Search results for: security risks

Authors: Michał Witas

Abstract:

This paper presents a technical approach to analysis of security of SCADA systems. Main goal of the paper is to make SCADA administrators aware of risks resulting from SCADA systems usage and to familiarize with methods that can be adopt to existing or planned system, to increase overall system security level. Because SCADA based systems become a industrial standard, more attention should be paid to the security of that systems. Industrial Control Systems (ICS) like SCADA are responsible for controlling crucial aspects of wide range of industrial processes. In pair with that responsibility, goes a lot of money that can be earned or lost – this fact is main reason of increased interest of attackers. Additionally ICS are often responsible for maintaining resources strategic from the point of view of national economy, like electricity (including nuclear power plants), heating, water resources or military facilities, so they can be targets of terrorist cybernetic attacks. Without proper risk analysis and management, vulnerabilities resulting from the usage of SCADA can be easily exploited by potential attacker. Paper is based mostly on own experience in systems security, gathered during academic studies and professional work in international company. As title suggests, it will cover only basics of topic, because every of points mentioned in the document can be base for additional research and papers.

Keywords: denial of service, SCADA, security policy, distributed network

Procedia PDF Downloads 343

Authors: Ari S. Prabowo, Nia Febriyanti, Haryono B. Santosa

Abstract:

Security function that is called as Physical Protection Systems (PPS) has functions to detect, delay and response. Physical Protection Systems (PPS) in Detection and Radiation Measurement Laboratory needs to be improved continually by using internal resources. The nuclear security culture provides some potentials to support this research. The study starts by identifying the security function’s weaknesses and its strengths of security culture as a purpose. Secondly, the strengths of security culture are implemented in the laboratory management. Finally, a simulation was done to measure its effectiveness. Some changes were happened in laboratory personnel behaviors and procedures. All became more prudent. The results showed a good influence of nuclear security culture in laboratory security functions.

Keywords: laboratory, physical protection system, security culture, security function

Procedia PDF Downloads 145

Authors: Amir Ali Fatoorchi

Abstract:

Regardless of the advantage of LoT devices, they have limitations like storage, compute, and security problems. In recent years, a lot of Blockchain-based research in IoT published and presented. In this paper, we present the Security issues of LoT. IoT has three levels of security issues: Low-level, Intermediate-level, and High-level. We survey and compare blockchain-based solutions for high-level security issues and show how the underlying technology of bitcoin and Ethereum could solve IoT problems.

Keywords: Blockchain, security, data security, IoT

Procedia PDF Downloads 178

Authors: Elham Rajabian

Abstract:

The ascent of cybersecurity incidents is a rising threat to most organisations in general, while the impact of the incidents is unique to each of the organizations. It is a need for behavioural sciences to concentrate on employees’ behaviour in order to prepare key security mitigation opinions versus cybersecurity incidents. There are noticeable differences among users of a computer system in terms of complying with security behaviours. We can discuss the people's differences under several subjects such as delaying tactics on something that must be done, the tendency to act without thinking, future thinking about unexpected implications of present-day issues, and risk-taking behaviours in security policies compliance. In this article, we introduce high-profile cyber-attacks and their impacts on weakening cyber resiliency in organizations. We also give attention to human errors that influence network security. Human errors are discussed as a part of psychological matters to enhance compliance with the security policies. The organizational challenges are studied in order to shape a sustainable cyber risks management approach in the related work section. Insiders’ behaviours are viewed as a cyber security gap to draw proper cyber resiliency in section 3. We carry out the best cybersecurity practices by discussing four CIS challenges in section 4. In this regard, we provide a guideline and metrics to measure cyber resilience in organizations in section 5. In the end, we give some recommendations in order to build a cybersecurity culture based on individual behaviours.

Keywords: cyber resilience, human factors, cybersecurity behavior, attitude, usability, security culture

Procedia PDF Downloads 68

Authors: Wesam Hamed

Abstract:

This paper contributes to the existing literature by investigating the impact of political risks on the capital adequacy ratio in the banking sector of Gulf Cooperation Council (GCC) countries, which is the first attempt for this nexus to the best of our knowledge. The dynamic panel data model (System‐GMM) showed that political risks significantly decrease the capital adequacy ratio in the banking sector. For this purpose, we used political risks, bank-specific, profitability, and macroeconomic variables that are utilized from the data stream database for the period 2005-2017. The results also actively support the “too big to fail” hypothesis. Finally, the robustness results confirm the conclusions derived from the baseline System‐GMM model.

Keywords: capital adequacy ratio, system GMM, GCC, political risks

Procedia PDF Downloads 117

Authors: Lamia Hammadi, Abdellah Ait Ouhman, Aomar Ibourk

Abstract:

It is widely assumed that the case of Customs Supply Chain is classified as a complex system, due to not only the variety and large number of actors, but also their complex structural links, and the interactions between these actors, that’s why this system is subject to various types of Risks. The economic, political and social impacts of those risks are highly detrimental to countries, businesses and the public, for this reason, Risk management in the customs supply chain is becoming a crucial issue to ensure the sustainability, security and safety. The main characteristic of customs risk management approach is determining which goods and means of transport should be examined? To what extend? And where future compliance resources should be directed? The purposes of this article are, firstly to deal with the concept of customs supply chain, secondly present our risk management approach based on Cross Activity Based Costing (ABC) Method as an interactive tool to support decision making in customs risk management. Finally, analysis of case study of Moroccan customs to putting theory into practice and will thus draw together the various elements of a structured and efficient risk management approach.

Keywords: cross ABC method, customs supply chain, risk, risk management

Procedia PDF Downloads 348

Authors: Raphaël Weuts, Mykyta Petik, Anton Vedder

Abstract:

Artificial Intelligence has the potential to create and already creates enormous value in healthcare. Prescriptive systems might be able to make the use of healthcare capacity more efficient. Such systems might entail interpretations that exclude the effect of confounders that brings risks with it. Those risks might be mitigated by regulation that prevents systems entailing such risks to come to market. One modality of regulation is that of legislation, and the European AI Act is an example of such a regulatory instrument that might mitigate these risks. To assess the risk mitigation potential of the AI Act for those risks, this research focusses on a case study of a hypothetical application of medical device software that entails the aforementioned risks. The AI Act refers to the harmonised norms for already existing legislation, here being the European medical device regulation. The issue at hand is a causal link between a confounder and the value the algorithm optimises for by proxy. The research identifies where the AI Act already looks at confounders (i.a. feedback loops in systems that continue to learn after being placed on the market). The research identifies where the current proposal by parliament leaves legal uncertainty on the necessity to check for confounders that do not influence the input of the system, when the system does not continue to learn after being placed on the market. The authors propose an amendment to article 15 of the AI Act that would require high-risk systems to be developed in such a way as to mitigate risks from those aforementioned confounders.

Keywords: AI Act, healthcare, confounders, risks

Procedia PDF Downloads 231

Authors: Mireille Elhajj, Washington Ochieng, Deeph Chana

Abstract:

The challenges of the rapid growth in the demand for transport has traditionally been seen within the context of the problems of congestion, air quality, climate change, safety, and affordability. However, there are increasing threats including those related to crime such as cyber-attacks that threaten the security of the transport of people and goods. To the best of the authors’ knowledge, this paper presents for the first time, a comprehensive framework for the assessment of the current and future security issues of multi-modal transport systems. The approach or method proposed is based on a structured framework starting with a detailed specification of the transport asset map (transport system architecture), followed by the identification of vulnerabilities. The asset map and vulnerabilities are used to identify the various approaches for exploitation of the vulnerabilities, leading to the creation of a set of threat scenarios. The threat scenarios are then transformed into risks and their categories, and include insights for their mitigation. The consideration of the mitigation space is holistic and includes the formulation of appropriate policies and tactics and/or technical interventions. The quality of the framework is ensured through a structured and logical process that identifies the stakeholders, reviews the relevant documents including policies and identifies gaps, incorporates targeted surveys to augment the reviews, and uses subject matter experts for validation. The approach to categorising security risks is an extension of the current methods that are typically employed. Specifically, the partitioning of risks into either physical or cyber categories is too limited for developing mitigation policies and tactics/interventions for transport systems where an interplay between physical and cyber processes is very often the norm. This interplay is rapidly taking on increasing significance for security as the emergence of cyber-physical technologies, are shaping the future of all transport modes. Examples include: Connected Autonomous Vehicles (CAVs) in road transport; the European Rail Traffic Management System (ERTMS) in rail transport; Automatic Identification System (AIS) in maritime transport; advanced Communications, Navigation and Surveillance (CNS) technologies in air transport; and the Internet of Things (IoT). The framework adopts a risk categorisation scheme that considers risks as falling within the following threat→impact relationships: Physical→Physical, Cyber→Cyber, Cyber→Physical, and Physical→Cyber). Thus the framework enables a more complete risk picture to be developed for today’s transport systems and, more importantly, is readily extendable to account for emerging trends in the sector that will define future transport systems. The framework facilitates the audit and retro-fitting of mitigations in current transport operations and the analysis of security management options for the next generation of Transport enabling strategic aspirations such as systems with security-by-design and co-design of safety and security to be achieved. An initial application of the framework to transport systems has shown that intra-modal consideration of security measures is sub-optimal and that a holistic and multi-modal approach that also addresses the intersections/transition points of such networks is required as their vulnerability is high. This is in-line with traveler-centric transport service provision, widely accepted as the future of mobility services. In summary, a risk-based framework is proposed for use by the stakeholders to comprehensively and holistically assess the security of transport systems. It requires a detailed understanding of the transport architecture to enable a detailed vulnerabilities analysis to be undertaken, creates threat scenarios and transforms them into risks which form the basis for the formulation of interventions.

Keywords: mitigations, risk, transport, security, vulnerabilities

Procedia PDF Downloads 131

Authors: Muhammad Wasif, Asif Ahmed Shaikh, Sarosh Hashmat Lodi, Muhammad Aslam Bhutto, Riazuddin

Abstract:

Risk Management System is quite popular in profit- based organizations, health and safety and project management fields since the last few decades. But due to rapidly changing environment and requirement of ISO 9001:2015 standards, public-sector institution, especially higher education institutes are also performing risk assessment to monitor the performance of the institution and aligning it with the latest benchmark. In this context, NED University of Engineering and Technology performed research and developed a Standard Operating Procedure (SOP) for the risk assessment, its monitoring and control. In this research, risks are broken into the four sources, namely; Internal Academics Risks, External Academics Risks, Internal Non-academic Risks, External Non-academic Risks. Risks are identified by the management at all levels. Severity and likelihood of the risks are assigned based on the previous audit results and the customer complains. Risk Ratings are calculated to orderly arrange the risk according to the Risk Rating, and controls for the risks are designed, which are assigned to the responsible person. At the end of the article, result and analysis on the different sources of risk are discussed in details and the conclusion is drawn. Discussion on few sample risks are presented in this article. Hence it is presented in the research that the Risk Management System can be applied in a Higher Education Institute to effectively control the risks which might affect the scope and Quality Management System of an organization.

Keywords: higher education, quality management system, risk assessment, risk management

Procedia PDF Downloads 270

Authors: Ali Abdullah Albezaghi

Abstract:

This article aims to introduce a conceptual framework that can facilitate investigations concerning the role of risk management practices in the relationship between construction risks and the construction project's performance. This article is structured based on the extant literature; it reviews theoretical perspectives, highlights the gaps, and illustrates the significance of developing a framework of suggested relationships. Despite growing interest in the role of risks in construction project performance, previous studies have paid little attention to investigating the moderating role of risk management practices on the risk-performance link. This has left researchers and construction project managers with minimal information to explain the conditions under which risk management practices can reduce the impact of project-related risks and improve performance. In this context, this article suggests a viable research model with propositions that assess risk-performance relationships and discusses the potential moderating effects on the domain relationship. This paper adds to the risk management literature by focusing on risk variables that directly impact performance. Further, it also considers the moderating role of risk management practices in such relationships.

Keywords: risk management practices, external risks, internal risks, project risks, project performance

Procedia PDF Downloads 97

Authors: Sitrapee Changmuenwai, Sudaratana Wongweragiat

Abstract:

It is important that a dry chemical fire extinguisher must be inspected for its readiness. For each inspection, the inspectors need to turn the fire extinguisher tank upside down to let the chemical inside the tank move and prevent solidification, which would make the tank not ready for usage when needed. Each tank weighs approximately 16 kg. The inspectors have to turn each tank upside down twice (2 minutes/round). They need to put the tanks over their shoulder close to their ear in order to hear the chemical flow inside the tank or use their hands to feel it. The survey and questionnaire 'The Questionnaire Know Body', which includes neck, left shoulder, upper and lower right arms suggest that all 12 security staffs have the same fatigues. The current dry chemical fire extinguisher inspection affects various ergonomic health problems. Rapid Entire Body Assessment (REBA) is used for evaluation of posture risks so that the working postures may be redesigned or corrected. The dry chemical fire extinguisher inspection equipment has been developed to reduce ergonomic health risks for the inspectors. A REBA analysis has been performed again, and the risk score has been decreased from 13 to 3. In addition, feedbacks from the first trial of the developed equipment show that there are demands to increase the installation in order to reduce the ergonomic health risks.

Keywords: dry chemical fire extinguisher inspection equipment, ergonomic, REBA, rapid entire body assessment

Procedia PDF Downloads 99

Authors: Serzhan Ashirov, Dana Nour, Rafat Rob, Khaled Alotaibi

Abstract:

There has been a fast growth in the introduction and use of communications, information, monitoring, and sensing technologies. The new technologies are making their way to the Industrial Control Systems as embedded in products, software applications, IT services, or commissioned to enable integration and automation of increasingly global supply chains. As a result, the lines that separated the physical, digital, and cyber world have diminished due to the vast implementation of the new, disruptive digital technologies. The variety and increased use of these technologies introduce many cybersecurity risks affecting cyber-resilience of the supply chain, both in terms of the product or service delivered to a customer and members of the supply chain operation. US department of energy considers supply chain in the IR4 space to be the weakest link in cybersecurity. The IR4 identified the digitization of the field devices, followed by digitalization that eventually moved through the digital transformation space with little care for the new introduced cybersecurity risks. This paper will examine the best methodologies for securing the electrical substations from cybersecurity attacks due to supply chain risks, and due to digitization effort. SCADA systems are the most vulnerable part of the power system infrastructure due to digitization and due to the weakness and vulnerabilities in the supply chain security. The paper will discuss in details how create a secure supply chain methodology, secure substations, and mitigate the risks due to digitization

Keywords: cybersecurity, supply chain methodology, secure substation, digitization

Procedia PDF Downloads 38

Authors: Huang Dennis, Aurelio Aziel, Burra Venkata Durga Kumar

Abstract:

Nowadays, smartphones and mobile operating systems have been popularly widespread in our daily lives. As people use smartphones, they tend to store more private and essential data on their devices, because of this it is very important to develop more secure mobile operating systems and cloud storage to secure the data. However, several factors can cause security risks in mobile operating systems such as malware, malicious app, phishing attacks, ransomware, and more, all of which can cause a big problem for users as they can access the user's private data. Those problems can cause data loss, financial loss, identity theft, and other serious consequences. Other than that, during the pandemic, people will use their mobile devices more and do all sorts of transactions online, which may lead to more victims of online scams and inexperienced users being the target. With the increase in attacks, researchers have been actively working to develop several countermeasures to enhance the security of operating systems. This study aims to provide an overview of the security and privacy issues in mobile operating systems, identifying the potential risk of operating systems, and the possible solutions. By examining these issues, we want to provide an easy understanding to users and researchers to improve knowledge and develop more secure mobile operating systems.

Keywords: mobile operating system, security, privacy, Malware

Procedia PDF Downloads 47

Authors: Kevin Wongleedee

Abstract:

Food quality and risks are major concerns for inbound senior tourists when visiting tourist destinations in Thailand. The purposes of this study were to investigate food quality and risks perceived by inbound senior tourists. This paper drew upon data collection from an inbound senior tourist survey conducted in Thailand during summer 2013. Summer time in Thailand is a high season for inbound tourists. It is also a high risk period in which a variety food safety issues and incidents have often occurred. The survey was structured primarily to obtain inbound senior tourists’ concerns toward a variety of food quality and risks they encountered during their trip in Thailand. A total of 400 inbound senior tourists were elicited as data input for mean and standard deviation. The findings revealed that inbound tourists rated the overall food quality at a high level and the three most important perceived food risks were 1) unclean physical cooking facility, 2) toxic chemical handling, and 3) unclean water.

Keywords: food quality, inbound senior tourists, risks, Thailand

Procedia PDF Downloads 361

Authors: Mehdi Ghaemi

Abstract:

In principle, foreign investment security is enshrined in International Investment Agreements (IIAs) and Bilateral Investment Treaties (BITs) in the form of protection standards such as the Full Protection and Security Standard (FPS). Accordingly, the host countries undertake to provide the necessary security for the economic activities of foreign investment. With the outbreak of coronavirus, the international community called COVID-19 a threat to international peace security, as well as to the public interest and national security of nations; and to deal with, they proposed several solutions, generally including quarantine, creating social distances, and restricting businesses. This article first studies the security of foreign investment in international investment law. In the following, it analyzes the consequences of the COVID-19 pandemic for foreign investment security so that if there is a threat to that security, solutions could be offered to reduce it.

Keywords: foreign investment, FPS standard, host country, public health, COVID-19

Procedia PDF Downloads 68

Authors: John Ayoade

Abstract:

Cloud computing is a model that enables the delivery of on-demand computing resources such as networks, servers, storage, applications and services over the internet. Cloud Computing is a relatively growing concept that presents a good number of benefits for its users; however, it also raises some security challenges which may slow down its use. In this paper, we identify some of those security issues that can serve as barriers to realizing the full benefits that cloud computing can bring. One of the key security problems is security trust. A security trust model is proposed that can enhance the confidence that users need to fully trust the use of public and mobile cloud computing and maximize the potential benefits that they offer.

Keywords: cloud computing, trust, security, certificate authority, PKI

Procedia PDF Downloads 452

Authors: Otto Kakhidze, Hoda Alkhzaimi, Adam Ramey, Nasir Memon

Abstract:

This paper provides an alternative, cyber security based a conceptual framework for the ethics of automated warfare. The large body of work produced on fully or partially autonomous warfare systems tends to overlook malicious security factors as in the possibility of technical attacks on these systems when it comes to the moral and legal decision-making. The argument provides a risk-oriented justification to why technical malicious risks cannot be dismissed in legal, ethical and policy considerations when warfare models are being implemented and deployed. The assumptions of the paper are supported by providing a broader model that contains the perspective of technological vulnerabilities through the lenses of the Game Theory, Just War Theory as well as standard and non-standard defense ethics. The paper argues that a conventional risk-benefit analysis without considering ethical factors is insufficient for making legal and policy decisions on automated warfare. This approach will provide the substructure for security and defense experts as well as legal scholars, ethicists and decision theorists to work towards common justificatory grounds that will accommodate the technical security concerns that have been overlooked in the current legal and policy models.

Keywords: automated warfare, ethics of automation, inherent hijacking, security vulnerabilities, risk, uncertainty

Procedia PDF Downloads 332

Authors: Ahmad Baghdadi, Mohammed Kishk

Abstract:

Construction projects are unique and involve different level of complexity. Airports projects, among other construction projects, are considered to be very complex as they face a number of challenges which make them inevitably exposed to risks. However, in Saudi Arabia, the sector of aviation is considered an important sector owing to the fact that it is the first destination for Muslims on an annual basis. As a result the Saudi government has allocated a huge amount of their general budget to this sector through the General Authority of Civil Aviation (GACA). However, it has been found that the projects are still delivered with a significant number of time and cost overruns. These consequences are typically generated from the risks involved in the projects. Thus, there is a need to identify the number of risks thought to cause such overruns in project times and costs, as well as to assess their significances in terms of their likelihoods of occurrence and their impacts. Accordingly, this paper aims to identify risks associated with aviation construction projects in Saudi Arabia, as well as to assess their likelihoods of occurrence and impacts on such projects. In total, forty four risks have been identified through a critical literature review of common risks in similar projects, as well as thirteen semi-structured interviews with expert project managers involved in GACA’s projects. However, the assessment of the identified risks in term of their likelihoods of occurrence and impacts was obtained through the analysis of forty five questionnaires. Respondents of questionnaires include clients, contractors and consultants. The results show the risks of design changes by the client, labour issue, and setting a tight schedule by the client have the highest likelihoods of occurrence in GACA projects, while the risks of earthquakes, design constructability, and corruption have the greatest impacts.

Keywords: aviation construction projects, GACA, risks, risk assessment, Saudi Arabia

Procedia PDF Downloads 516

Authors: Yahya N. Alfraidi, Abdel Halim Boussabaine

Abstract:

Climate change risk impacts are one of the most challenging aspects that faces the built environment now and the near future. The impacts of climate change on buildings are considered in four different dimensions: physical, economic, social, and management. For each of these, the risks are discussed as they arise from various effects linked to climate change, including windstorms, precipitation, temperature change, flooding, and sea-level rise. For example, building assets in cities will be exposed to extreme hot summer days and nights due to the urban heat island effect and pollution. Buildings also could be vulnerable to water, electricity, gas, etc., scarcity. Building materials, fabric and systems could also be stressed by the emerging climate risks. More impotently the building users might experience extreme internal and extern comfort conditions leading to lower productivity, wellbeing and health problems. Thus, the main aim of this paper to document the emerging risks from climate change on building assets. An in-depth discussion on the consequences of these climate change risk is provided. It is expected that the outcome of this research will be a set of risk design indicators for developing and procuring resilient building assets.

Keywords: climate change, risks of climate change, risks on building from climate change, buildings

Procedia PDF Downloads 597

Authors: Amir Farouk Ahmed Ali Hussin

Abstract:

Social media, such as Facebook, LinkedIn and Ex-Twitter have experienced exponential growth and a remarkable adoption rate in recent years. They give fantastic means of online social interactions and communications with family, friends, and colleagues from around the corner or across the globe, and they have become an important part of daily digital interactions for more than one and a half billion users around the world. The personal information sharing practices that social network providers encourage have led to their success as innovative social interaction platforms. Moreover, these practices have outcome in concerns with respect to privacy and security from different stakeholders. Guiding these privacy and security concerns in social networks is a must for these networks to be sustainable. Real security and privacy tools may not be enough to address existing concerns. Some points should be followed to protect users from the existing risks. In this research, we have checked the various privacy and security issues and concerns pertaining to social media. However, we have classified these privacy and security issues and presented a thorough discussion of the effects of these issues and concerns on the future of the social networks. In addition, we have presented a set of points as precaution measures that users can consider to address these issues.

Keywords: international legal, consultation mix, legal research, small and medium-sized enterprises, strategic International law, strategy alignment, house of laws, deployment, production strategy, legal strategy, business strategy

Procedia PDF Downloads 22

Authors: Christian Ndubisi Madu, Benjamin C. Ozumba, Ifeanyi E. Madu, Valentine E. Nnadi, Ikenna C. Ezeasor

Abstract:

The ability to generate power and achieve energy security is one of the driving forces behind the emerging ‘microgrid’ concept. Traditional power supply often operates with centralized infrastructure for generating, transmitting and distributing electricity. The inefficiency and the incessant power outages associated with the centralized power supply system in Nigeria has alienated many users who frequently turn to electric power generator sets to power their homes and offices. Such acts are unsustainable and lead to increase in the use of fossil fuels, generation of carbon dioxide emissions and other gases, and noise pollution. They also pose significant risks as they entail random purchases and storage of gasolines which are fire hazards. It is therefore important that organizations rethink their relationships to centralized power suppliers in other to improve energy accessibility and security. This study explores the energy planning processes and learning taking place at the University of Nigeria Enugu Campus as the school lead microgrid feasibility studies in its community. There is need to develop community partners to deal with the issue of energy efficiency and also to create a strategic alliance to confront political, regulatory and economic barriers to locally-based energy planning. Community-based microgrid can help to reduce the cost of adoption and diversify risks. This study offers insights into the ways in which microgrids can further democratize energy planning, procurement, and access, while simultaneously promoting efficiency and sustainability.

Keywords: microgrid, energy efficiency, sustainability, energy security

Procedia PDF Downloads 335

Authors: Farnaz Farzadnia, Ahmad Alibabaei

Abstract:

Enterprise Resource Planning (ERP) systems are considered as complicated information systems. Many organizations failed implementing ERP systems because it is a very difficult, time-consuming and expensive process. Enterprise resource planning system is appropriate for organizations in all economic sectors. As banking is currently considered a non-typical area for ERP usage, there are very little studies on ERP implementation in banking. This paper presents a general risks taxonomy. In this research, after identifying implementation risks, a process quality management method has been applied to identify relations between risks of implementation ERP in banking sectors and implementation phases. Oracle application implementation method titled as AIM used in this research for classifying the risks. These findings will help managers to develop better strategies for supervising and controlling ERP implementation projects.

Keywords: AIM implementation, bank, enterprise resource planning, risk, process quality management method

Procedia PDF Downloads 508

Authors: Vishnu Pratap Singh Kirar

Abstract:

In the cloud computing hierarchy IaaS is the lowest layer, all other layers are built over it. Thus it is the most important layer of cloud and requisite more importance. Along with advantages IaaS faces some serious security related issue. Mainly Security focuses on Integrity, confidentiality and availability. Cloud computing facilitate to share the resources inside as well as outside of the cloud. On the other hand, cloud still not in the state to provide surety to 100% data security. Cloud provider must ensure that end user/client get a Quality of Service. In this report we describe possible aspects of cloud related security.

Keywords: cloud computing, cloud networking, IaaS, PaaS, SaaS, cloud security

Procedia PDF Downloads 499

Authors: K. P. Fasalu Rahman

Abstract:

The financial services industry of Islam include large number of institutions, such as investment banks and commercial banks, investment companies and mutual insurance companies. All types of these financial institutions should have to deal with many issues and risks in their field of work. Islamic banks should expect to face two types of risks: risks that are similar to those faced by conventional financial intermediaries and risks that are unique to the Islamic Banks due to their compliance with the Shariah. The use of financial services and products that comply with the Shariah principles cause special issues for supervision and risk management. Risks are uncertain future events that could influence the achievement of the bank’s objectives, including strategic, operational, financial and compliance objectives. In Islamic banks, effective risk management deserves special attention. As an operational problem, risk management is the classification and identification of methods, processes, and risks in banks to supervise, monitor and measure them. In comparison to conventional banks, Islamic banks face big difficulties in identifying and managing risks due to bigger complexities emerging from the profit loss sharing (PLS) concept and nature of particular risks of Islamic financing. As the developing of managing risks tool becomes very essential, especially in Islamic banking as most of the products are depending on PLS principle, identifying and measuring each type of risk is highly important and critical in any Islamic finance based systems. This paper highlights the special and general risks surrounding Islamic banking. And it investigates in detail the need for risk management in Islamic banks. In addition to analyzing the effectiveness of risk management strategies adopted by Islamic financial institutions at present, this research is also suggesting strategies for improving risk management process of Islamic banks in future.

Keywords: Islamic banking, management, risk, risk management

Procedia PDF Downloads 119

Authors: Safiyya A. Abba, Shehu U. R. Aliyu

Abstract:

This paper deals with Islamic social security: a discourse explores the meaning and nature of Islamic social security system. The paper reviews the social security framework and operations during the early period. The paper further identifies the instruments of Islamic social security discusses its principles and objectives. The paper discovers that Islamic social security is a personification of a comprehensive welfare approach in view of its varied instruments that are deeply rooted in the Islamic law, unique principles and realistic and achievable objectives. Furthermore, the Islamic social security system has far reaching socioeconomic implications; social justice, cohesion, equity, a catalyst for poverty eradication, income redistribution, economic growth and development.

Keywords: Islamic social security, basic needs, zakat, socioeconomic justice, equity

Procedia PDF Downloads 403

Authors: Isah Yahaya Aliyu

Abstract:

Research on Internet use has often approached beneficial uses (online opportunities) of the Internet as separate from the risky encounters (online risks) of young people online. However, empirical evidence from diverse contexts appears to increasingly support the fusion of the two sets of online activities. Hence, the current research investigates the correlation between Internet use (IU) and digital literacy (DL) with online opportunities (OP) and risks (OR), using data from a Nigerian context, where there appears a paucity of research and literature on integrating opportunities and risks in the same study. A web-based data collection method was used to administer a survey to 335 undergraduate students in Northeastern Nigeria. Underpinned to Livingstone and Helsper model, findings are largely consistent with existing literature; IU and DL influence OP (R2 = 0.791, SE = 0.265, F-Stats = 626.566, P-value <.001), equally IU and DL influence OR as well (R2 = 0.343, SE = 0.465, F-Stats = 86.671, P-value <.001). OP and OR were found to strongly correlate positively (r = .667, n = 335, p < 0.01). This study has provided buttressing evidence from a Nigerian context of the fusion of benefits and risks of the Internet among young people. It has also upheld the argument for improved literacy as strategy for minimizing risks/harm rather than restricting use. Other theoretical and policy implications of the findings have been discussed in line with local and global debates about the Internet and its attendant effects.

Keywords: digital, internet, literacy, opportunities, risks

Procedia PDF Downloads 50

Authors: Amanuel Hadera Gebreyesus

Abstract:

In the literature, the study of tenure and food security has largely involved separate lines of inquiry. In effect, the nexus among these has received little attention; and the underinvestment in research related to the relationship between tenure and food security deters generation of tenure-related knowledge and policy guidance for improving food and nutrition security. Drawing from this motivation, we study the relationship among tenure security, agricultural diversity and food security and dietary diversity. We employ IV approaches to examine the effect of tenure security and agricultural diversity on food security and dietary diversity. We find tenure security is inversely related with food insecurity as shown by its negative association with hunger scale, hunger index and hunger category. On the other hand, results suggest that tenure security improves minimum dietary diversity of women while we find no association with child dietary diversity. Moreover, agricultural diversity is positively related with minimum dietary diversity of women, which may point to higher accessibility and consumption of dietary food groups by women. Also, findings suggest that farmers use their human (knowledge and skills) and resource (land) endowments to improve food security and dietary diversity. An implication from this is the importance of not only improving access to land but also long-term tenure security to promote agricultural diversity, food security and dietary diversity.

Keywords: tenure security, food security, agricultural diversity, dietary diversity, women

Procedia PDF Downloads 162

Authors: Samuel Owoade, Zainab Idowu, Idris Ajibade, Abel Uzoka

Abstract:

Cloud computing adoption continues to soar, with 83% of enterprise workloads estimated to be in the cloud by 2022. However, this rapid migration raises security concerns, needing strong security management solutions to safeguard sensitive data and essential applications. This paper investigates the critical role of technical project managers in orchestrating security management initiatives for cloud environments, evaluating their responsibilities, challenges, and best practices for assuring the resilience and integrity of cloud infrastructures. Drawing from a comprehensive review of industry reports and interviews with cloud security experts, this research highlights the multifaceted landscape of security management in cloud environments. Despite the rapid adoption of cloud services, only 25% of organizations have matured their cloud security practices, indicating a pressing need for effective management strategies. This paper proposes a strategy framework adapted to the demands of technical project managers, outlining the important components of effective cloud security management. Notably, 76% of firms identify misconfiguration as a major source of cloud security incidents, underlining the significance of proactive risk assessment and constant monitoring. Furthermore, the study emphasizes the importance of technical project managers in facilitating cross-functional collaboration, bridging the gap between cybersecurity professionals, cloud architects, compliance officers, and IT operations teams. With 68% of firms seeing difficulties integrating security policies into their cloud systems, effective communication and collaboration are critical to success. Case studies from industry leaders illustrate the practical use of security management projects in cloud settings. These examples demonstrate the importance of technical project managers in using their expertise to address obstacles and generate meaningful outcomes, with 92% of firms reporting improved security practices after implementing proactive security management tactics. In conclusion, this research underscores the critical role of technical project managers in safeguarding cloud environments against evolving threats. By embracing their role as guardians of the cloud realm, project managers can mitigate risks, optimize resource utilization, and uphold the trust and integrity of cloud infrastructures in an era of digital transformation.

Keywords: cloud security, security management, technical project management, cybersecurity, cloud infrastructure, risk management, compliance

Procedia PDF Downloads 17

Authors: Majid Azarniush, Soroush Mokallaei

Abstract:

Although robust security software, including anti-viruses, anti spy wares, anti-spam and firewalls, are amalgamated with new technologies such as Safe Zone, Hybrid Cloud, Sand Box etc., and it can be said that they have managed to prepare highest level of security against viruses, spy wares and other malwares in 2012, but in fact hackers' attacks to websites are increasingly becoming more and more complicated. Because of security matters and developments, it can be said that it was expected to happen so. Here in this work, we try to point out to some functional and vital notes to enhance security on the web enabling the user to browse safely in no limit web world and to use virtual space securely.

Keywords: firewalls, security, web services, software

Procedia PDF Downloads 454

Authors: Nahid Tavakoli, Asghar Ehteshami, Akbar Hassanzadeh, Fatemeh Amini

Abstract:

Introduction: The Information security incident management guidelines was been developed to help hospitals to meet their information security event and incident management requirements. The purpose of this Study was to investigate on Information Security Incident Management in Isfahan’s educational hospitals in accordance to ISO/IEC 27002 standards. Methods: This was a cross-sectional study to investigate on Information Security Incident Management of educational hospitals in 2014. Based on ISO/IEC 27002 standards, two checklists were applied to check the compliance with standards on Reporting Information Security Events and Weakness and Management of Information Security Incidents and Improvements. One inspector was trained to carry out the assessments in the hospitals. The data was analyzed by SPSS. Findings: In general the score of compliance Information Security Incident Management requirements in two steps; Reporting Information Security Events and Weakness and Management of Information Security Incidents and Improvements was %60. There was the significant difference in various compliance levels among the hospitals (p-valueKeywords: information security incident management, information security management, standards, hospitals

Procedia PDF Downloads 547