Search results for: security policy

Authors: Adriano Bessa Albuquerque, Francisco Jose Barreto Nunes

Abstract:

Software vulnerabilities are increasing and not only impact services and processes availability as well as information confidentiality, integrity and privacy, but also cause changes that interfere in the development process. Security test could be a solution to reduce vulnerabilities. However, the variety of test techniques with the lack of real case studies of applying tests focusing on software development life cycle compromise its effective use. This paper offers an overview of how a Systematic Mapping Study (MS) about security verification, validation and test (VVT) was performed, besides presenting general results about this study.

Keywords: software test, software security verification validation and test, security test institutionalization, systematic mapping study

Procedia PDF Downloads 354

Authors: William Clavijo, Edmar Almeida

Abstract:

The article analyzes the importance of Venezuela in the US geopolitics of oil considering the new oil landscape. To this end, the importance of oil in the geopolitics of the United States is discussed from the perspective of energy security as well as considering a broader view of national security. Based on this discussion, the relevance of Venezuelan oil reserves on US geopolitical agenda is analyzed. Among the results, the article shows that the transformations in the supply structure of the international oil market during the last decade have allowed the United States to achieve greater levels of independence from oil imports from other producing countries. This new reality has profoundly changed the US interest in Venezuelan oil to a broader subject that involves sensitive issues of its national security agenda.

Keywords: oil geopolitics, Venezuela, United States, energy security, national security

Procedia PDF Downloads 134

Authors: Flavio Gazzani

Abstract:

Nitrogen is an important agricultural input that is critical for the production. However, the introduction of large amounts of nitrogen into the environment has a number of undesirable impacts such as: the loss of biodiversity, eutrophication of waters and soils, drinking water pollution, acidification, greenhouse gas emissions, human health risks. It is a challenge to sustain or increase food production and at the same time reduce losses of reactive nitrogen to the environment, but there are many potential benefits associated with improving nitrogen use efficiency. Reducing nutrient losses from agriculture is crucial to the successful implementation of agricultural policy. Traditional regulatory instruments applied to implement environmental policies to reduce environmental impacts from nitrogen fertilizers, despite some successes, failed to address many environmental challenges and imposed high costs on the society to achieve environmental quality objectives. As a result, economic instruments started to be recognized for their flexibility and cost-effectiveness. The objective of the research project is to analyze the potential for increased use of market-based instruments in nitrogen control policy. The report reviews existing knowledge, bringing different studies together to assess the global nitrogen situation and the most relevant environmental management policy that aims to reduce pollution in a sustainable way without affect negatively agriculture production and food price. This analysis provides some guidance on how different market based instruments might be orchestrated in an overall policy framework to the development and assessment of sustainable nitrogen management from the economics, environmental and food security point of view.

Keywords: nitrogen emissions, chemical fertilizers, eutrophication, non-point of source pollution, dairy farm

Procedia PDF Downloads 305

Authors: Ossai Paulinus Edwin

Abstract:

Cash Management is a broad area having to do with the collection, concentration and disbursement of cash including measuring the level of liquidity and managing the cash balance and Short-Term Investments. Cash Management involves the efficient collection and disbursement of cash and cash equivalents. It also includes management of marketable securities because, in modern Terminology, money comprises marketable securities and actual cash in hand or in a bank. This cash management is concerned with management of cash inflow and cash outflow of a business especially as it concerns a developing nation like Nigeria. The paper throws light on the impact of cashless policy in Nigeria as it was introduced by the Central Bank of Nigeria (CBN) in December 2011 and was kick started in Lagos in January 2012. Survey research was adopted with the questionnaires as data collection instrument. Responses show that cashless policy if adopted generally shall increase employment opportunities, reduce cash related robbery thereby reducing risk of carrying cash; it shall also reduce cash related corruption and attract more foreign investors to the country. It is expected that the introduction of cashless policy in Nigeria is a step in the right direction as it shall bring about modernization of Nigeria payment system, reduction in the cost of banking services, reduction in high security and safety risk and also curb banking related corruptions.

Keywords: cashless economy, cash management, cashless policy, e-banking, Nigeria

Procedia PDF Downloads 364

Authors: Tao Feng, Fei Xing, Ye Lu, Jun Li Fang

Abstract:

NDN is a kind of future Internet architecture. Due to the NDN design introduces four privacy challenges,Many research institutions began to care about the privacy issues of naming data network(NDN).In this paper, we are in view of the major NDN’s privacy issues to investigate privacy protection,then put forwards more effectively anonymous transfer policy for NDN.Firstly,based on mutual anonymity communication for MP2P networks,we propose NDN mutual anonymity protocol.Secondly,we add interest package authentication mechanism in the protocol and encrypt the coding coefficient, security of this protocol is improved by this way.Finally, we proof the proposed anonymous transfer protocol security and anonymity.

Keywords: NDN, mutual anonymity, anonymous routing, network coding, authentication mechanism

Procedia PDF Downloads 417

Authors: Nisarg A. Patel, Hiren B. Patel

Abstract:

Quantum cryptography is described as a point-to-point secure key generation technology that has emerged in recent times in providing absolute security. Researchers have started studying new innovative approaches to exploit the security of Quantum Key Distribution (QKD) for a large-scale communication system. A number of approaches and models for utilization of QKD for secure communication have been developed. The uncertainty principle in quantum mechanics created a new paradigm for QKD. One of the approaches for use of QKD involved network fashioned security. The main goal was point-to-point Quantum network that exploited QKD technology for end-to-end network security via high speed QKD. Other approaches and models equipped with QKD in network fashion are introduced in the literature as. A different approach that this paper deals with is using QKD in existing protocols, which are widely used on the Internet to enhance security with main objective of unconditional security. Our work is towards the analysis of the QKD in Mobile ad-hoc network (MANET).

Keywords: cryptography, networking, quantum, encryption and decryption

Procedia PDF Downloads 140

Authors: Victor Oyewumi Ogunbiyi

Abstract:

Food waste is a global sustainability issue that demands that multiple stakeholders participate in solving it. This article examines how different food system stakeholders are held responsible in the policy debate related to food waste reduction. The study adopts a qualitative approach, paying attention to the views of both public and private policymakers and constructing their views relating to opportunities and policy initiatives towards waste reduction. The data consists of a list of opportunities and food policy initiatives in the development process in Nigeria. The authors identify three emerging opportunities: sectoral growth, technological demands in food service, and sustainable collaborative behaviour. The findings also revealed key policy initiatives for development: law and regulations, multi-stakeholder collaboration, economic incentives, research, and new knowledge. The study extends the marketing literature on food sustainability by investigating several stakeholders’ roles beyond the practical management of the food services sector. Additionally, considering policy initiative development for food waste mitigation sheds light on how stakeholders’ policy initiatives can sustain the food service sector. Finally, the authors outline policy implications.

Keywords: multistakeholder engagement, food services, food waste, policy initiatives, Nigeria

Procedia PDF Downloads 50

Authors: Dimple Juneja, Aarti Singh, Renu Hooda

Abstract:

Knowledge Query Manipulation Language (KQML) and FIPA ACL are two prime communication languages existing in multi agent systems (MAS). Both languages are more or less similar in terms of semantics (based on speech act theory) and offer cutting edge competition while establishing agent communication across Internet. In contrast to the fact that software agents operating on the internet are required to be more safeguarded from their counter-peer, both protocols lack security performatives. The paper proposes a three tier security interface with few novel security related performatives enhancing the basic architecture of KQML. The three levels are attestation, certification and trust establishment which enforces a tight security and hence reduces the security breeches.

Keywords: multiagent systems, KQML, FIPA ACL, performatives

Procedia PDF Downloads 387

Authors: Stefanie Kasparek

Abstract:

The United Nations Security Council (UNSC) is probably the most recognized international security organization. It is also profoundly misunderstood and undervalued in its effort to promote peace and security. With the rising involvement of non-state actors and the way states fight wars, international governance has become increasingly complex. However, the formal UNSC agenda has long remained static, reflecting states' unwillingness to entertain more conflicts. Nevertheless, resolutions remain the scholarly measure of states' interests and policies, neglecting the significant share of issues the Council entertains informally. This project builds on a rational institutionalism framework. It provides a systematic analysis of how and under what conditions states use informal governance instead of, or in combination with, formal rules at the agenda-setting stage of the policy process. Data for this project comes from elite interviews and a newly created dataset on governance choices. The results show that counter existing arguments, weaker states successfully circumvent formal institutional roadblocks and use informal governance mechanisms to pursue vital interests, thereby countering institutional restrictions and power asymmetries present informal governance settings.

Keywords: agenda-setting, decision-making, international governance, UNSC

Procedia PDF Downloads 164

Authors: Mazhar Hamayun

Abstract:

Organizations need to take a holistic approach to their Zero Trust strategic and tactical security needs. This includes using a framework-agnostic model that will ensure all enterprise resources are being accessed securely, regardless of their location. Such can be achieved through the implementation of a security posture, monitoring the posture, and adjusting the posture through the Identify, Detect, Protect, Respond, and Recover Methods, The target audience of this document includes those involved in the management and operational functions of risk, information security, and information technology. This audience consists of the chief information security officer, chief information officer, chief technology officer, and those leading digital transformation initiatives where Zero Trust methods can help protect an organization’s data assets.

Keywords: ZTNA, zerotrust architecture, microsegmentation, NIST SP 800-207

Procedia PDF Downloads 52

Authors: Heidi von Korff

Abstract:

The electricity grid is changing in terms of flexibility. Distributed generation (DG) policy is being discussed worldwide and implemented. Developers and utilities are seeking a pathway towards Zero Net Energy (ZNE) communities and the interconnection to the distribution grid. Using the VISDOM platform for establishing a method for managing and monitoring energy consumption loads of ZNE communities as a capacity resource for the grid. Reductions in greenhouse gas emissions and energy security are primary policy drivers for incorporating high-performance energy standards and sustainability practices in residential households, such as a market transformation of ZNE and nearly ZNE (nZNE) communities. This research investigates how load data impacts ZNE, to see if there is a correlation to the daily load variations in a single ZNE home. Case studies will include a ZNE community in California and a nearly ZNE community (All – Electric) in the Netherlands, which both are in measurement and verification (M&V) phases and connected to the grid for simulations of methods.

Keywords: zero net energy, distributed generation, renewable energy, zero net energy community

Procedia PDF Downloads 268

Authors: Jacques Barnard, Magda Huisman, Gunther R. Drevin

Abstract:

Rapid expansion and development in die mobile technology market has created an opportunity for users to participate in location based games. As a consequence of this fast expanding market and new technology, it is important to be aware of the implications this has on security. This paper measures the impact on the security awareness of games’ participants, as well as on that of students at university level with regards to their various stages of input in years of studying and gamer classification. This serves to provide insight into the matter as to discernible differences in the awareness of the security implications concerning these technologies. The data was accumulated via a web questionnaire that was to be completed yearly by students from respective year groups. Results signify a meaningful disparity in security awareness among students completing the varying study years and research. This awareness, however, does not always impact on gamers.

Keywords: gamer classifications, location based games, location based data, security awareness

Procedia PDF Downloads 271

Authors: Adrian W. Chew

Abstract:

This paper argues that education policy analysis tends to be steered towards empiricist oriented approaches, which place emphasis on objective and measurable data. However, this paper argues that empiricist oriented approaches are generally based on inductive and/or deductive reasoning, which are unable to generate new ideas/knowledge. This paper will outline the logical structure of induction, deduction, and abduction, and argues that only abduction provides possibilities for the creation of new ideas/knowledge. This paper proposes the neologism of ‘informed guessing’ as a reformulation of abduction, and also as an approach to education policy analysis. On one side, the signifier ‘informed’ encapsulates the idea that abductive policy analysis needs to be informed by descriptive conceptualization theory to be able to make relations and connections between, and within, observed phenomenon and unobservable general structures. On the other side, the signifier ‘guessing’ captures the cyclical and unsystematic process of abduction. This paper will end with a brief example of utilising ‘informed guessing’ for a policy analysis of school choice lotteries in the United States.

Keywords: abductive reasoning, empiricism, informed guessing, policy analysis

Procedia PDF Downloads 324

Authors: Jeonghwan Jeon, Mintak Han, Youngjun Kim

Abstract:

Due to the rapid development of information and communication technology (ICT), a substantial transformation is currently happening in the society. As the range of intelligent technologies and services is continuously expanding, ‘things’ are becoming capable of communicating one another and even with people. However, such “Internet of Things” has the technical weakness so that a great amount of such information transferred in real-time may be widely exposed to the threat of security. User’s personal data are a typical example which is faced with a serious security threat. The threats of security will be diversified and arose more frequently because next generation of unfamiliar technology develops. Moreover, as the society is becoming increasingly complex, security vulnerability will be increased as well. In the existing literature, a considerable number of private and public reports that forecast future society have been published as a precedent step of the selection of future technology and the establishment of strategies for competitiveness. Although there are previous studies that forecast security technology, they have focused only on technical issues and overlooked the interrelationships between security technology and social factors are. Therefore, investigations of security threats in the future and security technology that is able to protect people from various threats are required. In response, this study aims to derive potential security threats associated with the development of technology and to explore the security technology that can protect against them. To do this, first of all, private and public reports that forecast future and online documents from technology-related communities are collected. By analyzing the data, future issues are extracted and categorized in terms of STEEP (Society, Technology, Economy, Environment, and Politics), as well as security. Second, the components of potential security threats are developed based on classified future issues. Then, points that the security threats may occur –for example, mobile payment system based on a finger scan technology– are identified. Lastly, alternatives that prevent potential security threats are proposed by matching security threats with points and investigating related security technologies from patent data. Proposed approach can identify the ICT-related latent security menaces and provide the guidelines in the ‘problem – alternative’ form by linking the threat point with security technologies.

Keywords: future society, information and communication technology, security technology, technology forecasting

Procedia PDF Downloads 440

Authors: Hanen Khaldi

Abstract:

This paper aims to study the impact of international migration on human security in the Southeastern region of Asia, especially after Asian Financial Crisis 1997-98. International migration has impacts on many dimensions of security: the state security (sovereignty and autonomy); international relationships security (conflicts, terrorism, etc); and immigrants security. The paper aims to improve our comprehension of the impact of international migration on immigrant security in the region of Southeast Asia, particularly “vulnerable workers’’ whose number is growing very fast in the region. The literature review carried out on this matter led us to ask the following two question: 1) Did the creation of ASEAN Community matter on the evolution of immigrants in the region? And How governments try to resolve the gap between economic objectifs and security of immigrants in the region? To answer these two questions, the paper is subdivided in three parts: Firstly, we will show how the creation of the ASEAN Community, especially ASEAN Economic Community, had a significant impact on the pattern of evolution of immigration in this region. Secondly, we will paint a portrait illustrating the vulnerability of immigrants in Southeast Asia, particularly unskilled workers. Finally, using the theories of regional integration, we will assess how governments try to ensure the security and safety of the immigrants. Overall, our analysis illustrate the significant change of the official discourse of the leaders of the ASEAN member states, now more conciliator and especially more open to cooperation, as well as the proliferation of meetings and initiatives between these countries to control mobility flows in the region, and the ensure immigrants security.

Keywords: migrant workers, human security, human rights

Procedia PDF Downloads 143

Authors: Chupicai Manuel

Abstract:

The purpose of this article is to examine the political economy and history of internal displacement, migration and human security in Zimbabwe from 1800 to present day. The article gives a timeline of major internal displacement, migration trends that took place in Zimbabwe before colonialism, through the colonial period up to the present day and examines the human security context of such periods. In view of the above, a political economy analysis will be employed to examine the different factors that promoted internal displacement and human movements from 1800 to the present day and explore the architecture of human security in Zimbabwe. The ultimate goal of this literature review is to provide a longitudinal analysis of internal displacement, migration and human security regimes that existed in Zimbabwe with the view of promoting social cohesion and nation building.

Keywords: human security, internal displacement, migration, political economy

Procedia PDF Downloads 319

Authors: Fati̇h Apaydin

Abstract:

Education technology is an area which constantly changes and creates innovations. As an inevitable part of the changing circumstances, the societies who have a tendency to the improvements keep up with these innovations by using the methods and strategies which have been designed for education technology. At this point, education technology has taken the responsibility to help the individuals improve themselves and teach the effective teaching methods by filling the airs in theoretical information, information security and the practice. The technology which comes to the core of our lives by raising the importance of it day by day and it enforced its position in computer- based environments. As a result, ‘being ready for technological innovations, improvement on computer-based talent, information, ability and attitude’ doctrines have to be given. However, it is today quite hard to deal with the security and reinforcement of this information. The information which is got illegally gives harm to society from every aspect, especially education. This study includes how and to what extent to use these innovative appliances such as computers and the factor of information security of these appliances in computer-based education. As the use of computer is constantly becoming prevalent in our country, both education and computer will never become out of date, so how computer-based education affects our lives and the study of information security for this type of education are important topics.

Keywords: computer, information security, education, technology, development

Procedia PDF Downloads 559

Authors: Aditaya Narayan Mishra

Abstract:

Unequal distribution of environmental resources as a possible cause of conflict has been the topic of substantial research, and these connections have ruled the post-Cold War attention in the discourse of environmental security. In this category, considerable concentration has been given to water resources, on account of their important standing for human existence. Thus, water is considered to be one of the most important non-conventional security issues. As per this consideration, the case of India-Bangladesh is one of the most critical examples of disputes over transboundary water sharing. The concern regarding sharing of trans-boundary rivers has been the main focus of Bangladesh and India‘s relationship for the last forty-five years. Both countries share fifty-four rivers, most of which have originated in the Himalayan range. The main causes for problems in the sharing of the waters of trans-boundary rivers between India and Bangladesh include the: Farakka Barrage, Teesta river sharing issue, River linking project and Tipaimukh Dam. The construction of Farakka barrage across the Ganga River was the beginning of water dispute. Attempts at unilateral exploitation of the trans-boundary water resources led to inter-state conflicts that spilled over into other areas of bilateral disputes between India and Bangladesh. Apart from Farakka, Barrage, the disputes over Teesta River sharing, River linking project and Tipaimukh Dam are also vital contents for the both countries bilateral diplomacy. Till date, India and Bangladesh have signed five treaties regarding water sharing. However, all these treaties have been rendered worthless due to mistrust and political upheaval in both countries. The current paper would address all these water sharing disputes between India and Bangladesh with focus on the various policy responses (both bilateral and multilateral initiatives) to deal with these water sharing disputes. It will try to analyze the previous agreements and their drawbacks and loopholes. In addition, it will mention the reasons for water sharing cooperation between India and Bangladesh.

Keywords: India and Bangladesh relations, water disputes, Teesta, river linking project, Tipaimukh Dam, Farakka, policy responses

Procedia PDF Downloads 204

Authors: Alhaji Khuzaima Mohammed Osman, Zaeem Sheikh Abdul Wadudi Haruna

Abstract:

This article aims to explore the crucial link between counter-terrorism efforts and the preservation of human security. As acts of terrorism continue to pose significant threats to societies worldwide, it is imperative to develop effective strategies that mitigate risks while safeguarding the rights and well-being of individuals. This paper discusses key aspects of counter-terrorism and human security, emphasizing the need for a comprehensive approach that integrates intelligence, prevention, response, and resilience-building measures. By highlighting successful case studies and lessons learned, this article provides valuable insights for policymakers, law enforcement agencies, and practitioners in their quest to address terrorism and foster human security.

Keywords: human security, risk mitigation, terrorist activities, civil liberties

Procedia PDF Downloads 46

Authors: Ando Leppiman, Kati Kõrbe Kaare, Ott Koppel

Abstract:

The growing demand for gas has rekindled a debate on gas security of supply due to supply interruptions, increasing gas prices, transportation and distribution bottlenecks and a growing reliance on imports over longer distances. Security of supply is defined mostly as an infrastructure package to satisfy N-1 criteria. In case of Estonia, Finland, Latvia, and Lithuania all the gas infrastructure is built to supply natural gas only from one single supplier, Russia. In 2012, almost 100% of natural gas to the Eastern Baltic Region was supplied by Gazprom. under such circumstances infrastructure N-1 criteria does not guarantee security of supply. In the Eastern Baltic Region, the assessment of risk of gas supply disruption has been worked out by applying the method of risk scenarios. There are various risks to be tackled in Eastern Baltic States in terms of improving security of supply, such as single supplier risk, physical infrastructure risk, regulatory gap, fair price, and competition. The objective of this paper is to evaluate the energy security of the Eastern Baltic Region within the framework of the European Union’s policies and to make recommendations on how to better guarantee the energy security of the region.

Keywords: security of supply, supply routes for natural gas, energy balance, diversified supply options, common regulative package

Procedia PDF Downloads 231

Authors: Andrei Bogdan Stanescu, Laura Diaconescu

Abstract:

With the increasing concerns about data breaches and privacy violations, organizations seek robust security measures to protect sensitive information. This research paper highlights the importance of implementing the Zero-Trust Security methodology using Passwordless Authentication Gateways that leverage Keycloak, an open-source Identity and Access Management (IAM) software, as a solution to address the security challenges these organizations face. The paper presents the successful implementation and deployment of such a solution in a mid-size, privacy-oriented organization. The implementation resulted in significant security improvements, reducing the risk of unauthorized access and potential data breaches. Moreover, user feedback indicated enhanced convenience and streamlined authentication experiences. The results of this study bring solid contributions in the field of cybersecurity and provide practical insights for organizations aiming to strengthen their security practices.

Keywords: identity and access management, passwordless authentication, privacy, zero-trust security

Procedia PDF Downloads 58

Authors: Beenish Urooj, Ubaid Ullah, Sidra Riasat

Abstract:

National Testing Service-Pakistan (NTS) is an agency in Pakistan that conducts student success appraisal examinations. In this research paper, we must present a security model for the NTS organization. The security model will depict certain security countermeasures for a better defense against certain types of breaches and system malware. We will provide a security roadmap, which will help the company to execute its further goals to maintain security standards and policies. We also covered multiple aspects in securing the environment of the organization. We introduced the processes, architecture, data classification, auditing approaches, survey responses, data handling, and also training and awareness of risk for the company. The primary contribution is the Risk Survey, based on the maturity model meant to assess and examine employee training and knowledge of risks in the company's activities.

Keywords: NTS, risk assessment, threat factors, security, services

Procedia PDF Downloads 46

Authors: Blen Telayneh Melese

Abstract:

Rural development, the unending quest of a developing country, cannot be succeeded in deprived of human capital development. Human capital, the economic pillars of a country's development, appeals a policy-based supports while fulfilling what is expected. Ethiopia, one of the rural countries with untouched and forgotten land and human force, owes historical experiences of educational policy intending for mobilization of its citizen for the advancement of the overall economy. Rural Ethiopia as well has been the focus of those educational policies, considering the economic resources entrenched with in. In this literature review paper, Ethiopian educational policy and its contribution to human capital development, as well as its role in generating quality human labor force, is assessed concisely. The author argues that the foundation of rural development such as technology, knowledge, infrastructure, market chain, communication and etc., can only be achieved through enhanced education policy that conciliates the existing reality of rural communities. Ethiopia still needs an education policy that enables it to generate a human capital that is oriented with the rural areas economic opportunities and challenges.

Keywords: Ethiopia, rural development, human capital development, education policy

Procedia PDF Downloads 308

Authors: Agnieszka Szczudlińska-Kanoś

Abstract:

Nowadays the participation of citizens in public life increasingly effect on management at all levels of public authority. Today, however, democratic systems in many countries, also in Poland, based on the first - on the institutions of representative democracy, which is mainly on elections, party activity, on the other hand - on the basic instruments of direct democracy, which, in particular, we can include a referendum or initiative of citizenship - although these are often rather complementary. Other forms of participatory democracy, such as deliberative democracy, participatory budgeting, public consultation in practice in many countries are still rare. Appropriate use of the potential invested in participatory democracy can bring enormous and multilateral benefits. On the one hand, local and regional communities taking an active part in public life express their needs, point out problems and thus affect the decisions of public authorities. Authorities using knowledge acquired from the citizens also implement the policy tailored to their needs, thus obtaining support in the next election. The purpose of this study is to show how the Polish citizens affect to resolve issues of social policy pursued at different levels of government. This problem is very important because today the observed changes seen in virtually all fields of life create new social problems, which nowadays are no longer only the problems of the region, the country but they are international, global issues. From such this perspective we should talk about them, discuss, try to solve at all levels. Article will be useful not only theorists involved in the management of the public, local government, or social but also practitioners - local government acting as their functions at different levels of government. Conclusions drawn from the publication will also be useful to politicians and those directly affecting for: functioning social security systems, the scope and quality of public services and the overall shape of the contemporary social policy in different countries.

Keywords: social policy, local government, social participation, social services

Procedia PDF Downloads 252

Authors: Violeta Damjanovic-Behrendt

Abstract:

This paper presents an approach for optimal cyber security decisions to protect instances of a federated Internet of Things (IoT) platform in the cloud. The presented solution implements the repeated Stackelberg Security Game (SSG) and a model called Stochastic Human behaviour model with AttRactiveness and Probability weighting (SHARP). SHARP employs the Subjective Utility Quantal Response (SUQR) for formulating a subjective utility function, which is based on the evaluations of alternative solutions during decision-making. We augment the repeated SSG (including SHARP and SUQR) with a reinforced learning algorithm called Naïve Q-Learning. Naïve Q-Learning belongs to the category of active and model-free Machine Learning (ML) techniques in which the agent (either the defender or the attacker) attempts to find an optimal security solution. In this way, we combine GT and ML algorithms for discovering optimal cyber security policies. The proposed security optimization components will be validated in a collaborative cloud platform that is based on the Industrial Internet Reference Architecture (IIRA) and its recently published security model.

Keywords: security, internet of things, cloud computing, stackelberg game, machine learning, naive q-learning

Procedia PDF Downloads 326

Authors: Tizian Matschak, Ilja Nastjuk, Stephan Kühnel, Simon Trang

Abstract:

We argue that besides well-known primary effects of information security controls (ISCs), namely confidentiality, integrity, and availability, ISCs can also have secondary effects. For example, while IT can add business value through impacts on business processes, ISCs can be a barrier and distort the relationship between IT and organizational value through the impact on business processes. By applying the Delphi method with 28 experts, we derived 27 business process influence dimensions of ISCs. Defining and understanding these mechanisms can change the common understanding of the cost-benefit valuation of IT security investments and support managers' effective and efficient decision-making.

Keywords: business process dimensions, dark side of information security, Delphi study, IT security controls

Procedia PDF Downloads 76

Authors: Umang Prajapati

Abstract:

Elected prime minister of India Narendra Modi has very largely focused on improving ties with the neighbors since day one of his regime. This was the most significant initiative to focus on major Asian powers also emphasizing on the two decades old look east policy. The “neighborhood first policy” as termed by the media has been a corner stone in improving ties with the immediate neighbors of the country through several bilateral talks with the nations individually. However, the announcement of demonetisation policy in India, ceasing the usage of 500 and 1000 rupee notes has rattled countries like Nepal, Bangladesh, Bhutan, Sri Lanka and Myanmar who encourage Indian currency parallel to theirs. According to the ministry of commerce and industry (MCI), India’s total trade with neighboring countries stood at US$21.6 in the fiscal year 2015-16, India has good surplus trade surplus with its neighbors and has a strong interest in ensuring smooth trade flows. India might have this benefit, but yet this policy can create issues between India and neighboring countries. The demonetisation policy might benefit in the long run, but in the short run, this might create border issues. While there would be more countries affected by this policy, this paper will emphasize on the problems faced by the countries and the impact of demonetisation on all other neighboring countries.

Keywords: bilateral trades, demonetization, neighborhood policy, value of rupee

Procedia PDF Downloads 292

Authors: Mohamad Ibrahim Al Ladan

Abstract:

Social networks, such as Facebook, Myspace, LinkedIn, Google+, and Twitter have experienced exponential growth and a remarkable adoption rate in recent years. They provide attractive means of online social interactions and communications with family, friends, and colleagues from around the corner or across the globe, and they have become an important part of daily digital interactions for more than one and a half billion users around the world. The various personal information sharing practices that social network providers encourage have led to their success as innovative social interaction platforms. However, these practices have resulted in ample concerns with respect to privacy and security from different stakeholders. Addressing these privacy and security concerns in social networks is a must for these networks to be sustainable. Existing security and privacy tools may not be enough to address existing concerns. Some guidelines should be followed to protect users from the existing risks. In this paper, we have investigated and discussed the various privacy and security issues and concerns pertaining to social networks. Moreover, we have classified these privacy and security issues and presented a thorough discussion of the implications of these issues and concerns on the future of the social networks. In addition, we have presented a set of guidelines as precaution measures that users can consider to address these issues and concerns.

Keywords: social networks privacy issues, social networks security issues, social networks privacy precautions measures, social networks security precautions measures

Procedia PDF Downloads 272

Authors: Jeonghwan Jeon

Abstract:

As the science and technology (S&T) has been rapidly advanced, the national government attempts to reflect changes in the S&T for promoting public R&D activities and economic development. Amongst others, due to the rapid advances and changes of S&T, it becomes important to analyze the trends of S&T policies for formulating the new policy and investigating promising S&T fields. Thus, this paper aims to trace the national S&T policies during this decade for analyzing the change of major S&T fields in the case of South Korea. As one of the organization for S&T policy in South Korea, the National Science and Technology Council (NSTC) has been established to coordinate inter-ministerial policies and programs and to determine all of the national and public S&T policy of South Korea. In this regard, the items on national S&T policy determined by the NSTC are useful for understanding the needs for major S&T fields and adapting to the rapid change of S&T. To this end, we first gathered the data on 512 items on the S&T agenda from 1999 to 2013. Based on these items, the trend of S&T policies is monitored and the major S&T fields are derived. Differences of policy purposes between S&T fields are identified to provide guideline for policy making such as budget allocation or investment promotion as well.

Keywords: national science and technology, policy, trends, S&T field

Procedia PDF Downloads 509

Authors: Dyana Zainudin, Atta Ur-Rahman, Thaier Hamed

Abstract:

This paper explains about human nature concept as to understand the significance of information security in employees’ mentality including leaders in an organisation. By studying on a theory concept of the latest Von Solms fourth waves, information security governance basically refers to the concept of a set of methods, techniques and tools that responsible for protecting resources of a computer system to ensure service availability, confidentiality and integrity of information. However, today’s information security dilemma relates to the acceptance of employees mentality. The major causes are a lack of communication and commitment. These types of management in an organisation are labelled as immoral/amoral management which effects on information security compliance. A recovery action is taken based on ‘learn a lesson from incident events’ rather than prevention. Therefore, the paper critically analysed the Von Solms fourth waves’ theory with current human events and its correlation by studying secondary data and also from qualitative analysis among employees in public sectors. ‘Three-dimensions to failure’ of information security dilemma are explained as deny, don’t know and don’t care. These three-dimensions are the most common vulnerable behaviour owned by employees. Therefore, by avoiding the three-dimensions to failure may improve the vulnerable behaviour of employees which is often related to immoral/amoral management.

Keywords: information security management system, information security behaviour, information security governance, information security culture

Procedia PDF Downloads 179