Search results for: management of information security

Authors: S. S. Rwanga, J. M. Ndambuki, Y. Woyessa

Abstract:

Development of a groundwater management model is an important step in the exploitation and management of any groundwater aquifer as it assists in the long-term sustainable planning of the resource. The current study was conducted in Central Limpopo province of South Africa with the overall objective of determining how much water can be withdrawn from the aquifer without producing nonreversible impacts on the groundwater quantity, hence developing a model which can sustainably protect the aquifer. The development was done through the computation of Groundwater Sustainability Index (GSI). Values of GSI close to unity and above indicated overexploitation. In this study, an index of 0.8 was considered as overexploitation. The results indicated that there is potential for higher abstraction rates compared to the current abstraction rates. GSI approach can be used in the management of groundwater aquifer to sustainably develop the resource and also provides water managers and policy makers with fundamental information on where future water developments can be carried out.

Keywords: Development, groundwater, groundwater sustainability index, model.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 861

Authors: R. Chithra, B. Kalaavathi

Abstract:

E-Learning enables the users to learn at anywhere at any time. In E-Learning systems, authenticating the E-Learning user has security issues. The usage of appropriate communication networks for providing the internet connectivity for E-learning is another challenge. WiMAX networks provide Broadband Wireless Access through the Multicast Broadcast Service so these networks can be most suitable for E-Learning applications. The authentication of E-Learning user is vulnerable to session hijacking problems. The repeated authentication of users can be done to overcome these issues. In this paper, session based Profile Caching Authentication is proposed. In this scheme, the credentials of E-Learning users can be cached at authentication server during the initial authentication through the appropriate subscriber station. The proposed cache based authentication scheme performs fast authentication by using cached user profile. Thus, the proposed authentication protocol reduces the delay in repeated authentication to enhance the security in ELearning.

Keywords: Authentication, E-Learning, WiMAX, Security, Profile caching.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1564

Authors: Cory Cannon

Abstract:

In the current era of shrinking budgets, increasing amounts of worldwide natural disasters, state and non-state initiated conflicts within the world. The response has involved multinational coalitions to conduct effective military operations. The need for a Knowledge Management strategy when developing these coalitions have been overlooked in the past and the need for developing these accords early on will save time and help shape the way information and knowledge are transferred from the staff and action officers of the coalition to the decision-makers in order to make timely decisions within an ever changing environment. The aim of this paper is to show how Knowledge Management has developed within the United States military and how the transformation of working within a Combined/ Joint environment in both the Middle East and the Far East has improved relations between members of the coalitions as well as being more effective as a military force. These same principles could be applied to multinational corporations when dealing with cultures and decision-making processes.

Keywords: Civil-military, culture, joint environment, knowledge management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1822

Authors: Ali M. Al-Shaery

Abstract:

The purpose of this paper is to address the functions of sustainability dimensions in city information modelling and to present the required sustainability criteria that support establishing a sustainable planning framework for enhancing existing cities and developing future smart cities. The paper is divided into two sections. The first section is based on the examination of a wide and extensive array of cross-disciplinary literature in the last decade and a half to conceptualize the terms ‘sustainable’ and ‘smart city’, and map their associated criteria to city information modelling. The second section is based on analyzing two approaches relating to city information modelling, namely statistical and dynamic approaches, and their suitability in the development of cities’ action plans. The paper argues that the use of statistical approaches to embed sustainability dimensions in city information modelling have limited value. Despite the popularity of such approaches in addressing other dimensions like utility and service management in development and action plans of the world cities, these approaches are unable to address the dynamics across various city sectors with regards to economic, environmental and social criteria. The paper suggests an integrative dynamic and cross-disciplinary planning approach to embedding sustainability dimensions in city information modelling frameworks. Such an approach will pave the way towards optimal planning and implementation of priority actions of projects and investments. The approach can be used to achieve three main goals: (1) better development and action plans for world cities (2) serve the development of an integrative dynamic and cross-disciplinary framework that incorporates economic, environmental and social sustainability criteria and (3) address areas that require further attention in the development of future sustainable and smart cities. The paper presents an innovative approach for city information modelling and a well-argued, balanced hierarchy of sustainability criteria that can contribute to an area of research which is still in its infancy in terms of development and management.

Keywords: Information modelling, smart city, sustainable city, sustainability dimensions, sustainability criteria, city development planning.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1173

Authors: Liping Li, Wenan Tan, Na Wang

Abstract:

With the rapid development of information technology, project management has gained more and more attention recently. Based on CDIO, this paper proposes some teaching reform ideas for software project management curriculum. We first change from Teacher-centered classroom to Student-centered and adopt project-driven, scenario animation show, teaching rhythms, case study and team work practice to improve students' learning enthusiasm. Results showed these attempts have been well received and very effective; as well, students prefer to learn with this curriculum more than before the reform.

Keywords: CDIO, teaching reform, engineering education, project-driven, scenario animation simulation.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1226

Authors: Mazziotti Gomez de Teran C., Fiore D., Cola B., Fardelli A.

Abstract:

The present paper summarizes the analysis of the request for consultation of information and data on industrial emissions made publicly available on the web site of the Ministry of Environment, Land and Sea on integrated pollution prevention and control from large industrial installations, the so called “AIA Portal”. As a matter of fact, a huge amount of information on national industrial plants is already available on internet, although it is usually proposed as textual documentation or images. Thus, it is not possible to access all the relevant information through interoperability systems and also to retrieval relevant information for decision making purposes as well as rising of awareness on environmental issue. Moreover, since in Italy the number of institutional and private subjects involved in the management of the public information on industrial emissions is substantial, the access to the information is provided on internet web sites according to different criteria; thus, at present it is not structurally homogeneous and comparable. To overcome the mentioned difficulties in the case of the Coordinating Committee for the implementation of the Agreement for the industrial area in Taranto and Statte, operating before the IPPC permit granting procedures of the relevant installation located in the area, a big effort was devoted to elaborate and to validate data and information on characterization of soil, ground water aquifer and coastal sea at disposal of different subjects to derive a global perspective for decision making purposes. Thus, the present paper also focuses on main outcomes matured during such experience.

Keywords: Public information, emissions into atmosphere, IPPC permits, territorial information systems.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2057

Authors: Alok Sharma, Dr. Harvinder S. Saini, Raviteja Tiruvury

Abstract:

This paper outlines the application of Knowledge Management (KM) principles in the context of Educational institutions. The paper caters to the needs of the engineering institutions for imparting quality education by delineating the instruction delivery process in a highly structured, controlled and quantified manner. This is done using a software tool EDULOGIC+. The central idea has been based on the engineering education pattern in Indian Universities/ Institutions. The data, contents and results produced over contiguous years build the necessary ground for managing the related accumulated knowledge. Application of KM has been explained using certain examples of data analysis and knowledge extraction.

Keywords: Education software system, information system, knowledge management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1751

Authors: P. Ghann, J. Shiguang, C. Zhou

Abstract:

Access control is one of the most challenging issues facing information security. Access control is defined as, the ability to permit or deny access to a particular computational resource or digital information by an unauthorized user or subject. The concept of usage control (UCON) has been introduced as a unified approach to capture a number of extensions for access control models and systems. In UCON, an access decision is determined by three factors: authorizations, obligations and conditions. Attribute mutability and decision continuity are two distinct characteristics introduced by UCON for the first time. An observation of UCON components indicates that, the components are predefined and static. In this paper, we propose a new and flexible model of usage control for the creation and elimination of some of these components; for example new objects, subjects, attributes and integrate these with the original UCON model. We also propose a model for concurrent usage scenarios in UCON.

Keywords: Access Control, Concurrency, Digital container, Usage control.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1848

Authors: Farhan Beg, Raymond Moberly

Abstract:

The Indian subcontinent is facing a massive challenge with regards to energy security in its member countries; to provide reliable electricity to facilitate development across various sectors of the economy and consequently achieve the developmental targets. The instability of the current precarious situation is observable in the frequent system failures and blackouts.

The deployment of interconnected electricity ‘Supergrid’ designed to carry huge quanta of power across the Indian sub-continent is proposed in this paper. Not only enabling energy security in the subcontinent it will also provide a platform for Renewable Energy Sources (RES) integration. This paper assesses the need and conditions for a Supergrid deployment and consequently proposes a meshed topology based on Voltage Source High Voltage Direct Current (VSC- HVDC) converters for the Supergrid modeling. Various control schemes for the control of voltage and power are utilized for the regulation of the network parameters. A 3 terminal Multi Terminal Direct Current (MTDC) network is used for the simulations.

Keywords: Super grid, Wind and Solar energy, High Voltage Direct Current, Electricity management, Load Flow Analysis.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2810

Authors: Raied Salman, Nazar Younis

Abstract:

In a none-super-competitive environment the concepts of closed system, management control remains to be the dominant guiding concept to management. The merits of closed loop have been the sources of most of the management literature and culture for many decades. It is a useful exercise to investigate and poke into the dynamics of the control loop phenomenon and draws some lessons to use for refining the practice of management. This paper examines the multitude of lessons abstracted from the behavior of the Input /output /feedback control loop model, which is the core of control theory. There are numerous lessons that can be learned from the insights this model would provide and how it parallels the management dynamics of the organization. It is assumed that an organization is basically a living system that interacts with the internal and external variables. A viable control loop is the one that reacts to the variation in the environment and provide or exert a corrective action. In managing organizations this is reflected in organizational structure and management control practices. This paper will report findings that were a result of examining several abstract scenarios that are exhibited in the design, operation, and dynamics of the control loop and how they are projected on the functioning of the organization. Valuable lessons are drawn in trying to find parallels and new paradigms, and how the control theory science is reflected in the design of the organizational structure and management practices. The paper is structured in a logical and perceptive format. Further research is needed to extend these findings.

Keywords: Management theory, control theory, feed back, input/output, strategy, change, information technology, informationsystems, IS, organizational environment, organizations, opensystems, closed systems.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1432

Authors: Zainah Abdullah, Aznur Hajar Abdullah

Abstract:

This paper examines the impact of information and communication technology (ICT) usage, internal relationship, supplier-retailer relationship, logistics services and inventory management on convenience store suppliers- performance. Data was collected from 275 convenience store managers in Malaysia using a set of questionnaire. The multiple linear regression results indicate that inventory management, supplier-retailer relationship, logistics services and internal relationship are predictors of supplier performance as perceived by convenience store managers. However, ICT usage is not a predictor of supplier performance. The study focuses only on convenience stores and petrol station convenience stores and concentrates only on managers. The results provide insights to suppliers who serve convenience stores and possibly similar retail format on factors to consider in improving their service to retailers. The results also provide insights to government in its aspiration to improve business operations of convenience store to consider ways to enhance the adoption of ICT by retailers and suppliers.

Keywords: Information and communication technology (ICT), internal relationship, inventory management, logistics services, supplier performance, supplier-retailer relationship.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4007

Authors: Sri Lakshmi Kanniah, Mohd Naz’ri Mahrin

Abstract:

More and more businesses and services are depending on software to run their daily operations and business services. At the same time, cyber-attacks are becoming more covert and sophisticated, posing threats to software. Vulnerabilities exist in the software due to the lack of security practices during the phases of software development. Implementation of secure software development practices can improve the resistance to attacks. Many methods, models and standards for secure software development have been developed. However, despite the efforts, they still come up against difficulties in their deployment and the processes are not institutionalized. There is a set of factors that influence the successful deployment of secure software development processes. In this study, the methodology and results from a systematic literature review of factors influencing the implementation of secure software development practices is described. A total of 44 primary studies were analysed as a result of the systematic review. As a result of the study, a list of twenty factors has been identified. Some of factors that affect implementation of secure software development practices are: Involvement of the security expert, integration between security and development team, developer’s skill and expertise, development time and communication between stakeholders. The factors were further classified into four categories which are institutional context, people and action, project content and system development process. The results obtained show that it is important to take into account organizational, technical and people issues in order to implement secure software development initiatives.

Keywords: Secure software development, software development, software security, systematic literature review.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2492

Authors: Debasis Sarkar

Abstract:

Building Information Modeling (BIM) is a holistic documentation process for operational visualization, design coordination, estimation and project scheduling. BIM software defines objects parametrically and it is a tool for virtual reality. Primary advantage of implementing BIM is the visual coordination of the building structure and systems such as Mechanical, Electrical and Plumbing (MEP) and it also identifies the possible conflicts between the building systems. This paper is an attempt to develop a risk based BIM model which would highlight the primary advantages of application of BIM pertaining to urban infrastructure transportation project. It has been observed that about 40% of the Architecture, Engineering and Construction (AEC) companies use BIM but primarily for their outsourced projects. Also, 65% of the respondents agree that BIM would be used quiet strongly for future construction projects in India. The 3D models developed with Revit 2015 software would reduce co-ordination problems amongst the architects, structural engineers, contractors and building service providers (MEP). Integration of risk management along with BIM would provide enhanced co-ordination, collaboration and high probability of successful completion of the complex infrastructure transportation project within stipulated time and cost frame.

Keywords: Building information modeling (BIM), infrastructure transportation, project risk management, underground metro rail.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2126

Authors: Jie Zhang, Qianyu Guo, Tieyi Zhang, Zhiyong Feng, Xiaohong Li

Abstract:

The widespread popularity of mobile devices and the development of artificial intelligence (AI) have led to the widespread adoption of deep learning (DL) in Android apps. Compared with traditional Android apps (traditional apps), deep learning based Android apps (DL-based apps) need to use more third-party application programming interfaces (APIs) to complete complex DL inference tasks. However, existing methods (e.g., FlowDroid) for detecting sensitive information leakage in Android apps cannot be directly used to detect DL-based apps as they are difficult to detect third-party APIs. To solve this problem, we design DLtrace, a new static information flow analysis tool that can effectively recognize third-party APIs. With our proposed trace and detection algorithms, DLtrace can also efficiently detect privacy leaks caused by sensitive APIs in DL-based apps. Additionally, we propose two formal definitions to deal with the common polymorphism and anonymous inner-class problems in the Android static analyzer. Using DLtrace, we summarize the non-sequential characteristics of DL inference tasks in DL-based apps and the specific functionalities provided by DL models for such apps. We conduct an empirical assessment with DLtrace on 208 popular DL-based apps in the wild and found that 26.0% of the apps suffered from sensitive information leakage. Furthermore, DLtrace outperformed FlowDroid in detecting and identifying third-party APIs. The experimental results demonstrate that DLtrace expands FlowDroid in understanding DL-based apps and detecting security issues therein.

Keywords: Mobile computing, deep learning apps, sensitive information, static analysis.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 595

Authors: Ekrem Aksoy, Nihat Adar, Selçuk Canbek

Abstract:

Ambient Computing or Ambient Intelligence (AmI) is emerging area in computer science aiming to create intelligently connected environments and Internet of Things. In this paper, we propose communication middleware architecture for AmI. This middleware architecture addresses problems of communication, networking, and abstraction of applications, although there are other aspects (e.g. HCI and Security) within general AmI framework. Within this middleware architecture, any application developer might address HCI and Security issues with extensibility features of this platform.

Keywords: AmI, ambient computing, middleware, distributedsystems, software-defined networking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1694

Authors: H. M. Nuralam, Z. Xiao-lan, B. K. Dubey, D. Wen-Chuan

Abstract:

Healthcare waste (HCW) is one of the major concerns in environmental issues due to its infectious and hazardous nature that is requires specific treatment and systematic management prior to final disposal. This study aimed to assess HCW management system in Dhaka City (DC), Bangladesh, by investigating the present practices implemented by the city. In this study, five different healthcare establishments were selected in DC. Field visits and interviews with health personnel and staff who are concerned with the waste management were conducted. The information was gathered through questionnaire focus on the different aspect of HCW management like, waste segregation and collection, storage and transport, awareness as well. The results showed that a total of 7,215 kg/day (7.2 ton/day) of waste were generated, of which 79.36% (5.6 ton/day) was non-hazardous waste and 20.6% (1.5 ton/day) was hazardous waste. The rate of waste generation in these healthcare establishments (HCEs) was 2.6 kg/bed/day. There was no appropriate and systematic management of HCWs except at few private HCEs that segregate their hazardous waste. All the surveyed HCEs dumped their HCW together with the municipal waste, and some staff members were also found to be engaged in improper handling of the generated waste. Furthermore, the used sharp instruments, saline bags, blood bags and test tubes were collected for resale or reuse. Nevertheless, the lack of awareness, appropriate policy, regulation and willingness to act, were responsible for the improper management of HCW in DC. There was lack of practical training of concerned healthcare to handle the waste properly, while the nurses and staff were found to be aware of the health impacts of HCW.

Keywords: Awareness, disposal, Dhaka City, healthcare waste management, waste generation.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1527

Authors: Vladimir Simovic, Matija Varga, Tonco Marusic

Abstract:

This research paper shows matrix technology models and examples of information systems in education (in the Republic of Croatia and in the Germany) in support of business, education (when learning and teaching) and e-learning. Here we researched and described the aims and objectives of the main process in education and technology, with main matrix classes of data. In this paper, we have example of matrix technology with detailed description of processes related to specific data classes in the processes of education and an example module that is support for the process: ‘Filling in the directory and the diary of work’ and ‘evaluation’. Also, on the lower level of the processes, we researched and described all activities which take place within the lower process in education. We researched and described the characteristics and functioning of modules: ‘Fill the directory and the diary of work’ and ‘evaluation’. For the analysis of the affinity between the aforementioned processes and/or sub-process we used our application model created in Visual Basic, which was based on the algorithm for analyzing the affinity between the observed processes and/or sub-processes.

Keywords: Designing, education management, information systems, matrix technology, process affinity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1095

Authors: Csaba I. Hencz, István Á. Harmati

Abstract:

Nowadays the significance of road transport is gradually increasing. All transport companies are working in the same external environment where the speed of transport is defined by traffic rules. The main objective is to accelerate the speed of service and it is only dependent on the individual abilities of the managing members. These operational control units make decisions quickly (in a typically experiential and/or intuitive way). For this reason, support for these decisions is an important task. Our goal is to create a decision support model based on fuzzy signatures that can assist the work of operational management automatically. If the model sets parameters properly, the management of transport could be more economical and efficient.

Keywords: Freight transport, decision support, information handling, fuzzy methods.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 815

Authors: Kung-Jen Tu, Danny Vernatha

Abstract:

To assist individual departments within universities in their energy management tasks, this study explores the application of Building Information Modeling in establishing the ‘BIM based Energy Management Support System’ (BIM-EMSS). The BIM-EMSS consists of six components: (1) sensors installed for each occupant and each equipment, (2) electricity sub-meters (constantly logging lighting, HVAC, and socket electricity consumptions of each room), (3) BIM models of all rooms within individual departments’ facilities, (4) data warehouse (for storing occupancy status and logged electricity consumption data), (5) building energy management system that provides energy managers with various energy management functions, and (6) energy simulation tool (such as eQuest) that generates real time 'standard energy consumptions' data against which 'actual energy consumptions' data are compared and energy efficiency evaluated. Through the building energy management system, the energy manager is able to (a) have 3D visualization (BIM model) of each room, in which the occupancy and equipment status detected by the sensors and the electricity consumptions data logged are displayed constantly; (b) perform real time energy consumption analysis to compare the actual and standard energy consumption profiles of a space; (c) obtain energy consumption anomaly detection warnings on certain rooms so that energy management corrective actions can be further taken (data mining technique is employed to analyze the relation between space occupancy pattern with current space equipment setting to indicate an anomaly, such as when appliances turn on without occupancy); and (d) perform historical energy consumption analysis to review monthly and annually energy consumption profiles and compare them against historical energy profiles. The BIM-EMSS was further implemented in a research lab in the Department of Architecture of NTUST in Taiwan and implementation results presented to illustrate how it can be used to assist individual departments within universities in their energy management tasks.

Keywords: Sensor, electricity sub-meters, database, energy anomaly detection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2282

Authors: N. Gopalakrishna Kini, Ranjana Paleppady, Akshata K. Naik

Abstract:

Password authentication is one of the widely used methods to achieve authentication for legal users of computers and defense against attackers. There are many different ways to authenticate users of a system and there are many password cracking methods also developed. This paper proposes how best password cracking can be performed on a CPU-GPGPU based system. The main objective of this work is to project how quickly a password can be cracked with some knowledge about the computer security and password cracking if sufficient security is not incorporated to the system.

Keywords: GPGPU, password cracking, secret key, user authentication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2623

Authors: Manouchehr Amiri

Abstract:

This article presents a general notion of physical bit information that is compatible with the basics of quantum mechanics and incorporates the Shannon entropy as a special case. This notion of physical information leads to the Binary Data Matrix model (BDM), which predicts the basic results of quantum mechanics, general relativity, and black hole thermodynamics. The compatibility of the model with holographic, information conservation, and Landauer’s principle is investigated. After deriving the “Bit Information principle” as a consequence of BDM, the fundamental equations of Planck, De Broglie, Bekenstein, and mass-energy equivalence are derived.

Keywords: Physical theory of information, binary data matrix model, Shannon information theory, bit information principle.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 143

Authors: Kevser Simsek, Rahime Gunay

Abstract:

In this paper, we focused primarily on Istanbul data that is gathered by using intelligent transportation systems (ITS), and considered the developments in traffic information delivery and future applications that are being planned for implementation. Since traffic congestion is increasing and travel times are becoming less consistent and less predictable, traffic information delivery has become a critical issue. Considering the fuel consumption and wasted time in traffic, advanced traffic information systems are becoming increasingly valuable which enables travelers to plan their trips more accurately and easily.

Keywords: Data Fusion, Istanbul, ITS, Real Time Information, Traffic Information, Travel Time, Urban Mobility

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2040

Authors: Adam Gorine, Faten Spondon

Abstract:

Python is considered the most popular programming language and offers its own ecosystem for archiving and maintaining open-source software packages. This system is called the Python Package Index (PyPI), the repository of this programming language. Unfortunately, one-third of these software packages have vulnerabilities that allow attackers to execute code automatically when a vulnerable or malicious package is installed. This paper contributes to large-scale empirical studies investigating security issues in the Python ecosystem by evaluating package vulnerabilities. These provide a series of implications that can help the security of software ecosystems by improving the process of discovering, fixing, and managing package vulnerabilities. The vulnerable dataset is generated using the NVD, the National Vulnerability Database, and the Snyk vulnerability dataset. In addition, we evaluated 807 vulnerability reports in the NVD and 3900 publicly known security vulnerabilities in Python Package Manager (Pip) from the Snyk database from 2002 to 2022. As a result, many Python vulnerabilities appear in high severity, followed by medium severity. The most problematic areas have been improper input validation and denial of service attacks. A hybrid scanning tool that combines the three scanners, Bandit, Snyk and Dlint, which provide a clear report of the code vulnerability, is also described.

Keywords: Python vulnerabilities, Bandit, Snyk, Dlint, Python Package Index, ecosystem, static analysis, malicious attacks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 239

Authors: Hossein Amoozad Khalili, Anahita Maleki

Abstract:

Normally business changes are made in order to change a level of activity in some way, whether it is sales, cash flow, productivity, or product portfolio. When attempts are made to make such changes, too often the business reverts to the old levels of activity as soon as management attention is diverted. Risk management is a field of growing interest to project managers as well as in general business and organizational management. There are several approaches used to manage risk in projects and this paper is a brief outline of some that you might encounter, with an indication of their strengths and weaknesses.

Keywords: Risk Management, Project Management, Scheduling, Planning

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3411

Authors: Adriana Ávila Zúñiga Nordfjeld

Abstract:

This paper provides a literature review to document the state of the art with respect to handling “human bias” in decision making within the established quality management systems (QMS) and LEAN theory, in the context of shipbuilding. Previous research shows that in shipbuilding there is a huge deviation from the planned man-hours under the project management to the actual man-hours used because of errors in planning and reworks caused by human bias in the information flows, among others. This reduces the efficiency, and increases operational costs. Thus, the research question is how QMS and LEAN handle biases. The findings show the gap in studying the integration of methods to handle human bias in decision making into QMS and lean, not only within shipbuilding, but in general. Theoretical and practical implications are discussed for researchers and practitioners in the areas of decision making, QMS and LEAN, and future research is suggested.

Keywords: Human bias, decision making, LEAN Shipbuilding, quality management systems.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2964

Authors: Kai-Thorsten Wirt

Abstract:

In this paper we present the design of a new encryption scheme. The scheme we propose is a very exible encryption and authentication primitive. We build this scheme on two relatively new design principles: t-functions and fast pseudo hadamard transforms. We recapitulate the theory behind these principles and analyze their security properties and efficiency. In more detail we propose a streamcipher which outputs a message authentication tag along with theencrypted data stream with only little overhead. Moreover we proposesecurity-speed tradeoffs. Our scheme is faster than other comparablet-function based designs while offering the same security level.

Keywords: Cryptography, Combined Primitives, Stream Cipher, MAC, T-Function, FPHT.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1935

Authors: Michiko Miyamoto

Abstract:

This paper empirically investigates whether information technology (IT) strategies, business strategies, and divisions are aligned to meet overall business goals for Korean Small and medium-sized enterprises (SMEs), based on structure based Strategic Alignment Model, and make comparison with those of Japanese SMEs. Using 2,869 valid responses of Korean Human Capital Corporate Panel survey, a result of this study suggests that Korean human resources (HR) departments have a major influence over IT strategy, which is the same as Japanese SMEs, even though their management styles are quite different. As for IT strategy, it is not related to other departments at all for Korean SMEs. The Korean management seems to possess a great power over each division, such as Sales/Service, Research and Development/Technical Experts, HR, and Production.

Keywords: IT-business alignment, structured based strategic alignment model, structural equation model, human resources department.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1096

Authors: Nedjima Mouhoubi, Souad Sassi Boudemagh

Abstract:

In this article, and through the modernization project of metropolis of Constantine (PMMC) experience in Algeria, discussed to highlight the importance of management in an urban project at various levels: strategic and operational. The statement we attended to reach is to evaluate the modernization project of metropolis of Constantine in the light of management and prove the relation between a good urban management and the success of an urban project.

Keywords: Urban project, strategic management, operational management, the modernization project of Constantine.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1461

Authors: M. Izvercianu, L. Ivascu

Abstract:

This paper presents an innovative computer system that contributes to sustainable development of the enterprise. The research refers to a rethinking of traditional systems of collaboration and risk assessment, present in any organization, leading to a sustainable enterprise. This concept integrates emerging tools that allow the implementation and exploitation of the collective intelligence of the enterprise, allowing the exchange of contextual, agile and simplified information, and collaboration with networks of customers and partners in an environment where risks are controlled. Risk assessment is done in a systemic way: the enterprise as the system compared to the contained departments and the enterprise as a subsystem compared to: families of international standards and sustainability-s responsibilities. The enterprise, in this systemic vision, responds to the requirements that any existing system to operate continuously in an indefinite future without reaching key resource depletion. The research is done by integrating collaborative science, engineering, management, psychology, obtaining thus a cornerstone of sustainable development of the enterprise.

Keywords: Enterprise 2.0, ISO, Risk management, Sustainable development

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1696

Authors: X. Mamaqi, J.Miguel, P. Olave

Abstract:

The aim of this paper is to provide an empirical evidence about the effects that the management of continuous training have on employability (or employment stability) in the Spanish labour market. With this purpose a binary logit model with interaction effect is been used. The dependent variable includes two situations of the active workers: continuous and discontinuous employability. To distinguish between them an Employability Index Stability (ESI) was calculated taking into account two factors: time worked and job security. Various aspects of the continuous training and personal workers data are used as independent variables. The data obtained from a survey of a sample of 918 employed have revealed a relationship between the likelihood of continuous employability and continuous training received. The empirical results support the positive and significant relationship between various aspects of the training provided by firms and employability likelihood of the workers, postulate alike from a theoretical point of view.

Keywords: training management, employability/employmentstability, binary logit model, interaction effect, Spanish marketlabour.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1597