Search results for: security audit
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 1081

Search results for: security audit

1051 Security of Internet of Things: Challenges, Requirements and Future Directions

Authors: Amjad F. Alharbi, Bashayer A. Alotaibi, Fahd S. Alotaibi

Abstract:

The emergence of Internet of Things (IoT) technology provides capabilities for a huge number of smart devices, services and people to be communicate with each other for exchanging data and information over existing network. While as IoT is progressing, it provides many opportunities for new ways of communications as well it introduces many security and privacy threats and challenges which need to be considered for the future of IoT development. In this survey paper, an IoT security issues as threats and current challenges are summarized. The security architecture for IoT are presented from four main layers. Based on these layers, the IoT security requirements are presented to insure security in the whole system. Furthermore, some researches initiatives related to IoT security are discussed as well as the future direction for IoT security are highlighted.

Keywords: Internet of Things, IoT, IoT security challenges, IoT security requirements, IoT security architecture.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1202
1050 An Analysis of Institutional Audits: Basis for Teaching, Learning and Assessment Framework and Principles

Authors: Nabil El Kadhi, Minerva M. Bunagan

Abstract:

The dynamism in education, particularly in the area of teaching, learning and assessment has caused Higher Education Institutions (HEIs) worldwide to seek for ways to continuously improve their educational processes. HEIs use outcomes of institutional audits, assessments and accreditations, for improvement. In this study, the published institutional audit reports of HEIs in the Sultanate of Oman were analyzed to produce features of good practice; identify challenges along Teaching, Learning Assessment (TLA); and propose a framework that puts major emphasis in having a quality-assured TLA, including a set of principles that can be used as basis in succeeding an institutional visit. The TLA framework, which shows the TLA components, characteristics of the components, related expectation, including implementation tool/ strategy and pitfalls can be used by HEIs to have an adequate understanding of the scope of audit and be able to satisfy institutional audit requirements. The scope of this study can be widened by exploring the other requirements of the Institutional Audits in the Sultanate of Oman, particularly the area on Governance and Management and Student Support Services.

Keywords: Accreditation, audit, quality assurance, teaching, learning and assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1477
1049 Machine Learning Development Audit Framework: Assessment and Inspection of Risk and Quality of Data, Model and Development Process

Authors: Jan Stodt, Christoph Reich

Abstract:

The usage of machine learning models for prediction is growing rapidly and proof that the intended requirements are met is essential. Audits are a proven method to determine whether requirements or guidelines are met. However, machine learning models have intrinsic characteristics, such as the quality of training data, that make it difficult to demonstrate the required behavior and make audits more challenging. This paper describes an ML audit framework that evaluates and reviews the risks of machine learning applications, the quality of the training data, and the machine learning model. We evaluate and demonstrate the functionality of the proposed framework by auditing an steel plate fault prediction model.

Keywords: Audit, machine learning, assessment, metrics.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1029
1048 Corporate Governance Mechanisms, Whistle-Blowing Policy and Earnings Management Practices of Firms in Malaysia

Authors: Mujeeb Saif Mohsen Al-Absy, Ku Nor Izah Ku Ismail, Sitraselvi Chandren

Abstract:

This study examines whether corporate governance (CG) mechanisms in firms that have a whistle-blowing policy (WHBLP) are more effective in constraining earnings management (EM), than those without. A sample of 288 Malaysian firms for the years 2013 to 2015, amounting to 864 firm-years were grouped into firms with and without WHBLP. Results show that for firms without WHBLP, the board chairman tenure would minimize EM activities. Meanwhile, for firms with WHBLP, board chairman independence, board chairman tenure, audit committee size, audit committee meeting and women in the audit committees are found to be associated with less EM activities. Further, it is found that ownership concentration and Big 4 auditing firms help to reduce EM activities in firms with WHBLP, while not in firms without WHBLP. Hence, functional and effective governance can be achieved by having a WHBLP, which is in line with agency and resource dependent theories. Therefore, this study suggests that firms should have a WHBLP in place, and policymakers should come up with enhanced criteria to strengthen the mechanisms of WHBLP.

Keywords: Corporate governance, earnings management, whistle-blowing policy, audit committee, board of directors.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1270
1047 Risk in the South African Sectional Title Industry: An Assurance Perspective

Authors: Leandi Steenkamp

Abstract:

The sectional title industry has been a part of the property landscape in South Africa for almost half a century, and plays a significant role in addressing the housing problem in the country. Stakeholders such as owners and investors in sectional title property are in most cases not directly involved in the management thereof, and place reliance on the audited annual financial statements of bodies corporate for decision-making purposes. Although the industry seems to be highly regulated, the legislation regarding accounting and auditing of sectional title is vague and ambiguous. Furthermore, there are no industry-specific auditing and accounting standards to guide accounting and auditing practitioners in performing their work and industry financial benchmarks are not readily available. In addition, financial pressure on sectional title schemes is often very high due to the fact that some owners exercise unrealistic pressure to keep monthly levies as low as possible. All these factors have an impact on the business risk as well as audit risk of bodies corporate. Very little academic research has been undertaken on the sectional title industry in South Africa from an accounting and auditing perspective. The aim of this paper is threefold: Firstly, to discuss the findings of a literature review on uncertainties, ambiguity and confusing aspects in current legislation regarding the audit of a sectional title property that may cause or increase audit and business risk. Secondly, empirical findings of risk-related aspects from the results of interviews with three groups of body corporate role-players will be discussed. The role-players were body corporate trustee chairpersons, body corporate managing agents and accounting and auditing practitioners of bodies corporate. Specific reference will be made to business risk and audit risk. Thirdly, practical recommendations will be made on possibilities of closing the audit expectation gap, and further research opportunities in this regard will be discussed.

Keywords: Assurance, audit, audit risk, body corporate, corporate governance, sectional title.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1283
1046 Systems and Software Safety and Security

Authors: Marzieh Mokhtaripour

Abstract:

Security issue and the importance of the function of police to provide practical and psychological contexts in the community has been the main topics among researchers , police and security circles and this subject require to review and analysis mechanisms within the police and its interaction with other parts of the system for providing community safety. This paper examine national and social security in the Internet.

Keywords: Internet National security Social security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1267
1045 CyberSecurity Malaysia: Towards Becoming a National Certification Body for Information Security Management Systems Internal Auditors

Authors: M. S. Razana, Z. W. Shafiuddin

Abstract:

Internal auditing is one of the most important activities for organizations that implement information security management systems (ISMS). The purpose of internal audits is to ensure the ISMS implementation is in accordance to the ISO/IEC 27001 standard and the organization’s own requirements for its ISMS. Competent internal auditors are the main element that contributes to the effectiveness of internal auditing activities. To realize this need, CyberSecurity Malaysia is now in the process of becoming a certification body that certifies ISMS internal auditors. The certification scheme will assess the competence of internal auditors in generic knowledge and skills in management systems, and also in ISMS-specific knowledge and skills. The certification assessment is based on the ISO/IEC 19011 Guidelines for auditing management systems, ISO/IEC 27007 Guidelines for information security management systems auditing and ISO/IEC 27001 Information security management systems requirements. The certification scheme complies with the ISO/IEC 17024 General requirements for bodies operating certification systems of persons. Candidates who pass the exam will be certified as an ISMS Internal Auditor, whose competency will be evaluated every three years.

Keywords: ISMS internal audit, ISMS internal auditor, ISO/IEC 17024, Competence, Certification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1823
1044 Knowledge Audit Model for Requirement Elicitation Process

Authors: Laleh Taheri, Noraini C. Pa., Rusli Abdullah, Salfarina Abdullah

Abstract:

Knowledge plays an important role to the success of any organization. Software development organizations are highly knowledge-intensive organizations especially in their requirement elicitation process (REP). There are several problems regarding communicating and using the knowledge in REP such as misunderstanding, being out of scope, conflicting information and changes of requirements. All of these problems occurred in transmitting the requirements knowledge during REP. Several researches have been done in REP in order to solve the problem towards requirements. Knowledge Audit (KA) approaches were proposed in order to solve managing knowledge in human resources, financial and manufacturing. There is lack of study applying the KA in requirements elicitation process. Therefore, this paper proposes a KA model for REP in supporting to acquire good requirements.

Keywords: Knowledge Audit, Requirement Elicitation Process, KA Model, Knowledge in Requirement Elicitation.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2901
1043 A Novel Security Framework for the Web System

Authors: J. P. Dubois, P. G. Jreije

Abstract:

In this paper, a framework is presented trying to make the most secure web system out of the available generic and web security technology which can be used as a guideline for organizations building their web sites. The framework is designed to provide necessary security services, to address the known security threats, and to provide some cover to other security problems especially unknown threats. The requirements for the design are discussed which guided us to the design of secure web system. The designed security framework is then simulated and various quality of service (QoS) metrics are calculated to measure the performance of this system.

Keywords: Web Security, Internet Voting, Firewall, QoS, Latency, Utilization, Throughput.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1344
1042 Institutional Aspects of Information Security in Russian Economy

Authors: Mingaleva Zhanna, Kapuskina Tatiana

Abstract:

The article touches upon questions of information security in Russian Economy. It covers theoretical bases of information security and causes of its development. The theory is proved by the analysis of business activities and the main tendencies of information security development. Perm region has been chosen as the bases for the analysis, being the fastestdeveloping region that uses methods of information security in managing it economy. As a result of the study the authors of the given article have formulated their own vision of the problem of information security in various branches of economy and stated prospects of information security development and its growing role in Russian economy

Keywords: security of business, management of information security, institutional analyses.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1319
1041 Combination of Information Security Standards to Cover National Requirements

Authors: Sh. Ladan, A. Yari, H. Khodabandeh

Abstract:

The need for Information Security in organizations, regardless of their type and size, is being addressed by emerging standards and recommended best practices. The various standards and practices which evolved in recent years and are still being developed and constantly revised, address the issue of Information Security from different angles. This paper attempts to provide an overview of Information Security Standards and Practices by briefly discussing some of the most popular ones. Through a comparative study of their similarities and differences, some insight can be obtained on how their combination may lead to an increased level of Information Security.

Keywords: Information security management, information security standard, BS7799, ISO 17799, COBIT.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1554
1040 A Formal Implementation of Database Security

Authors: Yun Bai

Abstract:

This paper is to investigate the impplementation of security mechanism in object oriented database system. Formal methods plays an essential role in computer security due to its powerful expressiveness and concise syntax and semantics. In this paper, both issues of specification and implementation in database security environment will be considered; and the database security is achieved through the development of an efficient implementation of the specification without compromising its originality and expressiveness.

Keywords: database security, authorization policy, logic basedspecification

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1718
1039 Auditor with the Javanese Characters and Non Javanese in Audit Firm: Conflict of Interest

Authors: Krisna Damayanti, Lilis Ardini

Abstract:

Many issues about the relationship between auditors in auditing practices with its stakeholders often heard. It appears in perspectives of bringing out the variety of phenomena affecting from the audit practice of greed and not appreciating from the independency of the audit profession and professional code of ethics. It becomes a logical consequence in practicing of capitalism in accounting. The main purpose of this article would like to uncover the existing auditing practices in Indonesia, especially in Java that associated with a strong influence of Javanese culture with reluctant /”shy", politely, "legowo (gratefully accepted)", "ngemong" (friendly), "not mentholo" (lenient), "tepo seliro" (tolerance), "ngajeni" (respectful), "acquiescent" and also reveals its relationships with Non Javanese culture in facing the conflict of interest in practical of auditing world. The method used by interpretive approach that emphasizes the role of language, interpret and understand and see social reality as something other than a label, name or concept. Global practices in auditing of each country have particular cultures that affect the standard set by those regulatory standards results the adaptation of IAS. The majority of parties in Indonesia is dominated by Javanese racial regulators, so Java culture is embedded in every audit practices and those conditions in Java leads auditors in having similar behaviour, sometimes interfere with standard Java code of conduct must be executed by an auditor. Auditors who live in Java have the characters of Javanese culture that is hard to avoid in the audit practice. However, practically, the auditors still are relevant in their profession.

Keywords: Auditors, java, character, profession, code of ethics, client.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2331
1038 E-government Security Modeling: Explaining Main Factors and Analysing Existing Models

Authors: N. Alharbi

Abstract:

E-government is becoming more important these days. However, the adoption of e-government is often slowed down by technical and non-technical security factors. Nowadays, there many security models that can make the e-government services more secure. This paper will explain the main security factors that affected the level of e-government security. Moreover, it will also analyse current existing models. Finally, the paper will suggest a comprehensive security model that will contain most of technical and non-technical factors.

Keywords: E-government, technical, non-technical, security model.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2073
1037 Security Risk Analysis Based on the Policy Formalization and the Modeling of Big Systems

Authors: Luc Cessieux, French Navy, Adrien Derock, DCNS/IMATH

Abstract:

Security risk models have been successful in estimating the likelihood of attack for simple security threats. However, modeling complex system and their security risk is even a challenge. Many methods have been proposed to face this problem. Often difficult to manipulate, and not enough all-embracing they are not as famous as they should with administrators and deciders. We propose in this paper a new tool to model big systems on purpose. The software, takes into account attack threats and security strength.

Keywords: Security, risk management, threat, modelization.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1324
1036 Assessing Stakeholders’ Interests in Postal Security

Authors: T. Männistö, M. Finger

Abstract:

The events of October 2010, where terrorists managed to get explosive devices onboard of three passenger aircrafts and two air freighters, demonstrated weaknesses of the international air cargo and airmail security. Ever since, postal security has gained interest among policymakers and authorities. This study augments the limited body of academic literature on the topic bydemarcating areas of postal security, identifying relevant stakeholders in each area, and investigating why these stakeholders engage in postal security. Research is based on a case study on Swiss Post’s mail service.

Keywords: Dangerous goods, mail bombs, postal security, supply chain security, theft of mail, trafficking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1683
1035 Hybrid Intelligent Intrusion Detection System

Authors: Norbik Bashah, Idris Bharanidharan Shanmugam, Abdul Manan Ahmed

Abstract:

Intrusion Detection Systems are increasingly a key part of systems defense. Various approaches to Intrusion Detection are currently being used, but they are relatively ineffective. Artificial Intelligence plays a driving role in security services. This paper proposes a dynamic model Intelligent Intrusion Detection System, based on specific AI approach for intrusion detection. The techniques that are being investigated includes neural networks and fuzzy logic with network profiling, that uses simple data mining techniques to process the network data. The proposed system is a hybrid system that combines anomaly, misuse and host based detection. Simple Fuzzy rules allow us to construct if-then rules that reflect common ways of describing security attacks. For host based intrusion detection we use neural-networks along with self organizing maps. Suspicious intrusions can be traced back to its original source path and any traffic from that particular source will be redirected back to them in future. Both network traffic and system audit data are used as inputs for both.

Keywords: Intrusion Detection, Network Security, Data mining, Fuzzy Logic.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2131
1034 Prototype for Enhancing Information Security Awareness in Industry

Authors: E. Kritzinger, E. Smith

Abstract:

Human-related information security breaches within organizations are primarily caused by employees who have not been made aware of the importance of protecting the information they work with. Information security awareness is accordingly attracting more attention from industry, because stakeholders are held accountable for the information with which they work. The authors developed an Information Security Retrieval and Awareness model – entitled “ISRA" – that is tailored specifically towards enhancing information security awareness in industry amongst all users of information, to address shortcomings in existing information security awareness models. This paper is principally aimed at expounding a prototype for the ISRA model to highlight the advantages of utilizing the model. The prototype will focus on the non-technical, humanrelated information security issues in industry. The prototype will ensure that all stakeholders in an organization are part of an information security awareness process, and that these stakeholders are able to retrieve specific information related to information security issues relevant to their job category, preventing them from being overburdened with redundant information.

Keywords: Information security, information security awareness, information security awareness programs

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1679
1033 The Effects of the Corporate Governance on the Level of Internet Financial Reporting: Evidence from Turkish Companies

Authors: Raif Parlakkaya, Umran Kahraman, Huseyin Cetin

Abstract:

Internet financial reporting and corporate governance issues are in the focus of academic and professional studies due to their attributed importance by stakeholders of corporations. Major aim of this study is to reveal the relationship between internet financial reporting which is held as dependent variable and some indicators of corporate governance such as the ratio of managerial ownership, blockholder ownership, number of independent members in the board of directors, frequency of meetings by audit committee and education level of audit committee members which are held as independent variables. Main purpose is to reveal the effect of corporate governance on the voluntary efforts of Internet Financial reporting. The scope of the research is limited to the Turkish Corporations listed in Borsa Istanbul (Istanbul Stock Exchange) and findings which are generated by means of SPSS software are revealed in results section and interpreted in conclusions.

Keywords: Audit Committee, Corporate Governance, Internet Financial Reporting, Managerial Ownership.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3217
1032 ISCS (Information Security Check Service) for the Safety and Reliability of Communications

Authors: Jong-Whoi Shin, Jin-Tae Lee, Sang-Soo Jang, Jae-II Lee

Abstract:

Recent widespread use of information and communication technology has greatly changed information security risks that businesses and institutions encounter. Along with this situation, in order to ensure security and have confidence in electronic trading, it has become important for organizations to take competent information security measures to provide international confidence that sensitive information is secure. Against this backdrop, the approach to information security checking has come to an important issue, which is believed to be common to all countries. The purpose of this paper is to introduce the new system of information security checking program in Korea and to propose synthetic information security countermeasures under domestic circumstances in order to protect physical equipment, security management and technology, and the operation of security check for securing services on ISP(Internet Service Provider), IDC(Internet Data Center), and e-commerce(shopping malls, etc.)

Keywords: Information Security Check Service, safety criteria, object enterpriser.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1610
1031 Design of Integration Security System using XML Security

Authors: Juhan Kim, Soohyung Kim, Kiyoung Moon

Abstract:

In this paper, we design an integration security system that provides authentication service, authorization service, and management service of security data and a unified interface for the management service. The interface is originated from XKMS protocol and is used to manage security data such as XACML policies, SAML assertions and other authentication security data including public keys. The system includes security services such as authentication, authorization and delegation of authentication by employing SAML and XACML based on security data such as authentication data, attributes information, assertions and polices managed with the interface in the system. It also has SAML producer that issues assertions related on the result of the authentication and the authorization services.

Keywords: XML, XML Security, XACML.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1429
1030 European Radical Right Parties as Actors in Securitization of Migration

Authors: Mehmet Gökay Özerim

Abstract:

This study reveals that anti-immigrant policies in Europe result from a process of securitization, and that, within this process, radical right parties have been formulating discourses and approaches through a construction process by using some common security themes. These security themes can be classified as national security, economic security, cultural security and internal security. The frequency with which radical right parties use these themes may vary according to the specific historical, social and cultural characteristics of a particular country.

Keywords: European Union, International Migration, Radical Right Parties, Securitization.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3412
1029 Security Architecture for Cloud Networking: A Survey

Authors: Vishnu Pratap Singh Kirar

Abstract:

In the cloud computing hierarchy IaaS is the lowest layer, all other layers are built over it. Thus it is the most important layer of cloud and requisite more importance. Along with advantages IaaS faces some serious security related issue. Mainly Security focuses on Integrity, confidentiality and availability. Cloud computing facilitate to share the resources inside as well as outside of the cloud. On the other hand, cloud still not in the state to provide surety to 100% data security. Cloud provider must ensure that end user/client get a Quality of Service. In this report we describe possible aspects of cloud related security.

Keywords: Cloud Computing, Cloud Networking, IaaS, PaaS, SaaS, Cloud Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2244
1028 Commercialization of Technologies, Productivity and Problems of Technological Audit in the Russian Economy

Authors: E. A. Tkachenko, E. M. Rogova, A. S. Osipenko

Abstract:

The problems of technological development for the Russian Federation take on special significance in the context of modernization of the production base. The complexity of the position of the Russian economy is that it cannot be attributed fully to developing ones. Russia is a strong industrial power that has gone through the processes of destructive de-industrialization in the conditions of changing its economic and political structure. The need to find ways for re-industrialization is not a unique task for the economies of industrially developed countries. Under the influence of production outsourcing for 20 years, the industrial potential of leading economies of the world was regressed against the backdrop of the ascent of China, a new industrial giant. Therefore, methods, tools, and techniques utilized for industrial renaissance in EU may be used to achieve a technological leap in the Russian Federation, especially since the temporary gap of 5-7 years makes it possible to analyze best practices and use those technological transfer tools that have shown the greatest efficiency. In this article, methods of technological transfer are analyzed, the role of technological audit is justified, and factors are analyzed that influence the successful process of commercialization of technologies.

Keywords: Technological transfer, productivity, technological audit, commercialization of technologies.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 815
1027 Customer Audits as a Quality Control Tool for Both Suppliers and Customers

Authors: Denisa Ferenčíková, Petr Briš

Abstract:

Customer audits are generally used to ensure customer that supplier is continuously able to meet his requirements while supplying him required products and services. However, customer audits can be considered as a very useful quality control tool for suppliers as well. In our paper, we analyzed the process of customer audits realized in Czech companies from both perspectives: a supplier´s viewpoint and customer´s viewpoint. At the end, we tried to emphasize some areas that should not be omitted during the audit process.

Keywords: Customer Audit, Quality Control, Quality Management, Product Quality, Service Quality, Process Quality.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3997
1026 Effective Methodology for Security Risk Assessment of Computer Systems

Authors: Daniel F. García, Adrián Fernández

Abstract:

Today, computer systems are more and more complex and support growing security risks. The security managers need to find effective security risk assessment methodologies that allow modeling well the increasing complexity of current computer systems but also maintaining low the complexity of the assessment procedure. This paper provides a brief analysis of common security risk assessment methodologies leading to the selection of a proper methodology to fulfill these requirements. Then, a detailed analysis of the most effective methodology is accomplished, presenting numerical examples to demonstrate how easy it is to use.

Keywords: Computer security, qualitative and quantitative methods, risk assessment methodologies, security risk assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3168
1025 A Quantitative Study on Japanese Internet User's Awareness to Information Security: Necessity and Importance of Education and Policy

Authors: Toshihiko Takemura, Atsushi Umino

Abstract:

In this paper, the authors examine whether or not there Institute for Information and Communications Policy shows are differences of Japanese Internet users awareness to information security based on individual attributes by using analysis of variance based on non-parametric method. As a result, generally speaking, it is found that Japanese Internet users' awareness to information security is different by individual attributes. Especially, the authors verify that the users who received the information security education would have rather higher recognition concerning countermeasures than other users including self-educated users. It is suggested that the information security education should be enhanced so that the users may appropriately take the information security countermeasures. In addition, the information security policy such as carrying out "e- net caravan" and "information security seminars" are effective in improving the users' awareness on the information security in Japan.

Keywords: Information security education, variance of analysis, Internet users, information security policy, Web-based survey.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1408
1024 The National Security Assurance of the Republic of Kazakhstan

Authors: Sholpan Zhandossova, Erden Ordabek, Yelbolsyn Nazarov

Abstract:

the article analyzes the national security as a scientific and practical problem, characterized by the state's political institutions to ensure effective action to maintain optimal conditions for the existence and development of the individual and society. National security, as a category of political science reflects the relationship between the security to the nation, including public relations and social consciousness, social institutions and their activities, ensuring the realization of national interests in a particular historical situation. In national security are three security levels: individual, society and state. Their role and place determined by the nature of social relations, political systems, the presence of internal and external threats. In terms of content in the concept of national security is taken to provide political, economic, military, environmental, information security and safety of the cultural development of the nation.

Keywords: Kazakhstan, national security, religious extremism

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1955
1023 Home-Network Security Model in Ubiquitous Environment

Authors: Dong-Young Yoo, Jong-Whoi Shin, Jin-Young Choi

Abstract:

Social interest and demand on Home-Network has been increasing greatly. Although various services are being introduced to respond to such demands, they can cause serious security problems when linked to the open network such as Internet. This paper reviews the security requirements to protect the service users with assumption that the Home-Network environment is connected to Internet and then proposes the security model based on the requirement. The proposed security model can satisfy most of the requirements and further can be dynamically applied to the future ubiquitous Home-Networks.

Keywords: Home-Network, Security, Vulnerability, Response, Countermeasure.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1606
1022 Auditing of Building Information Modeling Application in Decoration Engineering Projects in China

Authors: Lan Luo

Abstract:

In China’s construction industry, it is a normal practice to separately subcontract the decoration engineering part from construction engineering, and Building Information Modeling (BIM) is also done separately. Application of BIM in decoration engineering should be integrated with other disciplines, but Chinese current practice makes this very difficult and complicated. Currently, there are three barriers in the auditing of BIM application in decoration engineering in China: heavy workload; scarcity of qualified professionals; and lack of literature concerning audit contents, standards, and methods. Therefore, it is significant to perform research on what (contents) should be evaluated, in which phase, and by whom (professional qualifications) in BIM application in decoration construction so that the application of BIM can be promoted in a better manner. Based on this consideration, four principles of BIM auditing are proposed: Comprehensiveness of information, accuracy of data, aesthetic attractiveness of appearance, and scheme optimization. In the model audit, three methods should be used: Collision, observation, and contrast. In addition, BIM auditing at six stages is discussed and a checklist for work items and results to be submitted is proposed. This checklist can be used for reference by decoration project participants.

Keywords: Audit, evaluation, dimensions, methods, standards, building information modeling application, decoration engineering projects.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1868