Search results for: security risks

Authors: Amirhossein Safi

Abstract:

Internet of things (IOT) is a kind of advanced information technology which has drawn societies’ attention. Sensors and stimulators are usually recognized as smart devices of our environment. Simultaneously, IOT security brings up new issues. Internet connection and possibility of interaction with smart devices cause those devices to involve more in human life. Therefore, safety is a fundamental requirement in designing IOT. IOT has three remarkable features: overall perception, reliable transmission, and intelligent processing. Because of IOT span, security of conveying data is an essential factor for system security. Hybrid encryption technique is a new model that can be used in IOT. This type of encryption generates strong security and low computation. In this paper, we have proposed a hybrid encryption algorithm which has been conducted in order to reduce safety risks and enhancing encryption's speed and less computational complexity. The purpose of this hybrid algorithm is information integrity, confidentiality, non-repudiation in data exchange for IOT. Eventually, the suggested encryption algorithm has been simulated by MATLAB software, and its speed and safety efficiency were evaluated in comparison with conventional encryption algorithm.

Keywords: internet of things, security, hybrid algorithm, privacy

Procedia PDF Downloads 428

Authors: Alfred Kamate Siviri, Angelus Mafikiri Tsongo, Jean Robert Kala Kamdjoug

Abstract:

Digitalization and information systems well organized have been selected as relevant measures to mitigate operational risks within organizations. Unfortunately, information system comes with new threats that can cause severe damage and quick organization lockout. This study aims to measure perceived information system risks and their effects on operational risks within the microfinance institution in D.R. Congo. Also, the factors influencing the operational risk are identified, and the link between operational risk with other risks and performance is to be assessed. The study proposes a research model drawn on the combination of Resources-Based-View, dynamic capabilities, the agency theory, the Information System Security Model, and social theories of risk. Therefore, we suggest adopting a mixed methods research with the sole aim of increasing the literature that already exists on perceived operational risk assessment and its link with other risk and performance, a focus on IT risk.

Keywords: Democratic Republic Congo, information system risk, microfinance performance, operational risk

Procedia PDF Downloads 192

Authors: Hind Bouami, Patrick Millot

Abstract:

Medication dispensing system is a life-critical system whose failure may result in preventable adverse events leading to longer patient stays in hospitals or patient death. Automation has led to great improvements in life-critical systems as it increased safety, efficiency, and comfort. However, critical risks related to medical organization complexity and automated solutions integration can threaten drug dispensing security and performance. Knowledge about the system’s complexity aspects and human machine parameters to control for automated equipment’s security and performance will help operators to secure their automation process and to optimize their system’s reliability. In this context, this study aims to document the operator’s situation awareness about automation risks and parameters involved in automation security and performance. Our risk management approach has been deployed in the North Luxembourg hospital center’s pharmacy, which is equipped with automated drug dispensing systems since 2009. With more than 4 million euros of gains generated, North Luxembourg hospital center’s success story was enabled by the management commitment, pharmacy’s involvement in the implementation and improvement of the automation project, and the close collaboration between the pharmacy and Sinteco’s firm to implement the necessary innovation and organizational actions for automated solutions integration security and performance. An analysis of the actions implemented by the hospital and the parameters involved in automated equipment’s integration security and performance has been made. The parameters to control for automated equipment’s integration security and performance are human aspects (6.25%), technical aspects (50%), and human-machine interaction (43.75%). The implementation of an anthropocentric analysis system before automation would have prevented and optimized the control of risks related to automation.

Keywords: Automated drug delivery systems, Hospitals, Human-centered automated system, Risk management

Procedia PDF Downloads 103

Authors: Mershack O. Tetteh, Albert P. C. Chan, Amos Darko, Gabriel Nani

Abstract:

International construction joint ventures (ICJVs) have evolved as an effective approach to sustainable development, given their myriad socio-economic and environmental benefits. Yet, they are not free of barriers and risks. In many studies, it is termed as risks for convenience’s sake. While the barriers and risks continue to affect the success of ICJVs, a systematic and reliable approach for managing them has yet to be developed. This study aims to identify and classify the barriers and risks factors affecting ICJVs through a systematic literature review. Based on a critical review of 54 papers published in peer-reviewed journals from 1990 to 2019, a conceptual framework was proposed for managing the barriers and risks in ICJV operations. The review showed that the barriers can be grouped into six including inter-organizational differences, lack of expertise and confidence, lack of effective planning and strategies, lack of knowledge of ICJV’s fundamentals, conflicts among ICJV entities, and management difficulties. The risks were also categorized into six: policy and political risks, legal risks, financial risks, management risks, project and technical risks, and market risks. The developed model would help practitioners achieve more efficient resource allocation and bring new perspectives for managerial practices in ICJVs. Moreover, it is positioned to alleviate the negligence of previous studies that combined the barriers and risks factors as one checklist.

Keywords: barriers, construction, international construction joint venture, risks, sustainable development

Procedia PDF Downloads 214

Authors: Sindhu Govardhan, Kenneth G. Crowther

Abstract:

Modernisation of the water sector is leading to increased connectivity and integration of emerging technologies with traditional ones, leading to new security risks. The convergence of Information Technology (IT) with Operation Technology (OT) results in solutions that are spread across larger geographic areas, increasingly consist of interconnected Industrial Internet of Things (IIOT) devices and software, rely on the integration of legacy with modern technologies, use of complex supply chain components leading to complex architectures and communication paths. The result is that multiple parties collectively own and operate these emergent technologies, threat actors find new paths to exploit, and traditional cybersecurity controls are inadequate. Our approach is to explicitly identify and draw data flows that cross trust boundaries between owners and operators of various aspects of these emerging and interconnected technologies. On these data flows, we layer potential attack vectors to create a frame of reference for evaluating possible risks against connected technologies. Finally, we identify where existing controls, mitigations, and other remediations exist across industry partners (e.g., suppliers, product vendors, integrators, water utilities, and regulators). From these, we are able to understand potential gaps in security, the roles in the supply chain that are most likely to effectively remediate those security gaps, and test cases to evaluate and strengthen security across these partners. This informs a “shared responsibility” solution that recognises that security is multi-layered and requires collaboration to be successful. This shared responsibility security framework improves visibility, understanding, and control across the entire supply chain, and particularly for those water utilities that are accountable for safe and continuous operations.

Keywords: cyber security, shared responsibility, IIOT, threat modelling

Procedia PDF Downloads 43

Authors: Chien-Chih Lin

Abstract:

This study argues that the optimal diversifications for the maximization of bank value are asymmetrical; they depend on the business cycle. During times of expansion, systematic risks are relatively low, and hence there is only a slight effect from raising them with a diversified portfolio. Consequently, the benefit of reducing individual risks dominates any loss from raising systematic risks, leading to a higher value for a bank by holding a diversified portfolio of assets. On the contrary, in times of recession, systematic risks are relatively high. It is more likely that the loss from raising systematic risks surpasses the benefit of reducing individual risks from portfolio diversification. Consequently, more diversification leads to lower bank values. Finally, some empirical evidence from the banks in Taiwan is provided.

Keywords: diversification, default probability, systemic risk, banking, business cycle

Procedia PDF Downloads 403

Authors: G. T. Aigarinova

Abstract:

This article considers the legal issues of food security as a major component of national security of the republic. The problem of food security is the top priority of the economic policy strategy of any state, the effectiveness of this solution influences social, political, and ethnic stability in society. Food security and nutrition is everyone’s business. Food security exists when all people, at all times, have physical, social and economic access to sufficient safe and nutritious food that meets their dietary needs and food preferences for an active and healthy life. By analyzing the existing legislation in the area of food security, the author identifies weaknesses and gaps, suggesting ways to improve it.

Keywords: food security, national security, agriculture, public resources, economic security

Procedia PDF Downloads 389

Authors: Shan Li, Qiuwen Ma

Abstract:

Integrated project delivery (IPD) is a project delivery method distinguished by a shared risk/rewards mechanism and multiparty agreement. IPD has drawn increasing attention from construction industry due to its reliability to deliver high-performing buildings. However, unavailable IPD specific insurance concerns the industry participants who are interested in IPD implementation. Even though the risk management capability can be enhanced using shared risk mechanism, some risks may occur when the partners do not commit themselves into the integrated practices in a desired manner. This is because the intense collaboration and close integration can not only create added value but bring new opportunistic behaviors and disputes. The study is aimed to investigate the risks of implementing IPD using Bayesian theory. IPD risk taxonomy is presented to identify all potential risks of implementing IPD and a risk network map is developed to capture the interdependencies between IPD risks. The conditional relations between risk occurrences and the impacts of IPD risks on project performances are evaluated and simulated based on Bayesian theory. The probability of project outcomes is predicted by simulation. In addition, it is found that some risks caused by integration are most possible occurred risks. This study can help the IPD project participants identify critical risks of adopting IPD to improve project performances. In addition, it is helpful to develop IPD specific insurance when the pertinent risks can be identified.

Keywords: Bayesian theory, integrated project delivery, project risks, project performances

Procedia PDF Downloads 265

Authors: Amjad F. Alharbi, Bashayer A. Alotaibi, Fahd S. Alotaibi

Abstract:

The emergence of Internet of Things (IoT) technology provides capabilities for a huge number of smart devices, services and people to be communicate with each other for exchanging data and information over existing network. While as IoT is progressing, it provides many opportunities for new ways of communications as well it introduces many security and privacy threats and challenges which need to be considered for the future of IoT development. In this survey paper, an IoT security issues as threats and current challenges are summarized. The security architecture for IoT are presented from four main layers. Based on these layers, the IoT security requirements are presented to insure security in the whole system. Furthermore, some researches initiatives related to IoT security are discussed as well as the future direction for IoT security are highlighted.

Keywords: Internet of Things (IoT), IoT security challenges, IoT security requirements, IoT security architecture

Procedia PDF Downloads 342

Authors: Mduduzi Nhlozi

Abstract:

Food insecurity continues to persist in rural areas of South Africa today. A number of factors can be attributed to this including declining rural economies, rising unemployment, natural disasters such as drought as well as shifting cultural norms, values, traditions and beliefs. This paper explores mechanisms used by rural households to achieve food security in the midst of various threats and risks to their livelihoods. The study used semi-structured questionnaire to collect information on lived experiences of households in their quest to access and ensure availability of food. The paper finds that households use a number of food strategies namely economy-related, culture-related and rite-of-passage related strategies to achieve food security. The thrust of argument in the paper is that there is a need for food security studies to move beyond the orthodox, economic analytic framework, towards new institutional economics, focusing on local governance and socio-cultural systems supporting households to achieve food security. It advocates for localised food security plans to be developed by local municipalities to improve food security status for rural households.

Keywords: household, food insecurity, food strategies, new institutional economics, umkhanyakude

Procedia PDF Downloads 87

Authors: N. N. Mosola, K. F. Moeketsi, R. Sehobai, N. Pule

Abstract:

The Internet brings increasing use of Information and Communications Technology (ICT) services and facilities. Consequently, new computing paradigms emerge to provide services over the Internet. Although there are several benefits stemming from these services, they pose several risks inherited from the Internet. For example, cybercrime, identity theft, malware etc. To thwart these risks, this paper proposes a holistic approach. This approach involves multidisciplinary interactions. The paper proposes a top-down and bottom-up approach to deal with cyber security concerns in developing countries. These concerns range from regulatory and legislative areas, cyber awareness, research and development, technical dimensions etc. The main focus areas are highlighted and a cybersecurity model solution is proposed. The paper concludes by combining all relevant solutions into a proposed cybersecurity model to assist developing countries in enhancing a cyber-safe environment to instill and promote a culture of cybersecurity.

Keywords: cybercrime, cybersecurity, computer emergency response team, computer security incident response team

Procedia PDF Downloads 126

Authors: Eithan Hourie, Miki Malul, Raphael Bar-El

Abstract:

To investigate the relationship between various welfare policies and the value of job security, we conducted a study with 201 people regarding their assessments of the value of job security with respect to three elements: income stability, assurance of continuity of employment, and security in the job. The experiment simulated different welfare policy scenarios, such as the amount and duration of unemployment benefits, workfare, and basic income. The participants evaluated the value of job security in various situations. We found that the value of job security is approximately 22% of the starting salary, which is distributed as follows: 13% reflects income security, 8.7% reflects job security, and about 0.3% is for being able to keep their current employment in the future. To the best of our knowledge, this article is one of the pioneers in trying to quantify the value of job security in different market scenarios and at varying levels of welfare policy. Our conclusions may help decision-makers when deciding on a welfare policy.

Keywords: job security value, employment protection legislation, status quo bias, expanding welfare policy

Procedia PDF Downloads 73

Authors: Sylvia Szabo, Thilini Navaratne, Indrajit Pal, Seree Park

Abstract:

Deltaic and coastal regions are often strategically important both from local and regional perspectives. While deltas are known to be bread baskets of the world, delta inhabitants often face the risk of food and nutritional insecurity. These risks are highly exacerbated by the impacts of climate and environmental change. While numerous regional studies examined the prevalence and the determinants of food security in specific delta and coastal regions, there is still a lack of a systematic analysis of the most widely used scientific food security indicators. In order to fill this gap, a systematic review was carried out using Covidence, a Cochrane-adopted systematic review processing software. Papers included in the review were selected from the SCOPUS, Thomson Reuters Web of Science, Science Direct, ProQuest, and Google Scholar databases. Both scientific papers and grey literature (e.g., reports by international organizations) were considered. The results were analyzed by food security components (access, availability, quality, and strategy) and by world regions. Suggestions for further food security, nutrition, and health research, as well as policy-related implications, are also discussed.

Keywords: delta regions, coastal, food security, indicators, systematic review

Procedia PDF Downloads 210

Authors: Ranbir Singh, Deepinder Kaur

Abstract:

Network security is an important aspect in every field like government offices, Educational Institute and any business organization. Network security consists of the policies adopted to prevent and monitor forbidden access, misuse, modification, or denial of a computer network. Network security is very complicated subject and deal by only well trained and experienced people. However, as more and more people become wired, an increasing number of people need to understand the basics of security in a networked world. The history of the network security included an introduction to the TCP/IP and interworking. Network security starts with authenticating, commonly with a username and a password. In this paper, we study about various types of attacks on network security and how to handle or prevent this attack.

Keywords: network security, attacks, denial, authenticating

Procedia PDF Downloads 370

Authors: Amani A. Saad, Ahmed A. El-Farag, El-Sayed A. Helali

Abstract:

Cloud computing is an important and promising field in the recent decade. Cloud computing allows sharing resources, services and information among the people of the whole world. Although the advantages of using clouds are great, but there are many risks in a cloud. The data security is the most important and critical problem of cloud computing. In this research a new security model for cloud computing is proposed for ensuring secure communication system, hiding information from other users and saving the user's times. In this proposed model Blowfish encryption algorithm is used for exchanging information or data, and SHA-2 cryptographic hash algorithm is used for data integrity. For user authentication process a user-name and password is used, the password uses SHA-2 for one way encryption. The proposed system shows an improvement of the processing time of uploading and downloading files on the cloud in secure form.

Keywords: cloud Ccomputing, data security, SAAS, PAAS, IAAS, Blowfish

Procedia PDF Downloads 450

Authors: Petar Kurecic, Josipa Penic

Abstract:

The paper represents a product of mentor-graduate student cooperation, developed at the graduate study of Business Economics, major Tourism. The analysis was made through the anonymous questionnaire filled by the respondents from Croatia. Following the latest threatening events and having in mind those yet to come, it can be concluded that no country can benefit from the tourism industry if at the same time does not develop its security system as an integral part of the standard tourist offer. Analyzing the trends in contemporary tourism, the safety and security issues became the decisive factors for the choice of a certain destination. Consequently, countries must not perceive security systems and measures as an unnecessary expense but as an essential element in organizing their tourist services. All hotels and respectable tourist agencies should have a crisis management, with detailed, thoroughly elaborated procedures for emergency situations. Tourists should be timely informed about the potential dangers and risks and the measures taken to prevent them, as well as on procedures for emergency situations. Additionally, it would be good to have mobile applications that would enable tourists to make direct emergency calls with instructions on behavior in crisis situations. It is also essential to implement and put into effect sophisticated security measures such as using surveillance cameras, controlling access to buildings, information exchange with colleagues and neighbors, reporting the suspicious occurrences to the security services, and training staff for crisis management. The security issue is definitely one of the crucial factors in the development of tourism in a certain country.

Keywords: security, security measures in tourism, tourism, tourist destinations

Procedia PDF Downloads 247

Authors: Monirah Alkathiry, Hanan Aljarwan

Abstract:

Cloud computing is one of the most significant technologies that the world deals with, in different sectors with different purposes and capabilities. The cloud faces various challenges in securing data from unauthorized access or modification. Consequently, security risks and levels have greatly increased. Therefore, cloud service providers (CSPs) and users need secure mechanisms that ensure that data are kept secret and safe from any disclosures or exploits. For this reason, CSPs need a number of techniques and technologies to manage and secure access to the cloud services to achieve security goals, such as confidentiality, integrity, identity access management (IAM), etc. Therefore, this paper will review and explore various access controls implemented in a cloud environment that achieve different security purposes. The methodology followed in this survey was conducting an assessment, evaluation, and comparison between those access controls mechanisms and technologies based on different factors, such as the security goals it achieves, usability, and cost-effectiveness. This assessment resulted in the fact that the technology used in an access control affects the security goals it achieves as well as there is no one access control method that achieves all security goals. Consequently, such a comparison would help decision-makers to choose properly the access controls that meet their requirements.

Keywords: access controls, cloud computing, confidentiality, identity and access management

Procedia PDF Downloads 102

Authors: Justyna Żywiołek, Marek Matulewski

Abstract:

Data, is information processed by enterprises for primary and secondary purposes as processes. Thanks to processing, the sales process takes place; in the case of the surveyed companies, sales take place online. However, this indirect form of contact with the customer causes many problems for both customers and furniture manufacturers. The article presents solutions that would solve problems related to the analysis of data and information in the order fulfillment process sent to post-warranty service. The article also presents an analysis of threats to the security of this information, both for customers and the enterprise.

Keywords: ordering furniture online, information security, furniture industry, enterprise security, risk analysis

Procedia PDF Downloads 19

Authors: Ying Zhu

Abstract:

Recent years have witnessed a boom of foreign investments in the field of artificial intelligence (AI). Foreign investments provide critical capital for AI development but also trigger national security concerns of host states. A notable example is an increasing number of cases in which the Committee on Foreign Investment in the United States (CFIUS) has denied Chinese acquisitions of US technology companies on national security grounds. On July 19, 2018, the Congress has reached a deal on the final draft of a new provision to strengthen CFIUS’s authority to review overseas transactions involving sensitive US technology. The question is: how to reconcile the emerging tension between, on the one hand, foreign AI investors’ expectations of a predictable investment environment, and on the other hand, host states’ regulatory power on national security? This paper provides a methodology to reconcile this tension under international investment law. Based on an examination, the national security exception clauses in international investment treaties and the application of national security justification in investor-state arbitration jurisprudence, the paper argues that a traditional interpretation of the national security exception, based on the necessity concept in customary international law, fails to take into account new risks faced by countries, including security concerns over strategic industries such as AI. To overcome this shortage, the paper proposes to incorporate an integrated national security clause in international investment treaties, which includes a two-tier test: a ‘self-judging’ test in the pre-establishment period and a ‘proportionality’ test in the post-establishment period. At the end, the paper drafts a model national security clause for future treaty-drafting practice.

Keywords: foreign investment, artificial intelligence, international investment law, national security exception

Procedia PDF Downloads 122

Authors: Amani A. Saad, Ahmed A. El-Farag, El-Sayed A. Helali

Abstract:

Cloud computing is an important and promising field in the recent decade. Cloud computing allows sharing resources, services and information among the people of the whole world. Although the advantages of using clouds are great, but there are many risks in a cloud. The data security is the most important and critical problem of cloud computing. In this research a new security model for cloud computing is proposed for ensuring secure communication system, hiding information from other users and saving the user's times. In this proposed model Blowfish encryption algorithm is used for exchanging information or data, and SHA-2 cryptographic hash algorithm is used for data integrity. For user authentication process a simple user-name and password is used, the password uses SHA-2 for one way encryption. The proposed system shows an improvement of the processing time of uploading and downloading files on the cloud in secure form.

Keywords: cloud computing, data security, SAAS, PAAS, IAAS, Blowfish

Procedia PDF Downloads 323

Authors: Bassey Odiong Akan

Abstract:

In recent decades potentially significant changes have taken place in the world of work and these have led to the emergence of new challenges in occupational safety and health. The working environment is now not only wroth with concerns about physical, biological and chemical risks but also emerging risks which are completely new risks that have never been seen before or previously known risks that are evolving in unexpected ways with unanticipated consequences. Psychosocial risk factors and its attendant hazards happen to be one of them and can impact health directly or indirectly, mediated by work-related stress. These risks are related to the way work is designed, organised and managed, as well as the economic and social contexts of work. It has become necessary to identify, explore and anticipate the dynamics of these risks factors and hazards with regards to how it affects women. This presentation is a review of information gathered from books of distinguished authors, research work and scientific/professional journals on the psychosocial work environment intended as a guide to stimulate discussion, raise awareness and encourage research and action at different levels.

Keywords: emerging risks, psychosocial hazards, psychosocial risk factors, work related stress

Procedia PDF Downloads 246

Authors: Jasman Tuyon, Zamri Ahmad

Abstract:

Behavioral asset pricing research has been gaining momentum since in 1990s. However, it is still incomplete and has been criticized for some philosophical, theoretical and model specification limitations. Due to these drawbacks, investors’ behaviors as a source of risk in behavioral asset pricing modeling still remains disputable. This paper aims to address these issues with an alternative perspective based on behavioral finance paradigm. Specifically, this paper proposes a theoretical linkages of both fundamental and behavioral risks on stock prices formation and an extension of the multifactor stock pricing model by combining multi-factor fundamentals and behavioral risks factors.

Keywords: behavioral finance, multifactor asset pricing, behavioral risks, fundamental risks

Procedia PDF Downloads 465

Authors: Yunos Zahri, Ab Hamid R. Susanty, Ahmad Mustaffa

Abstract:

This paper explores the need for a national baseline study on understanding the level of cyber security situational awareness among primary and secondary school students in Malaysia. The online survey method was deployed to administer the data collection exercise. The target groups were divided into three categories: Group 1 (primary school aged 7-9 years old), Group 2 (primary school aged 10-12 years old), and Group 3 (secondary school aged 13-17 years old). A different questionnaire set was designed for each group. The survey topics/areas included Internet and digital citizenship knowledge. Respondents were randomly selected from rural and urban areas throughout all 14 states in Malaysia. A total of 9,158 respondents participated in the survey, with most states meeting the minimum sample size requirement to represent the country’s demographics. The findings and recommendations from this baseline study are fundamental to develop teaching modules required for children to understand the security risks and threats associated with the Internet throughout their years in school. Early exposure and education will help ensure healthy cyber habits among millennials in Malaysia.

Keywords: cyber security awareness, cyber security education, cyber security, school students

Procedia PDF Downloads 266

Authors: Laura Ramona Nae

Abstract:

The issue of risks faced by companies providing tourist and hotel services in the HoReCa field, related to the goods belonging to consumer tourists left in hotel storage, has acquired a new dimension in the context of the economic and geo-political influences that have recently intervened at the global level. Thus, hoteliers and not only had to create contractual mechanisms regarding the risks and to protect the businesses in this field of activity. This situation has led to a reassessment of the importance of insurance, in particular with regard to hotel liability insurance-premises liability, safety, and security of goods. Interpretation of clauses in contracts concluded between hoteliers and tourists consuming hotel services and products, all the more so in the current pandemic context of Covid 19, stressed the increase in the number of disputes generated by them. This article presents a general picture of the significance of the risks related to the activity carried out in the hospitality industry, tourism, respectively within the HoReCa field. The study mainly marks the specificities of the hotel deposit contract, as well as the related insurance specific to the field, as a way to cover these risks. The article also refers to alternative methods of out-of-court settlement of disputes (ADR) in the HoReCa domain, generally used in both Romania and the European Union.

Keywords: consumer tourist, disputes and ADR methods, deposit contract, hotel warehouse and hotelier insurance, hotel services and tourist products, HoReCa

Procedia PDF Downloads 27

Authors: Ibraheem A. K. Mahameed

Abstract:

The aim of this study is to identify the risks affecting time performance of building construction projects in the West Bank in Palestine from contractors’ viewpoint. 38 risks that might affect time performance of building construction projects were defined through a detailed literature review. These risks have been classified into 6 groups: project, managerial, consultant, financial, external, and construction items. A questionnaire survey was performed to rank the considered risks in terms of severity and frequency. The analysis of the survey indicated that the top five risks affecting time performance of building construction projects in Palestine are: award project to the lowest price, political situation, poor communication and coordination between construction parties, change orders, and financial status of contractor.

Keywords: delay, time performance, construction, building

Procedia PDF Downloads 433

Authors: Jefferson Camacho Mejía, Jenny Paola Forero Pachón, Luis Carlos Gómez Flórez

Abstract:

Action research is a qualitative research methodology, which leads the researcher to delve into the problems of a community in order to understand its needs in depth and finally, to propose actions that lead to a change of social paradigm. Although this methodology had its beginnings in the human sciences, it has attracted increasing interest and acceptance in the field of information systems research since the 1990s. The countless possibilities offered nowadays by the use of Information Technologies (IT) in the development of different socio-economic activities have meant a change of social paradigm and the emergence of the so-called information and knowledge society. According to this, governments, large corporations, small entrepreneurs and in general, organizations of all kinds are using IT to virtualize their processes, taking them from the physical environment to the digital environment. However, there is a potential risk for organizations related with exposing valuable information without an appropriate framework for protecting it. This paper shows progress in the development of a methodological design to manage the information security risks associated with the IT-based processes virtualization, by applying the principles of the action research methodology and it is the result of a systematic review of the scientific literature. This design consists of seven fundamental stages. These are distributed in the three stages described in the action research methodology: 1) Observe, 2) Analyze and 3) Take actions. Finally, this paper aims to offer an alternative tool to traditional information security management methodologies with a view to being applied specifically in the planning stage of IT-based process virtualization in order to foresee risks and to establish security controls before formulating IT solutions in any type of organization.

Keywords: action research, information security, information technology, methodological design, process virtualization, risk management

Procedia PDF Downloads 134

Authors: Rebecca Zahra, Joseph G. Vella, Ernest Cachia

Abstract:

The notion of cloud computing is rapidly gaining ground in the IT industry and is appealing mostly due to making computing more adaptable and expedient whilst diminishing the total cost of ownership. This paper focuses on the software as a service (SaaS) architecture of cloud computing which is used for the outsourcing of databases with their associated business processes. One approach for offering SaaS is basing the system’s architecture on multi-tenancy. Multi-tenancy allows multiple tenants (users) to make use of the same single application instance. Their requests and configurations might then differ according to specific requirements met through tenant customisation through the software. Despite the known advantages, companies still feel uneasy to opt for the multi-tenancy with data security being a principle concern. The fact that multiple tenants, possibly competitors, would have their data located on the same server process and share the same database tables heighten the fear of unauthorised access. Security is a vital aspect which needs to be considered by application developers, database administrators, data owners and end users. This is further complicated in cloud-based multi-tenant system where boundaries must be established between tenants and additional access control models must be in place to prevent unauthorised cross-tenant access to data. Moreover, when altering the database state, the transactions need to strictly adhere to the tenant’s known business processes. This paper focuses on the fact that security in cloud databases should not be considered as an isolated issue. Rather it should be included in the initial phases of the database design and monitored continuously throughout the whole development process. This paper aims to identify a number of the most common security risks and threats specifically in the area of multi-tenant cloud systems. Issues and bottlenecks relating to security risks in cloud databases are surveyed. Some techniques which might be utilised to overcome them are then listed and evaluated. After a description and evaluation of the main security threats, this paper produces a list of software requirements to ensure that proper security policies are implemented by a software development team when designing and implementing a multi-tenant based SaaS. This would then assist the cloud service providers to define, implement, and manage security policies as per tenant customisation requirements whilst assuring security for the customers’ data.

Keywords: cloud computing, data management, multi-tenancy, requirements, security

Procedia PDF Downloads 127

Authors: Lee Li

Abstract:

The strategic management literature posits that the major motive of strategic alliances is to share resources, costs and risks. However, the literature also indicates that such sharing leads to transaction costs which are positively correlated with environmental dynamism. As such, it is not clear why firms are willing to cover high transaction costs for sharing resources, costs and risks. This study categorizes resources into firm-specific and general resource; costs into accounting and non-accounting cost; and risks into visible and invisible risks. Using data from 167 Canadian firms in technology industries, we find that sharing firm-specific resources and non-accounting costs are negatively correlated with environmental dynamism but sharing general resources, accounting costs and visible risks are positively correlated with environmental dynamism. Findings suggest that sharing certain resources, costs and risks do not necessarily incur high transaction costs.

Keywords: environmental dynamism, strategic alliances, resource/cost/risk sharing

Procedia PDF Downloads 338

Authors: Ali Mohaghar, Iman Ghasemian Sahebi, Alireza Arab

Abstract:

In the last decades, increasing in human and natural disaster occurrence had very irreparable effects on human life. Hence, one of the important issues in humanitarian supply chain management is identifying and prioritizing the different risks and finding suitable solutions for encountering them at the time of disaster occurrence. This study is an attempt to provide a comprehensive review of humanitarian supply chain risks in a case study of Tehran Red Crescent Societies. For this purpose, Best-Worst method (BWM) has been used for analyzing the risks of the humanitarian supply chain. 22 risks of the humanitarian supply chain were identified based on the literature and interviews with four experts. According to BWM method, the importance of each risk was calculated. The findings showed that culture contexts, little awareness of people, and poor education system are the most important humanitarian supply chain risks. This research provides a useful guideline for managers so that they can benefit from the results to prioritize their solutions.

Keywords: Best-Worst Method, humanitarian logistics, humanitarian supply chain, risk management

Procedia PDF Downloads 284

Authors: Nipuli Gajanayake

Abstract:

The Russian military role beyond its national frontier has become a debatable hot topic in the international political arena. It’s advanced, and strategic responses in combating regional and international security problems have always been a factor to debate and criticize. Under such critical circumstances, Russia is attentive to play its military role according to the provisions of the Military Doctrine of the Russian Federation. Most importantly, the legal basis of the doctrine has also consisted with the generally recognized principles and norms of international law. Therefore, Russian international military assistances are pledged to accomplish international peace and security. The expansion of Russian military participation in the United Nations Peacekeeping operations, and military- political, and technical cooperation have largely evident the great effort of Russia in maintaining and restoring international peace and security. Moreover, the conflict management diplomacy and the development of dialogue with nation states to confront military risks and threats can also identify as a part of preserving international peace and security. In addition, Russia strives to strengthen the system of collective security with regional and international organizations through the legal framework of the Collective Security Treaty Organization (CSTO). Maintaining cooperative ties with the Commonwealth of Independent States (CIS), the Organization for Security and Cooperation in Europe (OSCE) and the Shanghai Cooperation Organization (SCO) have highlighted the Russian deliberation on maintaining regional peace and security. Nevertheless, the extension of cordial relations with nation states and providing of military assistances during tensions and conflicts on their territories can also underscore as Russians commitments on maintaining international peace and security. Observing and recognizing the disparity between the West portrayed terms like ‘illegal Russian interventions’ and the comprehensive reality behind the ‘Russian military assistances’ are important to understand. However, a lopsided vision or a perspective towards the Russian international military role would not present a clear understanding about its valued and also dedicated hard work on maintaining international peace and security.

Keywords: collective security, diplomacy, international military role of Russia, international peace and security

Procedia PDF Downloads 272