Search results for: system security.
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 9032

Search results for: system security.

8762 ATC in Competitive Electricity Market Using TCSC

Authors: S. K. Gupta, Richa Bansal

Abstract:

In a deregulated power system structure, power producers and customers share a common transmission network for wheeling power from the point of generation to the point of consumption. All parties in this open access environment may try to purchase the energy from the cheaper source for greater profit margins, which may lead to overloading and congestion of certain corridors of the transmission network. This may result in violation of line flow, voltage and stability limits and thereby undermine the system security. Utilities therefore need to determine adequately their available transfer capability (ATC) to ensure that system reliability is maintained while serving a wide range of bilateral and multilateral transactions. This paper presents power transfer distribution factor based on AC load flow for the determination and enhancement of ATC. The study has been carried out for IEEE 24 bus Reliability Test System.

Keywords: Available Transfer Capability, FACTS devices, Power Transfer Distribution Factors.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2357
8761 Improve of Evaluation Method for Information Security Levels of CIIP (Critical Information Infrastructure Protection)

Authors: Dong-Young Yoo, Jong-Whoi Shin, Gang Shin Lee, Jae-Il Lee

Abstract:

As the disfunctions of the information society and social development progress, intrusion problems such as malicious replies, spam mail, private information leakage, phishing, and pharming, and side effects such as the spread of unwholesome information and privacy invasion are becoming serious social problems. Illegal access to information is also becoming a problem as the exchange and sharing of information increases on the basis of the extension of the communication network. On the other hand, as the communication network has been constructed as an international, global system, the legal response against invasion and cyber-attack from abroad is facing its limit. In addition, in an environment where the important infrastructures are managed and controlled on the basis of the information communication network, such problems pose a threat to national security. Countermeasures to such threats are developed and implemented on a yearly basis to protect the major infrastructures of information communication. As a part of such measures, we have developed a methodology for assessing the information protection level which can be used to establish the quantitative object setting method required for the improvement of the information protection level.

Keywords: Information Security Evaluation Methodology, Critical Information Infrastructure Protection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1660
8760 FACTS Impact on Grid Stability and Power Markets

Authors: Abdulrahman Alsuhaibani, Martin Macken

Abstract:

FACTS devices have great influence on the grid stability and power markets price. Recently, there is intent to integrate a large scale of renewable energy sources to the power system which in turn pushes the power system to operate closer to the security limits. This paper discusses the power system stability and reliability improvement that could be achieved by using FACTS. There is a comparison between FACTS devices to evaluate their performance for different functions. A case study has also been made about its effect on reducing generation cost and minimizing transmission losses which have good impact on efficient and economic operation of electricity markets.

Keywords: FACTS, grid stability, spot price, Optimal Power Flow.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 373
8759 A Secure Auditing Framework for Load Balancing in Cloud Environment

Authors: R. Geetha, T. Padmavathy

Abstract:

Security audit is an important aspect or feature to be considered in cloud service customer. It is basically a certification process to audit the controls that deliver the security requirements. Security audits are conducted by trained and qualified staffs that belong to an independent auditing organization. Security audits must be carried as a standard of security controls. Proper check to be made that the cloud user has a proper reporting and logging facilities with the customer's system and hence ensuring appropriate business and operational flow of data through cloud service. We propose a cloud-based secure auditing framework, which enables confided in power to safely store their mystery information on the semi-believed cloud specialist co-ops, and specifically share their mystery information with a wide scope of information recipient, to diminish the key administration intricacy for power proprietors and information collectors. Unique in relation to past cloud-based information framework, data proprietors transfer their mystery information into cloud utilizing static and dynamic evaluating plan. Another propelled determination is, if any information beneficiary needs individual record to download, the information collector will send the solicitation to the expert. The specialist proprietor has the Access Control. At the off probability, the businessman must impart the primary record to the knowledge collector, acknowledge statistics beneficiary solicitation. Once the acknowledgement for the records is over, the recipient downloads the first record and this record shifting time with date and downloading time with date are monitored by the inspector. In addition to deduplication concept, diminished cloud memory area using dynamic document distribution has been proposed.

Keywords: Cloud computing, cloud storage auditing, data integrity, key exposure.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1168
8758 Access Policy Specification for SCADA Networks

Authors: Rodrigo Chandia, Mauricio Papa

Abstract:

Efforts to secure supervisory control and data acquisition (SCADA) systems must be supported under the guidance of sound security policies and mechanisms to enforce them. Critical elements of the policy must be systematically translated into a format that can be used by policy enforcement components. Ideally, the goal is to ensure that the enforced policy is a close reflection of the specified policy. However, security controls commonly used to enforce policies in the IT environment were not designed to satisfy the specific needs of the SCADA environment. This paper presents a language, based on the well-known XACML framework, for the expression of authorization policies for SCADA systems.

Keywords: Access policy specification, process control systems, network security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2315
8757 Security Threat and Countermeasure on 3G Network

Authors: Dongwan Kang, Joohyung Oh, Chaetae Im

Abstract:

Recent communications environment significantly expands the mobile environment. The popularization of smartphones with various mobile services has emerged, and smartphone users are rapidly increasing. Because of these symptoms, existing wired environment in a variety of mobile traffic entering to mobile network has threatened the stability of the mobile network. Unlike traditional wired infrastructure, mobile networks has limited radio resources and signaling procedures for complex radio resource management. So these traffic is not a problem in wired networks but mobile networks, it can be a threat. In this paper, we analyze the security threats in mobile networks and provide direction to solve it.

Keywords: 3G, Core Network Security, GTP, Mobile NetworkSecurity

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2140
8756 Speaker Recognition Using LIRA Neural Networks

Authors: Nestor A. Garcia Fragoso, Tetyana Baydyk, Ernst Kussul

Abstract:

This article contains information from our investigation in the field of voice recognition. For this purpose, we created a voice database that contains different phrases in two languages, English and Spanish, for men and women. As a classifier, the LIRA (Limited Receptive Area) grayscale neural classifier was selected. The LIRA grayscale neural classifier was developed for image recognition tasks and demonstrated good results. Therefore, we decided to develop a recognition system using this classifier for voice recognition. From a specific set of speakers, we can recognize the speaker’s voice. For this purpose, the system uses spectrograms of the voice signals as input to the system, extracts the characteristics and identifies the speaker. The results are described and analyzed in this article. The classifier can be used for speaker identification in security system or smart buildings for different types of intelligent devices.

Keywords: Extreme learning, LIRA neural classifier, speaker identification, voice recognition.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 764
8755 Electronic Health Record System: A Perspective to Improve the Value of Services Rendered to Patients in Healthcare Organization in Rwanda, Case of CHUB and Hopital De Nemba

Authors: Mugabe Nzarama Gabriel

Abstract:

In Rwanda, many healthcare organizations are still using a paper based patients’ data record system although it still present weaknesses to share health patients’ information across different services when necessary. In developed countries, the EHR has been put in place to revolutionize the paper based record system but still the EHR has some challenges related to privacy, security, or interoperability. The purpose of this research was to assess the existing patients’ data record system in healthcare sector in Rwanda, see what an EHR can improve to the system in place and assess the acceptance of EHR as system which is interoperable, very secure and interoperable and see whether stakeholders are ready to adopt the system. The case based methodology was used and TAM theoretical framework to design the questionnaire for the survey. A judgmental sample across two cases, CHUB and Hopital de Nemba, has been selected and SPSS has been used for descriptive statistics. After a qualitative analysis, the findings showed that the paper based record is useful, gives complete information about the patient, protects the privacy of patients but it is still less secure and less interoperable. The respondents shown that they are ready to use the proposed EHR System and want it secure, capable of enforcing the privacy but still they are not all ready for the interoperability. A conclusion has been formulated; recommendations and further research have been proposed.

Keywords: EHR system, healthcare service, TAM, privacy, interoperability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1103
8754 Big Data Analytics and Data Security in the Cloud via Fully Homomorphic Encryption

Authors: Victor Onomza Waziri, John K. Alhassan, Idris Ismaila, Moses Noel Dogonyaro

Abstract:

This paper describes the problem of building secure computational services for encrypted information in the Cloud Computing without decrypting the encrypted data; therefore, it meets the yearning of computational encryption algorithmic aspiration model that could enhance the security of big data for privacy, confidentiality, availability of the users. The cryptographic model applied for the computational process of the encrypted data is the Fully Homomorphic Encryption Scheme. We contribute a theoretical presentations in a high-level computational processes that are based on number theory and algebra that can easily be integrated and leveraged in the Cloud computing with detail theoretic mathematical concepts to the fully homomorphic encryption models. This contribution enhances the full implementation of big data analytics based cryptographic security algorithm.

Keywords: Data Analytics, Security, Privacy, Bootstrapping, and Fully Homomorphic Encryption Scheme.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3458
8753 Image Steganography Using Least Significant Bit Technique

Authors: Preeti Kumari, Ridhi Kapoor

Abstract:

 In any communication, security is the most important issue in today’s world. In this paper, steganography is the process of hiding the important data into other data, such as text, audio, video, and image. The interest in this topic is to provide availability, confidentiality, integrity, and authenticity of data. The steganographic technique that embeds hides content with unremarkable cover media so as not to provoke eavesdropper’s suspicion or third party and hackers. In which many applications of compression, encryption, decryption, and embedding methods are used for digital image steganography. Due to compression, the nose produces in the image. To sustain noise in the image, the LSB insertion technique is used. The performance of the proposed embedding system with respect to providing security to secret message and robustness is discussed. We also demonstrate the maximum steganography capacity and visual distortion.

Keywords: Steganography, LSB, encoding, information hiding, color image.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1092
8752 Towards a Secure Storage in Cloud Computing

Authors: Mohamed Elkholy, Ahmed Elfatatry

Abstract:

Cloud computing has emerged as a flexible computing paradigm that reshaped the Information Technology map. However, cloud computing brought about a number of security challenges as a result of the physical distribution of computational resources and the limited control that users have over the physical storage. This situation raises many security challenges for data integrity and confidentiality as well as authentication and access control. This work proposes a security mechanism for data integrity that allows a data owner to be aware of any modification that takes place to his data. The data integrity mechanism is integrated with an extended Kerberos authentication that ensures authorized access control. The proposed mechanism protects data confidentiality even if data are stored on an untrusted storage. The proposed mechanism has been evaluated against different types of attacks and proved its efficiency to protect cloud data storage from different malicious attacks.

Keywords: Access control, data integrity, data confidentiality, Kerberos authentication, cloud security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1771
8751 From Risk/Security Analysis via Timespace to a Model of Human Vulnerability and Human Security

Authors: Anders Troedsson

Abstract:

For us humans, risk and insecurity are intimately linked to vulnerabilities - where there is vulnerability, there is potentially risk and insecurity. Reducing vulnerability through compensatory measures means decreasing the likelihood of a certain external event be qualified as a risk/threat/assault, and thus also means increasing the individual’s sense of security. The paper suggests that a meaningful way to approach the study of risk/ insecurity is to organize thinking about the vulnerabilities that external phenomena evoke in humans as perceived by them. Such phenomena are, through a set of given vulnerabilities, potentially translated into perceptions of "insecurity." An ontological discussion about salient timespace characteristics of external phenomena as perceived by humans, including such which potentially can be qualified as risk/threat/assault, leads to the positing of two dimensions which are central for describing what in the paper is called the essence of risk/threat/assault. As is argued, such modeling helps analysis steer free of the subjective factor which is intimately connected to human perception and which mediates between phenomena “out there” potentially identified as risk/threat/assault, and their translation into an experience of security or insecurity. A proposed set of universally given vulnerabilities are scrutinized with the help of the two dimensions, resulting in a modeling effort featuring four realms of vulnerabilities which together represent a dynamic whole. This model in turn informs modeling on human security.

Keywords: Human vulnerabilities, human security, inert-immediate, material-immaterial, timespace.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1050
8750 Alternative Key Exchange Algorithm Based on Elliptic Curve Digital Signature Algorithm Certificate and Usage in Applications

Authors: A. Andreasyan, C. Connors

Abstract:

The Elliptic Curve Digital Signature algorithm-based X509v3 certificates are becoming more popular due to their short public and private key sizes. Moreover, these certificates can be stored in Internet of Things (IoT) devices, with limited resources, using less memory and transmitted in network security protocols, such as Internet Key Exchange (IKE), Transport Layer Security (TLS) and Secure Shell (SSH) with less bandwidth. The proposed method gives another advantage, in that it increases the performance of the above-mentioned protocols in terms of key exchange by saving one scalar multiplication operation.

Keywords: Cryptography, elliptic curve digital signature algorithm, key exchange, network security protocols.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 604
8749 Impact of Network Workload between Virtualization Solutions on a Testbed Environment for Cybersecurity Learning

Authors: K´evin Fernagut, Olivier Flauzac, Erick M. Gallegos R, Florent Nolot

Abstract:

The adoption of modern lightweight virtualization often comes with new threats and network vulnerabilities. This paper seeks to assess this with a different approach studying the behavior of a testbed built with tools such as Kernel-based Virtual Machine (KVM), LinuX Containers (LXC) and Docker, by performing stress tests within a platform where students experiment simultaneously with cyber-attacks, and thus observe the impact on the campus network and also find the best solution for cyber-security learning. Interesting outcomes can be found in the literature comparing these technologies. It is, however, difficult to find results of the effects on the global network where experiments are carried out. Our work shows that other physical hosts and the faculty network were impacted while performing these trials. The problems found are discussed, as well as security solutions and the adoption of new network policies.

Keywords: Containerization, containers, cyber-security, cyber-attacks, isolation, performance, security, virtualization, virtual machines.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 566
8748 Transmission Planning – a Probabilistic Load Flow Perspective

Authors: Constantin Barbulescu, Gh. Vuc, Stefan Kilyeni, Dan Jigoria-Oprea, Oana Pop

Abstract:

Perhaps no single issue has been cited as either the root cause and / or the greatest challenge to the restructured power system then the lack of adequate reliable transmission. Probabilistic transmission planning has become increasingly necessary and important in recent years. The transmission planning analysis carried out by the authors, spans a 10-year horizon, taking into consideration a value of 2 % load increase / year at each consumer. Taking into consideration this increased load, a probabilistic power flow was carried out, all the system components being regarded from probabilistic point of view. Several contingencies have been generated, for assessing the security of the power system. The results have been analyzed and several important conclusions were pointed. The objective is to achieve a network that works without limit violations for all (or most of) scenario realizations. The case study is represented by the IEEE 14 buses test power system.

Keywords: Contingency, load, operating state, probabilistic power flow, transmission planning

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1862
8747 Role-based Access Control Model in Home Network Environments

Authors: Do-Woo Kim, Geon Woo Kim, Jun-Ho Lee, Jong-Wook Han

Abstract:

The home in these days has not one computer connected to the Internet but rather a network of many devices within the home, and that network might be connected to the Internet. In such an environment, the potential for attacks is greatly increased. The general security technology can not apply because of the use of various wired and wireless network, middleware and protocol in digital home environment and a restricted system resource of home information appliances. To offer secure home services home network environments have need of access control for various home devices and information when users want to access. Therefore home network access control for user authorization is a very important issue. In this paper we propose access control model using RBAC in home network environments to provide home users with secure home services.

Keywords: Home network, access control, RBAC, security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1911
8746 Secure Power Systems Against Malicious Cyber-Physical Data Attacks: Protection and Identification

Authors: Morteza Talebi, Jianan Wang, Zhihua Qu

Abstract:

The security of power systems against malicious cyberphysical data attacks becomes an important issue. The adversary always attempts to manipulate the information structure of the power system and inject malicious data to deviate state variables while evading the existing detection techniques based on residual test. The solutions proposed in the literature are capable of immunizing the power system against false data injection but they might be too costly and physically not practical in the expansive distribution network. To this end, we define an algebraic condition for trustworthy power system to evade malicious data injection. The proposed protection scheme secures the power system by deterministically reconfiguring the information structure and corresponding residual test. More importantly, it does not require any physical effort in either microgrid or network level. The identification scheme of finding meters being attacked is proposed as well. Eventually, a well-known IEEE 30-bus system is adopted to demonstrate the effectiveness of the proposed schemes.

Keywords: Algebraic Criterion, Malicious Cyber-Physical Data Injection, Protection and Identification, Trustworthy Power System.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1993
8745 Strategies and Compromises: Towards an Integrated Energy and Climate Policy for Egypt

Authors: S.T. El Sheltawy, A. A. Refaat

Abstract:

Until recently, energy security and climate change were considered separate issues to be dealt with by policymakers. The two issues are now converging, challenging the security and climate communities to develop a better understanding of how to deal with both issues simultaneously. Although Egypt is not a major contributor to the world's total GHG emissions, it is particularly vulnerable to the potential effects of global climate change such as rising sea levels and changed patterns of rainfall in the Nile Basin. Climate change is a major threat to sustainable growth and development in Egypt, and the achievement of the Millennium Development Goals. Egypt-s capacity to respond to the challenges of climate instability will be expanded by improving overall resilience, integrating climate change goals into sustainable development strategies, increasing the use of modern energy systems with reduced carbon intensity, and strengthening international initiatives. This study seeks to establish a framework for considering the complex and evolving links between energy security and climate change, applicable to Egypt.

Keywords: climate change, climate policy, cnergy policy, energy security, sustainable development

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1788
8744 Enhancing Transit Trade, Facilitation System and Supply Chain Security for Local, Regional and an International Corridor

Authors: Moh’d A. AL-Shboul

Abstract:

Recently, and due to Arab spring and terrorism around the globe, pushing and driving most governments potentially to harmonize their border measures particularly the regional and an international transit trade within and among Customs Unions. The main purpose of this study is to investigate and provide an insight for monitoring and controlling the trade supply chain within and among different countries by using technological advancement (i.e. an electronic tracking system, etc.); furthermore, facilitate the local and intra-regional trade among countries through reviewing the recent trends and practical implementation of an electronic transit traffic and cargo that related to customs measures by introducing and supporting some case studies of several international and landlocked transit trade countries. The research methodology employed in this study was described as qualitative by conducting few interviews with managers, transit truck drivers, and traders and reviewing the related literature to collect qualitative data from secondary sources such as statistical reports, previous studies, etc. The results in this study show that Jordan and other countries around the globe that used an electronic tracking system for monitoring transit trade has led to a significant reduction in cost, effort and time in physical movement of goods internally and crossing through other countries. Therefore, there is no need to escort transit trucks by customs staff; hence, the rate of escort transit trucks is reduced by more than ninety percent, except the bulky and high duty goods. Electronic transit traffic has been increased; the average transit time journey has been reduced by more than seventy percent and has led to decrease in rates of smuggling up to fifty percent. The researcher recommends considering Jordan as regional and international office for tracking electronically and monitoring the transit trade for many considerations.

Keywords: Electronic tracking system, facilitation system, regional and international corridor, supply chain security, transit trade.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1402
8743 Impact of Implementing VPN to Secure Wireless LAN

Authors: H. Bourdoucen, A. Al Naamany, A. Al Kalbani

Abstract:

Many corporations are seriously concerned about security of networks and therefore, their network supervisors are still reluctant to install WLANs. In this regards, the IEEE802.11i standard was developed to address the security problems, even though the mistrust of the wireless LAN technology is still existing. The thought was that the best security solutions could be found in open standards based technologies that can be delivered by Virtual Private Networking (VPN) being used for long time without addressing any security holes for the past few years. This work, addresses this issue and presents a simulated wireless LAN of IEEE802.11g protocol, and analyzes impact of integrating Virtual Private Network technology to secure the flow of traffic between the client and the server within the LAN, using OPNET WLAN utility. Two Wireless LAN scenarios have been introduced and simulated. These are based on normal extension to a wired network and VPN over extension to a wired network. The results of the two scenarios are compared and indicate the impact of improving performance, measured by response time and load, of Virtual Private Network over wireless LAN.

Keywords: IEEE802.11, VPN, Networking, Secure Wireless, WLAN, Opnet.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2998
8742 3G WCDMA Mobile Network DoS Attack and Detection Technology

Authors: JooHyung Oh, Dongwan Kang, Sekwon Kim, ChaeTae Im

Abstract:

Currently, there has been a 3G mobile networks data traffic explosion due to the large increase in the number of smartphone users. Unlike a traditional wired infrastructure, 3G mobile networks have limited wireless resources and signaling procedures for complex wireless resource management. And mobile network security for various abnormal and malicious traffic technologies was not ready. So Malicious or potentially malicious traffic originating from mobile malware infected smart devices can cause serious problems to the 3G mobile networks, such as DoS and scanning attack in wired networks. This paper describes the DoS security threat in the 3G mobile network and proposes a detection technology.

Keywords: 3G, WCDMA, DoS, Security Threat

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3267
8741 Understanding Success Factors of an Information Security Management System Plan Phase Self-Implementation

Authors: Nurazean Maarop, Noorjan Mohd Mustapha, Rasimah Yusoff, Roslina Ibrahim, Norziha Megat Mohd Zainuddin

Abstract:

The goal of this study is to identify success factors that could influence the ISMS self-implementation in government sector from qualitative perspective. This study is based on a case study in one of the Malaysian government agency. Semi-structured interviews involving five key informants were conducted to examine factors addressed in the conceptual framework. Subsequently, thematic analysis was executed to describe the influence of each factor on the success implementation of ISMS. The result of this study indicates that management commitment, implementer commitment and implementer competency are part of the success factors for ISMS self-implementation in Malaysian Government Sector.

Keywords: ISMS Success Factors, IT Project Management, IS Success, Information Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4274
8740 Implementation of TinyHash based on Hash Algorithm for Sensor Network

Authors: HangRok Lee, YongJe Choi, HoWon Kim

Abstract:

In recent years, it has been proposed security architecture for sensor network.[2][4]. One of these, TinySec by Chris Kalof, Naveen Sastry, David Wagner had proposed Link layer security architecture, considering some problems of sensor network. (i.e : energy, bandwidth, computation capability,etc). The TinySec employs CBC_mode of encryption and CBC-MAC for authentication based on SkipJack Block Cipher. Currently, This TinySec is incorporated in the TinyOS for sensor network security. This paper introduces TinyHash based on general hash algorithm. TinyHash is the module in order to replace parts of authentication and integrity in the TinySec. it implies that apply hash algorithm on TinySec architecture. For compatibility about TinySec, Components in TinyHash is constructed as similar structure of TinySec. And TinyHash implements the HMAC component for authentication and the Digest component for integrity of messages. Additionally, we define the some interfaces for service associated with hash algorithm.

Keywords: sensor network security, nesC, TinySec, TinyOS, Hash, HMAC, integrity

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2354
8739 A Proposal to Mobile Payment Implementing 2AF+

Authors: Nael Hirzallah, Sana Nseir

Abstract:

Merchants are competing to offer the use of mobile payment to encourage shopping. many mobile payment systems were made available in various locations worldwide; however, they have various drawbacks. This paper proposes a new mobile payment system that discusses the main drawbacks of these systems, namely security and speed of transaction. The proposal is featured by being simple to use by customers and merchants. Furthermore, the proposed system depends on a new authentication factor that is introduced in this paper and called by Two-Factors Authentication Plus, (2FA+).

Keywords: Electronic Commerce, Payment schemes, Mobile Payment, Authentication Factors, Mobile Applications.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2597
8738 Food Security in the Middle East and North Africa

Authors: Sara D. Garduño-Diaz, Philippe Y. Garduño-Diaz

Abstract:

To date, one of the few comprehensive indicators for the measurement of food security is the Global Food Security Index (GFSI). This index is a dynamic quantitative and qualitative benchmarking model, constructed from 28 unique indicators, that measures drivers of food security across both developing and developed countries. Whereas the GFSI has been calculated across a set of 109 countries, in this paper we aim to present and compare, for the Middle East and North Africa (MENA), 1) the Food Security Index scores achieved and 2) the data available on affordability, availability, and quality of food. The data for this work was taken from the latest available report published by the creators of the GFSI, which in turn used information from national and international statistical sources. MENA countries rank from place 17/109 (Israel, although with resent political turmoil this is likely to have changed) to place 91/109 (Yemen) with household expenditure spent in food ranging from 15.5% (Israel) to 60% (Egypt). Lower spending on food as a share of household consumption in most countries and better food safety net programs in the MENA have contributed to a notable increase in food affordability. The region has also, however, experienced a decline in food availability, owing to more limited food supplies and higher volatility of agricultural production. In terms of food quality and safety the MENA has the top ranking country (Israel). The most frequent challenges faced by the countries of the MENA include public expenditure on agricultural research and development as well as volatility of agricultural production. Food security is a complex phenomenon that interacts with many other indicators of a country’s wellbeing; in the MENA it is slowly but markedly improving.

Keywords: Diet, food insecurity, global food security index, nutrition, sustainability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3996
8737 Implementing Fault Tolerance with Proxy Signature on the Improvement of RSA System

Authors: H. El-Kamchouchi, Heba Gaber, Fatma Ahmed, Dalia H. El-Kamchouchi

Abstract:

Fault tolerance and data security are two important issues in modern communication systems. During the transmission of data between the sender and receiver, errors may occur frequently. Therefore, the sender must re-transmit the data to the receiver in order to correct these errors, which makes the system very feeble. To improve the scalability of the scheme, we present a proxy signature scheme with fault tolerance over an efficient and secure authenticated key agreement protocol based on the improved RSA system. Authenticated key agreement protocols have an important role in building a secure communications network between the two parties.

Keywords: Proxy signature, fault tolerance, improved RSA, key agreement.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1258
8736 Formal Analysis of a Public-Key Algorithm

Authors: Markus Kaiser, Johannes Buchmann

Abstract:

In this article, a formal specification and verification of the Rabin public-key scheme in a formal proof system is presented. The idea is to use the two views of cryptographic verification: the computational approach relying on the vocabulary of probability theory and complexity theory and the formal approach based on ideas and techniques from logic and programming languages. A major objective of this article is the presentation of the first computer-proved implementation of the Rabin public-key scheme in Isabelle/HOL. Moreover, we explicate a (computer-proven) formalization of correctness as well as a computer verification of security properties using a straight-forward computation model in Isabelle/HOL. The analysis uses a given database to prove formal properties of our implemented functions with computer support. The main task in designing a practical formalization of correctness as well as efficient computer proofs of security properties is to cope with the complexity of cryptographic proving. We reduce this complexity by exploring a light-weight formalization that enables both appropriate formal definitions as well as efficient formal proofs. Consequently, we get reliable proofs with a minimal error rate augmenting the used database, what provides a formal basis for more computer proof constructions in this area.

Keywords: public-key encryption, Rabin public-key scheme, formalproof system, higher-order logic, formal verification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1537
8735 Toward a Risk Assessment Model Based On Multi-Agent System for Cloud Consumer

Authors: Saadia Drissi, Siham Benhadou, Hicham Medromi

Abstract:

The cloud computing is an innovative paradigm that introduces several changes in technology that have resulted a new ways for cloud providers to deliver their services to cloud consumers mainly in term of security risk assessment, thus, adapting a current risk assessment tools to cloud computing is a very difficult task due to its several characteristics that challenge the effectiveness of risk assessment approaches. As consequence, there is a need of risk assessment model adapted to cloud computing. This paper requires a new risk assessment model based on multi-agent system and AHP model as fundamental steps towards the development of flexible risk assessment approach regarding cloud consumers.

Keywords: Cloud computing, risk assessment model, multi-agent system, AHP model, cloud consumer.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2256
8734 Hardware Prototyping of an Efficient Encryption Engine

Authors: Muhammad I. Ibrahimy, Mamun B.I. Reaz, Khandaker Asaduzzaman, Sazzad Hussain

Abstract:

An approach to develop the FPGA of a flexible key RSA encryption engine that can be used as a standard device in the secured communication system is presented. The VHDL modeling of this RSA encryption engine has the unique characteristics of supporting multiple key sizes, thus can easily be fit into the systems that require different levels of security. A simple nested loop addition and subtraction have been used in order to implement the RSA operation. This has made the processing time faster and used comparatively smaller amount of space in the FPGA. The hardware design is targeted on Altera STRATIX II device and determined that the flexible key RSA encryption engine can be best suited in the device named EP2S30F484C3. The RSA encryption implementation has made use of 13,779 units of logic elements and achieved a clock frequency of 17.77MHz. It has been verified that this RSA encryption engine can perform 32-bit, 256-bit and 1024-bit encryption operation in less than 41.585us, 531.515us and 790.61us respectively.

Keywords: RSA, FPGA, Communication, Security, VHDL.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1451
8733 The Prevalence of Organized Retail Crime in Riyadh, Saudi Arabia

Authors: Saleh Dabil

Abstract:

This study investigates the level of existence of organized retail crime in supermarkets of Riyadh, Saudi Arabia. The store managers, security managers and general employees were asked about the types of retail crimes occur in the stores. Three independent variables were related to the report of organized retail theft. The independent variables are: 1) the supermarket profile (volume, location, standard and type of the store), 2) the social physical environment of the store (maintenance, cleanness and overall organizational cooperation), 3) the security techniques and loss prevention electronics techniques used. The theoretical framework of this study based on the social disorganization theory. This study concluded that the organized retail theft, in specific, organized theft is moderately apparent in Riyadh stores. The general result showed that the environment of the stores has an effect on the prevalence of organized retail theft with relation to the gender of thieves, age groups, working shift, type of stolen items as well as the number of thieves in one case. Among other reasons, some factors of the organized theft are: economic pressure of customers based on the location of the store. The dealing of theft also was investigated to have a clear picture of stores dealing with organized retail theft. The result showed that mostly, thieves sent without any action and sometimes given written warning. Very few cases dealt with by police. There are other factors in the study can be looked up in the text. This study suggests solving the problem of organized theft; first, is "the well distributing of the duties and responsibilities between the employees especially for security purposes". Second "Installation of strong security system" and "Making well-designed store layout". Third is "giving training for general employees" and "to give periodically security skills training of employees". There are other suggestions in the study can be looked up in the text.

Keywords: Organized Crime, Retail, Theft, Loss prevention, Store environment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2335