Search results for: Information security risk treatment
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 6625

Search results for: Information security risk treatment

6325 Review Risk and Threats Due to Dam Break

Authors: A.Roshandel, N.Hedayat, H.kiamanesh

Abstract:

The one of most important objects in implementation of damage analysis observations is manner of dam break wave propagation. In this paper velocity and wave height due dam break in with and without tailwater states for appointment hazardous lands and flood radius are investigate. In order to modeling above phenomenon finite volume method of Roe type for solving shallow water equations is used. Results indicated that in the dry bed state risk radius due to dam break is too high. While in the wet bed risk radius has a less wide. Therefore in the first state constructions and storage facilities are encountered with destruction risk. Further velocity due to dam break in the second state is more comparing to the first state. Hence erosion and scour the river bed in the dry bed is too more compare to the wet bed.

Keywords: Dam break, finite volume method, tailwater, risk radius, scour

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1591
6324 How Herding Bias Could be Derived from Individual Investor Types and Risk Tolerance?

Authors: Huei-Wen Lin

Abstract:

This paper is to clarify the relationship of individual investor types, risk tolerance and herding bias. The questionnaire survey investigation is conducted to collect 389 valid and voluntary individual investors and to examine how the risk tolerance plays as a mediator between four types of personality and herding bias. Based on featuring BB&K model and reviewing the prior literature of psychology, a linear structural model are constructed and further used to evaluate the path of herding formation through the analysis of Structural Equation Modeling (SEM). The results showed that more impetuous investors would be prone to herding bias directly, but rather exhibit higher risk tolerance. However, risk tolerance would fully mediate between the level of confidence (i.e., confident or anxious) and herding bias, but not mediate between the method of action (careful or impetuous) for individual investors.

Keywords: Herding, investor types, risk tolerance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4308
6323 Organizational Data Security in Perspective of Ownership of Mobile Devices Used by Employees for Works

Authors: B. Ferdousi, J. Bari

Abstract:

With advancement of mobile computing, employees are increasingly doing their job-related works using personally owned mobile devices or organization owned devices. The Bring Your Own Device (BYOD) model allows employees to use their own mobile devices for job-related works, while Corporate Owned, Personally Enabled (COPE) model allows both organizations and employees to install applications onto organization-owned mobile devices used for job-related works. While there are many benefits of using mobile computing for job-related works, there are also serious concerns of different levels of threats to the organizational data security. Consequently, it is crucial to know the level of threat to the organizational data security in the BOYD and COPE models. It is also important to ensure that employees comply with the organizational data security policy. This paper discusses the organizational data security issues in perspective of ownership of mobile devices used by employees, especially in BYOD and COPE models. It appears that while the BYOD model has many benefits, there are relatively more data security risks in this model than in the COPE model. The findings also showed that in both BYOD and COPE environments, a more practical approach towards achieving secure mobile computing in organizational setting is through the development of comprehensive cybersecurity policies balancing employees’ need for convenience with organizational data security. The study helps to figure out the compliance and the risks of security breach in BYOD and COPE models.

Keywords: Data security, mobile computing, BYOD, COPE, cybersecurity policy, cybersecurity compliance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 304
6322 Extending the Aspect Oriented Programming Joinpoint Model for Memory and Type Safety

Authors: Amjad Nusayr

Abstract:

Software security is a general term used to any type of software architecture or model in which security aspects are incorporated in this architecture. These aspects are not part of the main logic of the underlying program. Software security can be achieved using a combination of approaches including but not limited to secure software designs, third part component validation, and secure coding practices. Memory safety is one feature in software security where we ensure that any object in memory is have a valid pointer or a reference with a valid type. Aspect Oriented Programming (AOP) is a paradigm that is concerned with capturing the cross-cutting concerns in code development. AOP is generally used for common cross-cutting concerns like logging and Database transaction managing. In this paper we introduce the concepts that enable AOP to be used for the purpose of memory and type safety. We also present ideas for extending AOP in software security practices.

Keywords: Aspect oriented programming, programming languages, software security, memory and type safety.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 372
6321 Public R and D Risk and Risk Management Policy

Authors: Youngseok Lee, Dongjin Chung, Youngjin Kim

Abstract:

R&D risk management has been suggested as one of the management approaches for accomplishing the goals of public R&D investment. The investment in basic science and core technology development is the essential roles of government for securing the social base needed for continuous economic growth. And, it is also an important role of the science and technology policy sectors to generate a positive environment in which the outcomes of public R&D can be diffused in a stable fashion by controlling the uncertainties and risk factors in advance that may arise during the application of such achievements to society and industry. Various policies have already been implemented to manage uncertainties and variables that may have negative impact on accomplishing public R& investment goals. But we may derive new policy measures for complementing the existing policies and for exploring progress direction by analyzing them in a policy package from the viewpoint of R&D risk management.

Keywords: Risk management, Public R&D policy, Science andtechnology policy, Performance management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1630
6320 Health Risk Assessment of Heavy Metals Adsorbed in Particulates

Authors: Sadovska V.

Abstract:

The progress of concentrations of particular heavy metals was assessed in chosen localities in region Moravia, the Czech Republic, from 2007 to 2009. Particular metals were observed in localities with various types and characterization of zone. Pb, Ni, As and Cd were emphasized as a result of their toxicity and potential adverse health effect to the exposed population. The progress of metal concentrations and their health effects in the most polluted localities were examined. According to the results, the air pollution limit values were not exceeded. Based on the health risk assessment, the probability of developing tumorous diseases is acceptable, except for the increased probability of cancer risk from long-term exposure to As.

Keywords: Air pollution, heavy metals, health risk assessment, individual lifetime cancer risk

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2375
6319 A Utilitarian Approach to Modeling Information Flows in Social Networks

Authors: Usha Sridhar, Sridhar Mandyam

Abstract:

We propose a multi-agent based utilitarian approach to model and understand information flows in social networks that lead to Pareto optimal informational exchanges. We model the individual expected utility function of the agents to reflect the net value of information received. We show how this model, adapted from a theorem by Karl Borch dealing with an actuarial Risk Exchange concept in the Insurance industry, can be used for social network analysis. We develop a utilitarian framework that allows us to interpret Pareto optimal exchanges of value as potential information flows, while achieving a maximization of a sum of expected utilities of information of the group of agents. We examine some interesting conditions on the utility function under which the flows are optimal. We illustrate the promise of this new approach to attach economic value to information in networks with a synthetic example.

Keywords: Borch's Theorem , Economic value of information, Information Exchange, Pareto Optimal Solution, Social Networks, Utility Functions

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1481
6318 User Behavior Based Enhanced Protocol (UBEP) for Secure Near Field Communication

Authors: Vinay Gautam, Vivek Gautam

Abstract:

With increase in the unauthorized users access, it is required to increase the security in the Near Field Communication (NFC). In the paper we propose a user behavior based enhanced protocol entitled ‘User Behavior based Enhanced Protocol (UBEP)’ to increase the security in NFC enabled devices. The UBEP works on the history of interaction of a user with system.The propose protocol considers four different factors (touch, time and distance & angle) of user behavior to know the authenticity or authorization of the users. These factors can be same for a user during interaction with the system. The UBEP uses two phase user verification system to authenticate a user. Firstly the acquisition phase is used to acquire and store the user interaction with NFC device and the same information is used in future to detect the authenticity of the user. The second phase (recognition) uses analysis of current and previous scenario of user interaction and digital signature verification system to finally authenticate user. The analysis of user based input makes a NFC transaction more advance and secure. This security is very tactical because it is completely depends on usage of the device.

Keywords: Security, Network Field communication, NFC Protocol.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1967
6317 Classification of Health Risk Factors to Predict the Risk of Falling in Older Adults

Authors: L. Lindsay, S. A. Coleman, D. Kerr, B. J. Taylor, A. Moorhead

Abstract:

Cognitive decline and frailty is apparent in older adults leading to an increased likelihood of the risk of falling. Currently health care professionals have to make professional decisions regarding such risks, and hence make difficult decisions regarding the future welfare of the ageing population. This study uses health data from The Irish Longitudinal Study on Ageing (TILDA), focusing on adults over the age of 50 years, in order to analyse health risk factors and predict the likelihood of falls. This prediction is based on the use of machine learning algorithms whereby health risk factors are used as inputs to predict the likelihood of falling. Initial results show that health risk factors such as long-term health issues contribute to the number of falls. The identification of such health risk factors has the potential to inform health and social care professionals, older people and their family members in order to mitigate daily living risks.

Keywords: Classification, falls, health risk factors, machine learning, older adults.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1008
6316 Learning Materials of Atmospheric Pressure Plasma Process: Application in Wrinkle-Resistant Finishing of Cotton Fabric

Authors: C. W. Kan

Abstract:

Cotton fibre is a commonly-used natural fibre because of its good fibre strength, high moisture absorption behaviour and minimal static problems. However, one of the main drawbacks of cotton fibre is wrinkling after washing, which is recently overcome by wrinkle-resistant treatment. 1,2,3,4-butanetetracarboxylic acid (BTCA) could improve the wrinkle-resistant properties of cotton fibre. Although the BTCA process is an effective method for wrinkle resistant application of cotton fabrics, reduced fabric strength was observed after treatment. Therefore, this paper would explore the use of atmospheric pressure plasma treatment under different discharge powers as a pretreatment process to enhance the application of BTCA process on cotton fabric without generating adverse effect. The aim of this study is to provide learning information to the users to know how the atmospheric pressure plasma treatment can be incorporated in textile finishing process with positive impact.

Keywords: Learning materials, atmospheric pressure plasma treatment, cotton, wrinkle-resistant, BTCA.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1367
6315 Identifying Knowledge Gaps in Incorporating Toxicity of Particulate Matter Constituents for Developing Regulatory Limits on Particulate Matter

Authors: Ananya Das, Arun Kumar, Gazala Habib, Vivekanandan Perumal

Abstract:

Regulatory bodies has proposed limits on Particulate Matter (PM) concentration in air; however, it does not explicitly indicate the incorporation of effects of toxicities of constituents of PM in developing regulatory limits. This study aimed to provide a structured approach to incorporate toxic effects of components in developing regulatory limits on PM. A four-step human health risk assessment framework consists of - (1) hazard identification (parameters: PM and its constituents and their associated toxic effects on health), (2) exposure assessment (parameters: concentrations of PM and constituents, information on size and shape of PM; fate and transport of PM and constituents in respiratory system), (3) dose-response assessment (parameters: reference dose or target toxicity dose of PM and its constituents), and (4) risk estimation (metric: hazard quotient and/or lifetime incremental risk of cancer as applicable). Then parameters required at every step were obtained from literature. Using this information, an attempt has been made to determine limits on PM using component-specific information. An example calculation was conducted for exposures of PM2.5 and its metal constituents from Indian ambient environment to determine limit on PM values. Identified data gaps were: (1) concentrations of PM and its constituents and their relationship with sampling regions, (2) relationship of toxicity of PM with its components.

Keywords: Air, component-specific toxicity, human health risks, particulate matter.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1154
6314 A Collusion-Resistant Distributed Signature Delegation Based on Anonymous Mobile Agent

Authors: Omaima Bamasak

Abstract:

This paper presents a novel method that allows an agent host to delegate its signing power to an anonymous mobile agent in such away that the mobile agent does not reveal any information about its host-s identity and, at the same time, can be authenticated by the service host, hence, ensuring fairness of service provision. The solution introduces a verification server to verify the signature generated by the mobile agent in such a way that even if colluding with the service host, both parties will not get more information than what they already have. The solution incorporates three methods: Agent Signature Key Generation method, Agent Signature Generation method, Agent Signature Verification method. The most notable feature of the solution is that, in addition to allowing secure and anonymous signature delegation, it enables tracking of malicious mobile agents when a service host is attacked. The security properties of the proposed solution are analyzed, and the solution is compared with the most related work.

Keywords: Anonymous signature delegation, collusion resistance, e-commerce fairness, mobile agent security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1416
6313 A Combined Fuzzy Decision Making Approach to Supply Chain Risk Assessment

Authors: P. Moeinzadeh, A. Hajfathaliha

Abstract:

Many firms implemented various initiatives such as outsourced manufacturing which could make a supply chain (SC) more vulnerable to various types of disruptions. So managing risk has become a critical component of SC management. Different types of SC vulnerability management methodologies have been proposed for managing SC risk, most offer only point-based solutions that deal with a limited set of risks. This research aims to reinforce SC risk management by proposing an integrated approach. SC risks are identified and a risk index classification structure is created. Then we develop a SC risk assessment approach based on the analytic network process (ANP) and the VIKOR methods under the fuzzy environment where the vagueness and subjectivity are handled with linguistic terms parameterized by triangular fuzzy numbers. By using FANP, risks weights are calculated and then inserted to the FVIKOR to rank the SC members and find the most risky partner.

Keywords: Analytic network process (ANP), Fuzzy sets, Supply chain risk management (SCRM), VIšekriterijumsko KOmpromisno Rangiranje (VIKOR)

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2898
6312 Money Laundering and Financing of Terrorism

Authors: C. Mallada Fernández

Abstract:

Economic development and globalization of international markets have created a favourable atmosphere for the emergence of new forms of crime such as money laundering or financing of terrorism, which may contribute to destabilized and damage economic systems. In particular, money laundering have acquired great importance since the 11S attacks, what has caused on the one hand, the establishment and development of preventive measures and, on the other hand, a progressive hardening of penal measures. Since then, the regulations imposed to fight against money laundering have been viewed as key components also in the fight against terrorist financing. Terrorism, at the beginning, was a “national” crime connected with internal problems of the State (for instance the RAF in Germany or ETA in Spain) but in the last 20 years has started to be an international problem that is connected with the defence and security of the States. Therefore, the new strategic concept for the defense and security of NATO has a comprehensive list of security threats to the Alliance, such as terrorism, international instability, money laundering or attacks on cyberspace, among others. With this new concept, money laundering and terrorism has become a priority in the national defense.

In this work we will analyze the methods to combat these new threats to the national security. We will study the preventive legislations to combat money laundering and financing of terrorism, the UIF that exchange information between States, and the hawala-Banking.

Keywords: Control of financial flows, money laundering, terrorism, financing of terrorism.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2855
6311 Survey on Jamming Wireless Networks: Attacks and Prevention Strategies

Authors: S. Raja Ratna, R. Ravi

Abstract:

Wireless networks are built upon the open shared medium which makes easy for attackers to conduct malicious activities. Jamming is one of the most serious security threats to information economy and it must be dealt efficiently. Jammer prevents legitimate data to reach the receiver side and also it seriously degrades the network performance. The objective of this paper is to provide a general overview of jamming in wireless network. It covers relevant works, different jamming techniques, various types of jammers and typical prevention techniques. Challenges associated with comparing several anti-jamming techniques are also highlighted.

Keywords: Channel, Cryptography, Frequency, Jamming, Legitimate, Security, Wavelength.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3129
6310 RUPSec: An Extension on RUP for Developing Secure Systems - Requirements Discipline

Authors: Mohammad Reza Ayatollahzadeh Shirazi, Pooya Jaferian, Golnaz Elahi, Hamid Baghi, Babak Sadeghian

Abstract:

The world is moving rapidly toward the deployment of information and communication systems. Nowadays, computing systems with their fast growth are found everywhere and one of the main challenges for these systems is increasing attacks and security threats against them. Thus, capturing, analyzing and verifying security requirements becomes a very important activity in development process of computing systems, specially in developing systems such as banking, military and e-business systems. For developing every system, a process model which includes a process, methods and tools is chosen. The Rational Unified Process (RUP) is one of the most popular and complete process models which is used by developers in recent years. This process model should be extended to be used in developing secure software systems. In this paper, the Requirement Discipline of RUP is extended to improve RUP for developing secure software systems. These proposed extensions are adding and integrating a number of Activities, Roles, and Artifacts to RUP in order to capture, document and model threats and security requirements of system. These extensions introduce a group of clear and stepwise activities to developers. By following these activities, developers assure that security requirements are captured and modeled. These models are used in design, implementation and test activitie

Keywords:

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2776
6309 Project Risk Management Techniques in Resource Allocation, Scheduling and Planning

Authors: Hossein Amoozad Khalili, Anahita Maleki

Abstract:

Normally business changes are made in order to change a level of activity in some way, whether it is sales, cash flow, productivity, or product portfolio. When attempts are made to make such changes, too often the business reverts to the old levels of activity as soon as management attention is diverted. Risk management is a field of growing interest to project managers as well as in general business and organizational management. There are several approaches used to manage risk in projects and this paper is a brief outline of some that you might encounter, with an indication of their strengths and weaknesses.

Keywords: Risk Management, Project Management, Scheduling, Planning

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3380
6308 Risk Assessment Results in Biogas Production from Agriculture Biomass

Authors: Sandija Zeverte-Rivza, Irina Pilvere, Baiba Rivza

Abstract:

The use of renewable energy sources incl. biogas has become topical in accordance with the increasing demand for energy, decrease of fossil energy resources and the efforts to reduce greenhouse gas emissions as well as to increase energy independence from the territories where fossil energy resources are available.

As the technologies of biogas production from agricultural biomass develop, risk assessment and risk management become necessary for farms producing such a renewable energy. The need for risk assessments has become particularly topical when discussions on changing the biogas policy in the EU take place, which may influence the development of the sector in the future, as well as the operation of existing biogas facilities and their income level.

The current article describes results of the risk assessment for farms producing biomass from agriculture biomass in Latvia, the risk assessment system included 24 risks, that affect the whole biogas production process and the obtained results showed the high significance of political and production risks.

Keywords: Biogas production, risks, risk assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3201
6307 Privacy of RFID Systems: Security of Personal Data for End-Users

Authors: Firoz Khan

Abstract:

Privacy of RFID systems is receiving increasing attention in the RFID community. RFID privacy is important as the RFID tags will be attached to all kinds of products and physical objects including people. The possible abuse or excessive use of RFID tracking capability by malicious users can lead to potential privacy violations. In this paper, we will discuss how the different industries use RFID and the potential privacy and security issues while RFID is implemented in these industries. Although RFID technology offers interesting services to customer and retailers, it could also endanger the privacy of end-users. Personal data can be leaked if a protection mechanism is not deployed in the RFID systems. The paper summarizes many different solutions for implementing privacy and security while deploying RFID systems.

Keywords: RFID, privacy, security, encryption.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 948
6306 Partnering with Stakeholders to Secure Digitization of Water

Authors: Sindhu Govardhan, Kenneth G. Crowther

Abstract:

Modernisation of the water sector is leading to increased connectivity and integration of emerging technologies with traditional ones, leading to new security risks. The convergence of Information Technology (IT) with Operation Technology (OT) results in solutions that are spread across larger geographic areas, increasingly consist of interconnected Industrial Internet of Things (IIOT) devices and software, rely on the integration of legacy with modern technologies, use of complex supply chain components leading to complex architectures and communication paths. The result is that multiple parties collectively own and operate these emergent technologies, threat actors find new paths to exploit, and traditional cybersecurity controls are inadequate. Our approach is to explicitly identify and draw data flows that cross trust boundaries between owners and operators of various aspects of these emerging and interconnected technologies. On these data flows, we layer potential attack vectors to create a frame of reference for evaluating possible risks against connected technologies. Finally, we identify where existing controls, mitigations, and other remediations exist across industry partners (e.g., suppliers, product vendors, integrators, water utilities, and regulators). From these, we are able to understand potential gaps in security, the roles in the supply chain that are most likely to effectively remediate those security gaps, and test cases to evaluate and strengthen security across these partners. This informs a “shared responsibility” solution that recognises that security is multi-layered and requires collaboration to be successful. This shared responsibility security framework improves visibility, understanding, and control across the entire supply chain, and particularly for those water utilities that are accountable for safe and continuous operations.

Keywords: Cyber security, shared responsibility, IIOT, threat modelling.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 95
6305 A Worst Case Estimation of the Inspection Rate by a Berthing Policy in a Container Terminal

Authors: K.H. Yang

Abstract:

After the terrorist attack on September 11, 2001 in U.S., the container security issue got high attention, especially by U.S. government, which deployed a lot of measures to promote or improve security systems. U.S. government not only enhances its national security system, but allies with other countries against the potential terrorist attacks in the future. For example CSI (Container Security Initiative), it encourages foreign ports outside U.S. to become CSI ports as a part of U.S. anti-terrorism network. Although promotion of the security could partly reach the goal of anti-terrorism, that will influence the efficiency of container supply chain, which is the main concern when implementing the inspection measurements. This paper proposes a quick estimation methodology for an inspection service rate by a berth allocation heuristic such that the inspection activities will not affect the original container supply chain. Theoretical and simulation results show this approach is effective.

Keywords: Berth allocation, Container, Heuristic, Inspection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1392
6304 Links between Landscape Management and Environmental Risk Assessment: Considerations from the Italian Context

Authors: M. Balestrieri, C. Pusceddu

Abstract:

Issues relating to the destructive phenomena that can damage people and goods have returned to the centre of debate in Italy with the increase in catastrophic episodes in recent years in a country which is highly vulnerable to hydrological risk. Environmental factors and geological and geomorphological territorial characteristics play an important role in determining the level of vulnerability and the natural tendency to risk. However, a territory has also been subjected to the requirements of and transformations of society and this brings other relevant factors. The reasons for the increase in destructive phenomena are often to be found in the territorial development models adopted. Stewardship of the landscape and management of risk are related issues. This study aims to summarize the most relevant elements about this connection and at the same time to clarify the role of environmental risk assessment as a tool to aid in the sustainable management of landscape. Finally, the study reflects on how regional and urban planners deal with environmental risk and which aspects should be monitored in order to adopt responsible and useful interventions.

Keywords: Assessment, landscape, risk, planning.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1802
6303 IS Flexibility Planning for IT/Business Strategy Alignment via Future Oriented POC Analysis

Authors: Masaru Furukawa, Shigeki Hirobayashi, Tadanobu Misawa

Abstract:

Nowadays, IT/Business strategy alignment is still a key topic of concern among managers worldwide. Change has always being considered the primary challenge affecting the strategy alignment. Planning for alignment in uncertain and dynamic changing environments is burdened with risk as organizations seek to understand how much flexibility to build in their management information system so as to maintain high levels of alignment. The literature review showed that there is a tight relationship between IT infrastructure flexibility and the strategy alignment with strategic information systems (SIS) planning serving as a moderator of this relationship, and that emphasized the needs for organizations to use SIS planning consistently and to monitor the relationship between IS flexibility and the alignment. This paper presents the procedure of SIS planning with IS flexibility renovation via future oriented analysis of POC (penalty of change) as a function of cost and time. Using this SIS planning and monitoring IS flexibility and the alignment during periods of increased change in dynamic and uncertain environments reduces the risk that could transform IT into an inhibitor rather than an enabler of change.

Keywords: IT/Business strategy alignment, strategic information systems (SIS) planning, IS flexibility, penalty of change (POC).

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1597
6302 Regional Security Issue: Central Asian Countries and NATO Cooperation (On the Example of Kazakhstan)

Authors: Karakulov Y., Baizakova K.

Abstract:

Kazakhstan attaches the great importance to cooperation with European countries within the framework of multilateral security organizations such as NATO. Cooperation of Kazakhstan with the NATO is a prominent aspect of strengthening of regional security of republic. It covers a wide spectrum of areas, such as reform of sector of defense and security, military operative compatibility of armed forces of NATO member-countries and Kazakhstan, civil emergency planning and scientific cooperation. The cooperation between Kazakhstan and NATO is based on the mutual interests of neighboring republics in the region so that the existing forms of cooperation between Kazakhstan and NATO will not be negatively perceived both in Asia as well as among CIS countries. Kazakhstan tailors its participation in the PfP programme through an annual Individual Partnership Programme, selecting those activities that will help achieve the goals it has set in the IPAP. Level of cooperation within the limits of PfP essentially differs on each republic. Cooperation with Kazakhstan progressed most of all since has been signed IPAP from the NATO

Keywords: Central Asia, Kazakhstan, NATO cooperation, regional security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2146
6301 AES and ECC Mixed for ZigBee Wireless Sensor Security

Authors: Saif Al-alak, Zuriati Ahmed, Azizol Abdullah, Shamala Subramiam

Abstract:

In this paper, we argue the security protocols of ZigBee wireless sensor network in MAC layer. AES 128-bit encryption algorithm in CCM* mode is secure transferred data; however, AES-s secret key will be break within nearest future. Efficient public key algorithm, ECC has been mixed with AES to rescue the ZigBee wireless sensor from cipher text and replay attack. Also, the proposed protocol can parallelize the integrity function to increase system performance.

Keywords: AES, ECC, Multi-level security, ZigBee

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3342
6300 Implicit Authorization Mechanism of Object-Oriented Database

Authors: Haibo Hu, Hong Xiang

Abstract:

Due to its special data structure and manipulative principle, Object-Oriented Database (OODB) has a particular security protection and authorization methods. This paper first introduces the features of security mechanism about OODB, and then talked about authorization checking process of OODB. Implicit authorization mechanism is based on the subject hierarchies, object hierarchies and access hierarchies of the security authorization modes, and simplifies the authorization mode. In addition, to combine with other authorization mechanisms, implicit authorization can make protection on the authorization of OODB expediently and effectively.

Keywords: Object-oriented database(OODB), security protection, authorization mechanism, implicit authorization, authorization check.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1690
6299 XML based Safe and Scalable Multi-Agent Development Framework

Authors: Rinkaj Goyal, Pravin Chandra, Yogesh Singh

Abstract:

In this paper we describe our efforts to design and implement an agent development framework that has the potential to scale to the size of any underlying network suitable for various ECommerce activities. The main novelty in our framework is it-s capability to allow the development of sophisticated, secured agents which are simple enough to be practical. We have adopted FIPA agent platform reference Model as backbone for implementation along with XML for agent Communication and Java Cryptographic Extension and architecture to realize the security of communication information between agents. The advantage of our architecture is its support of agents development in different languages and Communicating with each other using a more open standard i.e. XML

Keywords: Agent, Agent Development Framework, Agent Coordination, Security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1594
6298 Identifying Corruption in Legislation using Risk Analysis Methods

Authors: Chvalkovska, J., Jansky, P., Mejstrik, M.

Abstract:

The objective of this article is to discuss the potential of economic analysis as a tool for identification and evaluation of corruption in legislative acts. We propose that corruption be perceived as a risk variable within the legislative process. Therefore we find it appropriate to employ risk analysis methods, used in various fields of economics, for the evaluation of corruption in legislation. Furthermore we propose the incorporation of these methods into the so called corruption impact assessment (CIA), the general framework for detection of corruption in legislative acts. The applications of the risk analysis methods are demonstrated on examples of implementation of proposed CIA in the Czech Republic.

Keywords: corruption; corruption impact assessment (CIA); legislative; legislative process; risk analysis; Czech Republic

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2431
6297 Debts and Debt-Based Sukuk Related to Risk Shifting Behavior

Authors: Siti Raihana Hamzah

Abstract:

This paper elaborates risk shifting in debt financing system as the ultimate cause of the global financial crisis. In contrast, risk sharing in equity financing like sukuk helps the economic system to be better sustained. Nevertheless, some types of sukuk are haunted by the issue of imitation with bonds. The critics on the imitation issue not only have raised doubt on the ability of sukuk to diminish risk shifting behavior but also the ability of this Islamic financial instrument to ensure better future financial stability. Through that, this paper provides discussion on the possibility of sukuk to induce risk shifting and how equity financing may help sukuk to be free from risk shifting. This paper is important in the sense that sukuk receives a significant demand from investors throughout the world. For this instrument to be supportive in the future economic stability, the issue of imitation needs to be identified and addressed. Furthermore, critics cannot be focused on debts and its ability to gauge the financial flux but also to sukuk due to their structures similarity.

Keywords: Global financial crisis, debt, risk-shifting, risk sharing, equity, sukuk, bonds.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2505
6296 Identification of Risks Associated with Process Automation Systems

Authors: J. K. Visser, H. T. Malan

Abstract:

A need exists to identify the sources of risks associated with the process automation systems within petrochemical companies or similar energy related industries. These companies use many different process automation technologies in its value chain. A crucial part of the process automation system is the information technology component featuring in the supervisory control layer. The ever-changing technology within the process automation layers and the rate at which it advances pose a risk to safe and predictable automation system performance. The age of the automation equipment also provides challenges to the operations and maintenance managers of the plant due to obsolescence and unavailability of spare parts. The main objective of this research was to determine the risk sources associated with the equipment that is part of the process automation systems. A secondary objective was to establish whether technology managers and technicians were aware of the risks and share the same viewpoint on the importance of the risks associated with automation systems. A conceptual model for risk sources of automation systems was formulated from models and frameworks in literature. This model comprised six categories of risk which forms the basis for identifying specific risks. This model was used to develop a questionnaire that was sent to 172 instrument technicians and technology managers in the company to obtain primary data. 75 completed and useful responses were received. These responses were analyzed statistically to determine the highest risk sources and to determine whether there was difference in opinion between technology managers and technicians. The most important risks that were revealed in this study are: 1) the lack of skilled technicians, 2) integration capability of third-party system software, 3) reliability of the process automation hardware, 4) excessive costs pertaining to performing maintenance and migrations on process automation systems, and 5) requirements of having third-party communication interfacing compatibility as well as real-time communication networks.

Keywords: Distributed control system, identification of risks, information technology, process automation system.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 925