Search results for: computer security
2273 The National Security Assurance of the Republic of Kazakhstan
Authors: Sholpan Zhandossova, Erden Ordabek, Yelbolsyn Nazarov
Abstract:
the article analyzes the national security as a scientific and practical problem, characterized by the state's political institutions to ensure effective action to maintain optimal conditions for the existence and development of the individual and society. National security, as a category of political science reflects the relationship between the security to the nation, including public relations and social consciousness, social institutions and their activities, ensuring the realization of national interests in a particular historical situation. In national security are three security levels: individual, society and state. Their role and place determined by the nature of social relations, political systems, the presence of internal and external threats. In terms of content in the concept of national security is taken to provide political, economic, military, environmental, information security and safety of the cultural development of the nation.
Keywords: Kazakhstan, national security, religious extremism
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 19552272 Home-Network Security Model in Ubiquitous Environment
Authors: Dong-Young Yoo, Jong-Whoi Shin, Jin-Young Choi
Abstract:
Social interest and demand on Home-Network has been increasing greatly. Although various services are being introduced to respond to such demands, they can cause serious security problems when linked to the open network such as Internet. This paper reviews the security requirements to protect the service users with assumption that the Home-Network environment is connected to Internet and then proposes the security model based on the requirement. The proposed security model can satisfy most of the requirements and further can be dynamically applied to the future ubiquitous Home-Networks.Keywords: Home-Network, Security, Vulnerability, Response, Countermeasure.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16062271 Graphical Password Security Evaluation by Fuzzy AHP
Authors: Arash Habibi Lashkari, Azizah Abdul Manaf, Maslin Masrom
Abstract:
In today's day and age, one of the important topics in information security is authentication. There are several alternatives to text-based authentication of which includes Graphical Password (GP) or Graphical User Authentication (GUA). These methods stems from the fact that humans recognized and remembers images better than alphanumerical text characters. This paper will focus on the security aspect of GP algorithms and what most researchers have been working on trying to define these security features and attributes. The goal of this study is to develop a fuzzy decision model that allows automatic selection of available GP algorithms by taking into considerations the subjective judgments of the decision makers who are more than 50 postgraduate students of computer science. The approach that is being proposed is based on the Fuzzy Analytic Hierarchy Process (FAHP) which determines the criteria weight as a linear formula.Keywords: Graphical Password, Authentication Security, Attack Patterns, Brute force attack, Dictionary attack, Guessing Attack, Spyware attack, Shoulder surfing attack, Social engineering Attack, Password Entropy, Password Space.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 19362270 Positive Analysis on Vulnerability, Information Security Incidents, and the Countermeasures of Japanese Internet Service Providers
Authors: Toshihiko Takemura, Makoto Osajima, Masatoshi Kawano
Abstract:
This paper includes a positive analysis to quantitatively grasp the relationship among vulnerability, information security incidents, and the countermeasures by using data based on a 2007 questionnaire survey for Japanese ISPs (Internet Service Providers). To grasp the relationships, logistic regression analysis is used. The results clarify that there are relationships between information security incidents and the countermeasures. Concretely, there is a positive relationship between information security incidents and the number of information security systems introduced as well as a negative relationship between information security incidents and information security education. It is also pointed out that (especially, local) ISPs do not execute efficient information security countermeasures/ investment concerned with systems, and it is suggested that they should positively execute information security education. In addition, to further heighten the information security level of Japanese telecommunication infrastructure, the necessity and importance of the government to implement policy to support the countermeasures of ISPs is insisted.
Keywords: Information security countermeasures, information security incidents, internet service providers, positive analysis
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16652269 A Systematic Literature Review on Security and Privacy Design Patterns
Authors: Ebtehal Aljedaani, Maha Aljohani
Abstract:
Privacy and security patterns are both important for developing software that protects users' data and privacy. Privacy patterns are designed to address common privacy problems, such as unauthorized data collection and disclosure. Security patterns are designed to protect software from attack and ensure reliability and trustworthiness. Using privacy and security patterns, software engineers can implement security and privacy by design principles, which means that security and privacy are considered throughout the software development process. These patterns are available to translate "security and privacy-by-design" into practical advice for software engineering. Previous research on privacy and security patterns has typically focused on one category of patterns at a time. This paper aims to bridge this gap by merging the two categories and identifying their similarities and differences. To do this, we conducted a systematic literature review of 40 research papers on privacy and security patterns. The papers were analyzed based on the category of the pattern, the classification of the pattern, and the security requirements that the pattern addresses. This paper presents the results of a comprehensive review of privacy and security design patterns. The review is intended to help future IT designers understand the relationship between the two types of patterns and how to use them to design secure and privacy-preserving software. The paper provides a clear classification of privacy and security design patterns, along with examples of each type. We found that there is only one widely accepted classification of privacy design patterns, while there are several competing classifications of security design patterns. Three types of security design patterns were found to be the most used.
Keywords: Design patterns, security, privacy, classification of patterns, security patterns, privacy patterns.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 642268 Knowledge Based Concept Analysis Method using Concept Maps and UML: Security Notion Case
Authors: Miquel Colobran, Josep M. Basart
Abstract:
One of the most ancient humankind concerns is knowledge formalization i.e. what a concept is. Concept Analysis, a branch of analytical philosophy, relies on the purpose of decompose the elements, relations and meanings of a concept. This paper aims at presenting a method to make a concept analysis obtaining a knowledge representation suitable to be processed by a computer system using either object-oriented or ontology technologies. Security notion is, usually, known as a set of different concepts related to “some kind of protection". Our method concludes that a more general framework for the concept, despite it is dynamic, is possible and any particular definition (instantiation) depends on the elements used by its construction instead of the concept itself.
Keywords: Concept analysis, Knowledge representation, Security, UML.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 23902267 The implementation of IHE ATNA for the EHR system
Authors: Sheng-Chi Tseng, Der-Ming Liou
Abstract:
The health record in the Electronic Health Record (EHR) system is more sensitive than demographic. It raises the important issue for the EHR requirement in privacy, security, audit trail, patient access, and archiving and data retention. The studies about the EHR system security are deficient. The aim of this study is to build a security environment for the EHR system by Integrating the Healthcare Enterprise (IHE) Audit Trail and Node Authentication Security (ATNA) profile. The CDAs can be access in a secure EHR environment.Keywords: IHE ATNA, EHR security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 30332266 Security Threats on Wireless Sensor Network Protocols
Authors: H. Gorine, M. Ramadan Elmezughi
Abstract:
In this paper, we investigate security issues and challenges facing researchers in wireless sensor networks and countermeasures to resolve them. The broadcast nature of wireless communication makes Wireless Sensor Networks prone to various attacks. Due to resources limitation constraint in terms of limited energy, computation power and memory, security in wireless sensor networks creates different challenges than wired network security. We will discuss several attempts at addressing the issues of security in wireless sensor networks in an attempt to encourage more research into this area.Keywords: Malicious nodes, network security, soft encryption, threats, wireless sensor networks.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18752265 Developing a Viral Artifact to Improve Employees’ Security Behavior
Authors: Stefan Bauer, Josef Frysak
Abstract:
According to the scientific information management literature, the improper use of information technology (e.g. personal computers) by employees are one main cause for operational and information security loss events. Therefore, organizations implement information security awareness programs to increase employees’ awareness to further prevention of loss events. However, in many cases these information security awareness programs consist of conventional delivery methods like posters, leaflets, or internal messages to make employees aware of information security policies. We assume that a viral information security awareness video might be more effective medium than conventional methods commonly used by organizations. The purpose of this research is to develop a viral video artifact to improve employee security behavior concerning information technology.
Keywords: Information Security Awareness, Delivery Methods, Viral Videos, Employee Security Behavior.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18052264 Weaknesses and Strengths Analysis over Wireless Network Security Standards
Authors: Daniel Padilla, Edward Guillen
Abstract:
Several wireless networks security standards have been proposed and widely implemented in both business and home environments in order to protect the network from unauthorized access. However, the implementation of such standards is usually achieved by network administrators without even knowing the standards- weaknesses and strengths. The intention of this paper is to evaluate and analyze the impact over the network-s security due to the implementation of the wireless networks security standards WEP, WPA and WLAN 802.1X.
Keywords: 802.1X, vulnerabilities analysis, WEP, wireless security, WPA.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 23872263 Enhancing the Network Security with Gray Code
Authors: Thomas Adi Purnomo Sidhi
Abstract:
Nowadays, network is an essential need in almost every part of human daily activities. People now can seamlessly connect to others through the Internet. With advanced technology, our personal data now can be more easily accessed. One of many components we are concerned for delivering the best network is a security issue. This paper is proposing a method that provides more options for security. This research aims to improve network security by focusing on the physical layer which is the first layer of the OSI model. The layer consists of the basic networking hardware transmission technologies of a network. With the use of observation method, the research produces a schematic design for enhancing the network security through the gray code converter.
Keywords: Network, network security, gray code, physical layer.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21682262 Network Based Intrusion Detection and Prevention Systems in IP-Level Security Protocols
Authors: R. Kabila
Abstract:
IPsec has now become a standard information security technology throughout the Internet society. It provides a well-defined architecture that takes into account confidentiality, authentication, integrity, secure key exchange and protection mechanism against replay attack also. For the connectionless security services on packet basis, IETF IPsec Working Group has standardized two extension headers (AH&ESP), key exchange and authentication protocols. It is also working on lightweight key exchange protocol and MIB's for security management. IPsec technology has been implemented on various platforms in IPv4 and IPv6, gradually replacing old application-specific security mechanisms. IPv4 and IPv6 are not directly compatible, so programs and systems designed to one standard can not communicate with those designed to the other. We propose the design and implementation of controlled Internet security system, which is IPsec-based Internet information security system in IPv4/IPv6 network and also we show the data of performance measurement. With the features like improved scalability and routing, security, ease-of-configuration, and higher performance of IPv6, the controlled Internet security system provides consistent security policy and integrated security management on IPsec-based Internet security system.Keywords: IDS, IPS, IP-Sec, IPv6, IPv4, VPN.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 45412261 Determinants of Information Security Affecting Adoption of Web-based Integrated Information Systems
Authors: Jaehun Joo, Mie-jung Kim, Ismatilla Normatov, Lyunhwa Kim
Abstract:
The purpose of this paper is to analyze determinants of information security affecting adoption of the Web-based integrated information systems (IIS). We introduced Web-based information systems which are designed to formulate strategic plans for Peruvian government. Theoretical model is proposed to test impact of organizational factors (deterrent efforts and severity; preventive efforts) and individual factors (information security threat; security awareness) on intentions to proactively use the Web-based IIS .Our empirical study results highlight that deterrent efforts and deterrent severity have no significant influence on the proactive use intentions of IIS, whereas, preventive efforts play an important role in proactive use intentions of IIS. Thus, we suggest that organizations need to do preventive efforts by introducing various information security solutions, and try to improve information security awareness while reducing the perceived information security threats.Keywords: Information security, Deterrent efforts, deterrentseverity, preventive efforts, information security awareness, information security threats, integrated information systems
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 23142260 Mechanisms of Internet Security Attacks
Abstract:
Internet security attack could endanger the privacy of World Wide Web users and the integrity of their data. The attack can be carried out on today's most secure systems- browsers, including Netscape Navigator and Microsoft Internet Explorer. There are too many types, methods and mechanisms of attack where new attack techniques and exploits are constantly being developed and discovered. In this paper, various types of internet security attack mechanisms are explored and it is pointed out that when different types of attacks are combined together, network security can suffer disastrous consequences.Keywords: DoS, internet attacks, router attack, security, trojan, virus, worm, XSS.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21092259 Blockchain Security in MANETs
Authors: Nada Mouchfiq, Ahmed Habbani, Chaimae Benjbara
Abstract:
The security aspect of the IoT occupies a place of great importance especially after the evolution that has known this field lastly because it must take into account the transformations and the new applications .Blockchain is a new technology dedicated to the data sharing. However, this does not work the same way in the different systems with different operating principles. This article will discuss network security using the Blockchain to facilitate the sending of messages and information, enabling the use of new processes and enabling autonomous coordination of devices. To do this, we will discuss proposed solutions to ensure a high level of security in these networks in the work of other researchers. Finally, our article will propose a method of security more adapted to our needs as a team working in the ad hoc networks, this method is based on the principle of the Blockchain and that we named ”MPR Blockchain”.Keywords: Ad hoc networks, blockchain, MPR, security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 9182258 Human Security Providers in Fragile State under Asymmetric War Conditions
Authors: Luna Shamieh
Abstract:
Various players are part of the game in an asymmetric war, all making efforts to provide human security to their own adherents. Although a fragile state is not able to provide sufficient and comprehensive services, it still provides special services and security to the elite; the insurgents as well provide services and security to their associates. The humanitarian organisations, on the other hand, provide some fundamental elements of human security, but only in the regions, they are able to access when possible (if possible). The counterinsurgents (security forces of the state and intervention forces) operate within a narrow band defined by the vision of the responsibility to protect and the perspective of the resolution of the conflict through combat; hence, the possibility to provide human security is shaken at this end. This article examines how each player provides human security from the perspective of freedom from want in order to secure basic and strategic needs, freedom from fear through providing protection against all kinds of violence, and the freedom to live in dignity. It identifies a vicious cycle caused by the intervention of the different players causing a centrifugal force that may lead to disintegration of the nation under war.
Keywords: Human security, asymmetric war, counter insurgency, fragile state, insurgency.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15452257 The Application of the Security Audit Method on the Selected Objects of Critical Infrastructure
Authors: Michaela Vašková
Abstract:
The paper is focused on the application of the security audit method on the selected objects of the critical infrastructure. The emphasis is put on security audit method to find gaps in the critical infrastructure security. The theoretical part describes objects of the critical infrastructure. The practical part describes using of the security audit method. The main emphasis was put on the protection of the critical infrastructure in the Czech Republic.
Keywords: Crisis management, critical infrastructure, object of critical infrastructure, security audit, extraordinary event.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16292256 The Law of Treaties and National Security of Islamic Republic of Iran
Authors: S. M. Tavakoli Sani, M. Sabbet Moghadam, Y. Khorram Farhadi, Iraj Rezayi Nejad
Abstract:
The concept of national security in Iran is a permanently effective factor in acceptance or rejection of many international obligations. These obligations had been defined according to the type of legislation of Iran in many aspects. Therefore, there are several treaties at international level which requires Iran’s security to come in contact with obligations in these treaties in a way that an obstacle to join to them and their passage in parliament. This issue is a typical category which every country pays attention to be accepted in treaties or to include their national security in that treaties and also they can see the related treaties from this perspective, but this issue that 'what is the concept of Iran’s national security', and 'To what extent it is changed in recent years, especially after Islamic Revolution' are important issues that can be criticized. Thus, this study is trying to assess singed treaties from the perspective of Iran’s national security according of the true meaning of treaty and to investigate how the international treaties may be in conflict with Iran’s national security.
Keywords: Treaties, national security, Iran, Islamic Revolution.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14392255 The Possibility to Resolve the Security Problems through the LTE in Vehicular Ad-hoc Networks
Authors: Sun-Hee Han, Hun-Jung Lim, Tai-Myoung Chung
Abstract:
Vehicular Ad-Hoc Networks (VANET) can provide communications between vehicles or infrastructures. It provides the convenience of driving and the secure driving to reduce accidents. In VANET, the security is more important because it is closely related to accidents. Additionally, VANET raises a privacy issue because it can track the location of vehicles and users- identity when a security mechanism is provided. In this paper, we analyze the problem of an existing solution for security requirements required in VANET, and resolve the problem of the existing method when a key management mechanism is provided for the security operation in VANET. Therefore, we show suitability of the Long Term Evolution (LTE) in VANET for the solution of this problem.Keywords: VANET, Privacy, Security, LTE
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18162254 Security Management System of Cellular Communication: Case Study
Authors: Othman O. Khalifa, Abdulrazzag Aburas, A. Al Bagul, Meftah Hrairi, Muhammad Shahril bin Shahbuddin, Harman bin Mat Kasa
Abstract:
Cellular communication is being widely used by all over the world. The users of handsets are increasing due to the request from marketing sector. The important aspect that has to be touch in this paper is about the security system of cellular communication. It is important to provide users with a secure channel for communication. A brief description of the new GSM cellular network architecture will be provided. Limitations of cellular networks, their security issues and the different types of attacks will be discussed. The paper will go over some new security mechanisms that have been proposed by researchers. Overall, this paper clarifies the security system or services of cellular communication using GSM. Three Malaysian Communication Companies were taken as Case study in this paper.Keywords: GSM, Security systems, SIM CARD, IMSI, Authentication.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 24922253 SeCloudBPMN: A Lightweight Extension for BPMN Considering Security Threats in the Cloud
Authors: Somayeh Sobati Moghadam
Abstract:
Business processes are crucial for organizations and help businesses to evaluate and optimize their performance and processes against current and future-state business goals. Outsourcing business processes to the cloud becomes popular due to a wide varsity of benefits and cost-saving. However, cloud outsourcing raises enterprise data security concerns, which must be incorporated in Business Process Model and Notation (BPMN). This paper, presents SeCloudBPMN, a lightweight extension for BPMN which extends the BPMN to explicitly support the security threats in the cloud as an outsourcing environment. SeCloudBPMN helps business’s security experts to outsource business processes to the cloud considering different threats from inside and outside the cloud. In this way, appropriate security countermeasures could be considered to preserve data security in business processes outsourcing to the cloud.Keywords: BPMN, security threats, cloud computing, graphical representation.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 7782252 A Review in Recent Development of Network Threats and Security Measures
Authors: Roza Dastres, Mohsen Soori
Abstract:
Networks are vulnerable devices due to their basic feature of facilitating remote access and data communication. The information in the networks needs to be kept secured and safe in order to provide an effective communication and sharing device in the web of data. Due to challenges and threats of the data in networks, the network security is one of the most important considerations in information technology infrastructures. As a result, the security measures are considered in the network in order to decrease the probability of accessing the secured data by the hackers. The purpose of network security is to protect the network and its components from unauthorized access and abuse in order to provide a safe and secured communication device for the users. In the present research work a review in recent development of network threats and security measures is presented and future research works are also suggested. Different attacks to the networks and security measured against them are discussed in order to increase security in the web of data. So, new ideas in the network security systems can be presented by analyzing the published papers in order to move forward the research field.
Keywords: Network threats, network security, security measures, firewalls.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 8362251 Specification of a Model of Honeypot Attack Based On Raised Data
Authors: Souleymane Oumtanaga, Prosper Kimou, Kouadio Gaza Kevin
Abstract:
The security of their network remains the priorities of almost all companies. Existing security systems have shown their limit; thus a new type of security systems was born: honeypots. Honeypots are defined as programs or intended servers which have to attract pirates to study theirs behaviours. It is in this context that the leurre.com project of gathering about twenty platforms was born. This article aims to specify a model of honeypots attack. Our model describes, on a given platform, the evolution of attacks according to theirs hours. Afterward, we show the most attacked services by the studies of attacks on the various ports. It is advisable to note that this article was elaborated within the framework of the research projects on honeyspots within the LABTIC (Laboratory of Information Technologies and Communication).
Keywords: Honeypot, networks, attack, leurrecom, computer network
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14632250 Analysis of Public-Key Cryptography for Wireless Sensor Networks Security
Authors: F. Amin, A. H. Jahangir, H. Rasifard
Abstract:
With the widespread growth of applications of Wireless Sensor Networks (WSNs), the need for reliable security mechanisms these networks has increased manifold. Many security solutions have been proposed in the domain of WSN so far. These solutions are usually based on well-known cryptographic algorithms. In this paper, we have made an effort to survey well known security issues in WSNs and study the behavior of WSN nodes that perform public key cryptographic operations. We evaluate time and power consumption of public key cryptography algorithm for signature and key management by simulation.Keywords: Wireless Sensor Networks, Security, Public Key Cryptography, Key Management.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 36902249 A New Framework to Model a Secure E-Commerce System
Authors: A. Youseef, F. Liu
Abstract:
The existing information system (IS) developments methods are not met the requirements to resolve the security related IS problems and they fail to provide a successful integration of security and systems engineering during all development process stages. Hence, the security should be considered during the whole software development process and identified with the requirements specification. This paper aims to propose an integrated security and IS engineering approach in all software development process stages by using i* language. This proposed framework categorizes into three separate parts: modelling business environment part, modelling information technology system part and modelling IS security part. The results show that considering security IS goals in the whole system development process can have a positive influence on system implementation and better meet business expectations.Keywords: Business Process Modelling (BPM), Information System Security, Software Development Process, Requirement Engineering.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 20382248 A Holistic Framework for Unifying Data Security and Management in Modern Enterprises
Authors: Ashly Joseph
Abstract:
Modern businesses struggle significantly to secure and manage their data properly as the volume and complexity of their data both expand exponentially. Through the use of a multi-layered defense strategy, a centralized management platform, and cutting-edge technologies like AI, this research paper presents a comprehensive framework to integrate data security and management. The constraints of current data protection and management strategies, technological advancements, and the evolving threat landscape are all examined in this article. It suggests best practices for putting into practice integrated data security and governance models, placing an emphasis on ongoing adaptation. The advantages mentioned include a strengthened security posture, simpler procedures, lower costs, and reduced complexity. Additionally, issues including skill shortages, antiquated systems, and cultural obstacles are examined. Security executives and Chief Information Security Officers are given practical advice on how to evaluate, plan, and put into place strong data-centric security and management capabilities. The goal of the paper is to provide a thorough study of the data security and management landscape and to arm contemporary businesses with the knowledge they need to be proactive in protecting their data assets.
Keywords: Data security, security management, cloud computing, cybersecurity, data governance, security architecture, data management.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2682247 The Interpretation of World Order by Epistemic Communities in Security Studies
Authors: Gabriel A. Orozco
Abstract:
The purpose of this article is to make an approach to the Security Studies, exposing their theories and concepts to understand the role that they have had in the interpretation of the changes and continuities of the world order and their impact on policies in facing the problems of the 21st century. The aim is to build a bridge between the security studies as a subfield and the meaning that has been given to the world order. The idea of epistemic communities serves as a methodological proposal for the different programs of research in security studies, showing their influence in the realities of States, intergovernmental organizations and transnational forces, moving to implement, perpetuate and project a vision of the world order.Keywords: Epistemic communities, international relations, security studies.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16192246 Evaluation Method for Information Security Levels of CIIP (Critical Information Infrastructure Protection)
Authors: Soon-Tai Park, Jong-Whoi Shin, Bog-Ki Min, Ik-Sub Lee, Gang-Shin Lee, Jae-Il Lee
Abstract:
As the information age matures, major social infrastructures such as communication, finance, military and energy, have become ever more dependent on information communication systems. And since these infrastructures are connected to the Internet, electronic intrusions such as hacking and viruses have become a new security threat. Especially, disturbance or neutralization of a major social infrastructure can result in extensive material damage and social disorder. To address this issue, many nations around the world are researching and developing various techniques and information security policies as a government-wide effort to protect their infrastructures from newly emerging threats. This paper proposes an evaluation method for information security levels of CIIP (Critical Information Infrastructure Protection), which can enhance the security level of critical information infrastructure by checking the current security status and establish security measures accordingly to protect infrastructures effectively.Keywords: Information Security Evaluation Methodology, Critical Information Infrastructure Protection.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 17832245 A Comparative Study of Fine Grained Security Techniques Based on Data Accessibility and Inference
Authors: Azhar Rauf, Sareer Badshah, Shah Khusro
Abstract:
This paper analyzes different techniques of the fine grained security of relational databases for the two variables-data accessibility and inference. Data accessibility measures the amount of data available to the users after applying a security technique on a table. Inference is the proportion of information leakage after suppressing a cell containing secret data. A row containing a secret cell which is suppressed can become a security threat if an intruder generates useful information from the related visible information of the same row. This paper measures data accessibility and inference associated with row, cell, and column level security techniques. Cell level security offers greatest data accessibility as it suppresses secret data only. But on the other hand, there is a high probability of inference in cell level security. Row and column level security techniques have least data accessibility and inference. This paper introduces cell plus innocent security technique that utilizes the cell level security method but suppresses some innocent data to dodge an intruder that a suppressed cell may not necessarily contain secret data. Four variations of the technique namely cell plus innocent 1/4, cell plus innocent 2/4, cell plus innocent 3/4, and cell plus innocent 4/4 respectively have been introduced to suppress innocent data equal to 1/4, 2/4, 3/4, and 4/4 percent of the true secret data inside the database. Results show that the new technique offers better control over data accessibility and inference as compared to the state-of-theart security techniques. This paper further discusses the combination of techniques together to be used. The paper shows that cell plus innocent 1/4, 2/4, and 3/4 techniques can be used as a replacement for the cell level security.
Keywords: Fine Grained Security, Data Accessibility, Inference, Row, Cell, Column Level Security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14712244 Cloud Computing for E-Learning with More Emphasis on Security Issues
Authors: Sajjad Hashemi, Seyyed Yasser Hashemi
Abstract:
In today's world, success of most systems depend on the use of new technologies and information technology (IT) which aimed to increase efficiency and satisfaction of users. One of the most important systems that use information technology to deliver services is the education system. But for educational services in the form of E-learning systems, hardware and software equipment should be containing high quality, which requires substantial investment. Because the vast majority of educational establishments can not invest in this area so the best way for them is reducing the costs and providing the E-learning services by using cloud computing. But according to the novelty of the cloud technology, it can create challenges and concerns that the most noted among them are security issues. Security concerns about cloud-based E-learning products are critical and security measures essential to protect valuable data of users from security vulnerabilities in products. Thus, the success of these products happened if customers meet security requirements then can overcome security threats. In this paper tried to explore cloud computing and its positive impact on E- learning and put main focus to identify security issues that related to cloud-based E-learning efforts which have been improve security and provide solutions in management challenges.
Keywords: Cloud computing, E-Learning, Security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3220