Search results for: web applications security

Authors: Ekrem Aksoy, Nihat Adar, Selçuk Canbek

Abstract:

Ambient Computing or Ambient Intelligence (AmI) is emerging area in computer science aiming to create intelligently connected environments and Internet of Things. In this paper, we propose communication middleware architecture for AmI. This middleware architecture addresses problems of communication, networking, and abstraction of applications, although there are other aspects (e.g. HCI and Security) within general AmI framework. Within this middleware architecture, any application developer might address HCI and Security issues with extensibility features of this platform.

Keywords: AmI, ambient computing, middleware, distributed-systems, software-defined networking

Procedia PDF Downloads 242

Authors: Mehmet Karaata

Abstract:

Given two distinct vertices (nodes) source s and target t of a graph G = (V, E), the two node-disjoint paths problem is to identify two node-disjoint paths between s ∈ V and t ∈ V . Two paths are node-disjoint if they have no common intermediate vertices. In this paper, we present an algorithm with O(m)-time complexity for finding two node-disjoint paths between s and t in arbitrary graphs where m is the number of edges. The proposed algorithm has a wide range of applications in ensuring reliability and security of sensor, mobile and fixed communication networks.

Keywords: disjoint paths, distributed systems, fault-tolerance, network routing, security

Procedia PDF Downloads 416

Authors: Wiriranai Brilliant Masara

Abstract:

The African Peace and Security Architecture is widely celebrated and revered as a paragon of the will to address peace and security challenges in Africa. However, like any other institution, it is embedded with operational and institutional challenges that prevent it from effectively carrying out its mandate and turning goals into achieved results. The article examines the fundamental flaws and weaknesses of the African Peace and Security Architecture by focusing on its institutions, norms, instruments, and its relationship to Africa’s Regional Economic Communities. Therefore, the article reviews the flaws of the five elements of the African Peace and Security Architecture which are the Peace and Security Council, Panel of the Wise, Continental Early Warning System, African Standby Force, and Peace Fund.

Keywords: African Union, African Peace and Security Architecture, peace and security council, continental early warning system, African Standby Force, Panel of the Wise, Peace Fund

Procedia PDF Downloads 104

Authors: Dicky R. Munaf, Ayu Bulan Tisna

Abstract:

Competitive intelligence (business intelligence) is the process of observing the external environment which often conducted by many organizations to get the relevant information which will be used to create the organization policy, whereas, security intelligence is related to the function of the officers who have the duties to protect the country and its people from every criminal actions that might harm the national and individual security. Therefore, the intelligence dimension of maritime security is associated with all the intelligence activities including the subject and the object that connected to the maritime issues. The concept of intelligence business regarding the maritime security perspective is the efforts to protect the maritime security using the analysis of economic movements as the basic strategic plan. Clearly, a weak maritime security will cause high operational cost to all the economic activities which uses the sea as its media. Thus, it affects the competitiveness of a country compared to the other countries that are able to maintain the maritime law enforcement and secure their marine territory. So, the intelligence business within the security intelligence is important to conduct as the beginning process of the identification against the opponent strategy that might happen in the present or in the future. Thereby, the scenario of the potential impact of all the illegal maritime activities, as well as the strategy in preventing the opponent maneuver can be made.

Keywords: competitive intelligence, maritime security intelligence, intelligent systems, information technology

Procedia PDF Downloads 470

Authors: Zhiyong Shan, Preethi Santhanam, Vinod Namboodiri, Rajiv Bagai

Abstract:

In recent years, the emerging network worms and attacks have distributive characteristics, which can spread globally in a very short time. Security management crossing networks to co-defense network-wide attacks and improve the efficiency of security administration is urgently needed. We propose a hierarchical distributed network security management system (HD-NSMS), which can integrate security management across multiple networks. First, we describe the system in macrostructure and microstructure; then discuss three key problems when building HD-NSMS: device model, alert mechanism, and emergency response mechanism; lastly, we describe the implementation of HD-NSMS. The paper is valuable for implementing NSMS in that it derives from a practical network security management system (NSMS).

Keywords: network security management, device organization, emergency response, cross-network

Procedia PDF Downloads 135

Authors: Samuel Owoade, Zainab Idowu, Idris Ajibade, Abel Uzoka

Abstract:

Cloud computing adoption continues to soar, with 83% of enterprise workloads estimated to be in the cloud by 2022. However, this rapid migration raises security concerns, needing strong security management solutions to safeguard sensitive data and essential applications. This paper investigates the critical role of technical project managers in orchestrating security management initiatives for cloud environments, evaluating their responsibilities, challenges, and best practices for assuring the resilience and integrity of cloud infrastructures. Drawing from a comprehensive review of industry reports and interviews with cloud security experts, this research highlights the multifaceted landscape of security management in cloud environments. Despite the rapid adoption of cloud services, only 25% of organizations have matured their cloud security practices, indicating a pressing need for effective management strategies. This paper proposes a strategy framework adapted to the demands of technical project managers, outlining the important components of effective cloud security management. Notably, 76% of firms identify misconfiguration as a major source of cloud security incidents, underlining the significance of proactive risk assessment and constant monitoring. Furthermore, the study emphasizes the importance of technical project managers in facilitating cross-functional collaboration, bridging the gap between cybersecurity professionals, cloud architects, compliance officers, and IT operations teams. With 68% of firms seeing difficulties integrating security policies into their cloud systems, effective communication and collaboration are critical to success. Case studies from industry leaders illustrate the practical use of security management projects in cloud settings. These examples demonstrate the importance of technical project managers in using their expertise to address obstacles and generate meaningful outcomes, with 92% of firms reporting improved security practices after implementing proactive security management tactics. In conclusion, this research underscores the critical role of technical project managers in safeguarding cloud environments against evolving threats. By embracing their role as guardians of the cloud realm, project managers can mitigate risks, optimize resource utilization, and uphold the trust and integrity of cloud infrastructures in an era of digital transformation.

Keywords: cloud security, security management, technical project management, cybersecurity, cloud infrastructure, risk management, compliance

Procedia PDF Downloads 19

Authors: Gabriel A. Orozco

Abstract:

The purpose of this article is to make an approach to the Security Studies, exposing their theories and concepts to understand the role that have had in the interpretation of the changes and continuities of the world order and their impact on policies or decision-making facing the problems of the 21st century. The aim is to build a bridge between the security studies as a subfield and the meaning that has been given to the world order. The idea of epistemic communities serves as a methodological proposal about the different programs of research in security studies, showing their influence in the realities of States, intergovernmental organizations and transnational forces, moving to implement, perpetuate and project a vision of the world order.

Keywords: security studies, epistemic communities, international, relations

Procedia PDF Downloads 242

Authors: Saleh Alshehri

Abstract:

Human skin detection is a vital step in many applications. Some of the applications are critical especially those related to security. This leverages the importance of a high-performance detection algorithm. To validate the accuracy of the algorithm, image databases are usually used. However, the suitability of these image databases is still questionable. It is suggested that the suitability can be measured mainly by the span the database covers of the color space. This research investigates the validity of three famous image databases.

Keywords: image databases, image processing, pattern recognition, neural networks

Procedia PDF Downloads 222

Authors: Loh Fu Quan, Fong Zi Heng, Burra Venkata Durga Kumar

Abstract:

Cloud computing has completely transformed the way many businesses operate. Traditionally, confidential data of a business is stored in computers located within the premise of the business. Therefore, a lot of business capital is put towards maintaining computing resources and hiring IT teams to manage them. The advent of cloud computing changes everything. Instead of purchasing and managing their infrastructure, many businesses have started to shift towards working with the cloud with the help of a cloud service provider (CSP), leading to cost savings. However, it also introduces security risks. This research paper focuses on the security risks that arise during data migration and user authentication in cloud computing. To overcome this problem, this paper provides a comprehensive framework that includes Transport Layer Security (TLS), user authentication, security tokens and multi-level data encryption. This framework aims to prevent authorized access to cloud resources and data leakage, ensuring the confidentiality of sensitive information. This framework can be used by cloud service providers to strengthen the security of their cloud and instil confidence in their users.

Keywords: Cloud computing, Cloud security, Cloud security issues, Cloud security framework

Procedia PDF Downloads 74

Authors: Kevin Krupski

Abstract:

Private Military Security Companies have grown to become a major force contributor to nations in military operations. Scholars have debated the implications of this in relation to control and efficiency related to the privatization of violence, but there has been little discussion on how these companies affect the profession of arms. Specifically, this paper seeks to address how the privatization of violence influences the military’s stewardship, whether private military security companies are capable of stewardship of the military profession, and whether there are aspects of stewardship of the military profession that private military security companies are capable of emulating. This paper reviews literature on stewardship, the relationship of the military to the state, and private military security companies in order to identify overlap between uniformed military services and the private sector. Then, it offers a typology for determining under what conditions an organization would act as a steward. Ultimately, there are insufficient reasons for private military security companies to act as stewards of the profession of arms.

Keywords: stewardship, military profession, civil-military, security

Procedia PDF Downloads 221

Authors: Arash Heydarian Pashakhanlou

Abstract:

The security dilemma is one of the key concepts in International Relations (IR), and the numerous engagements with it have created a great deal of confusion regarding its essence. That is why this article seeks to dissect the security dilemma and rebuild it from its foundational core. In doing so, the present study highlights that the security dilemma requires interaction among actors that seek to protect themselves from other's capacity for harm under the condition of uncertainty to operate. In this constellation, actors are confronted with the dilemma of motives, power, and action, which they seek to resolve by acquiring information regarding their opponents. The relationship between the parties is shaped by the harm-uncertainty index (HUI) consisting of geographical distance, MAD, and joint democracy that determines the intensity of the security dilemma. These elements define the unified theory of the security dilemma (UTSD) developed here. UTSD challenges the prevailing view that the security dilemma is a unidimensional paradoxical concept, regulated by the offense-defense balance and differentiation that only occurs in anarchic settings with tragic outcomes and is equivalent to the spiral model.

Keywords: security dilemma, revisionism, status quo, anarchy, uncertainty, tragedy, spiral, deterrence

Procedia PDF Downloads 203

Authors: Omid Khodabakhshi, Amir Rozdel

Abstract:

The subject of cloud computing security research has allocated a number of challenges and competitions because the data center is comprised of complex private information and are always faced various risks of information disclosure by hacker attacks or internal enemies. Accordingly, the security of virtual machines in the cloud computing infrastructure layer is very important. So far, there are many software solutions to develop security in virtual machines. But using software alone is not enough to solve security problems. The purpose of this article is to examine the challenges and security requirements for accessing and storing data in an insecure cloud environment. In other words, in this article, a structure is proposed for the implementation of highly isolated security-sensitive codes using secure computing hardware in virtual environments. It also allows remote code validation with inputs and outputs. We provide these security features even in situations where the BIOS, the operating system, and even the super-supervisor are infected. To achieve these goals, we will use the hardware support provided by the new Intel and AMD processors, as well as the TPM security chip. In conclusion, the use of these technologies ultimately creates a root of dynamic trust and reduces TCB to security-sensitive codes.

Keywords: code, cloud computing, security, virtual machines

Procedia PDF Downloads 163

Authors: Rossouw De Bruin, Sebastiaan H. Von Solms

Abstract:

The state of national security is an evolving concern. Companies, organizations, governments, states and individuals are aware of the security of their information and their assets however, they may not always be aware of the risks present. These risks are not only limited to non-existence of security procedures. Existing security can be severely flawed, especially if there is non-conformance towards policies, practices and procedures. When looking at humanitarian actions, we can easily identify these flaws. Unfortunately, humanitarian aid has to compete with factors from within the states, countries and continents they are working in. Furthermore, as technology improves, so does our connectivity to the internet and the way in which we use the internet. However, there are times when security is overlooked and humanitarian agencies are some of the agencies that do not always take security into consideration. The purpose of this paper will be to introduce the importance of cybersecurity and cybersecurity governance with respect to humanitarian work. We will also introduce and briefly discuss a model that can be used by humanitarian agencies to assess, manage and maintain their cybersecurity efforts.

Keywords: humanities, cybersecurity, cybersecurity governance, maturity, cybersecurity maturity, maturity model

Procedia PDF Downloads 236

Authors: Malaw Ndiaye, Karim Konate

Abstract:

Smart contracts are computer protocols that facilitate, verify, and execute the negotiation or execution of a contract, or that render a contractual term unnecessary. Blockchain and smart contracts can be used to facilitate almost any financial transaction. Thanks to these smart contracts, the settlement of dividends and coupons could be automated. Smart contracts have become lucrative and profitable targets for attackers because they can hold a great amount of money. Smart contracts, although widely used in blockchain technology, are far from perfect due to security concerns. Since there are recent studies on smart contract security, none of them systematically study the strengths and weaknesses of smart contract security. Some have focused on an analysis of program-related vulnerabilities by providing a taxonomy of vulnerabilities. Other studies are responsible for listing the series of attacks linked to smart contracts. Although a series of attacks are listed, there is a lack of discussions and proposals on improving security. This survey takes stock of smart contract security from a more comprehensive perspective by correlating the level of vulnerability and systematic review of security levels in smart contracts.

Keywords: blockchain, Bitcoin, smart contract, criminal smart contract, security

Procedia PDF Downloads 137

Authors: Serkan Tezgel

Abstract:

The two qualities of the sea, as a medium of transportation and as a resource, necessitate maritime security for economic stability and good order at sea. The borderless nature of the sea makes it one of the best platforms to contribute to regional peace and international order. For this reason, the establishment of maritime security in East Mediterranean will enhance the security-peace-democracy triangle in the region. This paper proposes the application of the Smart Security Concept in the East Mediterranean. Smart Security aims to secure critical infrastructure, such as hydrocarbon platforms, against asymmetrical threats. The concept is based on Anti Asymmetrical Area Denial (A3D) which necessitates limiting freedom of action of maritime terrorists and piracy by founding safe and secure maritime areas through sea lines of communication using short range capabilities. Smart Security is a regional maritime cooperation concept for the narrow seas. Cooperation and interoperability are essential attributes of this regional security concept. Therefore, multinational excellence centers such as Multinational Maritime Security Center of Excellence-Aksaz in Turkey, which will determine necessary capabilities and plan/coordinate workshops, training and exercises, are bound to be the principal characteristic of Smart Security concept and similar regional concepts. Smart Security, a crucial enabler of energy and regional security, can provide an enduring approach for operating in the challenging environment of narrow seas and for countering asymmetrical threats.

Keywords: security, cooperation, asymmetrical, area denial

Procedia PDF Downloads 779

Authors: Shobha G. Ranjan

Abstract:

Cloud computing is an emerging, on-demand and internet- based technology. Varieties of services like, software, hardware, data storage and infrastructure can be shared though the cloud computing. This technology is highly reliable, cost effective and scalable in nature. It is a must only the authorized users should access these services. Further the time granted to access these services should be taken into account for proper accounting purpose. Currently many organizations do the security measures in many different ways to provide the best cloud infrastructure to their clients, but that’s not the limitation. This paper presents the multi-level security measure technique which is in accordance with the OSI model. In this paper, details of proposed multilevel security measures technique are presented along with the architecture, activities, algorithms and probability of success in breaking authentication.

Keywords: cloud computing, cloud security, integrity, multi-tenancy, security

Procedia PDF Downloads 475

Authors: Mujahid Muhammad, Paul Kearney, Adel Aneiba

Abstract:

The ability for vehicles to communicate with other vehicles (V2V), the physical (V2I) and network (V2N) infrastructures, pedestrians (V2P), etc. – collectively known as V2X (Vehicle to Everything) – will enable a broad and growing set of applications and services within the intelligent transport domain for improving road safety, alleviate traffic congestion and support autonomous driving. The telecommunication research and industry communities and standardization bodies (notably 3GPP) has finally approved in Release 14, cellular communications connectivity to support V2X communication (known as LTE – V2X). LTE – V2X system will combine simultaneous connectivity across existing LTE network infrastructures via LTE-Uu interface and direct device-to-device (D2D) communications. In order for V2X services to function effectively, a robust security mechanism is needed to ensure legal and safe interaction among authenticated V2X entities in the LTE-based V2X architecture. The characteristics of vehicular networks, and the nature of most V2X applications, which involve human safety makes it significant to protect V2X messages from attacks that can result in catastrophically wrong decisions/actions include ones affecting road safety. Attack vectors include impersonation attacks, modification, masquerading, replay, MiM attacks, and Sybil attacks. In this paper, we focus our attention on LTE-based V2X security and access control mechanisms. The current LTE-A security framework provides its own access authentication scheme, the AKA protocol for mutual authentication and other essential cryptographic operations between UEs and the network. V2N systems can leverage this protocol to achieve mutual authentication between vehicles and the mobile core network. However, this protocol experiences technical challenges, such as high signaling overhead, lack of synchronization, handover delay and potential control plane signaling overloads, as well as privacy preservation issues, which cannot satisfy the adequate security requirements for majority of LTE-based V2X services. This paper examines these challenges and points to possible ways by which they can be addressed. One possible solution, is the implementation of the distributed peer-to-peer LTE security mechanism based on the Bitcoin/Namecoin framework, to allow for security operations with minimal overhead cost, which is desirable for V2X services. The proposed architecture can ensure fast, secure and robust V2X services under LTE network while meeting V2X security requirements.

Keywords: authentication, long term evolution, security, vehicle-to-everything

Procedia PDF Downloads 142

Authors: Andrew John Zeller, Francis Pouatcha

Abstract:

Working according to the DevOps principle has gained in popularity over the past decade. While its extension DevSecOps started to include elements of cybersecurity, most real-life projects do not focus risk and security until the later phases of a project as teams are often more familiar with engineering and infrastructure services. To help bridge the gap between security and engineering, this paper will take six building blocks of cybersecurity and apply them to the DevOps approach. After giving a brief overview of the stages in the DevOps lifecycle, the main part discusses to what extent six cybersecurity blocks can be utilized in various stages of the lifecycle. The paper concludes with an outlook on how to stay up to date in the dynamic world of cybersecurity.

Keywords: information security, data security, cybersecurity, devOps, IT management

Procedia PDF Downloads 71

Authors: Muhammad Ali

Abstract:

Cyber-attacks and anomaly detection on the Internet of Things (IoT) infrastructure is emerging concern in the domain of data-driven intrusion. Rapidly increasing IoT risk is now making headlines around the world. denial of service, malicious control, data type probing, malicious operation, DDos, scan, spying, and wrong setup are attacks and anomalies that can affect an IoT system failure. Everyone talks about cyber security, connectivity, smart devices, and real-time data extraction. IoT devices expose a wide variety of new cyber security attack vectors in network traffic. For further than IoT development, and mainly for smart and IoT applications, there is a necessity for intelligent processing and analysis of data. So, our approach is too secure. We train several machine learning models that have been compared to accurately predicting attacks and anomalies on IoT systems, considering IoT applications, with ANOVA-based feature selection with fewer prediction models to evaluate network traffic to help prevent IoT devices. The machine learning (ML) algorithms that have been used here are KNN, SVM, NB, D.T., and R.F., with the most satisfactory test accuracy with fast detection. The evaluation of ML metrics includes precision, recall, F1 score, FPR, NPV, G.M., MCC, and AUC & ROC. The Random Forest algorithm achieved the best results with less prediction time, with an accuracy of 99.98%.

Keywords: machine learning, analysis of variance, Internet of Thing, network security, intrusion detection

Procedia PDF Downloads 93

Authors: H. P. Kerry

Abstract:

Drone technology has become a significant discourse in a nation’s national security, while this technology could constitute a danger to national security on the one hand, on the other hand, it is used in developed and developing countries for border security, and in some cases, for protection of security agents and migrants. In the case of Nigeria, drones are used by the military to monitor and tighten security around the borders. However, terrorist groups have devised a means to utilize the technology to their advantage. Therefore, the potential danger in the widespread proliferation of this technology has become a myriad of risks. The research on the effects of cross-border use of drones in Nigerian national security looks at the negative and positive consequences of using drone technology. The study employs the use of interviews and relevant documents to obtain data while the study applied the Just War theory to justify the reason why countries use force; it further buttresses the points with what the realist theory thinks about the use of force. In conclusion, the paper recommends that the Nigerian government through the National Assembly should pass a bill for the establishment of a law that will guide the use of armed and unarmed drones in Nigeria enforced by the Nigeria Civil Aviation Authority and the office of the National Security Adviser.

Keywords: armed drones, drones, cross-border, national security

Procedia PDF Downloads 133

Authors: Rafat Rob, Khaled Alotaibi, Dana Nour, Abdullah Albadrani, Abdulmohsen Mulhim

Abstract:

Power systems digitization solutions provides a comprehensive smart, cohesive, interconnected network, extensive connectivity between digital assets, physical power plants, and resources to form digital economies. However, digitization has exposed the classical air gapped power plants to the rapid spread of cyber threats and attacks in the process delaying and forcing many organizations to rethink their cyber security policies and standards before they can augment their operation the new advanced digital devices. Cyber Security requirements for power systems (and industry control systems therein) demand a new approach, unique methodology, and design process that is completely different to Cyber Security measures designed for the IT systems. In practice, Cyber Security strategy, as applied to power systems, tends to be closely aligned to those measures applied for IT system purposes. The differentiator for Cyber Security in terms of power systems are the physical assets and applications used, alongside the ever-growing rate of expansion within the industry controls sector (in comparison to the relatively saturated growth observed for corporate IT systems). These factors increase the magnitude of the cyber security risk within such systems. The introduction of smart devices and sensors along the grid initiate vulnerable entry points to the systems. Every installed Smart Meter is a target; the way these devices communicate with each other may instigate a Denial of Service (DoS) and Distributed Denial of Service (DDoS) attack. Attacking one sensor or meter has the potential to propagate itself throughout the power grid reaching the IT network, where it may manifest itself as a malware infiltration.

Keywords: supply chain, cybersecurity, maturity model, risk, smart grid

Procedia PDF Downloads 77

Authors: Endang Jati Mat Sahid, Hussain Ali Bekhet

Abstract:

Robust economic growth, increasing population, and personal consumption are the main drivers for the rapid increase of energy demand in Malaysia. Increasing demand has compounded the issue of national energy security due to over-dependence on fossil fuel, depleting indigenous domestic conventional energy resources which in turns has increased the country’s energy import dependence. In order to improve its energy security, Malaysia has seriously embarked on a renewable energy journey. Many initiatives on renewable energy have been introduced in the past decade. These strategies have resulted in the exploding growth of renewable energy deployment in Malaysia. Therefore, this study investigated the impact of renewable energy deployment on energy security. Secondary data was used to calculate the energy security indicators. The study also compared the results of applying different energy security indicators namely availability, applicability, affordability and acceptability dimension of energy resources. The evaluation shows that Malaysia will experience slight improvement in availability and acceptability dimension of energy security. This study suggests that energy security level could be further enhanced by efficient utilization of energy, reducing carbon content of energy and facilitating low-carbon industries.

Keywords: energy policy, energy security, Malaysia, renewable energy

Procedia PDF Downloads 209

Authors: Dainius Genys, Vylius Leonavicius, Ricardas Krikstolaitis

Abstract:

Energy security problems in Lithuania are analyzed on a regular basis; however, there is no comprehensive research on the very issue of the concept of public energy security. There is a lack of attention not only to social determinants of perception of energy security, but also a lack of a deeper analysis of the public opinion. This article aims to research the Lithuanian public perception of energy security. Complex tasks were set during the sociological study. Survey questionnaire consisted of different sets of questions: view of energy security (risk perception, political orientation, and energy security; comprehensiveness and energy security); view of energy risks and threats (perception of energy safety factors; individual dependence and burden; disobedience and risk); view of the activity of responsible institutions (energy policy assessment; confidence in institutions and energy security), demographic issues. In this article, we will focus on two aspects: a) We will analyze public opinion on the most important aspects of energy security and social factors influencing them; The hypothesis is made that public perception of energy security is related to value orientations: b) We will analyze how public opinion on energy policy executed by the government and confidence in the government are intertwined with the concept of energy security. Data of the survey, conducted on May 10-19 and June 7-17, 2013, when Seimas and the government consisted of the coalition dominated by Social Democrats with Labor, Order and Justice Parties and the Electoral Action of Poles, were used in this article. It is important to note that the survey was conducted prior to Russia’s occupation of the Crimea.

Keywords: energy security, public opinion, risk, energy threat, energy security policy

Procedia PDF Downloads 475

Authors: Jayaprakash Kar, Daniyal M. Alghazzawi

Abstract:

The article proposes a novel construction of signcryption scheme with provable security which is most suited to implement on smart card. It is secure in random oracle model and the security relies on Decisional Bilinear Diffie-Hellmann Problem. The proposed scheme is secure against adaptive chosen ciphertext attack (indistiguishbility) and adaptive chosen message attack (unforgebility). Also, it is inspired by zero-knowledge proof. The two most important security goals for smart card are Confidentiality and authenticity. These functions are performed in one logical step in low computational cost.

Keywords: random oracle, provable security, unforgebility, smart card

Procedia PDF Downloads 568

Authors: Smita Singh

Abstract:

The paper develops a critical framework to the hegemonic discourses resorted to by the dominant powers in the global security architecture. Within this framework, security is viewed as a discourse through which identities and threats are represented and produced to legitimize the security concerns of few at the cost of others. International security have long been driven and dominated by power relations. Since the end of the Cold War, the global transformations have triggered contestations to the idea of security at both theoretical and practical level. These widening and deepening of the concept of security have challenged the existing power hierarchies at the theoretical level but not altered the substance and actors defining it. When discourses are introduced into security studies, several critical questions erupt: how has power shaped security policies of the globe through language? How does one understand the meanings and impact of those discourses? Who decides the agenda, rules, players and outliers of the security? Language as a symbolic system and form of power is fluid and not fixed. Over the years the dominant Western powers, led by the United States of America have employed various discursive practices such as humanitarian intervention, responsibility to protect, non proliferation, human rights, war on terror and so on to reorient the constitution of identities and interests and hence the policies that need to be adopted for its actualization. These power relations are illustrated in this paper through the narratives used in the nonproliferation regime. The hierarchical security dynamics is a manifestation of the global power relations driven by many factors including discourses.

Keywords: hegemonic discourse, global security, non-proliferation regime, power politics

Procedia PDF Downloads 292

Authors: Hosen Tilat Mahal, Monir Hossain

Abstract:

Despite being a food-sufficient country after revolutionary changes in agricultural inputs, Bangladesh still has food insecurity and undernutrition. This study examines the association between agricultural practices (as social practices) and food security concentrating on the potential impact of sociodemographic factors and climate change. Using data from the 2012 Bangladesh Integrated Household Survey (BIHS), this study shows how modifiedagricultural practices are strongly associated with climate change and different sociodemographic factors (land ownership, religion, gender, education, and occupation) subsequently affect the status of food security in Bangladesh. We used linear and logistic regression models to analyze the association between modified agricultural practices and food security. The findings indicate that socioeconomic statuses are significant predictors of determining agricultural practices in a society like Bangladesh and control food security at the household level. Moreover, climate change is adversely impactingeven the modified agricultural and food security association version. We conclude that agricultural practices must consider climate change while boosting food security. Therefore, future research should integrate climate change into the agriculture and food-related mitigation and resiliency models.

Keywords: food security, agricultural productivity, climate change, bangladesh

Procedia PDF Downloads 85

Authors: Jun Liu

Abstract:

This paper introduces a new bipartite key agreement (2PKA) protocol which provides unconditionally security and lightweight. The unconditional security is stemmed from the known impossibility of distinguishing a particular solution from all possible solutions of an underdetermined system of equations. The indistinguishability prevents an adversary from inferring to the common secret-key even with the access to an unlimited amount of computing capability. This new 2PKA protocol is also lightweight because that the calculation of a common secret-key only makes use of simple modular arithmetic. This information-theoretic 2PKA scheme provides the desired features of Key Confirmation (KC), Session Key (SK) security, Know-Key (KK) security, protection of individual privacy, and uniformly distributed value of a common key under prime modulus.

Keywords: bipartite key agreement, information-theoretic cryptography, perfect security, lightweight

Procedia PDF Downloads 28

Authors: Joseph Udofia, Isaac Olufadewa

Abstract:

Everyday, the size of Electronic Health Records data keeps increasing as new patients visit health practitioner and returning patients fulfil their appointments. As these data grow, so is their susceptibility to cyber-attacks from criminals waiting to exploit this data. In the US, the damages for cyberattacks were estimated at $8 billion (2018), $11.5 billion (2019) and $20 billion (2021). These attacks usually involve the exposure of PII. Health data is considered PII, and its exposure carry significant impact. To this end, an enhancement of Health Policy and Standards in relation to data security, especially among patients and their clinical providers, is critical to ensure ethical practices, confidentiality, and trust in the healthcare system. As Clinical accelerators and applications that contain user data are used, it is expedient to have a review and revamp of policies like the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), the Fast Healthcare Interoperability Resources (FHIR), all aimed to ensure data protection and security in healthcare. FHIR caters for healthcare data interoperability, FHIR caters to healthcare data interoperability, as data is being shared across different systems from customers to health insurance and care providers. The astronomical cost of implementation has deterred players in the space from ensuring compliance, leading to susceptibility to data exfiltration and data loss on the security accuracy of protected health information (PHI). Though HIPAA hones in on the security accuracy of protected health information (PHI) and PCI DSS on the security of payment card data, they intersect with the shared goal of protecting sensitive information in line with industry standards. With advancements in tech and the emergence of new technology, it is necessary to revamp these policies to address the complexity and ambiguity, cost barrier, and ever-increasing threats in cyberspace. Healthcare data in the wrong hands is a recipe for disaster, and we must enhance its protection and security to protect the mental health of the current and future generations.

Keywords: cloud security, healthcare, cybersecurity, policy and standard

Procedia PDF Downloads 47

Authors: Sofia Ahanj Sofia Ahanj, Mahsa Rahmani Mahsa Rahmani, Zahra Sadeghigol, Vida Nobakht Vida Nobakht

Abstract:

Providing security in the electricity industry, as one of the vital infrastructures of the country, is one of the essential operations that must be taken in order to improve the security of the country. Resistant security strategies need to be regularly implemented as a dynamic process to improve security, and security evaluation is one of the most important steps in this process. Methodology in the field of evaluation in both technical and managerial dimensions is discussed in the laboratory. There are various standards in the field of general ICT technical-security evaluation. The most important are ISO / IEC 15408, ISO / IEC 27001 and NIST SP 800-53. In the present paper, these standards are first examined. Then, the standards and reports in the industrial field have been reviewed and compared, and finally, based on the results and special considerations of information and communication technology equipment in the electricity industry, the appropriate methodology has been presented.

Keywords: security standards, ISO/IEC 15408, ISA/IEC 62443 series, NIST SP 800-53, NISTIR 7628

Procedia PDF Downloads 136

Authors: Mergen Dyussenov

Abstract:

Food security has become a prominent issue on the global policy agenda. Yet, one particular region that remains understudied is a cohort of Central Asian countries. To shed light onto the issue, the paper looks into a review of existing literature related to food security policies in Central Asia. In so doing, it seeks to systematize the context analyzed, key findings, and recommendations. Furthermore, it analyzes the role of key actors in promoting the food security policies across Central Asian nations. Finally, the paper attempts to set the agenda for further research.

Keywords: food security, central Asia, the role of actors, policy analysis

Procedia PDF Downloads 290