—made promising by sophisticated automation, provisioning and virtualization technologies. Users want the ability to access these services including infrastructure resources, how and when they choose. To accommodate this shift in the consumption model technology has to deal with the security, compatibility and trust issues associated with delivering that convenience to application business owners, developers and users. Absent of these issues, trust has attracted extensive attention in Cloud computing as a solution to enhance the security. This paper proposes a trusted computing technology through Standard Resource parameter Based Trust Model in Cloud Computing to select the appropriate cloud service providers. The direct trust of cloud entities is computed on basis of the interaction evidences in past and sustained on its present performances. Various SLA parameters between consumer and provider are considered in trust computation and compliance process. The simulations are performed using CloudSim framework and experimental results show that the proposed model is effective and extensible.Keywords: cloud, Iaas, Saas, Paas
Procedia PDF Downloads 30918329 Renewable Energy and Energy Security in Malaysia: A Quantitative Analysis
Authors: Endang Jati Mat Sahid, Hussain Ali Bekhet
Abstract:
Robust economic growth, increasing population, and personal consumption are the main drivers for the rapid increase of energy demand in Malaysia. Increasing demand has compounded the issue of national energy security due to over-dependence on fossil fuel, depleting indigenous domestic conventional energy resources which in turns has increased the country’s energy import dependence. In order to improve its energy security, Malaysia has seriously embarked on a renewable energy journey. Many initiatives on renewable energy have been introduced in the past decade. These strategies have resulted in the exploding growth of renewable energy deployment in Malaysia. Therefore, this study investigated the impact of renewable energy deployment on energy security. Secondary data was used to calculate the energy security indicators. The study also compared the results of applying different energy security indicators namely availability, applicability, affordability and acceptability dimension of energy resources. The evaluation shows that Malaysia will experience slight improvement in availability and acceptability dimension of energy security. This study suggests that energy security level could be further enhanced by efficient utilization of energy, reducing carbon content of energy and facilitating low-carbon industries.Keywords: energy policy, energy security, Malaysia, renewable energy
Procedia PDF Downloads 20918328 Double Layer Security Authentication Model for Automatic Dependent Surveillance-Broadcast
Authors: Buse T. Aydin, Enver Ozdemir
Abstract:
An automatic dependent surveillance-broadcast (ADS-B) system has serious security problems. In this study, a double layer authentication scheme between the aircraft and ground station, aircraft to aircraft, ground station to ATC tower is designed to prevent any unauthorized aircrafts from introducing themselves as friends. This method can be used as a solution to the problem of authentication. The method is a combination of classical cryptographic methods and new generation physical layers. The first layer has employed the embedded key of the aircraft. The embedded key is assumed to installed during the construction of the utility. The other layer is a physical attribute (flight path, distance, etc.) between the aircraft and the ATC tower. We create a mathematical model so that two layers’ information is employed and an aircraft is authenticated as a friend or unknown according to the accuracy of the results of the model. The results of the aircraft are compared with the results of the ATC tower and if the values found by the aircraft and ATC tower match within a certain error margin, we mark the aircraft as friend. As a result, the ADS-B messages coming from this authenticated friendly aircraft will be processed. In this method, even if the embedded key is captured by the unknown aircraft, without the information of the second layer, the unknown aircraft can easily be determined. Overall, in this work, we present a reliable system by adding physical layer in the authentication process.Keywords: ADS-B, authentication, communication with physical layer security, cryptography, identification friend or foe
Procedia PDF Downloads 14818327 Toward a Risk Assessment Model Based on Multi-Agent System for Cloud Consumer
Authors: Saadia Drissi
Abstract:
The cloud computing is an innovative paradigm that introduces several changes in technology that have resulted a new ways for cloud providers to deliver their services to cloud consumers mainly in term of security risk assessment, thus, adapting a current risk assessment tools to cloud computing is a very difficult task due to its several characteristics that challenge the effectiveness of risk assessment approaches. As consequence, there is a need of risk assessment model adapted to cloud computing. This paper requires a new risk assessment model based on multi-agent system and AHP model as fundamental steps towards the development of flexible risk assessment approach regarding cloud consumers.Keywords: cloud computing, risk assessment model, multi-agent system, AHP model, cloud consumer
Procedia PDF Downloads 51718326 Public Perception of Energy Security in Lithuania: Between Material Interest and Energy Independence
Authors: Dainius Genys, Vylius Leonavicius, Ricardas Krikstolaitis
Abstract:
Energy security problems in Lithuania are analyzed on a regular basis; however, there is no comprehensive research on the very issue of the concept of public energy security. There is a lack of attention not only to social determinants of perception of energy security, but also a lack of a deeper analysis of the public opinion. This article aims to research the Lithuanian public perception of energy security. Complex tasks were set during the sociological study. Survey questionnaire consisted of different sets of questions: view of energy security (risk perception, political orientation, and energy security; comprehensiveness and energy security); view of energy risks and threats (perception of energy safety factors; individual dependence and burden; disobedience and risk); view of the activity of responsible institutions (energy policy assessment; confidence in institutions and energy security), demographic issues. In this article, we will focus on two aspects: a) We will analyze public opinion on the most important aspects of energy security and social factors influencing them; The hypothesis is made that public perception of energy security is related to value orientations: b) We will analyze how public opinion on energy policy executed by the government and confidence in the government are intertwined with the concept of energy security. Data of the survey, conducted on May 10-19 and June 7-17, 2013, when Seimas and the government consisted of the coalition dominated by Social Democrats with Labor, Order and Justice Parties and the Electoral Action of Poles, were used in this article. It is important to note that the survey was conducted prior to Russia’s occupation of the Crimea.Keywords: energy security, public opinion, risk, energy threat, energy security policy
Procedia PDF Downloads 47518325 Re-Imagining and De-Constructing the Global Security Architecture
Authors: Smita Singh
Abstract:
The paper develops a critical framework to the hegemonic discourses resorted to by the dominant powers in the global security architecture. Within this framework, security is viewed as a discourse through which identities and threats are represented and produced to legitimize the security concerns of few at the cost of others. International security have long been driven and dominated by power relations. Since the end of the Cold War, the global transformations have triggered contestations to the idea of security at both theoretical and practical level. These widening and deepening of the concept of security have challenged the existing power hierarchies at the theoretical level but not altered the substance and actors defining it. When discourses are introduced into security studies, several critical questions erupt: how has power shaped security policies of the globe through language? How does one understand the meanings and impact of those discourses? Who decides the agenda, rules, players and outliers of the security? Language as a symbolic system and form of power is fluid and not fixed. Over the years the dominant Western powers, led by the United States of America have employed various discursive practices such as humanitarian intervention, responsibility to protect, non proliferation, human rights, war on terror and so on to reorient the constitution of identities and interests and hence the policies that need to be adopted for its actualization. These power relations are illustrated in this paper through the narratives used in the nonproliferation regime. The hierarchical security dynamics is a manifestation of the global power relations driven by many factors including discourses.Keywords: hegemonic discourse, global security, non-proliferation regime, power politics
Procedia PDF Downloads 29218324 Considering Climate Change in Food Security: A Sociological Study Investigating the Modern Agricultural Practices and Food Security in Bangladesh
Authors: Hosen Tilat Mahal, Monir Hossain
Abstract:
Despite being a food-sufficient country after revolutionary changes in agricultural inputs, Bangladesh still has food insecurity and undernutrition. This study examines the association between agricultural practices (as social practices) and food security concentrating on the potential impact of sociodemographic factors and climate change. Using data from the 2012 Bangladesh Integrated Household Survey (BIHS), this study shows how modifiedagricultural practices are strongly associated with climate change and different sociodemographic factors (land ownership, religion, gender, education, and occupation) subsequently affect the status of food security in Bangladesh. We used linear and logistic regression models to analyze the association between modified agricultural practices and food security. The findings indicate that socioeconomic statuses are significant predictors of determining agricultural practices in a society like Bangladesh and control food security at the household level. Moreover, climate change is adversely impactingeven the modified agricultural and food security association version. We conclude that agricultural practices must consider climate change while boosting food security. Therefore, future research should integrate climate change into the agriculture and food-related mitigation and resiliency models.Keywords: food security, agricultural productivity, climate change, bangladesh
Procedia PDF Downloads 8718323 Modified RSA in Mobile Communication
Authors: Nagaratna Rajur, J. D. Mallapur, Y. B. Kirankumar
Abstract:
The security in mobile communication is very different from the internet or telecommunication, because of its poor user interface and limited processing capacity, as well as combination of complex network protocols. Hence, it poses a challenge for less memory usage and low computation speed based security system. Security involves all the activities that are undertaken to protect the value and on-going usability of assets and the integrity and continuity of operations. An effective network security strategies requires identifying threats and then choosing the most effective set of tools to combat them. Cryptography is a simple and efficient way to provide security in communication. RSA is an asymmetric key approach that is highly reliable and widely used in internet communication. However, it has not been efficiently implemented in mobile communication due its computational complexity and large memory utilization. The proposed algorithm modifies the current RSA to be useful in mobile communication by reducing its computational complexity and memory utilization.Keywords: M-RSA, sensor networks, sensor applications, security
Procedia PDF Downloads 31718322 The Security Trade-Offs in Resource Constrained Nodes for IoT Application
Authors: Sultan Alharby, Nick Harris, Alex Weddell, Jeff Reeve
Abstract:
The concept of the Internet of Things (IoT) has received much attention over the last five years. It is predicted that the IoT will influence every aspect of our lifestyles in the near future. Wireless Sensor Networks are one of the key enablers of the operation of IoTs, allowing data to be collected from the surrounding environment. However, due to limited resources, nature of deployment and unattended operation, a WSN is vulnerable to various types of attack. Security is paramount for reliable and safe communication between IoT embedded devices, but it does, however, come at a cost to resources. Nodes are usually equipped with small batteries, which makes energy conservation crucial to IoT devices. Nevertheless, security cost in terms of energy consumption has not been studied sufficiently. Previous research has used a security specification of 802.15.4 for IoT applications, but the energy cost of each security level and the impact on quality of services (QoS) parameters remain unknown. This research focuses on the cost of security at the IoT media access control (MAC) layer. It begins by studying the energy consumption of IEEE 802.15.4 security levels, which is followed by an evaluation for the impact of security on data latency and throughput, and then presents the impact of transmission power on security overhead, and finally shows the effects of security on memory footprint. The results show that security overhead in terms of energy consumption with a payload of 24 bytes fluctuates between 31.5% at minimum level over non-secure packets and 60.4% at the top security level of 802.15.4 security specification. Also, it shows that security cost has less impact at longer packet lengths, and more with smaller packet size. In addition, the results depicts a significant impact on data latency and throughput. Overall, maximum authentication length decreases throughput by almost 53%, and encryption and authentication together by almost 62%.Keywords: energy consumption, IEEE 802.15.4, IoT security, security cost evaluation
Procedia PDF Downloads 13418321 A Novel Unconditionally Secure and Lightweight Bipartite Key Agreement Protocol
Authors: Jun Liu
Abstract:
This paper introduces a new bipartite key agreement (2PKA) protocol which provides unconditionally security and lightweight. The unconditional security is stemmed from the known impossibility of distinguishing a particular solution from all possible solutions of an underdetermined system of equations. The indistinguishability prevents an adversary from inferring to the common secret-key even with the access to an unlimited amount of computing capability. This new 2PKA protocol is also lightweight because that the calculation of a common secret-key only makes use of simple modular arithmetic. This information-theoretic 2PKA scheme provides the desired features of Key Confirmation (KC), Session Key (SK) security, Know-Key (KK) security, protection of individual privacy, and uniformly distributed value of a common key under prime modulus.Keywords: bipartite key agreement, information-theoretic cryptography, perfect security, lightweight
Procedia PDF Downloads 2818320 Preserving Privacy in Workflow Delegation Models
Authors: Noha Nagy, Hoda Mokhtar, Mohamed El Sherkawi
Abstract:
The popularity of workflow delegation models and the increasing number of workflow provenance-aware systems motivate the need for finding more strict delegation models. Such models combine different approaches for enhanced security and respecting workflow privacy. Although modern enterprises seek conformance to workflow constraints to ensure correctness of their work, these constraints pose a threat to security, because these constraints can be good seeds for attacking privacy even in secure models. This paper introduces a comprehensive Workflow Delegation Model (WFDM) that utilizes provenance and workflow constraints to prevent malicious delegate from attacking workflow privacy as well as extending the delegation functionalities. In addition, we argue the need for exploiting workflow constraints to improve workflow security models.Keywords: workflow delegation models, secure workflow, workflow privacy, workflow provenance
Procedia PDF Downloads 30518319 Determinants of Mobile Banking Apps Adoption among Bank Customers in Ghana
Authors: Masud Ibrahim
Abstract:
in Ghana. The sample of the study comprised 450 bank customers from universal banks operating in Ghana. A conceptual framework was framed from a revised TAM model. A total of nine hypotheses were developed and tested using Structural Equation Modeling Technique. Findings from this study revealed that perceived ease of use and perceived usefulness are influenced positively by design and perceived security. Also, perceived ease of use, social influence and perceived security risk were found to have a strong influence on mobile banking app adoption intention. This study provides significant insights and implications for banking organizations on how to ensure the adoption and usage of their mobile banking apps.Keywords: mobile banking app, perceived ease of use, perceived usefulness, technology acceptance model
Procedia PDF Downloads 12918318 Multisignature Schemes for Reinforcing Trust in Cloud Software-As-A-Service Services
Authors: Mustapha Hedabou, Ali Azougaghe, Ahmed Bentajer, Hicham Boukhris, Mourad Eddiwani, Zakaria Igarramen
Abstract:
Software-as-a-service (SaaS) is emerging as a dominant approach to delivering software. It encompasses a range of business, technical opportunities, issue, and challenges. Trustiness in the cloud services regarding the security and the privacy of the delivered data is the most critical issue with the SaaS model. In this paper, we survey the security concerns related to the SaaS model, and we propose the design of a trusted SaaS model that gives users more confidence into SaaS services by leveraging a trust in a neutral source code certifying authority. The proposed design is based on the use of the multisignature mechanism for signing the source code of the application service. In our model, the cloud provider acts as a root of trust by ensuring the integrity of the application service when it was running on its platform. The proposed design prevents insider attacks from tampering with application service before and after it was launched in a cloud provider platform.Keywords: cloud computing, SaaS Platform, TPM, trustiness, code source certification, multi-signature schemes
Procedia PDF Downloads 24818317 Determining the Appropriate Methodology for the Security Evaluation of Equipment Related to Information and Communication Technology in the Industry
Authors: Sofia Ahanj Sofia Ahanj, Mahsa Rahmani Mahsa Rahmani, Zahra Sadeghigol, Vida Nobakht Vida Nobakht
Abstract:
Providing security in the electricity industry, as one of the vital infrastructures of the country, is one of the essential operations that must be taken in order to improve the security of the country. Resistant security strategies need to be regularly implemented as a dynamic process to improve security, and security evaluation is one of the most important steps in this process. Methodology in the field of evaluation in both technical and managerial dimensions is discussed in the laboratory. There are various standards in the field of general ICT technical-security evaluation. The most important are ISO / IEC 15408, ISO / IEC 27001 and NIST SP 800-53. In the present paper, these standards are first examined. Then, the standards and reports in the industrial field have been reviewed and compared, and finally, based on the results and special considerations of information and communication technology equipment in the electricity industry, the appropriate methodology has been presented.Keywords: security standards, ISO/IEC 15408, ISA/IEC 62443 series, NIST SP 800-53, NISTIR 7628
Procedia PDF Downloads 13618316 A Review of Food Security Policy Research in Central Asia
Authors: Mergen Dyussenov
Abstract:
Food security has become a prominent issue on the global policy agenda. Yet, one particular region that remains understudied is a cohort of Central Asian countries. To shed light onto the issue, the paper looks into a review of existing literature related to food security policies in Central Asia. In so doing, it seeks to systematize the context analyzed, key findings, and recommendations. Furthermore, it analyzes the role of key actors in promoting the food security policies across Central Asian nations. Finally, the paper attempts to set the agenda for further research.Keywords: food security, central Asia, the role of actors, policy analysis
Procedia PDF Downloads 29018315 Double Layer Security Model for Identification Friend or Foe
Authors: Buse T. Aydın, Enver Ozdemir
Abstract:
In this study, a double layer authentication scheme between the aircraft and the Air Traffic Control (ATC) tower is designed to prevent any unauthorized aircraft from introducing themselves as friends. The method is a combination of classical cryptographic methods and new generation physical layers. The first layer has employed the embedded key of the aircraft. The embedded key is assumed to installed during the construction of the utility. The other layer is a physical attribute (flight path, distance, etc.) between the aircraft and the ATC tower. We create a mathematical model so that two layers’ information is employed and an aircraft is authenticated as a friend or foe according to the accuracy of the results of the model. The results of the aircraft are compared with the results of the ATC tower and if the values found by the aircraft and ATC tower match within a certain error margin, we mark the aircraft as a friend. In this method, even if embedded key is captured by the enemy aircraft, without the information of the second layer, the enemy can easily be determined. Overall, in this work, we present a more reliable system by adding a physical layer in the authentication process.Keywords: ADS-B, communication with physical layer security, cryptography, identification friend or foe
Procedia PDF Downloads 12818314 Enhancing Civil Aviation Safety and Security: A Comprehensive Approach
Authors: J. Waldon
Abstract:
The civil aviation industry plays a crucial role in global transportation, connecting people and goods across the world. Ensuring the safety and security of passengers, crew, and aircraft is of paramount importance. This paper aims to address the aspect of training and human factors, amongst others, necessary for enhancing civil aviation safety and security. In this context, we are focusing on the level of attention exhibited in the checking of luggage and travel credentials, with the aim to identify areas of improvement and avoid compromising security and safety at the Nsimalen Airport Yaoundé, Cameroon. We found that there is a lack of proper awareness among both travelers and some staff on the safety and security of goods and passengers. We suggest that improved training and handling, and sensitization in the form of legible billboards are important. Thus, we recommend refresher courses like this one for staff to keep abreast with the fast-changing security landscape in air transport as well as proper sensitization, including health-related issues. In conclusion, we established that the human factors, as well as the frequency of training and refresher courses, have a positive outlook on safety and security in air transport.Keywords: safety, security, passengers, cargo
Procedia PDF Downloads 3918313 A Review Paper on Data Security in Precision Agriculture Using Internet of Things
Authors: Tonderai Muchenje, Xolani Mkhwanazi
Abstract:
Precision agriculture uses a number of technologies, devices, protocols, and computing paradigms to optimize agricultural processes. Big data, artificial intelligence, cloud computing, and edge computing are all used to handle the huge amounts of data generated by precision agriculture. However, precision agriculture is still emerging and has a low level of security features. Furthermore, future solutions will demand data availability and accuracy as key points to help farmers, and security is important to build robust and efficient systems. Since precision agriculture comprises a wide variety and quantity of resources, security addresses issues such as compatibility, constrained resources, and massive data. Moreover, conventional protection schemes used in the traditional internet may not be useful for agricultural systems, creating extra demands and opportunities. Therefore, this paper aims at reviewing state of the art of precision agriculture security, particularly in open field agriculture, discussing its architecture, describing security issues, and presenting the major challenges and future directions.Keywords: precision agriculture, security, IoT, EIDE
Procedia PDF Downloads 63