Search results for: national security.

Authors: Ming Lun Wang, Yan Wang, Ning Ruo Sun

Abstract:

With the development of cloud computing, more and more users start to utilize the cloud storage service. However, there exist some issues: 1) cloud server steals the shared data, 2) sharers collude with the cloud server to steal the shared data, 3) cloud server tampers the shared data, 4) sharers and key generation center (KGC) conspire to steal the shared data. In this paper, we use advanced encryption standard (AES), hash algorithms, and accountable key-policy attribute-based encryption without key escrow (WOKE-AKP-ABE) to build a security cloud storage scheme. Moreover, the data are encrypted to protect the privacy. We use hash algorithms to prevent the cloud server from tampering the data uploaded to the cloud. Analysis results show that this scheme can resist conspired attacks.

Keywords: Cloud storage security, sharing storage, attributes, Hash algorithm.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1003

Authors: Souvik Bhattacharyya, Gautam Sanyal

Abstract:

Recent years have witnessed the rapid development of the Internet and telecommunication techniques. Information security is becoming more and more important. Applications such as covert communication, copyright protection, etc, stimulate the research of information hiding techniques. Traditionally, encryption is used to realize the communication security. However, important information is not protected once decoded. Steganography is the art and science of communicating in a way which hides the existence of the communication. Important information is firstly hidden in a host data, such as digital image, video or audio, etc, and then transmitted secretly to the receiver.In this paper a data hiding model with high security features combining both cryptography using finite state sequential machine and image based steganography technique for communicating information more securely between two locations is proposed. The authors incorporated the idea of secret key for authentication at both ends in order to achieve high level of security. Before the embedding operation the secret information has been encrypted with the help of finite-state sequential machine and segmented in different parts. The cover image is also segmented in different objects through normalized cut.Each part of the encoded secret information has been embedded with the help of a novel image steganographic method (PMM) on different cuts of the cover image to form different stego objects. Finally stego image is formed by combining different stego objects and transmit to the receiver side. At the receiving end different opposite processes should run to get the back the original secret message.

Keywords: Cover Image, Finite state sequential machine, Melaymachine, Pixel Mapping Method (PMM), Stego Image, NCUT.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2222

Authors: Pawel Sowa, Joachim Bargiel

Abstract:

This paper presents modern solutions of distributed generation in rural communities aiming at the improvement of energy and environmental security, as well as power supply reliability to important customers (e.g. health care, sensitive consumer required continuity). Distributed sources are mainly gas and biogas cogeneration units, as well as wind and photovoltaic sources. Some examples of their applications in a selected Silesian community are given.

Keywords: Energy security, power supply reliability, power engineering, mini energy centers.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1360

Authors: Shewit Tsegaye, Fekadu Shewarega

Abstract:

This paper presents a survey of articles, books and reports, which articulate the recent trends and aspects of Security Constrained Economic Dispatch (SCED). The period under consideration is 2008 through 2018. This is done to provide an up-to-date review of the recent major advancements in SCED, the state-of-the-art since 2008, identify further challenging developments needed in smarter grids, and indicate ways to address these challenges. This study consists of three areas of interest, which are very important and relevant for articulating the recent trends of SCED. These areas are: (i) SCED of power system with integrated renewable energy sources (IRES), (ii) SCED with post contingency corrective actions and (iii) Artificial intelligence based SCED.

Keywords: Security constrained economic dispatch, SCED of power system with IRES, SCED with post contingency corrective actions, artificial intelligence based SCED, IRES.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1020

Authors: Mihaela Munteanu (Pila), Silvius Stanciu

Abstract:

This paper presents the aspects of the official control of fishery in the Republic of Moldova. Currently, the regulations and the activity of national institutions with responsibilities in the field of food quality are in a process of harmonization with the European rules, aiming at European integration, quality improvement and providing a higher level of food safety. The National Agency for Food Safety is the main national body with responsibilities in the field of food safety. In the field of fishery products, the Agency carries out an intensive activity of informing the citizen and controlling the products marketed. The paper presents the dangers related to the consumption of fish and fishery products traded on the national market, the sanitary-veterinary inspections conducted by the profile institution and the improper situations identified. The national market of fishery products depends largely on imports, mainly focused on ocean fish. The research carried out has shown that during the period 2011-2018, following the inspections carried out on fishery products traded on the national market, a number of inconsistencies have been identified. Thus, indigenous products were frequently detected with sensory characteristics unfit for consumption, and being commercialized in inappropriate locations or contaminated with chemical pollutants. On import products controlled, the most frequent inconsistent situations have been represented by inconsistent sensory aspects and by parasite contamination. Taking into account the specific aspects of aquatic products, including the high level of alterability, special conditions of growth, marketing, culinary preparation and consumption are necessary in order to decrease the risk of disease over the population. Certificates, attestations and other documents certifying the quality of batches, completed by additional laboratory examinations, are necessary in order to increase the level of confidence on the quality of products marketed in the Republic. The implementation of various control procedures and mechanisms at national level, correlated with the focused activity of the specialized institutions, can decrease the risk of contamination and avoid cases of disease on the population due to the consumption of fishery products.

Keywords: Fishery products, food safety, insurance, inspection, Republic of Moldova.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 851

Authors: E. Cenderelli, E. Bruno, G. Iacoviello, A. Lazzini

Abstract:

The financial sector is exposed to the risk of cyber-attacks like any other industrial sector. Furthermore, the topic of CybeRisk (cyber risk) has become particularly relevant given that Information Technology (IT) attacks have increased drastically in recent years, and cannot be stopped by single organizations requiring a response at international and national level. IT risk is never a matter purely for the IT manager, although he clearly plays a key role. A bank's risk management function requires a thorough understanding of the evolving risks as well as the tools and practical techniques available to address them. Upon the request of European and national legislation regarding CybeRisk in the financial system, banks are therefore called upon to strengthen the operational model for CybeRisk management. This will require an important change with a more intense collaboration with the structures that deal with information security for the development of an ad hoc system for the evaluation and control of this type of risk. The aim of the work is to propose a framework for the management and control of CybeRisk that will bridge the gap in the literature regarding the understanding and consideration of CybeRisk as an integral part of business management. The IT function has a strong relevance in the management of CybeRisk, which is perceived mainly as operational risk, but with a positive tendency on the part of risk management to the identification of CybeRisk assessment methods that are increasingly complete, quantitative and able to better describe the possible impacts on the business. The paper provides answers to the research questions: Is it possible to define a CybeRisk governance structure able to support the comparison between risk and security? How can the relationships between IT assets be integrated into a cyberisk assessment framework to guarantee a system of protection and risks control? From a methodological point of view, this research uses a case study approach. The choice of “Monte dei Paschi di Siena” was determined by the specific features of one of Italy’s biggest lenders. It is chosen to use an intensive research strategy: an in-depth study of reality. The case study methodology is an empirical approach to explore a complex and current phenomenon that develops over time. The use of cases has also the advantage of allowing the deepening of aspects concerning the "how" and "why" of contemporary events, on which the scholar has little control. The research bases on quantitative data and qualitative information obtained through semi-structured interviews of an open-ended nature and questionnaires to directors, members of the audit committee, risk, IT and compliance managers, and those responsible for internal audit function and anti-money laundering. The added value of the paper can be seen in the development of a framework based on a mapping of IT assets from which it is possible to identify their relationships for purposes of a more effective management and control of cyber risk.

Keywords: Bank, CybeRisk, information technology, risk management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1371

Authors: Kati Kõrbe Kaare, Ott Koppel

Abstract:

Transport and logistics are the lifeblood of societies. There is a strong correlation between overall growth in economic activity and growth of transport. The movement of people and goods has the potential for creating wealth and prosperity, therefore the state of transportation infrastructure and especially the condition of road networks is often a governmental priority. The design, building and maintenance of national roads constitute a substantial share of government budgets. Taking into account the magnitude and importance of these investments, the expedience, efficiency and sustainability of these projects are of great public interest. This paper provides an overview of supply chain management principles applied to road construction. In addition, road construction performance measurement systems and ICT solutions are discussed. Road construction in Estonia is analyzed. The authors propose the development of a national performance measurement system for road construction.

Keywords: ICT in road construction, key performance indicators, quality performance measurement, road construction supply chain.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3689

Authors: Zh.Mingaleva, K.Balkova

Abstract:

Innovations and innovative activity get the increasing value for successful financial and economic activity of the countries and regions. The level of innovative sphere development determines place of a country or a region in world economy and forms a basis of steady economic growth. This article is devoted to different aspects of organization of the national economic safety in the conditions of innovative development, its problems, risks and threats. Economy can be considered as aspiring for transition to innovative way only with finding of economic safety: financial independence, power stability and technological progress. There are statistical indicators, defining the level of economic security and factors, threatening economic safety of the state. The research is based on the analysis of factors and indicators in conditions of innovative development. The paper is illustrated by the examples of possible estimated system of the economic safety level.

Keywords: Economic safety, innovative activity, innovative development, innovative economy

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1507

Authors: İsmet Öztürk, İbrahim Soğukpınar

Abstract:

With the fast progression of data exchange in electronic way, information security is becoming more important in data storage and transmission. Because of widely using images in industrial process, it is important to protect the confidential image data from unauthorized access. In this paper, we analyzed current image encryption algorithms and compression is added for two of them (Mirror-like image encryption and Visual Cryptography). Implementations of these two algorithms have been realized for experimental purposes. The results of analysis are given in this paper.

Keywords: image encryption, image cryptosystem, security, transmission

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4915

Authors: Hala A. Alrumaih

Abstract:

It is widely believed that mobile device is a promising technology for lending the opportunity for the third wave of electronic commerce. Mobile devices have changed the way companies do business. Many applications are under development or being incorporated into business processes. In this day, mobile applications are a vital component of any industry strategy.One of the greatest benefits of selling merchandise and providing services on a mobile application is that it widens a company’s customer base significantly.Mobile applications are accessible to interested customers across regional and international borders in different electronic business (e-business) area. But there is a dark side to this success story. The security risks associated with mobile devices and applications are very significant. This paper introduces a broad risk analysis for the various threats, vulnerabilities, and risks in mobile e-business applications and presents some important risk mitigation approaches. It reviews and compares two different frameworks for security assurance in mobile e-business applications. Based on the comparison, the paper suggests some recommendations for applications developers and business owners in mobile e-business application development process.

Keywords: E-business, Mobile Applications, Risk mitigations, Security assurance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2465

Authors: Jakub Kraus, Vladimír Plos, Peter Vittek

Abstract:

This article deals with a new approach to the airport emergency plans, which are the basic documents and manuals for dealing with events with impact on safety or security. The article describes the identified parts in which the current airport emergency plans do not fulfill their role and which should therefore be considered in the creation of corrective measures. All these issues have been identified at airports in the Czech Republic and confirmed at airports in neighboring countries.

Keywords: Airport emergency plan, aviation safety, aviation security, comprehensive management system.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2717

Authors: R. Chithra, B. Kalaavathi

Abstract:

E-Learning enables the users to learn at anywhere at any time. In E-Learning systems, authenticating the E-Learning user has security issues. The usage of appropriate communication networks for providing the internet connectivity for E-learning is another challenge. WiMAX networks provide Broadband Wireless Access through the Multicast Broadcast Service so these networks can be most suitable for E-Learning applications. The authentication of E-Learning user is vulnerable to session hijacking problems. The repeated authentication of users can be done to overcome these issues. In this paper, session based Profile Caching Authentication is proposed. In this scheme, the credentials of E-Learning users can be cached at authentication server during the initial authentication through the appropriate subscriber station. The proposed cache based authentication scheme performs fast authentication by using cached user profile. Thus, the proposed authentication protocol reduces the delay in repeated authentication to enhance the security in ELearning.

Keywords: Authentication, E-Learning, WiMAX, Security, Profile caching.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1534

Authors: Georgi Bebrov, Rozalina Dimova

Abstract:

In the field of quantum secure communication, there is no evaluation that characterizes quantum secure communication (QSC) protocols in a complete, general manner. The current paper addresses the problem concerning the lack of such an evaluation for QSC protocols by introducing an optimality evaluation, which is expressed as the average over the three main parameters of QSC protocols: efficiency, security, and practicality. For the efficiency evaluation, the common expression of this parameter is used, which incorporates all the classical and quantum resources (bits and qubits) utilized for transferring a certain amount of information (bits) in a secure manner. By using criteria approach whether or not certain criteria are met, an expression for the practicality evaluation is presented, which accounts for the complexity of the QSC practical realization. Based on the error rates that the common quantum attacks (Measurement and resend, Intercept and resend, probe attack, and entanglement swapping attack) induce, the security evaluation for a QSC protocol is proposed as the minimum function taken over the error rates of the mentioned quantum attacks. For the sake of clarity, an example is presented in order to show how the optimality is calculated.

Keywords: Quantum cryptography, quantum secure communcation, quantum secure direct communcation security, quantum secure direct communcation efficiency, quantum secure direct communcation practicality.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 914

Authors: Buse A. Ataç, Doğan K. Cenan, Arda Çetinkaya, Naz D. Şahin, Köksal Sanlı, Zeynep Koç, Akın Kısa

Abstract:

With its spatial data reliability, interpretation and questioning capabilities, Geographical Information Systems make significant contributions to scientists, planners and practitioners. Geographic information systems have received great attention in today's digital world, growing rapidly, and increasing the efficiency of use. Access to and use of current and accurate geographical data, which are the most important components of the Geographical Information System, has become a necessity rather than a need for sustainable and economic development. This project aims to enable sharing of data collected by public institutions and organizations on a web-based platform. Within the scope of the project, INSPIRE (Infrastructure for Spatial Information in the European Community) data specifications are considered as a road-map. In this context, Turkey's National Geographic Information System (TUCBS) Integration Project supports sharing spatial data within 61 pilot public institutions as complied with defined national standards. In this paper, which is prepared by the project team members in the TUCBS Integration Project, the technical process with a detailed methodology is explained. In this context, the main technical processes of the Project consist of Geographic Data Analysis, Geographic Data Harmonization (Standardization), Web Service Creation (WMS, WFS) and Metadata Creation-Publication. In this paper, the integration process carried out to provide the data produced by 61 institutions to be shared from the National Geographic Data Portal (GEOPORTAL), have been trying to be conveyed with a detailed methodology.

Keywords: Data specification, geoportal, GIS, INSPIRE, TUCBS, Turkey’s National Geographic Information System.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 639

Authors: M. Sarrab, H. Bourdoucen

Abstract:

Mobile applications are verified to check the correctness or evaluated to check the performance with respect to specific security properties such as Availability, Integrity and Confidentiality. Where they are made available to the end users of the mobile application is achievable only to a limited degree using software engineering static verification techniques. The more sensitive the information, such as credit card data, personal medical information or personal emails being processed by mobile application, the more important it is to ensure the confidentiality of this information. Monitoring untrusted mobile application during execution in an environment where sensitive information is present is difficult and unnerving. The paper addresses the issue of monitoring and controlling the flow of confidential information during untrusted mobile application execution. The approach concentrates on providing a dynamic and usable information security solution by interacting with the mobile users during the runtime of mobile application in response to information flow events.

Keywords: Mobile application, Run-time verification, Usable security, Direct information flow.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1924

Authors: Nameer N. EL-Emam

Abstract:

In this paper, we construct and implement a new Steganography algorithm based on learning system to hide a large amount of information into color BMP image. We have used adaptive image filtering and adaptive non-uniform image segmentation with bits replacement on the appropriate pixels. These pixels are selected randomly rather than sequentially by using new concept defined by main cases with sub cases for each byte in one pixel. According to the steps of design, we have been concluded 16 main cases with their sub cases that covere all aspects of the input information into color bitmap image. High security layers have been proposed through four layers of security to make it difficult to break the encryption of the input information and confuse steganalysis too. Learning system has been introduces at the fourth layer of security through neural network. This layer is used to increase the difficulties of the statistical attacks. Our results against statistical and visual attacks are discussed before and after using the learning system and we make comparison with the previous Steganography algorithm. We show that our algorithm can embed efficiently a large amount of information that has been reached to 75% of the image size (replace 18 bits for each pixel as a maximum) with high quality of the output.

Keywords: Adaptive image segmentation, hiding with high capacity, hiding with high security, neural networks, Steganography.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1955

Authors: Sri Lakshmi Kanniah, Mohd Naz’ri Mahrin

Abstract:

More and more businesses and services are depending on software to run their daily operations and business services. At the same time, cyber-attacks are becoming more covert and sophisticated, posing threats to software. Vulnerabilities exist in the software due to the lack of security practices during the phases of software development. Implementation of secure software development practices can improve the resistance to attacks. Many methods, models and standards for secure software development have been developed. However, despite the efforts, they still come up against difficulties in their deployment and the processes are not institutionalized. There is a set of factors that influence the successful deployment of secure software development processes. In this study, the methodology and results from a systematic literature review of factors influencing the implementation of secure software development practices is described. A total of 44 primary studies were analysed as a result of the systematic review. As a result of the study, a list of twenty factors has been identified. Some of factors that affect implementation of secure software development practices are: Involvement of the security expert, integration between security and development team, developer’s skill and expertise, development time and communication between stakeholders. The factors were further classified into four categories which are institutional context, people and action, project content and system development process. The results obtained show that it is important to take into account organizational, technical and people issues in order to implement secure software development initiatives.

Keywords: Secure software development, software development, software security, systematic literature review.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2428

Authors: K. Turhan, B. Kurt, E. Uzun

Abstract:

This paper describes Clinical Document Architecture Release Two (CDA R2) standard and a client application for messaging with SAĞLIK-NET project developed by The Ministry of Health of Turkey. CDA R2 , developed by Health Level 7 (HL7) organization and approved by American National Standards Institute (ANSI) in 2004, to standardize medical information to be able to share semantically and syntactically. In this study, a client application compatible with HL7 V3 for a project named SAĞLIKNET, aimed to build a National Health Information System by Turkey. Moreover, CDA conformance of this application will also be evaluated.

Keywords: HL7 V3, CDA, Interoperability, Web Service.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3595

Authors: Ekrem Aksoy, Nihat Adar, Selçuk Canbek

Abstract:

Ambient Computing or Ambient Intelligence (AmI) is emerging area in computer science aiming to create intelligently connected environments and Internet of Things. In this paper, we propose communication middleware architecture for AmI. This middleware architecture addresses problems of communication, networking, and abstraction of applications, although there are other aspects (e.g. HCI and Security) within general AmI framework. Within this middleware architecture, any application developer might address HCI and Security issues with extensibility features of this platform.

Keywords: AmI, ambient computing, middleware, distributedsystems, software-defined networking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1658

Authors: R. Bremananth

Abstract:

Biometric authentication is an essential task for any kind of real-life applications. In this paper, we contribute two primary paradigms to Iris recognition such as Robust Eyelash Detection (RED) using pathway kernels and hair curve fitting synthesized model. Based on these two paradigms, rotation invariant iris recognition is enhanced. In addition, the presented framework is tested with real-life iris data to provide the authentication for LRC (Learning Resource Center) users. Recognition performance is significantly improved based on the contributed schemes by evaluating real-life irises. Furthermore, the framework has been implemented using Java programming language. Experiments are performed based on 1250 diverse subjects in different angles of variations on the authentication process. The results revealed that the methodology can deploy in the process on LRC management system and other security required applications.

Keywords: Authentication, biometric, eye lashes detection, iris scanning, LRC security, secure access.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1001

Authors: Redha M. Elhuni

Abstract:

The critical key success factors, which have to be targeted with appropriate change management, are the user acceptance and support of a new Enterprise Resource Planning (ERP) system at the early implementation stages. This becomes even more important in Arab context where national and organisational culture with a different value and belief system, resulting in different management styles, might not complement with Western business culture embedded in the predefined standard business processes of existing ERP packages. This study explains and critically evaluates research into national and organizational culture and the influence of different national cultures on the implementation and reengineering process of ERP packages in an Arab context. Using a case study, realized through a quantitative survey testing five of Martinsons’s and Davison’s propositions in a Libyan sample company, confirmed the expected results from the literature review that culture has an impact on the implementation process and that employee empowerment is an unavoidable consequence of an ERP implementation.

Keywords: Enterprise resource planning, ERP systems, organisational culture, Arab context.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1558

Authors: M. Padmavathi, R. M. Suresh

Abstract:

Every machine plays roles of client and server simultaneously in a peer-to-peer (P2P) network. Though a P2P network has many advantages over traditional client-server models regarding efficiency and fault-tolerance, it also faces additional security threats. Users/IT administrators should be aware of risks from malicious code propagation, downloaded content legality, and P2P software’s vulnerabilities. Security and preventative measures are a must to protect networks from potential sensitive information leakage and security breaches. Bit Torrent is a popular and scalable P2P file distribution mechanism which successfully distributes large files quickly and efficiently without problems for origin server. Bit Torrent achieved excellent upload utilization according to measurement studies, but it also raised many questions as regards utilization in settings, than those measuring, fairness, and Bit Torrent’s mechanisms choice. This work proposed a block selection technique using Fuzzy ACO with optimal rules selected using ACO.

Keywords: Ant Colony Optimization (ACO), Bit Torrent, Download time, Peer-to-Peer (P2P) network, Performance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2538

Authors: N. Gopalakrishna Kini, Ranjana Paleppady, Akshata K. Naik

Abstract:

Password authentication is one of the widely used methods to achieve authentication for legal users of computers and defense against attackers. There are many different ways to authenticate users of a system and there are many password cracking methods also developed. This paper proposes how best password cracking can be performed on a CPU-GPGPU based system. The main objective of this work is to project how quickly a password can be cracked with some knowledge about the computer security and password cracking if sufficient security is not incorporated to the system.

Keywords: GPGPU, password cracking, secret key, user authentication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2578

Authors: Mabrouka Algherinai, Fatma Karkouri

Abstract:

Today, Short Message Service (SMS) is an important means of communication. SMS is not only used in informal environment for communication and transaction, but it is also used in formal environments such as institutions, organizations, companies, and business world as a tool for communication and transactions. Therefore, there is a need to secure the information that is being transmitted through this medium to ensure security of information both in transit and at rest. But, encryption has been identified as a means to provide security to SMS messages in transit and at rest. Several past researches have proposed and developed several encryption algorithms for SMS and Information Security. This research aims at comparing the performance of common Asymmetric encryption algorithms on SMS security. The research employs the use of three algorithms, namely RSA, McEliece, and RABIN. Several experiments were performed on SMS of various sizes on android mobile device. The experimental results show that each of the three techniques has different key generation, encryption, and decryption times. The efficiency of an algorithm is determined by the time that it takes for encryption, decryption, and key generation. The best algorithm can be chosen based on the least time required for encryption. The obtained results show the least time when McEliece size 4096 is used. RABIN size 4096 gives most time for encryption and so it is the least effective algorithm when considering encryption. Also, the research shows that McEliece size 2048 has the least time for key generation, and hence, it is the best algorithm as relating to key generation. The result of the algorithms also shows that RSA size 1024 is the most preferable algorithm in terms of decryption as it gives the least time for decryption.

Keywords: SMS, RSA, McEliece, RABIN.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 639

Authors: A. Evans, M. McKinley

Abstract:

Knowledge management (KM) is generally considered to be a positive process in an organisation, facilitating opportunities to achieve competitive advantage via better quality information handling, compilation of expert know-how and rapid response to fluctuations in the business environment. The KM paradigm as portrayed in the literature informs the processes that can increase intangible assets so that corporate knowledge is preserved. However, in some instances, knowledge management exists in a universe of dynamic tension among the conflicting needs to respect privacy and intellectual property (IP), to guard against data theft, to protect national security and to stay within the laws. While the Knowledge Management literature focuses on the bright side of the paradigm, there is also a different side in which knowledge is distorted, suppressed or misappropriated due to personal or organisational motives (the paradox). This paper describes the ethical paradoxes that occur within the taxonomy and deontology of knowledge management and suggests that recognising both the promises and pitfalls of KM requires wisdom.

Keywords: business ethics, data, knowledge, knowledgemanagement, privacy, protection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2131

Authors: Kai-Thorsten Wirt

Abstract:

In this paper we present the design of a new encryption scheme. The scheme we propose is a very exible encryption and authentication primitive. We build this scheme on two relatively new design principles: t-functions and fast pseudo hadamard transforms. We recapitulate the theory behind these principles and analyze their security properties and efficiency. In more detail we propose a streamcipher which outputs a message authentication tag along with theencrypted data stream with only little overhead. Moreover we proposesecurity-speed tradeoffs. Our scheme is faster than other comparablet-function based designs while offering the same security level.

Keywords: Cryptography, Combined Primitives, Stream Cipher, MAC, T-Function, FPHT.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1897

Authors: Ismail Bile Hassan, Masrah Azrifah Azmi Murad

Abstract:

This study discovers a novel framework of individual level technology adoption known as I-P (Individual- Privacy) towards health information application in Smart National Identity Card. Many countries introduced smart national identity card (SNIC) with various applications such as health information application embedded inside it. However, the degree to which citizens accept and use some of the embedded applications in smart national identity remains unknown to many governments and application providers as well. Moreover, the factors of trust, perceived risk, Privacy concern and perceived credibility need to be incorporated into more comprehensive models such as extended Unified Theory of Acceptance and Use of Technology known as UTAUT2. UTAUT2 is a mainly widespread and leading theory up to now. This research identifies factors affecting the citizens’ behavioural intention to use health information application embedded in SNIC and extends better understanding on the relevant factors that the government and the application providers would need to consider in predicting citizens’ new technology acceptance in the future. We propose a conceptual framework by combining the UTAUT2 and Privacy Calculus Model constructs and also adding perceived credibility as a new variable. The proposed framework may provide assistance to any government planning, decision, and policy makers involving e-government projects. Empirical study may be conducted in the future to provide proof and empirically validate this I-P framework.

Keywords: Unified Theory of Acceptance and Use of Technology (UTAUT) model, UTAUT2 model, Smart National Identity Card (SNIC), Health information application, Privacy Calculus Model (PCM).

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2972

Authors: Kitty Kioskli, Nineta Polemi

Abstract:

Evaluating the levels of cyber-security risks within an enterprise is most important in protecting its information system, services and all its digital assets against security incidents (e.g. accidents, malicious acts, massive cyber-attacks). The existing risk assessment methodologies (e.g. eBIOS, OCTAVE, CRAMM, NIST-800) adopt a technical approach considering as attack factors only the capability, intention and target of the attacker, and not paying attention to the attacker’s psychological profile and personality traits. In this paper, a socio-technical approach is proposed in cyber risk assessment, in order to achieve more realistic risk estimates by considering the personality traits of the attackers. In particular, based upon principles from investigative psychology and behavioural science, a multi-dimensional, extended, quantifiable model for an attacker’s profile is developed, which becomes an additional factor in the cyber risk level calculation.

Keywords: Attacker, behavioural models, cyber risk assessment, cyber-security, human factors, investigative psychology, ISO27001, ISO27005.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 908

Authors: Mohd Zulhilmi Suhaimi, Mohd Salehuddin Mohd Zahari

Abstract:

Common acceptable cuisine usually discussed in the multicultural/ethnic nation as it represents the process of sharing it among the ethnic groups. The common acceptable cuisine is also considered as a precursor in the process of constructing the national food identity within ethnic groups in the multicultural countries. The adaptation of certain ethnic cuisines through its types of food, methods of cooking, ingredients and eating decorum by ethnic groups is believed creating or enhancing the process of formation on common acceptable cuisines in a multicultural country. Malaysia as the multicultural country without doubt is continuing to experience cross-culturing processes among the ethnic groups including cuisine. This study empirically investigates the adaptation level of Malay, Chinese and Indian chefs on each other ethnic cuisine attributes toward the formation on common acceptable cuisines and national food identity.

Keywords: Common acceptable cuisine, adaptation, ethnic, food, identity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3024

Authors: Brenden M. Shutt, Lubjana Beshaj, Paul L. Goethals, Ambrose Kam

Abstract:

Communication security is of particular interest to military data networks. A relatively novel approach to network security is blockchain, a cryptographically secured distribution ledger with a decentralized consensus mechanism for data transaction processing. Recent advances in blockchain technology have proposed new techniques for both data validation and trust management, as well as different frameworks for managing dataflow. The purpose of this work is to test the feasibility of different blockchain architectures as applied to military command and control networks. Various architectures are tested through discrete-event simulation and the feasibility is determined based upon a blockchain design’s ability to maintain long-term stable performance at industry standards of throughput, network latency, and security. This work proposes a consortium blockchain architecture with a computationally inexpensive consensus mechanism, one that leverages a Proof-of-Identity (PoI) concept and a reputation management mechanism.

Keywords: Blockchain, command & control network, discrete-event simulation, reputation management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 784