Search results for: security test institutionalization

Authors: Adriano Bessa Albuquerque, Francisco Jose Barreto Nunes

Abstract:

Software vulnerabilities are increasing and not only impact services and processes availability as well as information confidentiality, integrity and privacy, but also cause changes that interfere in the development process. Security test could be a solution to reduce vulnerabilities. However, the variety of test techniques with the lack of real case studies of applying tests focusing on software development life cycle compromise its effective use. This paper offers an overview of how a Systematic Mapping Study (MS) about security verification, validation and test (VVT) was performed, besides presenting general results about this study.

Keywords: software test, software security verification validation and test, security test institutionalization, systematic mapping study

Procedia PDF Downloads 411

Authors: Xuri Tang, Ting Pan

Abstract:

Metaphor institutionalization refers to the propagation of a metaphor that leads to its acceptance in speech community as a norm of the language. Such knowledge is important to both theoretical studies of metaphor and practical disciplines such as lexicography and language generation. This paper reports an empirical study of metaphor institutionalization of 14 Chinese metaphors. It first explores the pattern of metaphor institutionalization by fitting the logistic function (or S-shaped curve) to time series data of conventionality of the metaphors that are automatically obtained from a large-scale diachronic Chinese corpus. Then it reports a questionnaire-based survey on the propagation scale of each metaphor, which is measured by the average number of subjects that can easily understand the metaphorical expressions. The study provides two pieces of evidence supporting the hypothesis that metaphor institutionalization is a phrase transition: (1) the pattern of metaphor institutionalization is an S-shaped curve and (2) institutionalized metaphors generally do not propagate to the whole community but remain in equilibrium state. This conclusion helps distinguish metaphor institutionalization from topicalization and other types of semantic change.

Keywords: metaphor institutionalization, phase transition, propagation scale, s-shaped curve

Procedia PDF Downloads 172

Authors: Manar Aslan, Ayse Yildiz

Abstract:

The study was conducted descriptively to assess their hospital institutionalization of upper and mid-level managers of 18 hospitals affiliated to Public Hospitals Association. In its simplest form institutionalization is whatever the subject matter, is dominated by the rules of articulated and determined behavior in all kinds of business, interaction, and communication. Hospital service is a type of service carried out chained together. It should not be forgotten that this kind of services is carried out without barrier, and who and what to do with definite lines, hospital management is a process, and this process can be achieved through institutionalization. With the establishment of the Public Hospitals Unions in Turkey, all the state hospitals in the provinces have been gathered under this roof. One of the goals is to establish control mechanisms to ensure that hospitals reach pre-determined financial, medical, and administrative standards. In this way, the preparations for the institutionalization of units and hospital enterprises will be completed. The data of the study were collected by institutionalization management attitude scale (cronbach alpha: 0.98) of composed of 5 sub-dimensions and 52 questions in 18 hospitals’ managers (N=310) in the largest province in Turkey. The results of the study revealed that the total score taken by managers at the institutionalization scale was 200.80, and this was close to the maximum score. In addition, it was determined that the difference between the mean score of the scale and its sub-dimensions with the gender, the hospitals, and the management position.

Keywords: institutionalization, hospital, manager, evaluation

Procedia PDF Downloads 226

Authors: Da Eun Sung

Abstract:

In today’s world, cyber security has become an important international agenda. As the information age has arrived, the need for cyber defense against cyber attacks is mounting, and the significance of cyber cooperation in the international community is drawing attention. Through the course, international society has agreed that the institutionalization of international norms dealing with cyber space and cyber security is crucial ever. Nevertheless, the West, led by the United States of America, and 'the East', composed of Russia and China, have shown conflicting views on forming international norms and principles which would regulate and ward off the possible threats in cyber space. Thus, the international community hasn’t yet to reach an agreement on cyber security. In other words, the difference between both sides on the approach and understanding of principles, objects, and the definition has rendered such. Firstly, this dissertation will cover the Russia’s perception, strategy, and definition on cyber security through analyzing primary source. Then, it will delve into the two contrasting cyber security strategy between Russia and the US by comparing them. And in the conclusion, it will seek the possible solution for the cooperation in the field of cyber security. It is quite worthwhile to look into Russia’s views, which is the main counterpart to the US in this field, especially when the efforts to institutionalize cyber security by the US-led international community have met with their boundaries, and when the legitimacy of them have been challenged.

Keywords: cyber security, cyber security strategic, international relation in cyberspace, Russia

Procedia PDF Downloads 322

Authors: Eduardo Guilherme, Sabrina Duarte

Abstract:

Shelters or orphanages are institutions responsible for ensuring the physical and mental integrity of children and adolescents who had their rights violated or neglected, whether from a social-leavers, is at personal risk to which they were exposed or the negligence of its parents; in Brazil about twenty thousand children and adolescents living in about five hundred registered shelters that receive funds from the federal government. We evaluated the records of institutionalized children and adolescents from the foundation of municipal shelter in Rio Negro/Parana State, Brazil since June/2000 to February/2015. Institutionalization of the causes cited were: lack of family/guardian material resources, abandonment by parents/guardians, domestic violence, substance abuse of parents/guardians, street experience, orphans and others. In Brazil, poverty and extreme poverty are closely related to the institutionalization of causes of children and adolescents. Census data in 2010, the Brazilian Institute of Geography and Statistics (IBGE) indicate that 40% of Brazilians living in poverty are girls and boys up to 14 years in a total of approximately 23 million individuals. Poverty denies children and adolescents their rights, representing a vulnerability which predisposes to some causes of shelter.

Keywords: Brazil, shelter, orphanages, institutionalization

Procedia PDF Downloads 488

Authors: T. J. Laws-Nicola

Abstract:

Henry Russell was best known as a composer of more than 300 songs. Many of his compositions were popular for both their sentimental texts, as in ‘The Old Armchair,’ and those of a more political nature, such as ‘Woodsman, Spare That Tree!’ Indeed, Russell had written such songs of advocacy as those associated with abolitionism (‘The Slave Ship’) and environmentalism (‘Woodsman, Spare that Tree!’). ‘The Maniac’ is his only composition addressing the issue of institutionalization. The text is borrowed and adapted from the monodrama The Captive by M.G. ‘Monk’ Lewis. Through an analysis of form, harmony, melody, text, and thematic development and interactions between text and music we can approach a clearer understanding of ‘The Maniac’ and how the text and music interact. Select periodicals, such as The London Times, provide contemporary critical review for ‘The Maniac.’ Additional nineteenth century songs whose texts focus on madness and/or institutionalization will assist in building a stylistic and cultural context for ‘The Maniac.’ Through comparative analyses of ‘The Maniac’ with a body of songs that focus on similar topics, we can approach a clear understanding of the song as a vehicle for deinstitutionalization.

Keywords: 19th century song, institutionalization, M. G. Lewis, Henry Russell

Procedia PDF Downloads 536

Authors: Víctor Manuel Muñoz-Sánchez, Antonio Manuel Pérez-Flores

Abstract:

This paper analyzes the institutionalization of social protest in Spain. In the current crisis Podemos party seems to represent the political positions of the most affected citizens by the economic situation. It studies using quantitative techniques (statistical bivariate analysis), focusing on the exploitation of several bases of statistics data from the Center for Sociological and Research of Spanish Government, 15M movement characterization to its institutionalization in the Podemos party. Making a comparison between the participant's profile by the 15M and the social bases of Podemos votes. Data on the transformation of the socio-demographic profile of the fans, connoisseurs and 15M participants and voters are given.

Keywords: collective action, emerging parties, political parties, social protest

Procedia PDF Downloads 388

Authors: William Wong, Zakaria Alomari, Hon Ching Lai, Zhida Li

Abstract:

Modern-day information security depends on implementing Diffie-Hellman, which requires the generation of prime numbers. Because the number of primes is infinite, it is impractical to store prime numbers for use, and therefore, primality tests are indispensable in modern-day information security. A primality test is a test to determine whether a number is prime or composite. There are two types of primality tests, which are deterministic tests and probabilistic tests. Deterministic tests are adopting algorithms that provide a definite answer whether a given number is prime or composite. While in probabilistic tests, a probabilistic result would be provided, there is a degree of uncertainty. In this paper, we review three probabilistic tests: the Fermat Primality Test, the Miller-Rabin Test, and the Baillie-PSW Test, as well as one deterministic test, the Agrawal-Kayal-Saxena (AKS) Test. Furthermore, we do an analysis of these tests. All of the reviews discussed are not based on the Elliptic Curve. The analysis demonstrates that, in the majority of real-world scenarios, the Baillie- PSW test’s favorability stems from its typical operational complexity of O(log 3n) and its capacity to deliver accurate results for numbers below 2^64.

Keywords: primality tests, Fermat’s primality test, Miller-Rabin primality test, Baillie-PSW primality test, AKS primality test

Procedia PDF Downloads 91

Authors: Ying Zhu

Abstract:

Recent years have witnessed a boom of foreign investments in the field of artificial intelligence (AI). Foreign investments provide critical capital for AI development but also trigger national security concerns of host states. A notable example is an increasing number of cases in which the Committee on Foreign Investment in the United States (CFIUS) has denied Chinese acquisitions of US technology companies on national security grounds. On July 19, 2018, the Congress has reached a deal on the final draft of a new provision to strengthen CFIUS’s authority to review overseas transactions involving sensitive US technology. The question is: how to reconcile the emerging tension between, on the one hand, foreign AI investors’ expectations of a predictable investment environment, and on the other hand, host states’ regulatory power on national security? This paper provides a methodology to reconcile this tension under international investment law. Based on an examination, the national security exception clauses in international investment treaties and the application of national security justification in investor-state arbitration jurisprudence, the paper argues that a traditional interpretation of the national security exception, based on the necessity concept in customary international law, fails to take into account new risks faced by countries, including security concerns over strategic industries such as AI. To overcome this shortage, the paper proposes to incorporate an integrated national security clause in international investment treaties, which includes a two-tier test: a ‘self-judging’ test in the pre-establishment period and a ‘proportionality’ test in the post-establishment period. At the end, the paper drafts a model national security clause for future treaty-drafting practice.

Keywords: foreign investment, artificial intelligence, international investment law, national security exception

Procedia PDF Downloads 153

Authors: Pumela Msweli, Dexter L. Ryneveldt

Abstract:

This paper seeks to shed light on institutional logics and institutionalization processes that influence the successful implementation of financial sector regulations. We use the neo-institutional theory lens to interrogate how the newly promulgated Financial Sector Regulations Act (FSRA) provides for the institutionalisation of the Twin Peaks Model. With the enactment of FSRA, previous financial regulatory institutions were dismantled, and new financial regulators established. In point, the Financial Services Conduct Authority (FSCA) replaced the Financial Services Board (FSB), and accordingly, the Prudential Authority (PA) was established. FSRA is layered with complexities that make it mandatory to co-exist, cooperate, and collaborate with other institutions to fulfill FSRA’s overall financial stability objective. We use content analysis of the financial regulations that established the Twin Peaks Models (TPM) in South Africa and in the Netherlands, to map out the three-stage institutionalization processes: (1) habitualisation, (2) objectification and (3) sedimentation. This allowed for a comparison of how South Africa, as a developing country and Netherlands as a developed country, have institutionalized the Twin Peak model. We provide valuable insights into how differences in the institutional and societal logics of the developing and developed contexts shape the institutionalization of financial regulations.

Keywords: financial industry, financial regulation, financial stability, institutionalisation, habitualization, objectification, sedimentation, twin peaks model

Procedia PDF Downloads 159

Authors: Homa Parmoon, Narges Hamzeh

Abstract:

Since today's urban spaces are disposed towards behavioral disorders and lack of security, both qualitative and quantitative aspects of security especially social and physical security are considered as basic necessities in urban planning. This research focused on the variable of place of living, examined social security in the old and new textures, and investigated the amount of residents’ social security in Shiraz including safety, financial, emotional and moral security. To this end, two neighborhoods in region 1 of Shiraz- Qasr-Al-Dasht (old texture) and Moalem (new texture)- were examined through a comparative study of 60 samples lived in two neighborhoods. Data were gathered through two-way ANOVA between the variables of residential context and internal and external security. This analysis represents the significance or insignificance of the model as well as the individual effects of each independent variable on the dependent variable. It was tested by ANCOVA and F-test. Research findings indicated place of living has a significant effect on families’ social security. The safety, financial, emotional, and moral security also represented a great impact on social security. As a result, it can be concluded that social security changes with the changing in place of living.

Keywords: social security, damaged area, two-way ANOVA, Shiraz

Procedia PDF Downloads 140

Authors: G. T. Aigarinova

Abstract:

This article considers the legal issues of food security as a major component of national security of the republic. The problem of food security is the top priority of the economic policy strategy of any state, the effectiveness of this solution influences social, political, and ethnic stability in society. Food security and nutrition is everyone’s business. Food security exists when all people, at all times, have physical, social and economic access to sufficient safe and nutritious food that meets their dietary needs and food preferences for an active and healthy life. By analyzing the existing legislation in the area of food security, the author identifies weaknesses and gaps, suggesting ways to improve it.

Keywords: food security, national security, agriculture, public resources, economic security

Procedia PDF Downloads 427

Authors: Amjad F. Alharbi, Bashayer A. Alotaibi, Fahd S. Alotaibi

Abstract:

The emergence of Internet of Things (IoT) technology provides capabilities for a huge number of smart devices, services and people to be communicate with each other for exchanging data and information over existing network. While as IoT is progressing, it provides many opportunities for new ways of communications as well it introduces many security and privacy threats and challenges which need to be considered for the future of IoT development. In this survey paper, an IoT security issues as threats and current challenges are summarized. The security architecture for IoT are presented from four main layers. Based on these layers, the IoT security requirements are presented to insure security in the whole system. Furthermore, some researches initiatives related to IoT security are discussed as well as the future direction for IoT security are highlighted.

Keywords: Internet of Things (IoT), IoT security challenges, IoT security requirements, IoT security architecture

Procedia PDF Downloads 375

Authors: Malul Miki, Rafi Bar-El, Eithan Hourie

Abstract:

In this article, we test the influence of an occupation as a calling on the value of job security and its connection with wage levels. Our sample consists of 495 workers in Israel from 10 occupations in the public sector, who are assumed to have a relatively high level of job security, and the private sector, who are assumed to have less job security or none at all. These 10 occupations are social workers, lecturers, lawyers, administration workers, accountants, high school teachers, bank workers, high-tech worker, nurses and psychologists. Using regression analysis, we find that those who have occupations that the literature has defined as a calling value job security less than those in ordinary employment. In addition, salary level has no effect on this relationship. Finally, those who work in occupations that are regarded as a calling have less status quo bias than those in ordinary employment.

Keywords: calling, loss aversion, job security, status quo bias

Procedia PDF Downloads 105

Authors: Eithan Hourie, Miki Malul, Raphael Bar-El

Abstract:

To investigate the relationship between various welfare policies and the value of job security, we conducted a study with 201 people regarding their assessments of the value of job security with respect to three elements: income stability, assurance of continuity of employment, and security in the job. The experiment simulated different welfare policy scenarios, such as the amount and duration of unemployment benefits, workfare, and basic income. The participants evaluated the value of job security in various situations. We found that the value of job security is approximately 22% of the starting salary, which is distributed as follows: 13% reflects income security, 8.7% reflects job security, and about 0.3% is for being able to keep their current employment in the future. To the best of our knowledge, this article is one of the pioneers in trying to quantify the value of job security in different market scenarios and at varying levels of welfare policy. Our conclusions may help decision-makers when deciding on a welfare policy.

Keywords: job security value, employment protection legislation, status quo bias, expanding welfare policy

Procedia PDF Downloads 107

Authors: Ranbir Singh, Deepinder Kaur

Abstract:

Network security is an important aspect in every field like government offices, Educational Institute and any business organization. Network security consists of the policies adopted to prevent and monitor forbidden access, misuse, modification, or denial of a computer network. Network security is very complicated subject and deal by only well trained and experienced people. However, as more and more people become wired, an increasing number of people need to understand the basics of security in a networked world. The history of the network security included an introduction to the TCP/IP and interworking. Network security starts with authenticating, commonly with a username and a password. In this paper, we study about various types of attacks on network security and how to handle or prevent this attack.

Keywords: network security, attacks, denial, authenticating

Procedia PDF Downloads 405

Authors: Marko Schuba, Florian Kessels, Niklas Reitz

Abstract:

Operational technology (OT) controls physical processes in critical infrastructures and economically important industries. With the convergence of OT with classical information technology (IT), rising cybercrime worldwide and the increasingly difficult geopolitical situation, the risks of OT infrastructures being attacked are growing. Classical penetration testing, in which testers take on the role of an attacker, has so far found little acceptance in the OT sector - the risk that a penetration test could do more harm than good seems too great. This paper examines the resilience of various OT systems using typical penetration test tools. It is shown that such a test certainly involves risks, but is also feasible in OT if a cautious approach is taken. Therefore, OT penetration testing should be considered as a tool to improve the cyber security of critical infrastructures.

Keywords: penetration testing, OT, ICS, OT security

Procedia PDF Downloads 20

Authors: Ari S. Prabowo, Nia Febriyanti, Haryono B. Santosa

Abstract:

Security function that is called as Physical Protection Systems (PPS) has functions to detect, delay and response. Physical Protection Systems (PPS) in Detection and Radiation Measurement Laboratory needs to be improved continually by using internal resources. The nuclear security culture provides some potentials to support this research. The study starts by identifying the security function’s weaknesses and its strengths of security culture as a purpose. Secondly, the strengths of security culture are implemented in the laboratory management. Finally, a simulation was done to measure its effectiveness. Some changes were happened in laboratory personnel behaviors and procedures. All became more prudent. The results showed a good influence of nuclear security culture in laboratory security functions.

Keywords: laboratory, physical protection system, security culture, security function

Procedia PDF Downloads 186

Authors: Amir Ali Fatoorchi

Abstract:

Regardless of the advantage of LoT devices, they have limitations like storage, compute, and security problems. In recent years, a lot of Blockchain-based research in IoT published and presented. In this paper, we present the Security issues of LoT. IoT has three levels of security issues: Low-level, Intermediate-level, and High-level. We survey and compare blockchain-based solutions for high-level security issues and show how the underlying technology of bitcoin and Ethereum could solve IoT problems.

Keywords: Blockchain, security, data security, IoT

Procedia PDF Downloads 211

Authors: Loke Mun Sei

Abstract:

Software testing has become a mandatory process in assuring the software product quality. Hence, test management is needed in order to manage the test activities conducted in the software test life cycle. This paper discusses on the challenges faced in the software test life cycle, and how the test processes and test activities, mainly on test cases creation, test execution, and test reporting is being managed and automated using several test automation tools, i.e. Jira, Robot Framework, and Jenkins.

Keywords: test automation tools, test case, test execution, test reporting

Procedia PDF Downloads 585

Authors: Mehdi Ghaemi

Abstract:

In principle, foreign investment security is enshrined in International Investment Agreements (IIAs) and Bilateral Investment Treaties (BITs) in the form of protection standards such as the Full Protection and Security Standard (FPS). Accordingly, the host countries undertake to provide the necessary security for the economic activities of foreign investment. With the outbreak of coronavirus, the international community called COVID-19 a threat to international peace security, as well as to the public interest and national security of nations; and to deal with, they proposed several solutions, generally including quarantine, creating social distances, and restricting businesses. This article first studies the security of foreign investment in international investment law. In the following, it analyzes the consequences of the COVID-19 pandemic for foreign investment security so that if there is a threat to that security, solutions could be offered to reduce it.

Keywords: foreign investment, FPS standard, host country, public health, COVID-19

Procedia PDF Downloads 108

Authors: John Ayoade

Abstract:

Cloud computing is a model that enables the delivery of on-demand computing resources such as networks, servers, storage, applications and services over the internet. Cloud Computing is a relatively growing concept that presents a good number of benefits for its users; however, it also raises some security challenges which may slow down its use. In this paper, we identify some of those security issues that can serve as barriers to realizing the full benefits that cloud computing can bring. One of the key security problems is security trust. A security trust model is proposed that can enhance the confidence that users need to fully trust the use of public and mobile cloud computing and maximize the potential benefits that they offer.

Keywords: cloud computing, trust, security, certificate authority, PKI

Procedia PDF Downloads 485

Authors: Carlos David Carrillo Trujillo, Rebelín Echeverría Echeverría, Nancy Evia Alamilla, Rocío Quintal López

Abstract:

Gender as a social construct is a term now widely studied. Within the social sciences it has become very important. In this sense, psychology tries to make some contributions from your area. The intention is to promote equal opportunities for men and women. Social, employment and educational inequities perpetuate sexism, violence and other important social problems in Mexico. The gender perspective is conceptualized as a tool to promote laws, policies, plans, programs and procedures where women are made ​​visible and empowered. The aim of this is the pursuit of equality. Thus, gender mainstreaming is one of the main challenges of education in Mexico. Only a few universities have programs, research or subjects related to the topic. Human resources, and time allocated to teachers are identified as obstacles to the institutionalization of gender. The objective was to make a diagnosis on course offerings and policies on gender. A documentary study and interviews with managers of at least 20 higher education institutions (IES's) were performed. The results indicate the need for greater gender courses, research projects and intervention. The need to promote policies that seek equal opportunities between men and women is also noted.

Keywords: gender mainstreaming, institutionalization, universities, intervention

Procedia PDF Downloads 458

Authors: Vishnu Pratap Singh Kirar

Abstract:

In the cloud computing hierarchy IaaS is the lowest layer, all other layers are built over it. Thus it is the most important layer of cloud and requisite more importance. Along with advantages IaaS faces some serious security related issue. Mainly Security focuses on Integrity, confidentiality and availability. Cloud computing facilitate to share the resources inside as well as outside of the cloud. On the other hand, cloud still not in the state to provide surety to 100% data security. Cloud provider must ensure that end user/client get a Quality of Service. In this report we describe possible aspects of cloud related security.

Keywords: cloud computing, cloud networking, IaaS, PaaS, SaaS, cloud security

Procedia PDF Downloads 531

Authors: Safiyya A. Abba, Shehu U. R. Aliyu

Abstract:

This paper deals with Islamic social security: a discourse explores the meaning and nature of Islamic social security system. The paper reviews the social security framework and operations during the early period. The paper further identifies the instruments of Islamic social security discusses its principles and objectives. The paper discovers that Islamic social security is a personification of a comprehensive welfare approach in view of its varied instruments that are deeply rooted in the Islamic law, unique principles and realistic and achievable objectives. Furthermore, the Islamic social security system has far reaching socioeconomic implications; social justice, cohesion, equity, a catalyst for poverty eradication, income redistribution, economic growth and development.

Keywords: Islamic social security, basic needs, zakat, socioeconomic justice, equity

Procedia PDF Downloads 441

Authors: Amanuel Hadera Gebreyesus

Abstract:

In the literature, the study of tenure and food security has largely involved separate lines of inquiry. In effect, the nexus among these has received little attention; and the underinvestment in research related to the relationship between tenure and food security deters generation of tenure-related knowledge and policy guidance for improving food and nutrition security. Drawing from this motivation, we study the relationship among tenure security, agricultural diversity and food security and dietary diversity. We employ IV approaches to examine the effect of tenure security and agricultural diversity on food security and dietary diversity. We find tenure security is inversely related with food insecurity as shown by its negative association with hunger scale, hunger index and hunger category. On the other hand, results suggest that tenure security improves minimum dietary diversity of women while we find no association with child dietary diversity. Moreover, agricultural diversity is positively related with minimum dietary diversity of women, which may point to higher accessibility and consumption of dietary food groups by women. Also, findings suggest that farmers use their human (knowledge and skills) and resource (land) endowments to improve food security and dietary diversity. An implication from this is the importance of not only improving access to land but also long-term tenure security to promote agricultural diversity, food security and dietary diversity.

Keywords: tenure security, food security, agricultural diversity, dietary diversity, women

Procedia PDF Downloads 217

Authors: Majid Azarniush, Soroush Mokallaei

Abstract:

Although robust security software, including anti-viruses, anti spy wares, anti-spam and firewalls, are amalgamated with new technologies such as Safe Zone, Hybrid Cloud, Sand Box etc., and it can be said that they have managed to prepare highest level of security against viruses, spy wares and other malwares in 2012, but in fact hackers' attacks to websites are increasingly becoming more and more complicated. Because of security matters and developments, it can be said that it was expected to happen so. Here in this work, we try to point out to some functional and vital notes to enhance security on the web enabling the user to browse safely in no limit web world and to use virtual space securely.

Keywords: firewalls, security, web services, software

Procedia PDF Downloads 514

Authors: Nahid Tavakoli, Asghar Ehteshami, Akbar Hassanzadeh, Fatemeh Amini

Abstract:

Introduction: The Information security incident management guidelines was been developed to help hospitals to meet their information security event and incident management requirements. The purpose of this Study was to investigate on Information Security Incident Management in Isfahan’s educational hospitals in accordance to ISO/IEC 27002 standards. Methods: This was a cross-sectional study to investigate on Information Security Incident Management of educational hospitals in 2014. Based on ISO/IEC 27002 standards, two checklists were applied to check the compliance with standards on Reporting Information Security Events and Weakness and Management of Information Security Incidents and Improvements. One inspector was trained to carry out the assessments in the hospitals. The data was analyzed by SPSS. Findings: In general the score of compliance Information Security Incident Management requirements in two steps; Reporting Information Security Events and Weakness and Management of Information Security Incidents and Improvements was %60. There was the significant difference in various compliance levels among the hospitals (p-valueKeywords: information security incident management, information security management, standards, hospitals

Procedia PDF Downloads 576

Authors: Kuan-Chou Chen

Abstract:

This paper will demonstrate a simulation model of an information security system by using the systems dynamic approach. The relationships in the system model are designed to be simple and functional and do not necessarily represent any particular information security environments. The purpose of the paper aims to develop a generic system dynamic information security system model with implications on information security research. The interrelated and interdependent relationships of five primary sectors in the system dynamic model will be presented in this paper. The integrated information security systems model will include (1) information security characteristics, (2) users, (3) technology, (4) business functions, and (5) policy and management. Environments, attacks, government and social culture will be defined as the external sector. The interactions within each of these sectors will be depicted by system loop map as well. The proposed system dynamic model will not only provide a conceptual framework for information security analysts and designers but also allow information security managers to remove the incongruity between the management of risk incidents and the management of knowledge and further support information security managers and decision makers the foundation for managerial actions and policy decisions.

Keywords: system thinking, information security systems, security management, simulation

Procedia PDF Downloads 431

Authors: Amir Mohtarami, Hadi Kandjani

Abstract:

The amount of business-critical information in enterprises is growing at an extraordinary rate, and the ability to catalog that information and properly protect it using traditional security mechanisms is not keeping pace. Alongside the Information Technology (IT), information security needs a holistic view in enterprise. In other words, a comprehensive architectural approach is required, focusing on the information itself, understanding what the data are, who owns it, and which business and regulatory policies should be applied to the information. Enterprise Architecture Frameworks provide useful tools to grasp different dimensions of IT in organizations. Usually this is done by the layered views on IT architecture, but not requisite security attention has been held in this frameworks. In this paper, after a brief look at the Enterprise Architecture (EA), we discuss the issue of security in the overall enterprise IT architecture. Due to the increasing importance of security, a rigorous EA program in an enterprise should be able to consider security architecture as an integral part of its processes and gives a visible roadmap and blueprint for this aim.

Keywords: enterprise architecture, architecture framework, security architecture, information systems

Procedia PDF Downloads 706