Search results for: Information security risk treatment
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 6685

Search results for: Information security risk treatment

6355 A Security Analysis for Home Gateway Architectures

Authors: Pierre Parrend, Stephane Frenot

Abstract:

Providing Services at Home has become over the last few years a very dynamic and promising technological domain. It is likely to enable wide dissemination of secure and automated living environments. We propose a methodology for identifying threats to Services at Home Delivery systems, as well as a threat analysis of a multi-provider Home Gateway architecture. This methodology is based on a dichotomous positive/preventive study of the target system: it aims at identifying both what the system must do, and what it must not do. This approach completes existing methods with a synthetic view of potential security flaws, thus enabling suitable measures to be taken into account. Security implications of the evolution of a given system become easier to deal with. A prototype is built based on the conclusions of this analysis.

Keywords: Security requirements, Connected Home, OSGi, Sofware Components.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1608
6354 A Proposal for a Secure and Interoperable Data Framework for Energy Digitalization

Authors: Hebberly Ahatlan

Abstract:

The process of digitizing energy systems involves transforming traditional energy infrastructure into interconnected, data-driven systems that enhance efficiency, sustainability, and responsiveness. As smart grids become increasingly integral to the efficient distribution and management of electricity from both fossil and renewable energy sources, the energy industry faces strategic challenges associated with digitalization and interoperability — particularly in the context of modern energy business models, such as virtual power plants (VPPs). The critical challenge in modern smart grids is to seamlessly integrate diverse technologies and systems, including virtualization, grid computing and service-oriented architecture (SOA), across the entire energy ecosystem. Achieving this requires addressing issues like semantic interoperability, Information Technology (IT) and Operational Technology (OT) convergence, and digital asset scalability, all while ensuring security and risk management. This paper proposes a four-layer digitalization framework to tackle these challenges, encompassing persistent data protection, trusted key management, secure messaging, and authentication of IoT resources. Data assets generated through this framework enable AI systems to derive insights for improving smart grid operations, security, and revenue generation. Furthermore, this paper also proposes a Trusted Energy Interoperability Alliance as a universal guiding standard in the development of this digitalization framework to support more dynamic and interoperable energy markets.

Keywords: Digitalization, IT/OT convergence, semantic interoperability, TEIA alliance, VPP.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 116
6353 IS Flexibility Planning for IT/Business Strategy Alignment via Future Oriented POC Analysis

Authors: Masaru Furukawa, Shigeki Hirobayashi, Tadanobu Misawa

Abstract:

Nowadays, IT/Business strategy alignment is still a key topic of concern among managers worldwide. Change has always being considered the primary challenge affecting the strategy alignment. Planning for alignment in uncertain and dynamic changing environments is burdened with risk as organizations seek to understand how much flexibility to build in their management information system so as to maintain high levels of alignment. The literature review showed that there is a tight relationship between IT infrastructure flexibility and the strategy alignment with strategic information systems (SIS) planning serving as a moderator of this relationship, and that emphasized the needs for organizations to use SIS planning consistently and to monitor the relationship between IS flexibility and the alignment. This paper presents the procedure of SIS planning with IS flexibility renovation via future oriented analysis of POC (penalty of change) as a function of cost and time. Using this SIS planning and monitoring IS flexibility and the alignment during periods of increased change in dynamic and uncertain environments reduces the risk that could transform IT into an inhibitor rather than an enabler of change.

Keywords: IT/Business strategy alignment, strategic information systems (SIS) planning, IS flexibility, penalty of change (POC).

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1622
6352 A Fuzzy Swarm Optimized Approach for Piece Selection in Bit Torrent Like Peer to Peer Network

Authors: M. Padmavathi, R. M. Suresh

Abstract:

Every machine plays roles of client and server simultaneously in a peer-to-peer (P2P) network. Though a P2P network has many advantages over traditional client-server models regarding efficiency and fault-tolerance, it also faces additional security threats. Users/IT administrators should be aware of risks from malicious code propagation, downloaded content legality, and P2P software’s vulnerabilities. Security and preventative measures are a must to protect networks from potential sensitive information leakage and security breaches. Bit Torrent is a popular and scalable P2P file distribution mechanism which successfully distributes large files quickly and efficiently without problems for origin server. Bit Torrent achieved excellent upload utilization according to measurement studies, but it also raised many questions as regards utilization in settings, than those measuring, fairness, and Bit Torrent’s mechanisms choice. This work proposed a block selection technique using Fuzzy ACO with optimal rules selected using ACO.

Keywords: Ant Colony Optimization (ACO), Bit Torrent, Download time, Peer-to-Peer (P2P) network, Performance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2587
6351 Improving Security by Using Secure Servers Communicating via Internet with Standalone Secure Software

Authors: Carlos Gonzalez

Abstract:

This paper describes the use of the Internet as a feature to enhance the security of our software that is going to be distributed/sold to users potentially all over the world. By placing in a secure server some of the features of the secure software, we increase the security of such software. The communication between the protected software and the secure server is done by a double lock algorithm. This paper also includes an analysis of intruders and describes possible responses to detect threats.

Keywords: Internet, secure software, threats, cryptography process.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1045
6350 A Combined Fuzzy Decision Making Approach to Supply Chain Risk Assessment

Authors: P. Moeinzadeh, A. Hajfathaliha

Abstract:

Many firms implemented various initiatives such as outsourced manufacturing which could make a supply chain (SC) more vulnerable to various types of disruptions. So managing risk has become a critical component of SC management. Different types of SC vulnerability management methodologies have been proposed for managing SC risk, most offer only point-based solutions that deal with a limited set of risks. This research aims to reinforce SC risk management by proposing an integrated approach. SC risks are identified and a risk index classification structure is created. Then we develop a SC risk assessment approach based on the analytic network process (ANP) and the VIKOR methods under the fuzzy environment where the vagueness and subjectivity are handled with linguistic terms parameterized by triangular fuzzy numbers. By using FANP, risks weights are calculated and then inserted to the FVIKOR to rank the SC members and find the most risky partner.

Keywords: Analytic network process (ANP), Fuzzy sets, Supply chain risk management (SCRM), VIšekriterijumsko KOmpromisno Rangiranje (VIKOR)

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2928
6349 Project Risk Management Techniques in Resource Allocation, Scheduling and Planning

Authors: Hossein Amoozad Khalili, Anahita Maleki

Abstract:

Normally business changes are made in order to change a level of activity in some way, whether it is sales, cash flow, productivity, or product portfolio. When attempts are made to make such changes, too often the business reverts to the old levels of activity as soon as management attention is diverted. Risk management is a field of growing interest to project managers as well as in general business and organizational management. There are several approaches used to manage risk in projects and this paper is a brief outline of some that you might encounter, with an indication of their strengths and weaknesses.

Keywords: Risk Management, Project Management, Scheduling, Planning

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3415
6348 Implementation of RC5 Block Cipher Algorithm for Image Cryptosystems

Authors: Hossam El-din H. Ahmed, Hamdy M. Kalash, Osama S. Farag Allah

Abstract:

This paper examines the implementation of RC5 block cipher for digital images along with its detailed security analysis. A complete specification for the method of application of the RC5 block cipher to digital images is given. The security analysis of RC5 block cipher for digital images against entropy attack, bruteforce, statistical, and differential attacks is explored from strict cryptographic viewpoint. Experiments and results verify and prove that RC5 block cipher is highly secure for real-time image encryption from cryptographic viewpoint. Thorough experimental tests are carried out with detailed analysis, demonstrating the high security of RC5 block cipher algorithm.

Keywords: Image encryption, security analysis.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3676
6347 An Anonymity-Based Secure On-Demand Routing for Mobile Ad Hoc Networks

Authors: M. Gunasekaran, K. Premalatha

Abstract:

Privacy and Security have emerged as an important research issue in Mobile Ad Hoc Networks (MANET) due to its unique nature such as scarce of resources and absence of centralized authority. There are number of protocols have been proposed to provide privacy and security for data communication in an adverse environment, but those protocols are compromised in many ways by the attackers. The concept of anonymity (in terms of unlinkability and unobservability) and pseudonymity has been introduced in this paper to ensure privacy and security. In this paper, a Secure Onion Throat (SOT) protocol is proposed to provide complete anonymity in an adverse environment. The SOT protocol is designed based on the combination of group signature and onion routing with ID-based encryption for route discovery. The security analysis demonstrates the performance of SOT protocol against all categories of attacks. The simulation results ensure the necessity and importance of the proposed SOT protocol in achieving such anonymity.

Keywords: Routing, anonymity, privacy, security and MANET.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2740
6346 New Curriculum Approach in Teaching Network Security Subjects for ICT Courses in Malaysia

Authors: Mohd Fairuz Iskandar Othman, Nazrulazhar Bahaman, Zulkiflee Muslim, Faizal Abdollah

Abstract:

This paper discusses a curriculum approach that will give emphasis on practical portions of teaching network security subjects in information and communication technology courses. As we are well aware, the need to use a practice and application oriented approach in education is paramount. Research on active learning and cooperative groups have shown that students grasps more and have more tendency towards obtaining and realizing soft skills like leadership, communication and team work as opposed to the more traditional theory and exam based teaching and learning. While this teaching and learning paradigm is relatively new in Malaysia, it has been practiced widely in the West. This paper examines a certain approach whereby students learning wireless security are divided into and work in small and manageable groups where there will be 2 teams which consist of black hat and white hat teams. The former will try to find and expose vulnerabilities in a wireless network while the latter will try their best to prevent such attacks on their wireless networks using hardware, software, design and enforcement of security policy and etc. This paper will try to show that the approach taken plus the use of relevant and up to date software and hardware and with suitable environment setting will hopefully expose students to a more fruitful outcome in terms of understanding of concepts, theories and their motivation to learn.

Keywords: Curriculum approach, wireless networks, wirelesssecurity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1701
6345 Identification of Risks Associated with Process Automation Systems

Authors: J. K. Visser, H. T. Malan

Abstract:

A need exists to identify the sources of risks associated with the process automation systems within petrochemical companies or similar energy related industries. These companies use many different process automation technologies in its value chain. A crucial part of the process automation system is the information technology component featuring in the supervisory control layer. The ever-changing technology within the process automation layers and the rate at which it advances pose a risk to safe and predictable automation system performance. The age of the automation equipment also provides challenges to the operations and maintenance managers of the plant due to obsolescence and unavailability of spare parts. The main objective of this research was to determine the risk sources associated with the equipment that is part of the process automation systems. A secondary objective was to establish whether technology managers and technicians were aware of the risks and share the same viewpoint on the importance of the risks associated with automation systems. A conceptual model for risk sources of automation systems was formulated from models and frameworks in literature. This model comprised six categories of risk which forms the basis for identifying specific risks. This model was used to develop a questionnaire that was sent to 172 instrument technicians and technology managers in the company to obtain primary data. 75 completed and useful responses were received. These responses were analyzed statistically to determine the highest risk sources and to determine whether there was difference in opinion between technology managers and technicians. The most important risks that were revealed in this study are: 1) the lack of skilled technicians, 2) integration capability of third-party system software, 3) reliability of the process automation hardware, 4) excessive costs pertaining to performing maintenance and migrations on process automation systems, and 5) requirements of having third-party communication interfacing compatibility as well as real-time communication networks.

Keywords: Distributed control system, identification of risks, information technology, process automation system.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 965
6344 Moving towards Positive Security Model for Web Application Firewall

Authors: Asrul H. Yaacob, Nazrul M. Ahmad, Nurul N. Ahmad, Mardeni Roslee

Abstract:

The proliferation of web application and the pervasiveness of mobile technology make web-based attacks even more attractive and even easier to launch. Web Application Firewall (WAF) is an intermediate tool between web server and users that provides comprehensive protection for web application. WAF is a negative security model where the detection and prevention mechanisms are based on predefined or user-defined attack signatures and patterns. However, WAF alone is not adequate to offer best defensive system against web vulnerabilities that are increasing in number and complexity daily. This paper presents a methodology to automatically design a positive security based model which identifies and allows only legitimate web queries. The paper shows a true positive rate of more than 90% can be achieved.

Keywords: Intrusion Detection System, Positive Security Model, Web application Firewall

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2736
6343 Risk Assessment Results in Biogas Production from Agriculture Biomass

Authors: Sandija Zeverte-Rivza, Irina Pilvere, Baiba Rivza

Abstract:

The use of renewable energy sources incl. biogas has become topical in accordance with the increasing demand for energy, decrease of fossil energy resources and the efforts to reduce greenhouse gas emissions as well as to increase energy independence from the territories where fossil energy resources are available.

As the technologies of biogas production from agricultural biomass develop, risk assessment and risk management become necessary for farms producing such a renewable energy. The need for risk assessments has become particularly topical when discussions on changing the biogas policy in the EU take place, which may influence the development of the sector in the future, as well as the operation of existing biogas facilities and their income level.

The current article describes results of the risk assessment for farms producing biomass from agriculture biomass in Latvia, the risk assessment system included 24 risks, that affect the whole biogas production process and the obtained results showed the high significance of political and production risks.

Keywords: Biogas production, risks, risk assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3265
6342 Links between Landscape Management and Environmental Risk Assessment: Considerations from the Italian Context

Authors: M. Balestrieri, C. Pusceddu

Abstract:

Issues relating to the destructive phenomena that can damage people and goods have returned to the centre of debate in Italy with the increase in catastrophic episodes in recent years in a country which is highly vulnerable to hydrological risk. Environmental factors and geological and geomorphological territorial characteristics play an important role in determining the level of vulnerability and the natural tendency to risk. However, a territory has also been subjected to the requirements of and transformations of society and this brings other relevant factors. The reasons for the increase in destructive phenomena are often to be found in the territorial development models adopted. Stewardship of the landscape and management of risk are related issues. This study aims to summarize the most relevant elements about this connection and at the same time to clarify the role of environmental risk assessment as a tool to aid in the sustainable management of landscape. Finally, the study reflects on how regional and urban planners deal with environmental risk and which aspects should be monitored in order to adopt responsible and useful interventions.

Keywords: Assessment, landscape, risk, planning.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1827
6341 Spatial Distribution and Risk Assessment of As, Hg, Co and Cr in Kaveh Industrial City, using Geostatistic and GIS

Authors: Abbas Hani

Abstract:

The concentrations of As, Hg, Co, Cr and Cd were tested for each soil sample, and their spatial patterns were analyzed by the semivariogram approach of geostatistics and geographical information system technology. Multivariate statistic approaches (principal component analysis and cluster analysis) were used to identify heavy metal sources and their spatial pattern. Principal component analysis coupled with correlation between heavy metals showed that primary inputs of As, Hg and Cd were due to anthropogenic while, Co, and Cr were associated with pedogenic factors. Ordinary kriging was carried out to map the spatial patters of heavy metals. The high pollution sources evaluated was related with usage of urban and industrial wastewater. The results of this study helpful for risk assessment of environmental pollution for decision making for industrial adjustment and remedy soil pollution.

Keywords: Geographic Information system, Geostatistics, Kaveh, Multivariate Statistical Analysis.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1980
6340 Smart Grids Cyber Security Issues and Challenges

Authors: Imen Aouini, Lamia Ben Azzouz

Abstract:

The energy need is growing rapidly due to the population growth and the large new usage of power. Several works put considerable efforts to make the electricity grid more intelligent to reduce essentially energy consumption and provide efficiency and reliability of power systems. The Smart Grid is a complex architecture that covers critical devices and systems vulnerable to significant attacks. Hence, security is a crucial factor for the success and the wide deployment of Smart Grids. In this paper, we present security issues of the Smart Grid architecture and we highlight open issues that will make the Smart Grid security a challenging research area in the future.

Keywords: Smart grids, smart meters, home area network, neighbor area network.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3945
6339 Operational risks Classification for Information Systems with Service-Oriented Architecture (Including Loss Calculation Example)

Authors: Irina Pyrlina

Abstract:

This article presents the results of a study conducted to identify operational risks for information systems (IS) with service-oriented architecture (SOA). Analysis of current approaches to risk and system error classifications revealed that the system error classes were never used for SOA risk estimation. Additionally system error classes are not normallyexperimentally supported with realenterprise error data. Through the study several categories of various existing error classifications systems are applied and three new error categories with sub-categories are identified. As a part of operational risks a new error classification scheme is proposed for SOA applications. It is based on errors of real information systems which are service providers for application with service-oriented architecture. The proposed classification approach has been used to classify SOA system errors for two different enterprises (oil and gas industry, metal and mining industry). In addition we have conducted a research to identify possible losses from operational risks.

Keywords: Enterprise architecture, Error classification, Oil&Gas and Metal&Mining industries, Operational risks, Serviceoriented architecture

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1604
6338 Robust Minutiae Watermarking in Wavelet Domain for Fingerprint Security

Authors: Rajlaxmi Chouhan, Pritee Khanna

Abstract:

In this manuscript, a wavelet-based blind watermarking scheme has been proposed as a means to provide security to authenticity of a fingerprint. The information used for identification or verification of a fingerprint mainly lies in its minutiae. By robust watermarking of the minutiae in the fingerprint image itself, the useful information can be extracted accurately even if the fingerprint is severely degraded. The minutiae are converted in a binary watermark and embedding these watermarks in the detail regions increases the robustness of watermarking, at little to no additional impact on image quality. It has been experimentally shown that when the minutiae is embedded into wavelet detail coefficients of a fingerprint image in spread spectrum fashion using a pseudorandom sequence, the robustness is observed to have a proportional response while perceptual invisibility has an inversely proportional response to amplification factor “K". The DWT-based technique has been found to be very robust against noises, geometrical distortions filtering and JPEG compression attacks and is also found to give remarkably better performance than DCT-based technique in terms of correlation coefficient and number of erroneous minutiae.

Keywords: Fingerprint watermarking, minutiae, discrete wavelet transform, PN sequence

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2019
6337 Identifying Corruption in Legislation using Risk Analysis Methods

Authors: Chvalkovska, J., Jansky, P., Mejstrik, M.

Abstract:

The objective of this article is to discuss the potential of economic analysis as a tool for identification and evaluation of corruption in legislative acts. We propose that corruption be perceived as a risk variable within the legislative process. Therefore we find it appropriate to employ risk analysis methods, used in various fields of economics, for the evaluation of corruption in legislation. Furthermore we propose the incorporation of these methods into the so called corruption impact assessment (CIA), the general framework for detection of corruption in legislative acts. The applications of the risk analysis methods are demonstrated on examples of implementation of proposed CIA in the Czech Republic.

Keywords: corruption; corruption impact assessment (CIA); legislative; legislative process; risk analysis; Czech Republic

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2466
6336 Reasoning with Dynamic Domains and Computer Security

Authors: Yun Bai

Abstract:

Representing objects in a dynamic domain is essential in commonsense reasoning under some circumstances. Classical logics and their nonmonotonic consequences, however, are usually not able to deal with reasoning with dynamic domains due to the fact that every constant in the logical language denotes some existing object in the static domain. In this paper, we explore a logical formalization which allows us to represent nonexisting objects in commonsense reasoning. A formal system named N-theory is proposed for this purpose and its possible application in computer security is briefly discussed.

Keywords: knowledge representation and reasoning, commonsensereasoning, computer security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1443
6335 Debts and Debt-Based Sukuk Related to Risk Shifting Behavior

Authors: Siti Raihana Hamzah

Abstract:

This paper elaborates risk shifting in debt financing system as the ultimate cause of the global financial crisis. In contrast, risk sharing in equity financing like sukuk helps the economic system to be better sustained. Nevertheless, some types of sukuk are haunted by the issue of imitation with bonds. The critics on the imitation issue not only have raised doubt on the ability of sukuk to diminish risk shifting behavior but also the ability of this Islamic financial instrument to ensure better future financial stability. Through that, this paper provides discussion on the possibility of sukuk to induce risk shifting and how equity financing may help sukuk to be free from risk shifting. This paper is important in the sense that sukuk receives a significant demand from investors throughout the world. For this instrument to be supportive in the future economic stability, the issue of imitation needs to be identified and addressed. Furthermore, critics cannot be focused on debts and its ability to gauge the financial flux but also to sukuk due to their structures similarity.

Keywords: Global financial crisis, debt, risk-shifting, risk sharing, equity, sukuk, bonds.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2555
6334 A Modified AES Based Algorithm for Image Encryption

Authors: M. Zeghid, M. Machhout, L. Khriji, A. Baganne, R. Tourki

Abstract:

With the fast evolution of digital data exchange, security information becomes much important in data storage and transmission. Due to the increasing use of images in industrial process, it is essential to protect the confidential image data from unauthorized access. In this paper, we analyze the Advanced Encryption Standard (AES), and we add a key stream generator (A5/1, W7) to AES to ensure improving the encryption performance; mainly for images characterised by reduced entropy. The implementation of both techniques has been realized for experimental purposes. Detailed results in terms of security analysis and implementation are given. Comparative study with traditional encryption algorithms is shown the superiority of the modified algorithm.

Keywords: Cryptography, Encryption, Advanced EncryptionStandard (AES), ECB mode, statistical analysis, key streamgenerator.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 5058
6333 Dynamic Adaptability Using Reflexivity for Mobile Agent Protection

Authors: Salima Hacini, Haoua Cheribi, Zizette Boufaïda

Abstract:

The paradigm of mobile agent provides a promising technology for the development of distributed and open applications. However, one of the main obstacles to widespread adoption of the mobile agent paradigm seems to be security. This paper treats the security of the mobile agent against malicious host attacks. It describes generic mobile agent protection architecture. The proposed approach is based on the dynamic adaptability and adopts the reflexivity as a model of conception and implantation. In order to protect it against behaviour analysis attempts, the suggested approach supplies the mobile agent with a flexibility faculty allowing it to present an unexpected behaviour. Furthermore, some classical protective mechanisms are used to reinforce the level of security.

Keywords: Dynamic adaptability, malicious host, mobile agent security, reflexivity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1143
6332 FPGA Implementation of the BB84 Protocol

Authors: Jaouadi Ikram, Machhout Mohsen

Abstract:

The development of a quantum key distribution (QKD) system on a field-programmable gate array (FPGA) platform is the subject of this paper. A quantum cryptographic protocol is designed based on the properties of quantum information and the characteristics of FPGAs. The proposed protocol performs key extraction, reconciliation, error correction, and privacy amplification tasks to generate a perfectly secret final key. We modeled the presence of the spy in our system with a strategy to reveal some of the exchanged information without being noticed. Using an FPGA card with a 100 MHz clock frequency, we have demonstrated the evolution of the error rate as well as the amounts of mutual information (between the two interlocutors and that of the spy) passing from one step to another in the key generation process.

Keywords: QKD, BB84, protocol, cryptography, FPGA, key, security, communication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 859
6331 Proposal of Optimality Evaluation for Quantum Secure Communication Protocols by Taking the Average of the Main Protocol Parameters: Efficiency, Security and Practicality

Authors: Georgi Bebrov, Rozalina Dimova

Abstract:

In the field of quantum secure communication, there is no evaluation that characterizes quantum secure communication (QSC) protocols in a complete, general manner. The current paper addresses the problem concerning the lack of such an evaluation for QSC protocols by introducing an optimality evaluation, which is expressed as the average over the three main parameters of QSC protocols: efficiency, security, and practicality. For the efficiency evaluation, the common expression of this parameter is used, which incorporates all the classical and quantum resources (bits and qubits) utilized for transferring a certain amount of information (bits) in a secure manner. By using criteria approach whether or not certain criteria are met, an expression for the practicality evaluation is presented, which accounts for the complexity of the QSC practical realization. Based on the error rates that the common quantum attacks (Measurement and resend, Intercept and resend, probe attack, and entanglement swapping attack) induce, the security evaluation for a QSC protocol is proposed as the minimum function taken over the error rates of the mentioned quantum attacks. For the sake of clarity, an example is presented in order to show how the optimality is calculated.

Keywords: Quantum cryptography, quantum secure communcation, quantum secure direct communcation security, quantum secure direct communcation efficiency, quantum secure direct communcation practicality.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 972
6330 Key Issues and Challenges of Intrusion Detection and Prevention System: Developing Proactive Protection in Wireless Network Environment

Authors: M. Salman, B. Budiardjo, K. Ramli

Abstract:

Nowadays wireless technology plays an important role in public and personal communication. However, the growth of wireless networking has confused the traditional boundaries between trusted and untrusted networks. Wireless networks are subject to a variety of threats and attacks at present. An attacker has the ability to listen to all network traffic which becoming a potential intrusion. Intrusion of any kind may lead to a chaotic condition. In addition, improperly configured access points also contribute the risk to wireless network. To overcome this issue, a security solution that includes an intrusion detection and prevention system need to be implemented. In this paper, first the security drawbacks of wireless network will be analyzed then investigate the characteristics and also the limitations on current wireless intrusion detection and prevention system. Finally, the requirement of next wireless intrusion prevention system will be identified including some key issues which should be focused on in the future to overcomes those limitations.

Keywords: intrusion detection, intrusion prevention, wireless networks, proactive protection

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3938
6329 Small Businesses' Decision to have a Website Saudi Arabia Case Study

Authors: M. Al-hawari, H. AL–Yamani, B. Izwawa

Abstract:

Recognizing the increasing importance of using the Internet to conduct business, this paper looks at some related matters associated with small businesses making a decision of whether or not to have a Website and go online. Small businesses in Saudi Arabia struggle to have this decision. For organizations, to fully go online, conduct business and provide online information services, they need to connect their database to the Web. Some issues related to doing that might be beyond the capabilities of most small businesses in Saudi Arabia, such as Website management, technical issues and security concerns. Here we focus on a small business firm in Saudi Arabia (Case Study), discussing the issues related to going online decision and the firm's options of what to do and how to do it. The paper suggested some valuable solutions of connecting databases to the Web. It also discusses some of the important issues related to online information services and e-commerce, mainly Web hosting options and security issues.

Keywords: E-Commerce, Saudi Arabia, Small business, Webdatabase connection, Web hosting, World Wide Web (Web).

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1969
6328 Analysis of Food Security Situation among Nigerian Rural Farmers

Authors: Victoria A. Okwoche, Benjamin C. Asogwa

Abstract:

This paper analysed the food security situation among Nigerian rural farmers. Data collected on 202 rural farmers from Benue State were analysed using descriptive and inferential statistics. The study revealed that majority of the respondents (60.83%) had medium dietary diversity. Furthermore, household daily calorie requirement for the food secure households was 10,723 and the household daily calorie consumption was 12,598, with a surplus index of 0.04. The food security index was 1.16. The Household daily per capita calorie consumption was 3,221.2. For the food insecure households, the household daily calorie requirement was 20,213 and the household daily calorie consumption was 17,393. The shortfall index was 0.14. The food security index was 0.88. The Household daily per capita calorie consumption was 2,432.8. The most commonly used coping strategies during food stress included intercropping (99.2%), reliance on less preferred food (98.1%), limiting portion size at meal times (85.8%) and crop diversification (70.8%).

Keywords: Analysis, food security, rural areas, farmers, Nigeria.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2913
6327 Considerations of Public Key Infrastructure (PKI), Functioning as a Chain of Trust in Electronic Payments Systems

Authors: Theodosios Tsiakis, George Stephanides, George Pekos

Abstract:

The growth of open networks created the interest to commercialise it. The establishment of an electronic business mechanism must be accompanied by a digital – electronic payment system to transfer the value of transactions. Financial organizations are requested to offer a secure e-payment synthesis with equivalent level of security served in conventional paper-based payment transactions. PKI, which is functioning as a chain of trust in security architecture, can enable security services of cryptography to epayments, in order to take advantage of the wider base either of customer or of trading partners and the reduction of cost transaction achieved by the use of Internet channels. The paper addresses the possibilities and the implementation suggestions of PKI in relevance to electronic payments by suggesting a framework that should be followed.

Keywords: Electronic Payment, Security, Trust

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1423
6326 The Capacity Building in the Natural Disaster Management of Thailand

Authors: Eakarat Boonreang

Abstract:

The past two decades, Thailand faced the natural disasters, for instance, Gay typhoon in 1989, tsunami in 2004, and huge flood in 2011. The disaster management in Thailand was improved both structure and mechanism for cope with the natural disaster since 2007. However, the natural disaster management in Thailand has various problems, for examples, cooperation between related an organizations have not unity, inadequate resources, the natural disaster management of public sectors not proactive, people has not awareness the risk of the natural disaster, and communities did not participate in the natural disaster management. Objective of this study is to find the methods for capacity building in the natural disaster management of Thailand. The concept and information about the capacity building and the natural disaster management of Thailand were reviewed and analyzed by classifying and organizing data. The result found that the methods for capacity building in the natural disaster management of Thailand should be consist of 1) link operation and information in the natural disaster management between nation, province, local and community levels, 2) enhance competency and resources of public sectors which relate to the natural disaster management, 3) establish proactive natural disaster management both planning and implementation, 4) decentralize the natural disaster management to local government organizations, 5) construct public awareness in the natural disaster management to community, 6) support Community Based Disaster Risk Management (CBDRM) seriously, and 7) emphasis on participation in the natural disaster management of all stakeholders.

Keywords: Capacity Building, Community Based Disaster Risk Management, Natural Disaster Management, Thailand.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3246