Search results for: encryption and internet protocol security.

Authors: Ayush Chugh, Gaurav Gupta

Abstract:

Today’s technology is heavily dependent on web applications. Web applications are being accepted by users at a very rapid pace. These have made our work efficient. These include webmail, online retail sale, online gaming, wikis, departure and arrival of trains and flights and list is very long. These are developed in different languages like PHP, Python, C#, ASP.NET and many more by using scripts such as HTML and JavaScript. Attackers develop tools and techniques to exploit web applications and legitimate websites. This has led to rise of web application security; which can be broadly classified into Declarative Security and Program Security. The most common attacks on the applications are by SQL Injection and XSS which give access to unauthorized users who totally damage or destroy the system. This paper presents a detailed literature description and analysis on Web Application Security, examples of attacks and steps to mitigate the vulnerabilities.

Keywords: Attacks, Injection, JavaScript, SQL, Vulnerability, XSS.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4932

Authors: Umar Albalawi, Sang C. Suh, Jinoh Kim

Abstract:

As internet continues to expand its usage with an  enormous number of applications, cyber-threats have significantly  increased accordingly. Thus, accurate detection of malicious traffic in  a timely manner is a critical concern in today’s Internet for security.  One approach for intrusion detection is to use Machine Learning (ML)  techniques. Several methods based on ML algorithms have been  introduced over the past years, but they are largely limited in terms of  detection accuracy and/or time and space complexity to run. In this  work, we present a novel method for intrusion detection that  incorporates a set of supervised learning algorithms. The proposed  technique provides high accuracy and outperforms existing techniques  that simply utilizes a single learning method. In addition, our  technique relies on partial flow information (rather than full  information) for detection, and thus, it is light-weight and desirable for  online operations with the property of early identification. With the  mid-Atlantic CCDC intrusion dataset publicly available, we show that  our proposed technique yields a high degree of detection rate over 99%  with a very low false alarm rate (0.4%). 

 

Keywords: Intrusion Detection, Supervised Learning, Traffic Classification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2004

Authors: Kavitha Thamadharan, Nurazean Maarop

Abstract:

The implementation of e-assessment as tool to support the process of teaching and learning in university has become a popular technological means in universities. E-Assessment provides many advantages to the users especially the flexibility in teaching and learning. The e-assessment system has the capability to improve its quality of delivering education. However, there still exists a drawback in terms of security which limits the user acceptance of the online learning system. Even though there are studies providing solutions for identified security threats in e-learning usage, there is no particular model which addresses the factors that influences the acceptance of e-assessment system by lecturers from security perspective. The aim of this study is to explore security aspects of eassessment in regard to the acceptance of the technology. As a result a conceptual model of secure acceptance of e-assessment is proposed. Both human and security factors are considered in formulation of this conceptual model. In order to increase understanding of critical issues related to the subject of this study, interpretive approach involving convergent mixed method research method is proposed to be used to execute the research. This study will be useful in providing more insightful understanding regarding the factors that influence the user acceptance of e-assessment system from security perspective.

Keywords: Secure Technology Acceptance, E-Assessment Security, E-Assessment, Education Technology.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2404

Authors: Christina Tay

Abstract:

This paper investigates the impact of Information and Communication Technology (ICT) on bilateral trade in goods. Empirical analysis is performed on the United States and 34 partnering countries from 2000 to 2013. Our econometric model fits the data well, explaining 52% of the variation in trade flows for goods trade, 53.2% of the variation in trade flows for goods export and 48% of the variation in trade flows for goods import. For every 10% increase in fixed broadband Internet subscribers per 100 people increases, goods trade by 7.9% and for every 5% increase in fixed broadband Internet subscribers per 100 people, goods export increases by 11%. For every 1% increase in fixed telephone line penetration per 100 people, goods trade increases by 26.3%, goods export increases by 24.4% and goods import increases by 24.8%. For every 1% increase in mobile-cellular telephone subscriptions, goods trade decreases by 29.6% and goods export decreases by 27.1%, whilst for every 0.01% increase in mobile-cellular telephone subscriptions, goods import decreases by 34.3%. For every 1% increase in the percentage of population who used the Internet from any location in the last 12 months Internet, goods trade increases by 32.5%, goods export increases by 38.9%, goods import increases by 33%. All our trade determinants as well as our ICT variables have significances on goods exports for the US. We can also draw from our study that the US relies more rather heavily on ICT for its goods export compared to goods import.

Keywords: Bilateral trade, goods trade, information and communication technologies, Internet.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 788

Authors: M. V. Ramana Rao, T. Adilakshmi

Abstract:

Based on application requirements, nodes are static or mobile in Wireless Sensor Networks (WSNs). Mobility poses challenges in protocol design, especially at the link layer requiring mobility adaptation algorithms to localize mobile nodes and predict link quality to be established with them. This study implements XMAC and Berkeley Media Access Control (BMAC) routing protocols to evaluate performance under WSN’s static and mobility conditions. This paper gives a comparative study of mobility-aware MAC protocols. Routing protocol performance, based on Average End to End Delay, Average Packet Delivery Ratio, Average Number of hops, and Jitter is evaluated.

Keywords: Wireless Sensor Network (WSN), Medium Access Control (MAC), Berkeley Media Access Control (BMAC), mobility.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2359

Authors: M. Sandhya, R. M. Madhumitha, Sharmila Sankar

Abstract:

Interoperable medical devices (IMDs) face threats due to the increased attack surface accessible by interoperability and the corresponding infrastructure. Initiating networking and coordination functionalities primarily modify medical systems' security properties. Understanding the threats is a vital first step in ultimately crafting security solutions for such systems. The key to this problem is coming up with some common types of threats or attacks with those of security and privacy, and providing this information as a roadmap. This paper analyses the security issues in interoperability of devices and presents the main types of threats that have to be considered to build a secured system.

Keywords: Interoperability, threats, attacks, medical devices.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1489

Authors: M. Al-hawari, H. AL–Yamani, B. Izwawa

Abstract:

Recognizing the increasing importance of using the Internet to conduct business, this paper looks at some related matters associated with small businesses making a decision of whether or not to have a Website and go online. Small businesses in Saudi Arabia struggle to have this decision. For organizations, to fully go online, conduct business and provide online information services, they need to connect their database to the Web. Some issues related to doing that might be beyond the capabilities of most small businesses in Saudi Arabia, such as Website management, technical issues and security concerns. Here we focus on a small business firm in Saudi Arabia (Case Study), discussing the issues related to going online decision and the firm's options of what to do and how to do it. The paper suggested some valuable solutions of connecting databases to the Web. It also discusses some of the important issues related to online information services and e-commerce, mainly Web hosting options and security issues.

Keywords: E-Commerce, Saudi Arabia, Small business, Webdatabase connection, Web hosting, World Wide Web (Web).

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1944

Authors: Faeze Razmpa

Abstract:

One of the main consequences of the ubiquitous usage of Internet as a means to conduct business has been the progressive internationalization of contracts created to support such transactions. As electronic commerce becomes International commerce, the reality is that commercial disputes will occur creating such questions as: "In which country do I bring proceedings?" and "Which law is to be applied to solve disputes?" The decentralized and global structure of the Internet and its decentralized operation have given e-commerce a transnational element that affects two questions essential to any transaction: applicable law and jurisdiction in the event of dispute. The sharing of applicable law and jurisdiction among States in respect of international transactions traditionally has been based on the use of contact factors generally of a territorial nature (the place where real estate is located, customary residence, principal establishment, place of shipping goods). The characteristics of the Internet as a new space sometimes make it difficult to apply these rules, and may make them inoperative or lead to results that are surprising or totally foreign to the contracting parties and other elements and circumstances of the case.

Keywords: Electronic, European Union, Jurisdiction, Internet

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1748

Authors: Peter Ndichu Muriuki

Abstract:

The 9/11 suicide attacks in New York, Washington, D.C., and Pennsylvania, triggered a number of security responses both in the United States of America and other Countries in the World. Kenya, which is an ally and a close partner to North America and Europe, was not left behind. While many states had been parties to numerous terrorism conventions, their response in implementing them had been slow and needed this catalyst. This special case offered a window of opportunity for many “security conscious" regimes in cementing their legal-criminological and political security apparatus. At the international level, the 9/11 case led to the hasty adoption of Security Council resolution 1373 in 2001, which called upon states to adopt wide-ranging and comprehensive steps and strategies to combat international terrorism and to become parties to the relevant international conventions and protocols relating to terrorism. Since then, Kenya has responded with speed in devising social-legal-criminological-political actions.

Keywords: Justice, Policing, Security, Terrorism

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1639

Authors: Khalid Alnafjan, Tazar Hussain, Hanif Ullah, Zia ul haq Paracha

Abstract:

Software and applications are subjected to serious and damaging security threats, these threats are increasing as a result of increased number of potential vulnerabilities. Security testing is an indispensable process to validate software security requirements and to identify security related vulnerabilities. In this paper we analyze and compare different available vulnerabilities testing techniques based on a pre defined criteria using analytical hierarchy process (AHP). We have selected five testing techniques which includes Source code analysis, Fault code injection, Robustness, Stress and Penetration testing techniques. These testing techniques have been evaluated against five criteria which include cost, thoroughness, Ease of use, effectiveness and efficiency. The outcome of the study is helpful for researchers, testers and developers to understand effectiveness of each technique in its respective domain. Also the study helps to compare the inner working of testing techniques against a selected criterion to achieve optimum testing results.

Keywords: Software Security, Security Testing, Testing techniques, vulnerability, AHP.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2865

Authors: Hilmi Rafet Yüncü

Abstract:

Today Internet has very important role to promote products and services all over the world. Companies and destinations in tourism industry use Internet to sell and to promote their core products to directly potential tourists. Internet technologies have redefined the relationships between tourists, tourism companies, and travel agents. The new relationship allows for accessing and tapping tourism information and services. Internet technologies ensure new opportunities to available for the tourism industry, including travel accommodation, and tourist destination organizations. Websites are important devices to the marketing of a destination. Most people make a research about the destination before arriving via internet. Governments have a considerable role in the process of marketing tourism destinations. Governments make policies and regulations; furthermore, they help to market destinations to potential tourists. Governments have a comprehensive overview of the sector to see changes in tourism market and design better policies, programs and marketing plans. At the same time, governments support developing of alternative tourism in the country with regulations and marketing tools. The aim of this study is to analyse of an Internet website of governmental tourism portal in Turkey to determine effectiveness about gastronomy tourism. The Turkish government has established a culture portal for foreign and local tourists. The Portal provides local and general information about tourism attractions of cities and Turkey. There are 81 official cities in Turkey and all these cities are conducted to analyse to determine how effective marketing is done by Turkish Government in the manner of gastronomy tourism. A content analysis will be conducted to Internet website of the portal with food content, recipes and gastronomic feature of cities.

Keywords: Content analysis, culture portal, gastronomy tourism, Turkey.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1413

Authors: E. Khorram, S.M. Mirzababaei

Abstract:

Everyday the usages of the Internet increase and simply a world of the data become accessible. Network providers do not want to let the provided services to be used in harmful or terrorist affairs, so they used a variety of methods to protect the special regions from the harmful data. One of the most important methods is supposed to be the firewall. Firewall stops the transfer of such packets through several ways, but in some cases they do not use firewall because of its blind packet stopping, high process power needed and expensive prices. Here we have proposed a method to find a discriminate function to distinguish between usual packets and harmful ones by the statistical processing on the network router logs. So an administrator can alarm to the user. This method is very fast and can be used simply in adjacent with the Internet routers.

Keywords: Data Mining, Firewall, Optimization, Packetclassification, Statistical Pattern Recognition.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1383

Authors: Kamarularifin Abd Jalil, John Dunlop

Abstract:

A Personal Distributed Environment (PDE) is an example of an IP-based system architecture designed for future mobile communications. In a single PDE, there exist several Subnetworks hosting devices located across the infrastructure, which will inter-work with one another through the coordination of a Device Management Entity (DME). Some of these Sub-networks are fixed and some are mobile. In order to support Mobile Sub-networks mobility in the PDE, the PDE-NEMO protocol was proposed. This paper discussed the signalling cost analysis of PDE-NEMO by use of a detailed simulation model. The paper started with the introduction of the protocol, followed by the experiments and results and then followed by discussions.

Keywords: Mobile Network, PDE-NEMO, Signallling Cost.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1368

Authors: Lee Feng Koo, Tze Jin Wong, Pang Hung Yiu, Nik Mohd Asri Nik Long

Abstract:

Greater common divisor (GCD) attack is an attack that relies on the polynomial structure of the cryptosystem. This attack required two plaintexts differ from a fixed number and encrypted under same modulus. This paper reports a security reaction of Lucas Based El-Gamal Cryptosystem in the Elliptic Curve group over finite field under GCD attack. Lucas Based El-Gamal Cryptosystem in the Elliptic Curve group over finite field was exposed mathematically to the GCD attack using GCD and Dickson polynomial. The result shows that the cryptanalyst is able to get the plaintext without decryption by using GCD attack. Thus, the study concluded that it is highly perilous when two plaintexts have a slight difference from a fixed number in the same Elliptic curve group over finite field.

Keywords: Decryption, encryption, elliptic curve, greater common divisor.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 671

Authors: Yuichiro Kanzaki, Akito Monden, Masahide Nakamura, Ken-ichi Matsumoto

Abstract:

This paper proposes an easy-to-use instruction hiding method to protect software from malicious reverse engineering attacks. Given a source program (original) to be protected, the proposed method (1) takes its modified version (fake) as an input, (2) differences in assembly code instructions between original and fake are analyzed, and, (3) self-modification routines are introduced so that fake instructions become correct (i.e., original instructions) before they are executed and that they go back to fake ones after they are executed. The proposed method can add a certain amount of security to a program since the fake instructions in the resultant program confuse attackers and it requires significant effort to discover and remove all the fake instructions and self-modification routines. Also, this method is easy to use (with little effort) because all a user (who uses the proposed method) has to do is to prepare a fake source code by modifying the original source code.

Keywords: Copyright protection, program encryption, program obfuscation, self-modification, software protection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1476

Authors: Mayada AlMeghari

Abstract:

Recently, grid middlewares have provided large integrated use of network resources as the shared data and the CPU to become a virtual supercomputer. In this work, we present the design and implementation of the middleware for Data Warehouse Signature (DWS) Framework. The aim of using the middleware in the proposed DWS framework is to achieve the high performance by the parallel computing. This middleware is developed on Alchemi.Net framework to increase the security among the network nodes through the authentication and group-key distribution model. This model achieves the key security and prevents any intermediate attacks in the middleware. This paper presents the flow process structures of the middleware design. In addition, the paper ensures the implementation of security for DWS middleware enhancement with the authentication and group-key distribution model. Finally, from the analysis of other middleware approaches, the developed middleware of DWS framework is the optimal solution of a complete covering of security issues.

Keywords: Middleware, parallel computing, data warehouse, security, group-key, high performance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 291

Authors: Xin-Lei Feng, Ting-Zhu Huang

Abstract:

According to conjugate gradient algorithm, a new consensus protocol algorithm of discrete-time multi-agent systems is presented, which can achieve finite-time consensus. Finally, a numerical example is given to illustrate our theoretical result.

Keywords: Consensus protocols; Graph theory; Multi-agent systems;Conjugate gradient algorithm; Finite-time.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2100

Authors: Keonwoo Kim, Dowon Hong, Kyoil Chung

Abstract:

This paper proposes the authentication method using ESA algorithm instead of using CAVE algorithm in the CDMA mobile communication systems including IS-95 and CDMA2000 1x. And, we analyze to apply ESA mechanism on behalf of CAVE mechanism without the change of message format and air interface in the existing CDMA systems. If ESA algorithm can be used as the substitution of CAVE algorithm, security strength of authentication algorithm is intensified without protocol change. An algorithm replacement proposed in this paper is not to change an authentication mechanism, but to configure input of ESA algorithm and to produce output. Therefore, our proposal can be the compatible to the existing systems.

Keywords: ESA, CAVE, CDMA, authentication, mobilecommunication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1557

Authors: Zied Trifa, Maher Khemakhem

Abstract:

The survey and classification of the different security attacks in structured peer-to-peer (P2P) overlay networks can be useful to computer system designers, programmers, administrators, and users. In this paper, we attempt to provide a taxonomy of structured P2P overlay networks security attacks. We have specially focused on the way these attacks can arise at each level of the network. Moreover, we observed that most of the existing systems such as Content Addressable Network (CAN), Chord, Pastry, Tapestry, Kademlia, and Viceroy suffer from threats and vulnerability which lead to disrupt and corrupt their functioning. We hope that our survey constitutes a good help for who-s working on this area of research.

Keywords: P2P, Structured P2P Overlay Networks, DHT, Security, classification

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1732

Authors: Nerey H. Mvungi, Mosses Makoko

Abstract:

In today-s highly globalised and competitive world access to information plays key role in having an upper hand between business rivals. Hence, proper protection of such crucial resource is core to any modern business. Implementing a successful information security system is basically centered around three pillars; technical solution involving both software and hardware, information security controls to translate the policies and procedure in the system and the people to implement. This paper shows that a lot needs to be done for countries adapting information technology to process, store and distribute information to secure adequately such core resource.

Keywords: security, information systems, controls, technology, practices.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2584

Authors: Karim Abouelmehdi, Loubna Dali, Elmoutaoukkil Abdelmajid, Hoda Elsayed Eladnani Fatiha, Benihssane Abderahim

Abstract:

The security of cloud services is the concern of cloud service providers. In this paper, we will mention different classifications of cloud attacks referred by specialized organizations. Each agency has its classification of well-defined properties. The purpose is to present a high-level classification of current research in cloud computing security. This classification is organized around attack strategies and corresponding defenses.

Keywords: Cloud computing, security, classification, risk.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2046

Authors: Abdallah Ghoul, Bachir Ouamri, Ismail Khalil Bousserhane

Abstract:

In this paper, we have developed a sliding mode controller for PUMA 600 manipulator robot, to control the remote robot a teleoperation system was developed. This system includes two sites, local and remote. The sliding mode controller is installed at the remote site. The client asks for a position through an interface and receives the real positions after running of the task by the remote robot. Both sites are interconnected via the Internet. In order to verify the effectiveness of the sliding mode controller, that is compared with a classic PID controller. The developed approach is tested on a virtual robot. The results confirmed the high performance of this approach.

Keywords: Internet, manipulator robot, PID controller, remote control, sliding mode, teleoperation.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 923

Authors: Radek Malinský, Ivan Jelínek

Abstract:

The current web has become a modern encyclopedia, where people share their thoughts and ideas on various topics around them. This kind of encyclopedia is very useful for other people who are looking for answers to their questions. However, with the growing popularity of social networking and blogging and ever expanding network services, there has also been a growing diversity of technologies along with a different structure of individual web sites. It is therefore difficult to directly find a relevant answer for a common Internet user. This paper presents a web application for the real-time end-to-end analysis of selected Internet trends where the trend can be whatever the people post online. The application integrates fully configurable tools for data collection and analysis using selected webometric algorithms, and for its chronological visualization to user. It can be assumed that the application facilitates the users to evaluate the quality of various products that are mentioned online.

Keywords: Trend, visualizer, web analysis, web 2.0.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2209

Authors: B. Ferdousi, J. Bari

Abstract:

With advancement of mobile computing, employees are increasingly doing their job-related works using personally owned mobile devices or organization owned devices. The Bring Your Own Device (BYOD) model allows employees to use their own mobile devices for job-related works, while Corporate Owned, Personally Enabled (COPE) model allows both organizations and employees to install applications onto organization-owned mobile devices used for job-related works. While there are many benefits of using mobile computing for job-related works, there are also serious concerns of different levels of threats to the organizational data security. Consequently, it is crucial to know the level of threat to the organizational data security in the BOYD and COPE models. It is also important to ensure that employees comply with the organizational data security policy. This paper discusses the organizational data security issues in perspective of ownership of mobile devices used by employees, especially in BYOD and COPE models. It appears that while the BYOD model has many benefits, there are relatively more data security risks in this model than in the COPE model. The findings also showed that in both BYOD and COPE environments, a more practical approach towards achieving secure mobile computing in organizational setting is through the development of comprehensive cybersecurity policies balancing employees’ need for convenience with organizational data security. The study helps to figure out the compliance and the risks of security breach in BYOD and COPE models.

Keywords: Data security, mobile computing, BYOD, COPE, cybersecurity policy, cybersecurity compliance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 301

Authors: Tarek Abdel Azim Ahmed, Eman Sarhan Shaker

Abstract:

This research aims to explore how well the extended model of internet commerce adoption (eMICA) model is often used to determine the extent of internet commerce adoption in the travel agencies sector in both Egypt and Kingdom of Saudi Arabia (KSA). The web content analysis method was used to analyze the level of adoption of Egyptian travel agencies and Saudi travel agencies according to data immensely available on their websites. Therefore, each site was categorized according to the phases and levels proposed. In order to achieve this, 120 websites were evaluated by the two authors over a three-month period, from August to October 2020, and then categorized according to the phases and levels of (eMICA). The results show that there are deficiencies in the application of the eMICA model by both KSA and Egyptian travel agencies, generally, updating their websites, the absence of quality certification, offering secure online payment, virtual tours, and videos using Flash animation. In general, the Egyptian companies slightly outperformed the KSA ones in applying eMICA model.

Keywords: e-commerce, eMICA, Internet marketing, travel agencies, websites.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 572

Authors: Kleanthis Prekas, Maria Rangoussi, Savvas Vassiliadis, George Prekas

Abstract:

Intelligent tutoring systems constitute an evolution of computer-aided educational software. We present here the modules of an intelligent tutoring system for Automatic Control, developed in our department. Through the software application developed,students can perform complete automatic control laboratory experiments, either over the departmental local area network or over the Internet. Monitoring of access to the system (local as well as international), along with student performance statistics, has yielded strongly encouraging results (as of fall 2004), despite the advanced technical content of the presented paradigm, thus showing the potential of the system developed for education and for training.

Keywords: Automatic control, tutoring system, Internet access, laboratory experiments.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1627

Authors: Amjad Nusayr

Abstract:

Software security is a general term used to any type of software architecture or model in which security aspects are incorporated in this architecture. These aspects are not part of the main logic of the underlying program. Software security can be achieved using a combination of approaches including but not limited to secure software designs, third part component validation, and secure coding practices. Memory safety is one feature in software security where we ensure that any object in memory is have a valid pointer or a reference with a valid type. Aspect Oriented Programming (AOP) is a paradigm that is concerned with capturing the cross-cutting concerns in code development. AOP is generally used for common cross-cutting concerns like logging and Database transaction managing. In this paper we introduce the concepts that enable AOP to be used for the purpose of memory and type safety. We also present ideas for extending AOP in software security practices.

Keywords: Aspect oriented programming, programming languages, software security, memory and type safety.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 371

Authors: Shaya Alshahrani

Abstract:

Perceived risks play a major role in consumer intentions, behaviors, attitudes, and decisions about online shopping in the KSA. This paper investigates the influence of six perceived risk dimensions on Saudi consumers: product risk, information risk, financial risk, privacy and security risk, delivery risk, and terms and conditions risk empirically. To ensure the success of this study, a random survey was distributed to reflect the consumers’ perceived risk and to enable the generalization of the results. Data were collected from 323 respondents in the Kingdom of Saudi Arabia (KSA): 50 who had never shopped online and 273 who had done so. The results indicated that all six risks influenced the respondents’ perceptions of online shopping. The non-online shoppers perceived financial and delivery risks as the most significant barriers to online shopping. This was followed closely by performance, information, and privacy and security risks. Terms and conditions were perceived as less significant. The online consumers considered delivery and performance risks to be the most significant influences on internet shopping. This was followed closely by information and terms and conditions. Financial and privacy and security risks were perceived as less significant. This paper argues that introducing adequate legal solutions to addressing related problems arising from this study is an urgent need. This may enhance consumer trust in the KSA online market, increase consumers’ intentions regarding online shopping, and improve consumer protection.

Keywords: Perceived risk, consumer protection, online shopping, Saudi Arabia, online contracts, e-commerce.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 865

Authors: Mansab Ali, Muhammad Khalid Khan

Abstract:

The advances in wireless communication have opened unlimited horizons but there are some challenges as well. The Nature derived air medium between MS (Mobile Station) and BS (Base Station) is beyond human control and produces channel impairment. The impact of the natural conditions at the air medium is the biggest issue in wireless communication. Natural conditions make reliability more cumbersome; here reliability refers to the efficient recovery of the lost or erroneous data. The SR-ARQ (Selective Repeat-Automatic Repeat Request) protocol is a de facto standard for any wireless technology at the air interface with its standard reliability features. Our focus in this research is on the reliability of the control or feedback signal of the SR-ARQ protocol. The proposed mechanism, RSR-ARQ (Reliable SR-ARQ) is an enhancement of the SR-ARQ protocol that has ensured the reliability of the control signals through channel impairment sensitive mechanism. We have modeled the system under two-state discrete time Markov Channel. The simulation results demonstrate the better recovery of the lost or erroneous data that will increase the overall system performance.

Keywords: ISR-ARQ, MAA, RSR-ARQ, SAA.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1212

Authors: Tahar Ezzedine, Mohamed Miladi, Ridha Bouallegue

Abstract:

Because nodes are usually battery-powered, the energy presents a very scarce resource in wireless sensor networks. For this reason, the design of medium access control had to take energy efficiency as one of its hottest concerns. Accordingly, in order to improve the energy performance of MAC schemes in wireless sensor networks, several ways can be followed. In fact, some researchers try to limit idle listening while others focus on mitigating overhearing (i.e. a node can hear a packet which is destined to another node) or reducing the number of the used control packets. We, in this paper, propose a new hybrid MAC protocol termed ELE-MAC (i.e. Energy Latency Efficient MAC). The ELE-MAC major design goals are energy and latency efficiencies. It adopts less control packets than SMAC in order to preserve energy. We carried out ns- 2 simulations to evaluate the performance of the proposed protocol. Thus, our simulation-s results prove the ELE-MAC energy efficiency. Additionally, our solution performs statistically the same or better latency characteristic compared to adaptive SMAC.

Keywords: Control packet, energy efficiency, medium access control, wireless sensor networks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1669