Search results for: Regional Security
1186 A New Approach of Wireless Network Traffic on VPN
Authors: Amir Rashid, M. Saleem Khan, Freeha Zafar
Abstract:
This work presents a new approach of securing a wireless network. The configuration is focused on securing & Protecting wireless network traffic for a small network such as a home or dorm room. The security Mechanism provided both authentication, allowing only known authorized users access to the wireless network, and encryption, preventing anyone from reading the wireless traffic. The mentioned solution utilizes the open source free S/WAN software which implements the Internet Protocol Security –IPSEC. In addition to wireless components, wireless NIC in PC and wireless access point needs a machine running Linux to act as security gateway. While the current configuration assumes that the wireless PC clients are running Linux, Windows XP/VISTA/7 based machines equipped with VPN software which will allow to interface with this configuration.Keywords: Wireless network security, security network, authentication, encryption and internet protocol security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21431185 Use of Persuasive Technology to Change End-Users- IT Security Aware Behaviour: A Pilot Study
Authors: Ai Cheo Yeo, Md. Mahbubur Rahim, Yin Ying Ren
Abstract:
Persuasive technology has been applied in marketing, health, environmental conservation, safety and other domains and is found to be quite effective in changing people-s attitude and behaviours. This research extends the application domains of persuasive technology to information security awareness and uses a theory-driven approach to evaluate the effectiveness of a web-based program developed based on the principles of persuasive technology to improve the information security awareness of end users. The findings confirm the existence of a very strong effect of the webbased program in raising users- attitude towards information security aware behavior. This finding is useful to the IT researchers and practitioners in developing appropriate and effective education strategies for improving the information security attitudes for endusers.Keywords: Information security, persuasive technology, ITsecurity-aware behaviour, theory of planned behaviour survey.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 24081184 Measuring the Development Level of Chinese Regional Service Industry: An Empirical Analysis based on Entropy Weight and TOPSIS
Abstract:
Using entropy weight and TOPSIS method, a comprehensive evaluation is done on the development level of Chinese regional service industry in this paper. Firstly, based on existing research results, an evaluation index system is constructed from the scale of development, the industrial structure and the economic benefits. An evaluation model is then built up based on entropy weight and TOPSIS, and an empirical analysis is conducted on the development level of service industries in 31 Chinese provinces during 2006 and 2009 from the two dimensions or time series and cross section, which provides new idea for assessing regional service industry. Furthermore, the 31 provinces are classified into four categories based on the evaluation results, and deep analysis is carried out on the evaluation results.Keywords: Chinese regional service industry, Development level, Entropy weight, TOPSIS Evaluation Method
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15061183 Effective Security Method for Wireless LAN using Life-Cycle of Wireless Access Point
Authors: Soon-Tai Park, Haeryong Park, Myoung-sun Noh, Yoo-Jae Won
Abstract:
There are many expand of Wi-Fi zones provided mobile careers and usage of wireless access point at home as increase of usage of wireless internet caused by the use of smart phone. This paper shows wireless local area network status, security threats of WLAN and functionality of major wireless access point in Korea. We propose security countermeasures concerned with life cycle of access point from manufacturing to installation, using and finally disposal. There needed to releasing with configured secure at access point. Because, it is most cost effective resolution than stage of installation or other life cycle of access point.Keywords: Wireless LAN Security, Wi-Fi Security, Wireless Access Point, Product Life-Cycle
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 19221182 DEVS Modeling of Network Vulnerability
Authors: Hee Suk Seo, Tae Kyung Kim
Abstract:
As network components grow larger and more diverse, and as securing them on a host-by-host basis grow more difficult, more sites are turning to a network security model. We concentrate on controlling network access to various hosts and the services they offer, rather than on securing them one by one with a network security model. We present how the policy rules from vulnerabilities stored in SVDB (Simulation based Vulnerability Data Base) are inducted, and how to be used in PBN. In the network security environment, each simulation model is hierarchically designed by DEVS (Discrete EVent system Specification) formalism.Keywords: SVDB, PBN, DEVS, Network security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15691181 Analysis of Network Performance Using Aspect of Quantum Cryptography
Authors: Nisarg A. Patel, Hiren B. Patel
Abstract:
Quantum cryptography is described as a point-to-point secure key generation technology that has emerged in recent times in providing absolute security. Researchers have started studying new innovative approaches to exploit the security of Quantum Key Distribution (QKD) for a large-scale communication system. A number of approaches and models for utilization of QKD for secure communication have been developed. The uncertainty principle in quantum mechanics created a new paradigm for QKD. One of the approaches for use of QKD involved network fashioned security. The main goal was point-to-point Quantum network that exploited QKD technology for end-to-end network security via high speed QKD. Other approaches and models equipped with QKD in network fashion are introduced in the literature as. A different approach that this paper deals with is using QKD in existing protocols, which are widely used on the Internet to enhance security with main objective of unconditional security. Our work is towards the analysis of the QKD in Mobile ad-hoc network (MANET).
Keywords: QKD, cryptography, quantum cryptography, network performance.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 9461180 Harnessing the Power of AI: Transforming DevSecOps for Enhanced Cloud Security
Authors: Ashly Joseph, Jithu Paulose
Abstract:
The increased usage of cloud computing has revolutionized the IT landscape, but it has also raised new security concerns. DevSecOps emerged as a way for tackling these difficulties by integrating security into the software development process. However, the rising complexity and sophistication of cyber threats need more advanced solutions. This paper looks into the usage of artificial intelligence (AI) techniques in the DevSecOps framework to increase cloud security. This study uses quantitative and qualitative techniques to assess the usefulness of AI approaches such as machine learning, natural language processing, and deep learning in reducing security issues. This paper thoroughly examines the symbiotic relationship between AI and DevSecOps, concentrating on how AI may be seamlessly integrated into the continuous integration and continuous delivery (CI/CD) pipeline, automated security testing, and real-time monitoring methods. The findings emphasize AI's huge potential to improve threat detection, risk assessment, and incident response skills. Furthermore, the paper examines the implications and challenges of using AI in DevSecOps workflows, considering factors like as scalability, interpretability, and adaptability. This paper adds to a better understanding of AI's revolutionary role in cloud security and provides valuable insights for practitioners and scholars in the field.
Keywords: Cloud Security, DevSecOps, Artificial Intelligence, AI, Machine Learning, Natural Language Processing, NLP, cybersecurity, AI-driven Security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1321179 Regional Differences in the Effect of Immigration on Poverty Rates in Spain
Authors: E. Bárcena-Martín, S. Pérez-Moreno
Abstract:
This paper explores the extent of the gap in poverty rates between immigrant and native households in Spanish regions and assess to what extent regional differences in individual and contextual characteristics can explain the divergences in such a gap. By using multilevel techniques and European Union Survey on Income and Living Conditions, we estimate immigrant households experiments an increase of 76 per cent in the odds of being poor compared with a native one when we control by individual variables. In relation to regional differences in the risk of poverty, regionallevel variables have higher effect in the reduction of these differences than individual variables.
Keywords: Immigration, Multilevel Analysis, Poverty, Spanish Regions
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18941178 Smart Security Concept in the East Mediterranean: Anti-Asymmetrical Area Denial (A3D)
Authors: Serkan Tezgel, Osman Gül, İskender Cahit Şafak
Abstract:
This paper proposes the application of the Smart Security Concept in the East Mediterranean. Smart Security aims to secure critical infrastructure, such as hydrocarbon platforms, against asymmetrical threats. The concept is based on Anti Asymmetrical Area Denial (A3D) which necessitates limiting freedom of action of maritime terrorists and piracy by founding safe and secure maritime areas through sea lines of communication using short range capabilities.Keywords: Partnership, A3D, Maritime Security, Centers.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18771177 Security Design of Root of Trust Based on RISC-V
Authors: Kang Huang, Wanting Zhou, Shiwei Yuan, Lei Li
Abstract:
Since information technology develops rapidly, the security issue has become an increasingly critical for computer system. In particular, as cloud computing and the Internet of Things (IoT) continue to gain widespread adoption, computer systems need to new security threats and attacks. The Root of Trust (RoT) is the foundation for providing basic trusted computing, which is used to verify the security and trustworthiness of other components. Designing a reliable RoT and guaranteeing its own security are essential for improving the overall security and credibility of computer systems. In this paper, we discuss the implementation of self-security technology based on the RISC-V RoT at the hardware level. To effectively safeguard the security of the RoT, researches on security safeguard technology on the RoT have been studied. At first, a lightweight and secure boot framework is proposed as a secure mechanism. Secondly, two kinds of memory protection mechanism are built to against memory attacks. Moreover, hardware implementation of proposed method has been also investigated. A series of experiments and tests have been carried on to verify to effectiveness of the proposed method. The experimental results demonstrated that the proposed approach is effective in verifying the integrity of the RoT’s own boot rom, user instructions, and data, ensuring authenticity and enabling the secure boot of the RoT’s own system. Additionally, our approach provides memory protection against certain types of memory attacks, such as cache leaks and tampering, and ensures the security of root-of-trust sensitive information, including keys.
Keywords: Root of Trust, secure boot, memory protection, hardware security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 801176 The Security Trade-Offs in Resource Constrained Nodes for IoT Application
Authors: Sultan Alharby, Nick Harris, Alex Weddell, Jeff Reeve
Abstract:
The concept of the Internet of Things (IoT) has received much attention over the last five years. It is predicted that the IoT will influence every aspect of our lifestyles in the near future. Wireless Sensor Networks are one of the key enablers of the operation of IoTs, allowing data to be collected from the surrounding environment. However, due to limited resources, nature of deployment and unattended operation, a WSN is vulnerable to various types of attack. Security is paramount for reliable and safe communication between IoT embedded devices, but it does, however, come at a cost to resources. Nodes are usually equipped with small batteries, which makes energy conservation crucial to IoT devices. Nevertheless, security cost in terms of energy consumption has not been studied sufficiently. Previous research has used a security specification of 802.15.4 for IoT applications, but the energy cost of each security level and the impact on quality of services (QoS) parameters remain unknown. This research focuses on the cost of security at the IoT media access control (MAC) layer. It begins by studying the energy consumption of IEEE 802.15.4 security levels, which is followed by an evaluation for the impact of security on data latency and throughput, and then presents the impact of transmission power on security overhead, and finally shows the effects of security on memory footprint. The results show that security overhead in terms of energy consumption with a payload of 24 bytes fluctuates between 31.5% at minimum level over non-secure packets and 60.4% at the top security level of 802.15.4 security specification. Also, it shows that security cost has less impact at longer packet lengths, and more with smaller packet size. In addition, the results depicts a significant impact on data latency and throughput. Overall, maximum authentication length decreases throughput by almost 53%, and encryption and authentication together by almost 62%.Keywords: Internet of Things, IEEE 802.15.4, security cost evaluation, wireless sensor network, energy consumption.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14911175 Assessing Local Knowledge Dynamics: Regional Knowledge Economy Indicators
Authors: Francesca Affortunato, Edgardo Bucciarelli, Mariateresa Ciommi, Gianfranco Giulioni
Abstract:
The paper represents a reflection on how to select proper indicators to assess the progress of regional contexts towards a knowledge-based society. Taking the first research methodologies elaborated at an international level (World Bank, OECD, etc.) as a reference point, this work intends to identify a set of indicators of the knowledge economy suitable to adequately understand in which manner and to which extent the territorial development dynamics are correlated with the knowledge-base of the considered local society. After a critical survey of the variables utilized within other approaches adopted by international or national organizations, this paper seeks to elaborate a framework of variables, named Regional Knowledge Economy Indicators (ReKEI), necessary to describe the knowledge-based relations of subnational socio-economic contexts. The realization of this framework has a double purpose: an analytical one consisting in highlighting the regional differences in the governance of knowledge based processes, and an operative one consisting in providing some reference parameters for contributing to increasing the effectiveness of those economic policies aiming at enlarging the knowledge bases of local societies.
Keywords: Knowledge economy, knowledge society, information society, regional innovation system, territorial competitiveness, local development.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 17381174 A Security Module for Car Appliances
Authors: Pang-Chieh Wang, Ting-Wei Hou, Jung-Hsuan Wu, Bo-Chiuan Chen
Abstract:
In this paper we discuss on the security module for the car appliances to prevent stealing and illegal use on other cars. We proposed an open structure including authentication and encryption by embed a security module in each to protect car appliances. Illegal moving and use a car appliance with the security module without permission will lead the appliance to useless. This paper also presents the component identification and deal with relevant procedures. It is at low cost to recover from destroys by the burglar. Expect this paper to offer the new business opportunity to the automotive and technology industry.Keywords: Automotive, component identification, electronic immobilizer, key management.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18431173 A 10 Giga VPN Accelerator Board for Trust Channel Security System
Authors: Ki Hyun Kim, Jang-Hee Yoo, Kyo Il Chung
Abstract:
This paper proposes a VPN Accelerator Board (VPN-AB), a virtual private network (VPN) protocol designed for trust channel security system (TCSS). TCSS supports safety communication channel between security nodes in internet. It furnishes authentication, confidentiality, integrity, and access control to security node to transmit data packets with IPsec protocol. TCSS consists of internet key exchange block, security association block, and IPsec engine block. The internet key exchange block negotiates crypto algorithm and key used in IPsec engine block. Security Association blocks setting-up and manages security association information. IPsec engine block treats IPsec packets and consists of networking functions for communication. The IPsec engine block should be embodied by H/W and in-line mode transaction for high speed IPsec processing. Our VPN-AB is implemented with high speed security processor that supports many cryptographic algorithms and in-line mode. We evaluate a small TCSS communication environment, and measure a performance of VPN-AB in the environment. The experiment results show that VPN-AB gets a performance throughput of maximum 15.645Gbps when we set the IPsec protocol with 3DES-HMAC-MD5 tunnel mode.Keywords: TCSS(Trust Channel Security System), VPN(VirtualPrivate Network), IPsec, SSL, Security Processor, Securitycommunication.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 20981172 A Proposal for Systematic Mapping Study of Software Security Testing, Verification and Validation
Authors: Adriano Bessa Albuquerque, Francisco Jose Barreto Nunes
Abstract:
Software vulnerabilities are increasing and not only impact services and processes availability as well as information confidentiality, integrity and privacy, but also cause changes that interfere in the development process. Security test could be a solution to reduce vulnerabilities. However, the variety of test techniques with the lack of real case studies of applying tests focusing on software development life cycle compromise its effective use. This paper offers an overview of how a Systematic Mapping Study (MS) about security verification, validation and test (VVT) was performed, besides presenting general results about this study.
Keywords: Software test, software security verification validation and test, security test institutionalization, systematic mapping study.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16241171 Future Outlook and Current Situation for Security of Gas Supply in Eastern Baltic Region
Authors: Ando Leppiman, Kati Kõrbe Kaare, Ott Koppel
Abstract:
Growing demand for gas has rekindled a debate on gas security of supply due to supply interruptions, increasing gas prices, cross-border bottlenecks and a growing reliance on imports over longer distances. Security of supply is defined mostly as an infrastructure package to satisfy N-1 criteria. In case of Estonia, Finland, Latvia and Lithuania all the gas infrastructure is built to supply natural gas only from one single supplier, Russia. In 2012 almost 100% of natural gas to the Eastern Baltic Region was supplied by Gazprom. Under such circumstances infrastructure N-1 criteria does not guarantee security of supply. In the Eastern Baltic Region, the assessment of risk of gas supply disruption has been worked out by applying the method of risk scenarios. There are various risks to be tackled in Eastern Baltic States in terms of improving security of supply, such as single supplier risk, physical infrastructure risk, regulatory gap, fair price and competition. The objective of this paper is to evaluate the energy security of the Eastern Baltic Region within the framework of the European Union’s policies and to make recommendations on how to better guarantee the energy security of the region.
Keywords: Security of supply, supply routes for natural gas, energy balance, diversified supply options, common regulative package.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 19051170 Domain-based Key Management Scheme for Active Network
Authors: Jong-Whoi Shin, Soon-Tai Park, Chong-Sun Hwang
Abstract:
Active network was developed to solve the problem of the current sharing-based network–difficulty in applying new technology, service or standard, and duplicated operation at several protocol layers. Active network can transport the packet loaded with the executable codes, which enables to change the state of the network node. However, if the network node is placed in the sharing-based network, security and safety issues should be resolved. To satisfy this requirement, various security aspects are required such as authentication, authorization, confidentiality and integrity. Among these security components, the core factor is the encryption key. As a result, this study is designed to propose the scheme that manages the encryption key, which is used to provide security of the comprehensive active directory, based on the domain.Keywords: Active Network, Domain-based Key Management, Security Components.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16731169 Cloud Computing Security for Multi-Cloud Service Providers: Controls and Techniques in our Modern Threat Landscape
Authors: Sandesh Achar
Abstract:
Cloud computing security is a broad term that covers a variety of security concerns for organizations that use cloud services. Multi-cloud service providers must consider several factors when addressing security for their customers, including identity and access management, data at rest and in transit, egress and ingress traffic control, vulnerability and threat management, and auditing. This paper explores each of these aspects of cloud security in detail and provides recommendations for best practices for multi-cloud service providers. It also discusses the challenges inherent in securing a multi-cloud environment and offers solutions for overcoming these challenges. By the end of this paper, readers should have a good understanding of the various security concerns associated with multi-cloud environments in the context of today’s modern cyber threats and how to address them.
Keywords: Multi-cloud service, SOC, system organization control, data loss prevention, DLP, identity and access management, IAM.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 7061168 A Study on the Secure ebXML Transaction Models
Authors: Dongkyoo Shin, Dongil Shin, Sukil Cha, Seyoung Kim
Abstract:
ebXML (Electronic Business using eXtensible Markup Language) is an e-business standard, sponsored by UN/CEFACT and OASIS, which enables enterprises to exchange business messages, conduct trading relationships, communicate data in common terms and define and register business processes. While there is tremendous e-business value in the ebXML, security remains an unsolved problem and one of the largest barriers to adoption. XML security technologies emerging recently have extensibility and flexibility suitable for security implementation such as encryption, digital signature, access control and authentication. In this paper, we propose ebXML business transaction models that allow trading partners to securely exchange XML based business transactions by employing XML security technologies. We show how each XML security technology meets the ebXML standard by constructing the test software and validating messages between the trading partners.Keywords: Electronic commerce, e-business standard, ebXML, XML security, secure business transaction.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 17481167 The Evaluation of Event Sport Tourism on Regional Economic Development
Authors: Huei-Wen Lin, Huei-Fu Lu
Abstract:
Event sport tourism (EST) has become an especially important economic sector around the world. As the magnitude continues to grow, attracting more tourists, media, and investment for the host community, and many local areas/regions and states have identified the expenditures by visitors as a potential source of economic or employment growth. The main purposes of this study are to investigate stakeholders’ insights into the feature of hosting EST and using them as a regional development strategy. Continuing the focus of previous literature on the regional development and economic benefits by hosting EST, a total of fıve semi-structured interview questions are designed and a thematic analysis is employed to conduct with eight key sport and tourism decision makers in Atlanta during July to August 2016. Through the depth interviews, the study will contribute to a better understanding of stakeholders’ decision-making, identifying benefits and constraints as well as leveraging the impacts of hosting EST. These findings have provided stakeholders’ perspectives of hosting EST and using them as a reference of regional development in emerging sport tourism markets in the US. Additionally, this study examines key considerations and issues that affect and are critical to reliable understanding of the economic impacts of hosting EST on the regional development, and it will be able to benefit future management authorities (i.e. governments and communities) in their sport tourism development endeavors in defining and hosting successful EST. Furthermore, the insights gained from the qualitative analysis could help other cities/regions analyzing the economic impacts of hosting EST and using it as an instrument of city development strategy.
Keywords: Event sport tourism, regional economic development, thematic analysis, stakeholder.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 27231166 Implementation of SSL Using Information Security Component Interface
Authors: Jong-Whoi Shin, Chong-Sun Hwang
Abstract:
Various security APIs (Application Programming Interfaces) are being used in a variety of application areas requiring the information security function. However, these standards are not compatible, and the developer must use those APIs selectively depending on the application environment or the programming language. To resolve this problem, we propose the standard draft of the information security component, while SSL (Secure Sockets Layer) using the confidentiality and integrity component interface has been implemented to verify validity of the standard proposal. The implemented SSL uses the lower-level SSL component when establishing the RMI (Remote Method Invocation) communication between components, as if the security algorithm had been implemented by adding one more layer on the TCP/IP.Keywords: Component Based Design, Application Programming Interface, Secure Socket Layer, Remote Method Invocation.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15121165 Web Application Security, Attacks and Mitigation
Authors: Ayush Chugh, Gaurav Gupta
Abstract:
Today’s technology is heavily dependent on web applications. Web applications are being accepted by users at a very rapid pace. These have made our work efficient. These include webmail, online retail sale, online gaming, wikis, departure and arrival of trains and flights and list is very long. These are developed in different languages like PHP, Python, C#, ASP.NET and many more by using scripts such as HTML and JavaScript. Attackers develop tools and techniques to exploit web applications and legitimate websites. This has led to rise of web application security; which can be broadly classified into Declarative Security and Program Security. The most common attacks on the applications are by SQL Injection and XSS which give access to unauthorized users who totally damage or destroy the system. This paper presents a detailed literature description and analysis on Web Application Security, examples of attacks and steps to mitigate the vulnerabilities.
Keywords: Attacks, Injection, JavaScript, SQL, Vulnerability, XSS.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 49681164 The Acceptance of E-Assessment Considering Security Perspective: Work in Progress
Authors: Kavitha Thamadharan, Nurazean Maarop
Abstract:
The implementation of e-assessment as tool to support the process of teaching and learning in university has become a popular technological means in universities. E-Assessment provides many advantages to the users especially the flexibility in teaching and learning. The e-assessment system has the capability to improve its quality of delivering education. However, there still exists a drawback in terms of security which limits the user acceptance of the online learning system. Even though there are studies providing solutions for identified security threats in e-learning usage, there is no particular model which addresses the factors that influences the acceptance of e-assessment system by lecturers from security perspective. The aim of this study is to explore security aspects of eassessment in regard to the acceptance of the technology. As a result a conceptual model of secure acceptance of e-assessment is proposed. Both human and security factors are considered in formulation of this conceptual model. In order to increase understanding of critical issues related to the subject of this study, interpretive approach involving convergent mixed method research method is proposed to be used to execute the research. This study will be useful in providing more insightful understanding regarding the factors that influence the user acceptance of e-assessment system from security perspective.
Keywords: Secure Technology Acceptance, E-Assessment Security, E-Assessment, Education Technology.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 24381163 Enhancing IoT Security: A Blockchain-Based Approach for Preventing Spoofing Attacks
Authors: Salha Alshamrani, Maha Aljohni, Eman Aldhaheri
Abstract:
With the proliferation of Internet of Things (IoT) devices in various industries, there has been a concurrent rise in security vulnerabilities, particularly spoofing attacks. This study explores the potential of blockchain technology in enhancing the security of IoT systems and mitigating these attacks. Blockchain's decentralized and immutable ledger offers significant promise for improving data integrity, transaction transparency, and tamper-proofing. This research develops and implements a blockchain-based IoT architecture and a reference network to simulate real-world scenarios and evaluate a blockchain-integrated intrusion detection system. Performance measures including time delay, security, and resource utilization are used to assess the system's effectiveness, comparing it to conventional IoT networks without blockchain. The results provide valuable insights into the practicality and efficacy of employing blockchain as a security mechanism, shedding light on the trade-offs between speed and security in blockchain deployment for IoT. The study concludes that despite minor increases in time consumption, the security benefits of incorporating blockchain technology into IoT systems outweigh potential drawbacks, demonstrating a significant potential for blockchain in bolstering IoT security.
Keywords: Internet of Thing, Spoofing, IoT, Access control, Blockchain, Raspberry pi.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1171162 Maintaining User-Level Security in Short Message Service
Authors: T. Arudchelvam, W. W. E. N. Fernando
Abstract:
Mobile phone has become as an essential thing in our life. Therefore, security is the most important thing to be considered in mobile communication. Short message service is the cheapest way of communication via the mobile phones. Therefore, security is very important in the short message service as well. This paper presents a method to maintain the security at user level. Different types of encryption methods are used to implement the user level security in mobile phones. Caesar cipher, Rail Fence, Vigenere cipher and RSA are used as encryption methods in this work. Caesar cipher and the Rail Fence methods are enhanced and implemented. The beauty in this work is that the user can select the encryption method and the key. Therefore, by changing the encryption method and the key time to time, the user can ensure the security of messages. By this work, while users can safely send/receive messages, they can save their information from unauthorised and unwanted people in their own mobile phone as well.
Keywords: SMS, user level security, encryption, mobile communication.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 10651161 Analysis of Threats in Interoperability of Medical Devices
Authors: M. Sandhya, R. M. Madhumitha, Sharmila Sankar
Abstract:
Interoperable medical devices (IMDs) face threats due to the increased attack surface accessible by interoperability and the corresponding infrastructure. Initiating networking and coordination functionalities primarily modify medical systems' security properties. Understanding the threats is a vital first step in ultimately crafting security solutions for such systems. The key to this problem is coming up with some common types of threats or attacks with those of security and privacy, and providing this information as a roadmap. This paper analyses the security issues in interoperability of devices and presents the main types of threats that have to be considered to build a secured system.
Keywords: Interoperability, threats, attacks, medical devices.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15291160 Implementation of Security Algorithms for u-Health Monitoring System
Authors: Jiho Park, Yong-Gyu Lee, Gilwon Yoon
Abstract:
Data security in u-Health system can be an important issue because wireless network is vulnerable to hacking. However, it is not easy to implement a proper security algorithm in an embedded u-health monitoring because of hardware constraints such as low performance, power consumption and limited memory size and etc. To secure data that contain personal and biosignal information, we implemented several security algorithms such as Blowfish, data encryption standard (DES), advanced encryption standard (AES) and Rivest Cipher 4 (RC4) for our u-Health monitoring system and the results were successful. Under the same experimental conditions, we compared these algorithms. RC4 had the fastest execution time. Memory usage was the most efficient for DES. However, considering performance and safety capability, however, we concluded that AES was the most appropriate algorithm for a personal u-Health monitoring system.Keywords: biosignal, data encryption, security measures, u-health
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21301159 Securing Justice: A Critical Analysis of Kenya-s Post 9/11 Security Apparatus
Authors: Peter Ndichu Muriuki
Abstract:
The 9/11 suicide attacks in New York, Washington, D.C., and Pennsylvania, triggered a number of security responses both in the United States of America and other Countries in the World. Kenya, which is an ally and a close partner to North America and Europe, was not left behind. While many states had been parties to numerous terrorism conventions, their response in implementing them had been slow and needed this catalyst. This special case offered a window of opportunity for many “security conscious" regimes in cementing their legal-criminological and political security apparatus. At the international level, the 9/11 case led to the hasty adoption of Security Council resolution 1373 in 2001, which called upon states to adopt wide-ranging and comprehensive steps and strategies to combat international terrorism and to become parties to the relevant international conventions and protocols relating to terrorism. Since then, Kenya has responded with speed in devising social-legal-criminological-political actions.
Keywords: Justice, Policing, Security, Terrorism
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16651158 VANETs: Security Challenges and Future Directions
Authors: Jared Oluoch
Abstract:
Connected vehicles are equipped with wireless sensors that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication. These vehicles will in the near future provide road safety, improve transport efficiency, and reduce traffic congestion. One of the challenges for connected vehicles is how to ensure that information sent across the network is secure. If security of the network is not guaranteed, several attacks can occur, thereby compromising the robustness, reliability, and efficiency of the network. This paper discusses existing security mechanisms and unique properties of connected vehicles. The methodology employed in this work is exploratory. The paper reviews existing security solutions for connected vehicles. More concretely, it discusses various cryptographic mechanisms available, and suggests areas of improvement. The study proposes a combination of symmetric key encryption and public key cryptography to improve security. The study further proposes message aggregation as a technique to overcome message redundancy. This paper offers a comprehensive overview of connected vehicles technology, its applications, its security mechanisms, open challenges, and potential areas of future research.Keywords: VANET, connected vehicles, 802.11p, WAVE, DSRC, trust, security, cryptography.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 22511157 Comparative Analysis and Evaluation of Software Vulnerabilities Testing Techniques
Authors: Khalid Alnafjan, Tazar Hussain, Hanif Ullah, Zia ul haq Paracha
Abstract:
Software and applications are subjected to serious and damaging security threats, these threats are increasing as a result of increased number of potential vulnerabilities. Security testing is an indispensable process to validate software security requirements and to identify security related vulnerabilities. In this paper we analyze and compare different available vulnerabilities testing techniques based on a pre defined criteria using analytical hierarchy process (AHP). We have selected five testing techniques which includes Source code analysis, Fault code injection, Robustness, Stress and Penetration testing techniques. These testing techniques have been evaluated against five criteria which include cost, thoroughness, Ease of use, effectiveness and efficiency. The outcome of the study is helpful for researchers, testers and developers to understand effectiveness of each technique in its respective domain. Also the study helps to compare the inner working of testing techniques against a selected criterion to achieve optimum testing results.
Keywords: Software Security, Security Testing, Testing techniques, vulnerability, AHP.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2898