Search results for: security assessment.

Authors: Sri Lakshmi Kanniah, Mohd Naz’ri Mahrin

Abstract:

More and more businesses and services are depending on software to run their daily operations and business services. At the same time, cyber-attacks are becoming more covert and sophisticated, posing threats to software. Vulnerabilities exist in the software due to the lack of security practices during the phases of software development. Implementation of secure software development practices can improve the resistance to attacks. Many methods, models and standards for secure software development have been developed. However, despite the efforts, they still come up against difficulties in their deployment and the processes are not institutionalized. There is a set of factors that influence the successful deployment of secure software development processes. In this study, the methodology and results from a systematic literature review of factors influencing the implementation of secure software development practices is described. A total of 44 primary studies were analysed as a result of the systematic review. As a result of the study, a list of twenty factors has been identified. Some of factors that affect implementation of secure software development practices are: Involvement of the security expert, integration between security and development team, developer’s skill and expertise, development time and communication between stakeholders. The factors were further classified into four categories which are institutional context, people and action, project content and system development process. The results obtained show that it is important to take into account organizational, technical and people issues in order to implement secure software development initiatives.

Keywords: Secure software development, software development, software security, systematic literature review.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2493

Authors: Mehtap Dursun, Zeynep Şener

Abstract:

Supplier selection is considered as one of the most critical issues encountered by operations and purchasing managers to sharpen the company’s competitive advantage. In this paper, a novel fuzzy multi-criteria group decision making approach integrating quality function deployment (QFD) and decision making trial and evaluation laboratory (DEMATEL) method is proposed for supplier selection. The proposed methodology enables to consider the impacts of inner dependence among supplier assessment criteria. A house of quality (HOQ) which translates purchased product features into supplier assessment criteria is built using the weights obtained by DEMATEL approach to determine the desired levels of supplier assessment criteria. Supplier alternatives are ranked by a distance-based method.

Keywords: DEMATEL, Group decision making, QFD, Supplier selection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2823

Authors: Ehsan Bashiri

Abstract:

A 7-step method (with 25 sub-steps) to assess risk of air pollutants is introduced. These steps are: pre-considerations, sampling, statistical analysis, exposure matrix and likelihood, doseresponse matrix and likelihood, total risk evaluation, and discussion of findings. All mentioned words and expressions are wellunderstood; however, almost all steps have been modified, improved, and coupled in such a way that a comprehensive method has been prepared. Accordingly, the SADRA (Statistical Analysis-Driven Risk Assessment) emphasizes extensive and ongoing application of analytical statistics in traditional risk assessment models. A Sulfur Dioxide case study validates the claim and provides a good illustration for this method.

Keywords: Criteria air pollutants, Matrix of risk, Riskassessment, Statistical analysis.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1706

Authors: Ekrem Aksoy, Nihat Adar, Selçuk Canbek

Abstract:

Ambient Computing or Ambient Intelligence (AmI) is emerging area in computer science aiming to create intelligently connected environments and Internet of Things. In this paper, we propose communication middleware architecture for AmI. This middleware architecture addresses problems of communication, networking, and abstraction of applications, although there are other aspects (e.g. HCI and Security) within general AmI framework. Within this middleware architecture, any application developer might address HCI and Security issues with extensibility features of this platform.

Keywords: AmI, ambient computing, middleware, distributedsystems, software-defined networking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1695

Authors: R. Bremananth

Abstract:

Biometric authentication is an essential task for any kind of real-life applications. In this paper, we contribute two primary paradigms to Iris recognition such as Robust Eyelash Detection (RED) using pathway kernels and hair curve fitting synthesized model. Based on these two paradigms, rotation invariant iris recognition is enhanced. In addition, the presented framework is tested with real-life iris data to provide the authentication for LRC (Learning Resource Center) users. Recognition performance is significantly improved based on the contributed schemes by evaluating real-life irises. Furthermore, the framework has been implemented using Java programming language. Experiments are performed based on 1250 diverse subjects in different angles of variations on the authentication process. The results revealed that the methodology can deploy in the process on LRC management system and other security required applications.

Keywords: Authentication, biometric, eye lashes detection, iris scanning, LRC security, secure access.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1035

Authors: M. Padmavathi, R. M. Suresh

Abstract:

Every machine plays roles of client and server simultaneously in a peer-to-peer (P2P) network. Though a P2P network has many advantages over traditional client-server models regarding efficiency and fault-tolerance, it also faces additional security threats. Users/IT administrators should be aware of risks from malicious code propagation, downloaded content legality, and P2P software’s vulnerabilities. Security and preventative measures are a must to protect networks from potential sensitive information leakage and security breaches. Bit Torrent is a popular and scalable P2P file distribution mechanism which successfully distributes large files quickly and efficiently without problems for origin server. Bit Torrent achieved excellent upload utilization according to measurement studies, but it also raised many questions as regards utilization in settings, than those measuring, fairness, and Bit Torrent’s mechanisms choice. This work proposed a block selection technique using Fuzzy ACO with optimal rules selected using ACO.

Keywords: Ant Colony Optimization (ACO), Bit Torrent, Download time, Peer-to-Peer (P2P) network, Performance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2587

Authors: N. Gopalakrishna Kini, Ranjana Paleppady, Akshata K. Naik

Abstract:

Password authentication is one of the widely used methods to achieve authentication for legal users of computers and defense against attackers. There are many different ways to authenticate users of a system and there are many password cracking methods also developed. This paper proposes how best password cracking can be performed on a CPU-GPGPU based system. The main objective of this work is to project how quickly a password can be cracked with some knowledge about the computer security and password cracking if sufficient security is not incorporated to the system.

Keywords: GPGPU, password cracking, secret key, user authentication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2624

Authors: Adam Gorine, Faten Spondon

Abstract:

Python is considered the most popular programming language and offers its own ecosystem for archiving and maintaining open-source software packages. This system is called the Python Package Index (PyPI), the repository of this programming language. Unfortunately, one-third of these software packages have vulnerabilities that allow attackers to execute code automatically when a vulnerable or malicious package is installed. This paper contributes to large-scale empirical studies investigating security issues in the Python ecosystem by evaluating package vulnerabilities. These provide a series of implications that can help the security of software ecosystems by improving the process of discovering, fixing, and managing package vulnerabilities. The vulnerable dataset is generated using the NVD, the National Vulnerability Database, and the Snyk vulnerability dataset. In addition, we evaluated 807 vulnerability reports in the NVD and 3900 publicly known security vulnerabilities in Python Package Manager (Pip) from the Snyk database from 2002 to 2022. As a result, many Python vulnerabilities appear in high severity, followed by medium severity. The most problematic areas have been improper input validation and denial of service attacks. A hybrid scanning tool that combines the three scanners, Bandit, Snyk and Dlint, which provide a clear report of the code vulnerability, is also described.

Keywords: Python vulnerabilities, Bandit, Snyk, Dlint, Python Package Index, ecosystem, static analysis, malicious attacks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 240

Authors: Nabil El Kadhi, Minerva M. Bunagan

Abstract:

The dynamism in education, particularly in the area of teaching, learning and assessment has caused Higher Education Institutions (HEIs) worldwide to seek for ways to continuously improve their educational processes. HEIs use outcomes of institutional audits, assessments and accreditations, for improvement. In this study, the published institutional audit reports of HEIs in the Sultanate of Oman were analyzed to produce features of good practice; identify challenges along Teaching, Learning Assessment (TLA); and propose a framework that puts major emphasis in having a quality-assured TLA, including a set of principles that can be used as basis in succeeding an institutional visit. The TLA framework, which shows the TLA components, characteristics of the components, related expectation, including implementation tool/ strategy and pitfalls can be used by HEIs to have an adequate understanding of the scope of audit and be able to satisfy institutional audit requirements. The scope of this study can be widened by exploring the other requirements of the Institutional Audits in the Sultanate of Oman, particularly the area on Governance and Management and Student Support Services.

Keywords: Accreditation, audit, quality assurance, teaching, learning and assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1477

Authors: Mabrouka Algherinai, Fatma Karkouri

Abstract:

Today, Short Message Service (SMS) is an important means of communication. SMS is not only used in informal environment for communication and transaction, but it is also used in formal environments such as institutions, organizations, companies, and business world as a tool for communication and transactions. Therefore, there is a need to secure the information that is being transmitted through this medium to ensure security of information both in transit and at rest. But, encryption has been identified as a means to provide security to SMS messages in transit and at rest. Several past researches have proposed and developed several encryption algorithms for SMS and Information Security. This research aims at comparing the performance of common Asymmetric encryption algorithms on SMS security. The research employs the use of three algorithms, namely RSA, McEliece, and RABIN. Several experiments were performed on SMS of various sizes on android mobile device. The experimental results show that each of the three techniques has different key generation, encryption, and decryption times. The efficiency of an algorithm is determined by the time that it takes for encryption, decryption, and key generation. The best algorithm can be chosen based on the least time required for encryption. The obtained results show the least time when McEliece size 4096 is used. RABIN size 4096 gives most time for encryption and so it is the least effective algorithm when considering encryption. Also, the research shows that McEliece size 2048 has the least time for key generation, and hence, it is the best algorithm as relating to key generation. The result of the algorithms also shows that RSA size 1024 is the most preferable algorithm in terms of decryption as it gives the least time for decryption.

Keywords: SMS, RSA, McEliece, RABIN.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 687

Authors: Morakot Worachairungreung

Abstract:

The objectives of the research are to study patterns of fire location distribution and develop techniques of Geographic Information System application in fire risk assessment for fire planning and management. Fire risk assessment was based on two factors: the vulnerability factor such as building material types, building height, building density and capacity for mitigation factor such as accessibility by road, distance to fire station, distance to hydrants and it was obtained from four groups of stakeholders including firemen, city planners, local government officers and local residents. Factors obtained from all stakeholders were converted into Raster data of GIS and then were superimposed on the data in order to prepare fire risk map of the area showing level of fire risk ranging from high to low. The level of fire risk was obtained from weighted mean of each factor based on the stakeholders. Weighted mean for each factor was obtained by Analytical Hierarchy Analysis.

Keywords: Fire Risk Assessment, Geographic Information System: GIS, Raster Analysis and Analytical Hierarchy Analysis.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2207

Authors: Kai-Thorsten Wirt

Abstract:

In this paper we present the design of a new encryption scheme. The scheme we propose is a very exible encryption and authentication primitive. We build this scheme on two relatively new design principles: t-functions and fast pseudo hadamard transforms. We recapitulate the theory behind these principles and analyze their security properties and efficiency. In more detail we propose a streamcipher which outputs a message authentication tag along with theencrypted data stream with only little overhead. Moreover we proposesecurity-speed tradeoffs. Our scheme is faster than other comparablet-function based designs while offering the same security level.

Keywords: Cryptography, Combined Primitives, Stream Cipher, MAC, T-Function, FPHT.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1936

Authors: A. S. Telang, P. P. Bedekar

Abstract:

In today’s world, electrical energy has become an indispensable component of all aspects of modern human life. Reliability, security and stability are the key aspects of any power system. Failure to meet any of these three aspects results into a great impediment to modern life. Modern power systems are being subjected to heavily stressed conditions leading to voltage stability problems. If the voltage stability problems are not mitigated properly through proper voltage stability assessment methods, cascading events may occur which may lead to voltage collapse or blackout events. Modern FACTS devices like STATCOM are one of the measures to overcome the blackout problems. As these devices are very costly, they must be installed properly at suitable locations, mostly at weak bus. Line voltage stability indices such as FVSI, Lmn and LQP play important role for identification of a weak bus. This paper presents evaluation of these line stability indices for the assessment of reliable information about the closeness of the power system to voltage collapse. PSAT is a user-friendly MATLAB toolbox, of which CPF is an important feature which has been extensively used for the placement of STATCOM to assess the stability. Novelty of the present research work lies in that the active and reactive load has been changed simultaneously at all the load buses under consideration. MATLAB code has been developed for the same and tested successfully on various standard IEEE test systems. The results for standard IEEE14 bus test system, specifically, are presented in this paper.

Keywords: Voltage stability analysis, voltage collapse, PSAT, CPF, VSI, FVSI, Lmn, LQP.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1783

Authors: Maria Grazia Albanesi, Riccardo Amadeo

Abstract:

This study presents a new model of the human image quality assessment process: the aim is to highlightthe foundations of the image quality metrics proposed in literature, by identifyingthe cognitive/physiological or mathematical principles of their development and the relation with the actual human quality assessment process. The model allows to createa novel categorization of objective and subjective image quality metrics. Our work includes an overview of the most used or effectiveobjective metrics in literature, and, for each of them, we underline its main characteristics, with reference to the rationale of the proposed model and categorization. From the results of this operation, we underline a problem that affects all the presented metrics: the fact that many aspects of human biasesare not taken in account at all. We then propose a possible methodology to address this issue.

Keywords: Eye-Tracking, image quality assessment metric, MOS, quality of user experience, visual perception.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2448

Authors: Samson Davoyan, Tatevik Sahakyan

Abstract:

The purpose of this report is to suggest a new methodology for the assessment of the comparative efficiency of the reforms made in different countries by an integral index. We have highlighted the reforms made in post-crisis period in 21 former socialist countries. The integral index describes the social-economic development level. The integral index contains of six indexes: The Global Competitiveness Index, Doing Business, The Corruption Perception, The Index of Economic Freedom, The Human Development, and The Democracy Index, which are reported by different international organizations. With the help of our methodology we first summarized the above-mentioned 6 indexes and attained 1 general index, besides, our new method enables us to assess the comparative efficiency of the reforms made in different countries by analyzing them. The purpose is to reveal the opportunities and threats of socialeconomic reforms in different directions.

Keywords: Assessment, comparative, effectiveness, reforms

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1435

Authors: Brenden M. Shutt, Lubjana Beshaj, Paul L. Goethals, Ambrose Kam

Abstract:

Communication security is of particular interest to military data networks. A relatively novel approach to network security is blockchain, a cryptographically secured distribution ledger with a decentralized consensus mechanism for data transaction processing. Recent advances in blockchain technology have proposed new techniques for both data validation and trust management, as well as different frameworks for managing dataflow. The purpose of this work is to test the feasibility of different blockchain architectures as applied to military command and control networks. Various architectures are tested through discrete-event simulation and the feasibility is determined based upon a blockchain design’s ability to maintain long-term stable performance at industry standards of throughput, network latency, and security. This work proposes a consortium blockchain architecture with a computationally inexpensive consensus mechanism, one that leverages a Proof-of-Identity (PoI) concept and a reputation management mechanism.

Keywords: Blockchain, command & control network, discrete-event simulation, reputation management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 847

Authors: Claude Takenga, Rolf-Dietrich Berndt, Erling Si, Markus Diem, Guohui Qiao, Melanie Gau, Michael Brandstoetter, Martin Kampel, Michael Dworzak

Abstract:

In patients with acute lymphoblastic leukaemia (ALL), treatment response is increasingly evaluated with minimal residual disease (MRD) analyses. Flow Cytometry (FCM) is a fast and sensitive method to detect MRD. However, the interpretation of these multi-parametric data requires intensive operator training and experience. This paper presents a pipeline-software, as a ready-to-use FCM-based MRD-assessment tool for the daily clinical practice for patients with ALL. The new tool increases accuracy in assessment of FCM-MRD in samples which are difficult to analyse by conventional operator-based gating since computer-aided analysis potentially has a superior resolution due to utilization of the whole multi-parametric FCM-data space at once instead of step-wise, two-dimensional plot-based visualization. The system developed as a telemedical network reduces the work-load and lab-costs, staff-time needed for training, continuous quality control, operator-based data interpretation. It allows dissemination of automated FCM-MRD analysis to medical centres which have no established expertise for the benefit of an even larger community of diseased children worldwide. We established a telemedical network system for analysis and clinical follow-up and treatment monitoring of Leukaemia. The system is scalable and adapted to link several centres and laboratories worldwide.

Keywords: Data security, flow cytometry, leukaemia, telematics platform, telemedicine.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1568

Authors: H. Gholami, M. Jalali Azizpour

Abstract:

Stress Corrosion Crack (SCC) in pipeline is a type of environmentally assisted cracking (EAC), since its discovery in 1965 as a possible cause of failure in pipeline, SCC has caused, on average, one of two failures per year in the U.S, According to the NACE SCC DA a pipe line segment is considered susceptible to SCC if all of the following factors are met: The operating stress exceeds 60% of specified minimum yield strength (SMYS), the operating temperature exceeds 38°C, the segment is less than 32 km downstream from a compressor station, the age of the pipeline is greater than 10 years and the coating type is other than Fusion Bonded Epoxy(FBE). In this paper as a practical experience in NISOC, Direct Assessment (DA) Method is used for identification SCC defect in unpiggable pipeline located downstream of compressor station.

Keywords: Stress Corrosion Crack, Direct Assessment, Disbondment, Transgranular SCC, Compressor Station.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2914

Authors: Supachai Tangwongsan, Sathaporn Kassuvan

Abstract:

The purpose of this research is to develop a security model for voice eavesdropping protection over digital networks. The proposed model provides an encryption scheme and a personal secret key exchange between communicating parties, a so-called voice data transformation system, resulting in a real-privacy conversation. The operation of this system comprises two main steps as follows: The first one is the personal secret key exchange for using the keys in the data encryption process during conversation. The key owner could freely make his/her choice in key selection, so it is recommended that one should exchange a different key for a different conversational party, and record the key for each case into the memory provided in the client device. The next step is to set and record another personal option of encryption, either taking all frames or just partial frames, so-called the figure of 1:M. Using different personal secret keys and different sets of 1:M to different parties without the intervention of the service operator, would result in posing quite a big problem for any eavesdroppers who attempt to discover the key used during the conversation, especially in a short period of time. Thus, it is quite safe and effective to protect the case of voice eavesdropping. The results of the implementation indicate that the system can perform its function accurately as designed. In this regard, the proposed system is suitable for effective use in voice eavesdropping protection over digital networks, without any requirements to change presently existing network systems, mobile phone network and VoIP, for instance.

Keywords: Computer Security, Encryption, Key Exchange, Security Model, Voice Eavesdropping.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1581

Authors: Yun Bai

Abstract:

As a security mechanism, authorization is to provide access control to the system resources according to the polices and rules specified by the security strategies. Either by update or in the initial specification, conflicts in authorization is an issue needs to be solved. In this paper, we propose a new approach to solve conflict by using prioritized logic programs and discuss the uniqueness of its answer set. Addressing conflict resolution from logic programming viewpoint and the uniqueness analysis of the answer set provide a novel, efficient approach for authorization conflict resolution.

Keywords: authorization, formal specification, conflict resolution, prioritized logic program.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1525

Authors: David Ruiz, Carlos Nava, Roberto Carbajal

Abstract:

The psychological profile has become one of the most important sources of information when it comes to individual selection and the hiring process in any organization. Psychological instruments are used to collect data about variables that are considered critically important for performance in work. However, because of conceptual chaos in organizational psychology, most of the information provided by psychological testing is not directly useful for Mexican human resources professionals to take hiring decisions. The aims of this paper are 1) to underline the lack of conceptual precision in theoretical testing foundations in Mexico and 2) presenting a reliability and validity analysis of a frustration tolerance instrument created as an alternative to a heuristically conduct individual assessment in organizations. First, a description of assessment conditions in Mexico is made. Second, an instrument and a theoretical framework is presented as an alternative to the assessment practices in the country. A total of 65 Psychology Iztacala Superior Studies Faculty students were assessed. Cronbach´s alpha coefficient was calculated and an exploratory factor analysis was carried out to prove the scale unidimensionality. Reliability analysis revealed good internal consistency of the scale (Cronbach’s α = 0.825). Factor analysis produced 4 factors for the scale. However, factor loadings and explained variation give proof to the scale unidimensionality. It is concluded that the instrument has good psychometric properties that will allow human resources professionals to collect useful data. Different possibilities to conduct psychological assessment are suggested for future development.

Keywords: Psychological assessment, frustration tolerance, human resources, organizational psychology.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1919

Authors: A. Fathianpour, M. B. Jelodar, S. Wilkinson

Abstract:

This paper outlines the approaches taken to assess multi-hazard assessments. There is currently confusion in assessing multi-hazard impacts, and so this study aims to determine which of the available options are the most useful. The paper uses an international literature search, and analysis of current multi-hazard assessments and a case study to illustrate the effectiveness of the chosen method. Findings from this study will help those wanting to assess multi-hazards to undertake a straightforward approach. The paper is significant as it helps to interpret the various approaches and concludes with the preferred method. Many people in the world live in hazardous environments and are susceptible to disasters. Unfortunately, when a disaster strikes it is often compounded by additional cascading hazards, thus people would confront more than one hazard simultaneously. Hazards include natural hazards (earthquakes, floods, etc.) or cascading human-made hazards (for example, Natural Hazard Triggering Technological disasters (Natech) such as fire, explosion, toxic release). Multi-hazards have a more destructive impact on urban areas than one hazard alone. In addition, climate change is creating links between different disasters such as causing landslide dams and debris flows leading to more destructive incidents. Much of the prevailing literature deals with only one hazard at a time. However, recently sophisticated multi-hazard assessments have started to appear. Given that multi-hazards occur, it is essential to take multi-hazard risk assessment under consideration. This paper aims to review the multi-hazard assessment methods through articles published to date and categorize the strengths and disadvantages of using these methods in risk assessment. Napier City is selected as a case study to demonstrate the necessity of using multi-hazard risk assessments. In order to assess multi-hazard risk assessments, first, the current multi-hazard risk assessment methods were described. Next, the drawbacks of these multi-hazard risk assessments were outlined. Finally, the improvements to current multi-hazard risk assessments to date were summarised. Generally, the main problem of multi-hazard risk assessment is to make a valid assumption of risk from the interactions of different hazards. Currently, risk assessment studies have started to assess multi-hazard situations, but drawbacks such as uncertainty and lack of data show the necessity for more precise risk assessment. It should be noted that ignoring or partial considering multi-hazards in risk assessment will lead to an overestimate or overlook in resilient and recovery action managements.

Keywords: Cascading hazards, multi-hazard, risk assessment, risk reduction.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1094

Authors: Md. Asraful Haque, Babbar Imam

Abstract:

Information Security is the most describing problem in present times. To cop up with the security of the information, the passwords were introduced. The alphanumeric passwords are the most popular authentication method and still used up to now. However, text based passwords suffer from various drawbacks such as they are easy to crack through dictionary attacks, brute force attacks, keylogger, social engineering etc. Graphical Password is a good replacement for text password. Psychological studies say that human can remember pictures better than text. So this is the fact that graphical passwords are easy to remember. But at the same time due to this reason most of the graphical passwords are prone to shoulder surfing. In this paper, we have suggested a shoulder-surfing resistant graphical password authentication method. The system is a combination of recognition and pure recall based techniques. Proposed scheme can be useful for smart hand held devices (like smart phones i.e. PDAs, iPod, iPhone, etc) which are more handy and convenient to use than traditional desktop computer systems.

Keywords: Authentication, Graphical Password, Text Password, Information Security, Shoulder-surfing.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4145

Authors: Hyunsang Park, Kwangwoo Lee, Yunho Lee, Seungjoo Kim, Dongho Won

Abstract:

The online office is one of web application. We can easily use the online office through a web browser with internet connected PC. The online office has the advantage of using environment regardless of location or time. When users want to use the online office, they access the online office server and use their content. However, recently developed and launched online office has the weakness of insufficient consideration. In this paper, we analyze the security vulnerabilities of the online office. In addition, we propose the evaluation criteria to make secure online office using Common Criteria. This evaluation criteria can be used to establish trust between the online office server and the user. The online office market will be more active than before.

Keywords: Online Office, Vulnerabilities, CommonCriteria(CC)

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1422

Authors: Amudha Kadirvelu, Sivalal Sadasivan

Abstract:

While the problem based learning (PBL) approach promotes unsupervised self-directed learning (SDL), many students experience difficulty juggling the role of being an information recipient and information seeker. Logbooks have been used to assess trainee doctors but not in other areas. This study aimed to determine the effectiveness of logbook for assessing SDL during PBL sessions in first year medical students. The log book included a learning checklist and knowledge and skills components. Comparisons with the baseline assessment of student performance in PBL and that at semester end after logbook intervention showed significant improvements in student performance (31.5 ± 8 vs. 17.7 ± 4.4; p<0.001) with a large effect size of 3.93. The learner-s log for PBL has played an important role in enhancing SDL in first year medical students. Learner-s log could be a good self-assessment tool for the undergraduate medical students.

Keywords: Problem based learning, self-directed learning, logbook, self-assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2014

Authors: Dongwan Kang, Joohyung Oh, Chaetae Im

Abstract:

Advancement of communication technologies and smart devices in the recent times is leading to changes into the integrated wired and wireless communication environments. Since early days, businesses had started introducing environments for mobile device application to their operations in order to improve productivity (efficiency) and the closed corporate environment gradually shifted to an open structure. Recently, individual user's interest in working environment using mobile devices has increased and a new corporate working environment under the concept of BYOD is drawing attention. BYOD (bring your own device) is a concept where individuals bring in and use their own devices in business activities. Through BYOD, businesses can anticipate improved productivity (efficiency) and also a reduction in the cost of purchasing devices. However, as a result of security threats caused by frequent loss and theft of personal devices and corporate data leaks due to low security, companies are reluctant about adopting BYOD system. In addition, without considerations to diverse devices and connection environments, there are limitations in detecting abnormal behaviors, such as information leaks, using the existing network-based security equipment. This study suggests a method to detect abnormal behaviors according to individual behavioral patterns, rather than the existing signature-based malicious behavior detection, and discusses applications of this method in BYOD environment.

Keywords: BYOD, Security, Anomaly Behavior Detection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2067

Authors: V. Ramnarain-Seetohul, J. Abdool Karim, A. Amir

Abstract:

Almost all universities include some form of assignment in their courses. The assignments are either carried out in either in groups or individually. To effectively manage these submitted assignments, a well-designed assignment submission system is needed, hence the need for an online assignment submission system to facilitate the distribution, and collection of assignments on due dates. The objective of such system is to facilitate interaction of lecturers and students for assessment and grading purposes. The aim of this study was to create a web based online assignment submission system for University of Mauritius. The system was created to eliminate the traditional process of giving an assignment and collecting the answers for the assignment. Lecturers can also create automated assessment to assess the students online. Moreover, the online submission system consists of an automatic mailing system which acts as a reminder for students about the deadlines of the posted assignments. System was tested to measure its acceptance rate among both student and lecturers.

Keywords: Assignment, assessment, online, submission

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 7196

Authors: Neilal A. Isaac, Madison Edwards, Kirthana Sugunathevan, Mohan Kumar

Abstract:

The COVID-19 pandemic challenged the education system and forced medical schools to transition to online learning. With this transition, one of the major concerns for students and educators was to ensure that Physical Examination (PE) skills were still being mastered. Thus, the formative peer assessment model was designed to enhance the learning of PE skills during the COVID-19 pandemic in the online learning landscape. Year 1 and year 2 students enrolled in clinical skills courses at the University of Medicine and Health Sciences, St. Kitts were asked to record themselves demonstrating PE skills with a healthy patient volunteer after every skills class. Each student was assigned to exchange feedback with one peer in the course. At the end of the first two semesters of this learning activity, a cross-sectional survey was conducted for the two cohorts of year-1 and year-2 students. The year-1 cohorts most frequently rated the peer assessment exercise as 4 on a 5-point Likert scale, with a mean score of 3.317 [2.759, 3.875]. The year-2 cohorts most frequently rated the peer assessment exercise as 4 on a 5-point Likert scale, with a mean score of 3.597 [2.978, 4.180]. Students indicated that guidance from faculty, flexible deadlines, and detailed and timely feedback from peers were areas for improvement in this process.

Keywords: COVID-19 pandemic, distant learning, online medical education, peer assessment, physical examination.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 388

Authors: Abdul Basit Kiani, Maryam Kiani

Abstract:

The art of web development in new technologies is a dynamic journey, shaped by the constant evolution of tools and platforms. With the emergence of JavaScript frameworks and APIs, web developers are empowered to craft web applications that are not only robust but also highly interactive. The aim is to provide an overview of the developments in the field. The integration of artificial intelligence (AI) and machine learning (ML) has opened new horizons in web development. Chatbots, intelligent recommendation systems, and personalization algorithms have become integral components of modern websites. These AI-powered features enhance user engagement, provide personalized experiences, and streamline customer support processes, revolutionizing the way businesses interact with their audiences. Lastly, the emphasis on web security and privacy has been a pivotal area of progress. With the increasing incidents of cyber threats, web developers have implemented robust security measures to safeguard user data and ensure secure transactions. Innovations such as HTTPS protocol, two-factor authentication, and advanced encryption techniques have bolstered the overall security of web applications, fostering trust and confidence among users. Hence, recent progress in web development has propelled the industry forward, enabling developers to craft innovative and immersive digital experiences. From responsive design to AI integration and enhanced security, the landscape of web development continues to evolve, promising a future filled with endless possibilities.

Keywords: Web development, software testing, progressive web apps, web and mobile native application.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 381

Authors: Raluca-Cristina Buţurcă, CarlesM.Gasol, Xavier Gabarrell, Dan Scarpete

Abstract:

The environmental performance of rapeseed oil (RO) and rapeseed methyl ester(RME) from winter rape as fuels produced in Romanian agroclimate is analyzed in this paper. The proposed methodology is life cycle assessment (LCA) and takes into consideration the influence of grain production and agroclimatic conditions. This study shows favorable results first for RO and then for RME. When compared to diesel fuel, both studied biofuels show better results in the following impact categories: Abiotic depletion potential (ADP), Ozone layer depletion (ODP) and Photochemical ozone creation potential (POCP).Furthermore, the environmental performance of the two biofuels studied can be improved by changing the type of fertilizer used and also by using biofuels instead of diesel in the field works.

Keywords: Biodiesel, life cycle assessment, rapeseed oil.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2550