Search results for: Internet security
1532 Cyber Security Situational Awareness among Students: A Case Study in Malaysia
Authors: Yunos Zahri, Ab Hamid R. Susanty, Ahmad Mustaffa
Abstract:
This paper explores the need for a national baseline study on understanding the level of cyber security situational awareness among primary and secondary school students in Malaysia. The online survey method was deployed to administer the data collection exercise. The target groups were divided into three categories: Group 1 (primary school aged 7-9 years old), Group 2 (primary school aged 10-12 years old), and Group 3 (secondary school aged 13-17 years old). A different questionnaire set was designed for each group. The survey topics/areas included Internet and digital citizenship knowledge. Respondents were randomly selected from rural and urban areas throughout all 14 states in Malaysia. A total of 9,158 respondents participated in the survey, with most states meeting the minimum sample size requirement to represent the country’s demographics. The findings and recommendations from this baseline study are fundamental to develop teaching modules required for children to understand the security risks and threats associated with the Internet throughout their years in school. Early exposure and education will help ensure healthy cyber habits among millennials in Malaysia.
Keywords: Cyber security awareness, cyber security education, cyber security, students.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 29841531 Evaluation Method for Information Security Levels of CIIP (Critical Information Infrastructure Protection)
Authors: Soon-Tai Park, Jong-Whoi Shin, Bog-Ki Min, Ik-Sub Lee, Gang-Shin Lee, Jae-Il Lee
Abstract:
As the information age matures, major social infrastructures such as communication, finance, military and energy, have become ever more dependent on information communication systems. And since these infrastructures are connected to the Internet, electronic intrusions such as hacking and viruses have become a new security threat. Especially, disturbance or neutralization of a major social infrastructure can result in extensive material damage and social disorder. To address this issue, many nations around the world are researching and developing various techniques and information security policies as a government-wide effort to protect their infrastructures from newly emerging threats. This paper proposes an evaluation method for information security levels of CIIP (Critical Information Infrastructure Protection), which can enhance the security level of critical information infrastructure by checking the current security status and establish security measures accordingly to protect infrastructures effectively.Keywords: Information Security Evaluation Methodology, Critical Information Infrastructure Protection.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 17821530 An E-Retailing System Architecture Based on Cloud Computing
Authors: Chanchai Supaartagorn
Abstract:
E-retailing is the sale of goods online that takes place over the Internet. The Internet has shrunk the entire World. World eretailing is growing at an exponential rate in the Americas, Europe and Asia. However, e-retailing costs require expensive investment, such as hardware, software, and security systems. Cloud computing technology is internet-based computing for the management and delivery of applications and services. Cloud-based e-retailing application models allow enterprises to lower their costs with their effective implementation of e-retailing activities. In this paper, we describe the concept of cloud computing and present the architecture of cloud computing, combining the features of e-retailing. In addition, we propose a strategy for implementing cloud computing with e-retailing. Finally, we explain the benefits from the architecture.Keywords: Architecture, cloud computing, e-retailing, internet-based.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 31691529 A Study of the Role of Perceived Risk and User Characteristics in Internet Purchase Intention
Authors: Ali Hajiha, Farhad Ghaffari, Nooshin Gholamali Tehrani
Abstract:
This study aims at investigating the empirical relationships between risk preference, internet preference, and internet knowledge which are known as user characteristics, in addition to perceived risk of the customers on the internet purchase intention. In order to test the relationships between the variables of model 174, a questionnaire was collected from the students with previous online experience. For the purpose of data analysis, confirmatory factor analysis (CFA) and structural equation model (SEM) was used. Test results show that the perceived risk affects the internet purchase intention, and increase or decrease of perceived risk influences the purchase intention when the customer does the internet shopping. Other factors such as internet preference, knowledge of the internet, and risk preference affect the internet purchase intention.Keywords: Perceived risk, Internet preference, Internetknowledge, Risk preference, Internet purchase intention
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 24801528 Effective Security Method for Wireless LAN using Life-Cycle of Wireless Access Point
Authors: Soon-Tai Park, Haeryong Park, Myoung-sun Noh, Yoo-Jae Won
Abstract:
There are many expand of Wi-Fi zones provided mobile careers and usage of wireless access point at home as increase of usage of wireless internet caused by the use of smart phone. This paper shows wireless local area network status, security threats of WLAN and functionality of major wireless access point in Korea. We propose security countermeasures concerned with life cycle of access point from manufacturing to installation, using and finally disposal. There needed to releasing with configured secure at access point. Because, it is most cost effective resolution than stage of installation or other life cycle of access point.Keywords: Wireless LAN Security, Wi-Fi Security, Wireless Access Point, Product Life-Cycle
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 19211527 An Optical WDM Network Concept for Tanzania
Authors: S. Pazi, C. Chatwin, R. Young, P. Birch
Abstract:
Tanzania is a developing country, which significantly lags behind the rest of the world in information communications technology (ICT), especially for the Internet. Internet connectivity to the rest of the world is via expensive satellite links, thus leaving the majority of the population unable to access the Internet due to the high cost. This paper introduces the concept of an optical WDM network for Internet infrastructure in Tanzania, so as to reduce Internet connection costs, and provide Internet access to the majority of people who live in both urban and rural areas. We also present a proposed optical WDM network, which mitigates the effects of system impairments, and provide simulation results to show that the data is successfully transmitted over a longer distance using a WDM network.
Keywords: Internet infrastructure, Internet access, Internettraffic, WDM.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 17901526 A Block Cipher for Resource-Constrained IoT Devices
Authors: Muhammad Rana, Quazi Mamun, Rafiqul Islam
Abstract:
In the Internet of Things (IoT), many devices are connected and accumulate a sheer amount of data. These Internet-driven raw data need to be transferred securely to the end-users via dependable networks. Consequently, the challenges of IoT security in various IoT domains are paramount. Cryptography is being applied to secure the networks for authentication, confidentiality, data integrity and access control. However, due to the resource constraint properties of IoT devices, the conventional cipher may not be suitable in all IoT networks. This paper designs a robust and effective lightweight cipher to secure the IoT environment and meet the resource-constrained nature of IoT devices. We also propose a symmetric and block-cipher based lightweight cryptographic algorithm. The proposed algorithm increases the complexity of the block cipher, maintaining the lowest computational requirements possible. The proposed algorithm efficiently constructs the key register updating technique, reduces the number of encryption rounds, and adds a layer between the encryption and decryption processes.
Keywords: Internet of Things, IoT, cryptography block cipher, s-box, key management, IoT security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 5391525 Using Secure-Image Mechanism to Protect Mobile Agent Against Malicious Hosts
Authors: Tarig Mohamed Ahmed
Abstract:
The usage of internet is rapidly increasing and the usage of mobile agent technology in internet environment has a great demand. The security issue one of main obstacles that restrict the mobile agent technology to spread. This paper proposes Secure-Image Mechanism (SIM) as a new mechanism to protect mobile agents against malicious hosts. . SIM aims to protect mobile agent by using the symmetric encryption and hash function in cryptography science. This mechanism can prevent the eavesdropping and alteration attacks. It assists the mobile agents to continue their journey normally incase attacks occurred.
Keywords: Agent protection, cryptography, mobile agent security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 19151524 Analysis of Network Performance Using Aspect of Quantum Cryptography
Authors: Nisarg A. Patel, Hiren B. Patel
Abstract:
Quantum cryptography is described as a point-to-point secure key generation technology that has emerged in recent times in providing absolute security. Researchers have started studying new innovative approaches to exploit the security of Quantum Key Distribution (QKD) for a large-scale communication system. A number of approaches and models for utilization of QKD for secure communication have been developed. The uncertainty principle in quantum mechanics created a new paradigm for QKD. One of the approaches for use of QKD involved network fashioned security. The main goal was point-to-point Quantum network that exploited QKD technology for end-to-end network security via high speed QKD. Other approaches and models equipped with QKD in network fashion are introduced in the literature as. A different approach that this paper deals with is using QKD in existing protocols, which are widely used on the Internet to enhance security with main objective of unconditional security. Our work is towards the analysis of the QKD in Mobile ad-hoc network (MANET).
Keywords: QKD, cryptography, quantum cryptography, network performance.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 9461523 Security Engine Management of Router based on Security Policy
Authors: Su Hyung Jo, Ki Young Kim, Sang Ho Lee
Abstract:
Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper relates to a security engine management of router based on a security policy, which is the definition of security function against a network intrusion. This paper explains the security policy and designs the structure of security engine management framework.Keywords: Policy server, security engine, security management, security policy
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 19201522 Cybersecurity Protection Structures: The Case of Lesotho
Authors: N. N. Mosola, K. F. Moeketsi, R. Sehobai, N. Pule
Abstract:
The Internet brings increasing use of Information and Communications Technology (ICT) services and facilities. Consequently, new computing paradigms emerge to provide services over the Internet. Although there are several benefits stemming from these services, they pose several risks inherited from the Internet. For example, cybercrime, identity theft, malware etc. To thwart these risks, this paper proposes a holistic approach. This approach involves multidisciplinary interactions. The paper proposes a top-down and bottom-up approach to deal with cyber security concerns in developing countries. These concerns range from regulatory and legislative areas, cyber awareness, research and development, technical dimensions etc. The main focus areas are highlighted and a cybersecurity model solution is proposed. The paper concludes by combining all relevant solutions into a proposed cybersecurity model to assist developing countries in enhancing a cyber-safe environment to instill and promote a culture of cybersecurity.Keywords: Cybercrime, cybersecurity, computer emergency response team, computer security incident response team.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 20891521 The Use of TV and the Internet in the Social Context
Authors: Khulood Miliany
Abstract:
This study examines the media habits of young people in Saudi Arabia, in particular their use of the Internet and television in the domestic sphere, and how use of the Internet impacts upon other activities. In order to address the research questions, focus group interviews were conducted with Saudi university students. The study found that television has become a central part of social life within the household where television represents a main source for family time, particularly in Ramadan while the Internet is a solitary activity where it is used in more private spaces. Furthermore, Saudi females were also more likely to have their Internet access monitored and circumscribed by family members, with parents controlling the location and the amount of time spent using the Internet.
Keywords: Domestication of Technology. Internet, Social context, Television, Young people.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 22281520 An Intelligent System for Phish Detection, using Dynamic Analysis and Template Matching
Authors: Chinmay Soman, Hrishikesh Pathak, Vishal Shah, Aniket Padhye, Amey Inamdar
Abstract:
Phishing, or stealing of sensitive information on the web, has dealt a major blow to Internet Security in recent times. Most of the existing anti-phishing solutions fail to handle the fuzziness involved in phish detection, thus leading to a large number of false positives. This fuzziness is attributed to the use of highly flexible and at the same time, highly ambiguous HTML language. We introduce a new perspective against phishing, that tries to systematically prove, whether a given page is phished or not, using the corresponding original page as the basis of the comparison. It analyzes the layout of the pages under consideration to determine the percentage distortion between them, indicative of any form of malicious alteration. The system design represents an intelligent system, employing dynamic assessment which accurately identifies brand new phishing attacks and will prove effective in reducing the number of false positives. This framework could potentially be used as a knowledge base, in educating the internet users against phishing.Keywords: World Wide Web, Phishing, Internet security, data mining.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18311519 Analytical Study of Applying the Account Aggregation Approach in E-Banking Services
Authors: A. Al Drees, A. Alahmari, R. Almuwayshir
Abstract:
The advanced information technology is becoming an important factor in the development of financial services industry, especially the banking industry. It has introduced new ways of delivering banking to the customer, such as Internet Banking. Banks began to look at electronic banking (e-banking) as a means to replace some of their traditional branch functions using the Internet as a new distribution channel. Some consumers have at least more than one account, and across banks, and access these accounts using e-banking services. To look at the current net worth position, customers have to login to each of their accounts and get the details and work on consolidation. This not only takes ample time but it is a repetitive activity at a specified frequency. To address this point, an account aggregation concept is added as a solution. E-banking account aggregation, as one of the e-banking types, appeared to build a stronger relationship with customers. Account Aggregation Service generally refers to a service that allows customers to manage their bank accounts maintained in different institutions through a common Internet banking operating a platform, with a high concern to security and privacy. This paper presents an overview of an e-banking account aggregation approach as a new service in the e-banking field.
Keywords: E-banking, security, account aggregation, enterprise application development.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15481518 Web Service Security Method To SOA Development
Authors: Nafise Fareghzadeh
Abstract:
Web services provide significant new benefits for SOAbased applications, but they also expose significant new security risks. There are huge number of WS security standards and processes. At present, there is still a lack of a comprehensive approach which offers a methodical development in the construction of secure WS-based SOA. Thus, the main objective of this paper is to address this needs, presenting a comprehensive method for Web Services Security guaranty in SOA. The proposed method defines three stages, Initial Security Analysis, Architectural Security Guaranty and WS Security Standards Identification. These facilitate, respectively, the definition and analysis of WS-specific security requirements, the development of a WS-based security architecture and the identification of the related WS security standards that the security architecture must articulate in order to implement the security services.Keywords: Kernel, Repository, Security Standards, WS Security Policy, WS specification.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14261517 On the Quality of Internet Users- Behavioral Patterns in Using Different Sites and Its Impact on Taboos of Marriage: A Survey among Undergraduate Students in Mashhad City in Iran
Authors: Javadi Alimohammad, Zanjanizadeh Homa, Javadi Maryam
Abstract:
Regarding the multi-media property of internet and the facilities that can be provided for the users, the purpose of this paper is to investigate the users- behavioral patterns and the impact of internet on taboos of marriage. For this purpose a survey technique on the sample size amounted 403 students of governmental guidance schools of city of Mashhad in country of Iran were considered. The results showed, the process of using various internet environments depends on the degree of the users- familiarity with these sites. In order to clarify the effects of the Internet on the taboos of marriage, the non – internet parameters also considered to be controlled. The ttest held among the internet users and non-users, indicated that internet users possess lower taboos of marriage. Extraction of the effects of internet via considering the effects of non-internet parameters, indicate that addiction to the internet, creating a cordial atmosphere, emotional communication, and message attractive factors have significant effects on the family's traditional values.
Keywords: Internet, taboos of marriage, family, masscommunication, computer mediate communication.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 13931516 Mutual Authentication for Sensor-to-Sensor Communications in IoT Infrastructure
Authors: Shadi Janbabaei, Hossein Gharaee Garakani, Naser Mohammadzadeh
Abstract:
Internet of things is a new concept that its emergence has caused ubiquity of sensors in human life, so that at any time, all data are collected, processed and transmitted by these sensors. In order to establish a secure connection, the first challenge is authentication between sensors. However, this challenge also requires some features so that the authentication is done properly. Anonymity, untraceability, and being lightweight are among the issues that need to be considered. In this paper, we have evaluated the authentication protocols and have analyzed the security vulnerabilities found in them. Then an improved light weight authentication protocol for sensor-to-sensor communications is presented which uses the hash function and logical operators. The analysis of protocol shows that security requirements have been met and the protocol is resistant against various attacks. In the end, by decreasing the number of computational cost functions, it is argued that the protocol is lighter than before.
Keywords: Anonymity, authentication, Internet of Things, lightweight, untraceablity.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 8191515 Research on Software Security Testing
Authors: Gu Tian-yang, Shi Yin-sheng, Fang You-yuan
Abstract:
Software security testing is an important means to ensure software security and trustiness. This paper first mainly discusses the definition and classification of software security testing, and investigates methods and tools of software security testing widely. Then it analyzes and concludes the advantages and disadvantages of various methods and the scope of application, presents a taxonomy of security testing tools. Finally, the paper points out future focus and development directions of software security testing technology.
Keywords: security testing, security functional testing, securityvulnerability testing, testing method, testing tool
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 51331514 Comparison of Authentication Methods in Internet of Things Technology
Authors: Hafizah Che Hasan, Fateen Nazwa Yusof, Maslina Daud
Abstract:
Internet of Things (IoT) is a powerful industry system, which end-devices are interconnected and automated, allowing the devices to analyze data and execute actions based on the analysis. The IoT technology leverages the technology of Radio-Frequency Identification (RFID) and Wireless Sensor Network (WSN), including mobile and sensor. These technologies contribute to the evolution of IoT. However, due to more devices are connected each other in the Internet, and data from various sources exchanged between things, confidentiality of the data becomes a major concern. This paper focuses on one of the major challenges in IoT; authentication, in order to preserve data integrity and confidentiality are in place. A few solutions are reviewed based on papers from the last few years. One of the proposed solutions is securing the communication between IoT devices and cloud servers with Elliptic Curve Cryptograhpy (ECC) based mutual authentication protocol. This solution focuses on Hyper Text Transfer Protocol (HTTP) cookies as security parameter. Next proposed solution is using keyed-hash scheme protocol to enable IoT devices to authenticate each other without the presence of a central control server. Another proposed solution uses Physical Unclonable Function (PUF) based mutual authentication protocol. It emphasizes on tamper resistant and resource-efficient technology, which equals a 3-way handshake security protocol.
Keywords: Internet of Things, authentication, PUF ECC, keyed hash scheme protocol.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 17971513 Can We Secure Security?
Authors: Dominykas Broga
Abstract:
Until recently it would have been unusual to consider classifying population movements and refugees as security problem. However, efforts at shaping our world to make ourselves secure have paradoxically led to ever greater insecurity. The feeling of uncertainty, pertinent throughout all discourses of security, has led to the creation of security production into seemingly benign routines of everyday life. Yet, the paper argues, neither of security discourses accounted for, disclosed and challenged the fundamental aporias embedded in Western security narratives. In turn, the paper aims to unpick the conventional security wisdom, which is haunted with strong ontologies, embedded in the politics of Orientalism, and (in)security nexus. The paper concludes that current security affair conceals the integral impossibility of fulfilling its very own promise of assured security. The paper also provides suggestions about alternative security discourse based on mutual dialogue.
Keywords: Identity, (in)security, migration, ontology
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16001512 Role-based Access Control Model in Home Network Environments
Authors: Do-Woo Kim, Geon Woo Kim, Jun-Ho Lee, Jong-Wook Han
Abstract:
The home in these days has not one computer connected to the Internet but rather a network of many devices within the home, and that network might be connected to the Internet. In such an environment, the potential for attacks is greatly increased. The general security technology can not apply because of the use of various wired and wireless network, middleware and protocol in digital home environment and a restricted system resource of home information appliances. To offer secure home services home network environments have need of access control for various home devices and information when users want to access. Therefore home network access control for user authorization is a very important issue. In this paper we propose access control model using RBAC in home network environments to provide home users with secure home services.
Keywords: Home network, access control, RBAC, security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 19101511 Outsourcing Opportunities for Internet Banking Solutions
Authors: Ondruska Marek, Matustik Ondrej
Abstract:
The main goal of the article is to present new model of application architecture of banking IT solution providing the Internet Banking services that is particularly outsourced. At first, we propose business rationale and a SWOT analysis to explain the reasons for the model in the article. The most important factor for our model is nowadays- big boom around smart phones and tablet devices. As next, we focus on IT architecture viewpoint where we design application, integration and security model. Finally, we propose a generic governance model that serves as a basis for the specialized governance model. The specialized instance of governance model is designed to ensure that the development and the maintenance of different parts of the IT solution are well governed in time.Keywords: governance model, front-end application, Internet Banking, smart phones
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 17471510 Considerations of Public Key Infrastructure (PKI), Functioning as a Chain of Trust in Electronic Payments Systems
Authors: Theodosios Tsiakis, George Stephanides, George Pekos
Abstract:
The growth of open networks created the interest to commercialise it. The establishment of an electronic business mechanism must be accompanied by a digital – electronic payment system to transfer the value of transactions. Financial organizations are requested to offer a secure e-payment synthesis with equivalent level of security served in conventional paper-based payment transactions. PKI, which is functioning as a chain of trust in security architecture, can enable security services of cryptography to epayments, in order to take advantage of the wider base either of customer or of trading partners and the reduction of cost transaction achieved by the use of Internet channels. The paper addresses the possibilities and the implementation suggestions of PKI in relevance to electronic payments by suggesting a framework that should be followed.Keywords: Electronic Payment, Security, Trust
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14221509 Framework and Characterization of Physical Internet
Authors: Charifa Fergani, Adiba El Bouzekri El Idrissi, Suzanne Marcotte, Abdelowahed Hajjaji
Abstract:
Over the last years, a new paradigm known as Physical Internet has been developed, and studied in logistics management. The purpose of this global and open system is to deal with logistics grand challenge by setting up an efficient and sustainable Logistics Web. The purpose of this paper is to review scientific articles dedicated to Physical Internet topic, and to provide a clustering strategy enabling to classify the literature on the Physical Internet, to follow its evolution, as well as to criticize it. The classification is based on three factors: Logistics Web, organization, and resources. Several papers about Physical Internet have been classified and analyzed along the Logistics Web, resources and organization views at a strategic, tactical and operational level, respectively. A developed cluster analysis shows which topics of the Physical Internet that are the less covered actually. Future researches are outlined for these topics.Keywords: Logistics web, Physical Internet, PI characterization, taxonomy.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 8571508 Security Design of Root of Trust Based on RISC-V
Authors: Kang Huang, Wanting Zhou, Shiwei Yuan, Lei Li
Abstract:
Since information technology develops rapidly, the security issue has become an increasingly critical for computer system. In particular, as cloud computing and the Internet of Things (IoT) continue to gain widespread adoption, computer systems need to new security threats and attacks. The Root of Trust (RoT) is the foundation for providing basic trusted computing, which is used to verify the security and trustworthiness of other components. Designing a reliable RoT and guaranteeing its own security are essential for improving the overall security and credibility of computer systems. In this paper, we discuss the implementation of self-security technology based on the RISC-V RoT at the hardware level. To effectively safeguard the security of the RoT, researches on security safeguard technology on the RoT have been studied. At first, a lightweight and secure boot framework is proposed as a secure mechanism. Secondly, two kinds of memory protection mechanism are built to against memory attacks. Moreover, hardware implementation of proposed method has been also investigated. A series of experiments and tests have been carried on to verify to effectiveness of the proposed method. The experimental results demonstrated that the proposed approach is effective in verifying the integrity of the RoT’s own boot rom, user instructions, and data, ensuring authenticity and enabling the secure boot of the RoT’s own system. Additionally, our approach provides memory protection against certain types of memory attacks, such as cache leaks and tampering, and ensures the security of root-of-trust sensitive information, including keys.
Keywords: Root of Trust, secure boot, memory protection, hardware security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 801507 The Internet of Things Ecosystem: Survey of the Current Landscape, Identity Relationship Management, Multifactor Authentication Mechanisms, and Underlying Protocols
Authors: Nazli W. Hardy
Abstract:
A critical component in the Internet of Things (IoT) ecosystem is the need for secure and appropriate transmission, processing, and storage of the data. Our current forms of authentication, and identity and access management do not suffice because they are not designed to service cohesive, integrated, interconnected devices, and service applications. The seemingly endless opportunities of IoT are in fact circumscribed on multiple levels by concerns such as trust, privacy, security, loss of control, and related issues. This paper considers multi-factor authentication (MFA) mechanisms and cohesive identity relationship management (IRM) standards. It also surveys messaging protocols that are appropriate for the IoT ecosystem.Keywords: Survey of internet of things ecosystem, protocols, identity relation management, multifactor authentication.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 12931506 Is the use of Social Networking Sites Correlated with Internet Addiction? Facebook Use among Taiwanese College Students
Authors: Sen-Chi Yu, Wei-Hsin Hsu, Min-Ning Yu, Hao-Yi Hsu
Abstract:
The aim of this study was to investigate the correlation between Facebook involvement and internet addiction. We sampled 577 university students in Taiwan and administered a survey of Facebook usage, Facebook involvement scale (FIS), and internet addiction scale. The FIS comprises three factors (salience, emotional support, and amusement). Results showed that the Facebook involvement scale had good reliability and validity. The correlation between Facebook involvement and internet addiction was measured at .395. This means that a higher degree of Facebook involvement indicates a greater degree of psychological dependency on the internet, and a greater propensity towards social withdrawal and other negative psychological consequences associated with internet addiction. Besides, the correlations between three factors of FIS (salience, emotional support, and amusement) and internet addiction ranged from .313-372, indicating that these neither of these factors (salience, emotional support, and amusement) is more effective than the others in predicting internet dependency.Keywords: Social networking sites, Facebook, Facebook Involvement, Internet Addiction
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 24861505 Using a Trust-Based Environment Key for Mobile Agent Code Protection
Authors: Salima Hacini, Zahia Guessoum, Zizette Boufaïda
Abstract:
Human activities are increasingly based on the use of remote resources and services, and on the interaction between remotely located parties that may know little about each other. Mobile agents must be prepared to execute on different hosts with various environmental security conditions. The aim of this paper is to propose a trust based mechanism to improve the security of mobile agents and allow their execution in various environments. Thus, an adaptive trust mechanism is proposed. It is based on the dynamic interaction between the agent and the environment. Information collected during the interaction enables generation of an environment key. This key informs on the host-s trust degree and permits the mobile agent to adapt its execution. Trust estimation is based on concrete parameters values. Thus, in case of distrust, the source of problem can be located and a mobile agent appropriate behavior can be selected.Keywords: Internet security, malicious host, mobile agent security, trust management
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14121504 Some Issues with Extension of an HPC Cluster
Authors: Pil Seong Park
Abstract:
Homemade HPC clusters are widely used in many small labs, because they are easy to build and cost-effective. Even though incremental growth is an advantage of clusters, it results in heterogeneous systems anyhow. Instead of adding new nodes to the cluster, we can extend clusters to include some other Internet servers working independently on the same LAN, so that we can make use of their idle times, especially during the night. However extension across a firewall raises some security problems with NFS. In this paper, we propose a method to solve such a problem using SSH tunneling, and suggest a modified structure of the cluster that implements it.
Keywords: Extension of HPC clusters, Security, NFS, SSH tunneling.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18981503 Cloud Computing Cryptography "State-of-the-Art"
Authors: Omer K. Jasim, Safia Abbas, El-Sayed M. El-Horbaty, Abdel-Badeeh M. Salem
Abstract:
Cloud computing technology is very useful in present day to day life, it uses the internet and the central remote servers to provide and maintain data as well as applications. Such applications in turn can be used by the end users via the cloud communications without any installation. Moreover, the end users’ data files can be accessed and manipulated from any other computer using the internet services. Despite the flexibility of data and application accessing and usage that cloud computing environments provide, there are many questions still coming up on how to gain a trusted environment that protect data and applications in clouds from hackers and intruders. This paper surveys the “keys generation and management” mechanism and encryption/decryption algorithms used in cloud computing environments, we proposed new security architecture for cloud computing environment that considers the various security gaps as much as possible. A new cryptographic environment that implements quantum mechanics in order to gain more trusted with less computation cloud communications is given.
Keywords: Cloud Computing, Cloud Encryption Model, Quantum Key Distribution.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4094