Search results for: security assessment
2289 Use of Persuasive Technology to Change End-Users- IT Security Aware Behaviour: A Pilot Study
Authors: Ai Cheo Yeo, Md. Mahbubur Rahim, Yin Ying Ren
Abstract:
Persuasive technology has been applied in marketing, health, environmental conservation, safety and other domains and is found to be quite effective in changing people-s attitude and behaviours. This research extends the application domains of persuasive technology to information security awareness and uses a theory-driven approach to evaluate the effectiveness of a web-based program developed based on the principles of persuasive technology to improve the information security awareness of end users. The findings confirm the existence of a very strong effect of the webbased program in raising users- attitude towards information security aware behavior. This finding is useful to the IT researchers and practitioners in developing appropriate and effective education strategies for improving the information security attitudes for endusers.Keywords: Information security, persuasive technology, ITsecurity-aware behaviour, theory of planned behaviour survey.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 24082288 Fairness in Tech-Driven Assessment: Strategies to Safeguard Academic Integrity and Security in Virtual Environment
Authors: B. Ferdousi, J. Bari
Abstract:
Advanced technology can provide vital tools to promote authentic, meaningful, and efficient assessments that measure students' achievement of learning objectives in higher education. However, it also brings several challenges in the learning process. This literature review-based paper describes the challenges in ensuring academic integrity and cybersecurity when students' knowledge and performance are assessed in a digital environment. The paper also reviews the strategies that can be implemented to address these challenges. Using students' authentication and authorship verification of their classwork, designing and developing e-assessments, technology accessibility and instructor training are probable solutions to address these challenges. Given the increasing adoption of digital technology in assessing students' effective learning achievement, this paper will help enhance knowledge and in-depth understanding of measures needed in using technology in academic assessment.
Keywords: Fairness, cybersecurity, e-authentication, academic integrity, e-assessment.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 742287 Effective Security Method for Wireless LAN using Life-Cycle of Wireless Access Point
Authors: Soon-Tai Park, Haeryong Park, Myoung-sun Noh, Yoo-Jae Won
Abstract:
There are many expand of Wi-Fi zones provided mobile careers and usage of wireless access point at home as increase of usage of wireless internet caused by the use of smart phone. This paper shows wireless local area network status, security threats of WLAN and functionality of major wireless access point in Korea. We propose security countermeasures concerned with life cycle of access point from manufacturing to installation, using and finally disposal. There needed to releasing with configured secure at access point. Because, it is most cost effective resolution than stage of installation or other life cycle of access point.Keywords: Wireless LAN Security, Wi-Fi Security, Wireless Access Point, Product Life-Cycle
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 19222286 Regional Economy under the Prism of National Security
Authors: Raziya Ashimova
Abstract:
This article is devoted to the problems of the disproportional development of regions in the Republic Kazakhstan. The threats proceeding from problem regions, make strong impact on the country-s sustainable development, therefore they are necessary to be considered at the level of national security.Keywords: Economic development, Kazakhstan, National security regional economy.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 13202285 DEVS Modeling of Network Vulnerability
Authors: Hee Suk Seo, Tae Kyung Kim
Abstract:
As network components grow larger and more diverse, and as securing them on a host-by-host basis grow more difficult, more sites are turning to a network security model. We concentrate on controlling network access to various hosts and the services they offer, rather than on securing them one by one with a network security model. We present how the policy rules from vulnerabilities stored in SVDB (Simulation based Vulnerability Data Base) are inducted, and how to be used in PBN. In the network security environment, each simulation model is hierarchically designed by DEVS (Discrete EVent system Specification) formalism.Keywords: SVDB, PBN, DEVS, Network security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15692284 Developing a Campus Sustainability Assessment Framework for the National University of Malaysia
Authors: Z.F. Fadzil, H.S. Hashim, A.I. Che-Ani, S. Aziz
Abstract:
Campus sustainability is the goal of a university striving for sustainable development. This study found that of 17 popular approaches, two comprehensive campus sustainability assessment frameworks were developed in the context of Sustainability in Higher Education (SHE), and used by many university campuses around the world. Sustainability Tracking Assessment and Rating Systems (STARS) and the Campus Sustainability Assessment Framework (CSAF) approaches are more comprehensive than others. Therefore, the researchers examined aspects and elements used by CSAF and STARS in the approach to develop a campus sustainability assessment framework for Universiti Kebangsaan Malaysia (UKM). Documents analysis found that CSAF and STARS do not focus on physical development, especially the construction industry, as key elements of campus sustainability assessment. This finding is in accordance with the Sustainable UKM Programme which consists of three main components of sustainable community, ecosystem and physical development.
Keywords: Campus sustainability, campus sustainability assessment, sustainability assessment framework, sustainable campus
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 32952283 Analysis of Network Performance Using Aspect of Quantum Cryptography
Authors: Nisarg A. Patel, Hiren B. Patel
Abstract:
Quantum cryptography is described as a point-to-point secure key generation technology that has emerged in recent times in providing absolute security. Researchers have started studying new innovative approaches to exploit the security of Quantum Key Distribution (QKD) for a large-scale communication system. A number of approaches and models for utilization of QKD for secure communication have been developed. The uncertainty principle in quantum mechanics created a new paradigm for QKD. One of the approaches for use of QKD involved network fashioned security. The main goal was point-to-point Quantum network that exploited QKD technology for end-to-end network security via high speed QKD. Other approaches and models equipped with QKD in network fashion are introduced in the literature as. A different approach that this paper deals with is using QKD in existing protocols, which are widely used on the Internet to enhance security with main objective of unconditional security. Our work is towards the analysis of the QKD in Mobile ad-hoc network (MANET).
Keywords: QKD, cryptography, quantum cryptography, network performance.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 9462282 Combing LCIA and Fuzzy Risk Assessment for Environmental Impact Assessment
Authors: Kevin Fong-Rey Liu, Cheng-Wu Chen, Ken Yeh, Han-Hsi Liang
Abstract:
Environmental impact assessment (EIA) is a procedure tool of environmental management for identifying, predicting, evaluating and mitigating the adverse effects of development proposals. EIA reports usually analyze how the amounts or concentrations of pollutants obey the relevant standards. Actually, many analytical tools can deepen the analysis of environmental impacts in EIA reports, such as life cycle assessment (LCA) and environmental risk assessment (ERA). Life cycle impact assessment (LCIA) is one of steps in LCA to introduce the causal relationships among environmental hazards and damage. Incorporating the LCIA concept into ERA as an integrated tool for EIA can extend the focus of the regulatory compliance of environmental impacts to determine of the significance of environmental impacts. Sometimes, when using integrated tools, it is necessary to consider fuzzy situations due to insufficient information; therefore, ERA should be generalized to fuzzy risk assessment (FRA). Finally, the use of the proposed methodology is demonstrated through the study case of the expansion plan of the world-s largest plastics processing factory.
Keywords: Fuzzy risk analysis, life cycle impact assessment, fuzzy logic, environmental impact assessment
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 19192281 Smart Security Concept in the East Mediterranean: Anti-Asymmetrical Area Denial (A3D)
Authors: Serkan Tezgel, Osman Gül, İskender Cahit Şafak
Abstract:
This paper proposes the application of the Smart Security Concept in the East Mediterranean. Smart Security aims to secure critical infrastructure, such as hydrocarbon platforms, against asymmetrical threats. The concept is based on Anti Asymmetrical Area Denial (A3D) which necessitates limiting freedom of action of maritime terrorists and piracy by founding safe and secure maritime areas through sea lines of communication using short range capabilities.Keywords: Partnership, A3D, Maritime Security, Centers.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18772280 Security Design of Root of Trust Based on RISC-V
Authors: Kang Huang, Wanting Zhou, Shiwei Yuan, Lei Li
Abstract:
Since information technology develops rapidly, the security issue has become an increasingly critical for computer system. In particular, as cloud computing and the Internet of Things (IoT) continue to gain widespread adoption, computer systems need to new security threats and attacks. The Root of Trust (RoT) is the foundation for providing basic trusted computing, which is used to verify the security and trustworthiness of other components. Designing a reliable RoT and guaranteeing its own security are essential for improving the overall security and credibility of computer systems. In this paper, we discuss the implementation of self-security technology based on the RISC-V RoT at the hardware level. To effectively safeguard the security of the RoT, researches on security safeguard technology on the RoT have been studied. At first, a lightweight and secure boot framework is proposed as a secure mechanism. Secondly, two kinds of memory protection mechanism are built to against memory attacks. Moreover, hardware implementation of proposed method has been also investigated. A series of experiments and tests have been carried on to verify to effectiveness of the proposed method. The experimental results demonstrated that the proposed approach is effective in verifying the integrity of the RoT’s own boot rom, user instructions, and data, ensuring authenticity and enabling the secure boot of the RoT’s own system. Additionally, our approach provides memory protection against certain types of memory attacks, such as cache leaks and tampering, and ensures the security of root-of-trust sensitive information, including keys.
Keywords: Root of Trust, secure boot, memory protection, hardware security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 802279 The Security Trade-Offs in Resource Constrained Nodes for IoT Application
Authors: Sultan Alharby, Nick Harris, Alex Weddell, Jeff Reeve
Abstract:
The concept of the Internet of Things (IoT) has received much attention over the last five years. It is predicted that the IoT will influence every aspect of our lifestyles in the near future. Wireless Sensor Networks are one of the key enablers of the operation of IoTs, allowing data to be collected from the surrounding environment. However, due to limited resources, nature of deployment and unattended operation, a WSN is vulnerable to various types of attack. Security is paramount for reliable and safe communication between IoT embedded devices, but it does, however, come at a cost to resources. Nodes are usually equipped with small batteries, which makes energy conservation crucial to IoT devices. Nevertheless, security cost in terms of energy consumption has not been studied sufficiently. Previous research has used a security specification of 802.15.4 for IoT applications, but the energy cost of each security level and the impact on quality of services (QoS) parameters remain unknown. This research focuses on the cost of security at the IoT media access control (MAC) layer. It begins by studying the energy consumption of IEEE 802.15.4 security levels, which is followed by an evaluation for the impact of security on data latency and throughput, and then presents the impact of transmission power on security overhead, and finally shows the effects of security on memory footprint. The results show that security overhead in terms of energy consumption with a payload of 24 bytes fluctuates between 31.5% at minimum level over non-secure packets and 60.4% at the top security level of 802.15.4 security specification. Also, it shows that security cost has less impact at longer packet lengths, and more with smaller packet size. In addition, the results depicts a significant impact on data latency and throughput. Overall, maximum authentication length decreases throughput by almost 53%, and encryption and authentication together by almost 62%.Keywords: Internet of Things, IEEE 802.15.4, security cost evaluation, wireless sensor network, energy consumption.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14912278 A Security Module for Car Appliances
Authors: Pang-Chieh Wang, Ting-Wei Hou, Jung-Hsuan Wu, Bo-Chiuan Chen
Abstract:
In this paper we discuss on the security module for the car appliances to prevent stealing and illegal use on other cars. We proposed an open structure including authentication and encryption by embed a security module in each to protect car appliances. Illegal moving and use a car appliance with the security module without permission will lead the appliance to useless. This paper also presents the component identification and deal with relevant procedures. It is at low cost to recover from destroys by the burglar. Expect this paper to offer the new business opportunity to the automotive and technology industry.Keywords: Automotive, component identification, electronic immobilizer, key management.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18432277 Technology Trend and Level Assessment Using Patent Data for Preliminary Feasibility Study on R and D Program
Authors: Seongmin Yim
Abstract:
The Korean government has applied preliminary feasibility study for new and huge R&D programs since 2008.The study is carried out from the viewpoints of technology, policy, and Economics. Then integrate the separate analysis and finally arrive at a definite result; whether a program is feasible or unfeasible, This paper describes the concept and method of the feasibility analysis focused on technological viability assessment for technical analysis. It consists of technology trend assessment and technology level assessment. Through the analysis, we can determine the chance of schedule delay or cost overrun occurring in the proposed plan.
Keywords: Preliminary Feasibility Study, Technological viability, Technology Trend Assessment, Technology Level Assessment
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18002276 A 10 Giga VPN Accelerator Board for Trust Channel Security System
Authors: Ki Hyun Kim, Jang-Hee Yoo, Kyo Il Chung
Abstract:
This paper proposes a VPN Accelerator Board (VPN-AB), a virtual private network (VPN) protocol designed for trust channel security system (TCSS). TCSS supports safety communication channel between security nodes in internet. It furnishes authentication, confidentiality, integrity, and access control to security node to transmit data packets with IPsec protocol. TCSS consists of internet key exchange block, security association block, and IPsec engine block. The internet key exchange block negotiates crypto algorithm and key used in IPsec engine block. Security Association blocks setting-up and manages security association information. IPsec engine block treats IPsec packets and consists of networking functions for communication. The IPsec engine block should be embodied by H/W and in-line mode transaction for high speed IPsec processing. Our VPN-AB is implemented with high speed security processor that supports many cryptographic algorithms and in-line mode. We evaluate a small TCSS communication environment, and measure a performance of VPN-AB in the environment. The experiment results show that VPN-AB gets a performance throughput of maximum 15.645Gbps when we set the IPsec protocol with 3DES-HMAC-MD5 tunnel mode.Keywords: TCSS(Trust Channel Security System), VPN(VirtualPrivate Network), IPsec, SSL, Security Processor, Securitycommunication.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 20992275 A Proposal for Systematic Mapping Study of Software Security Testing, Verification and Validation
Authors: Adriano Bessa Albuquerque, Francisco Jose Barreto Nunes
Abstract:
Software vulnerabilities are increasing and not only impact services and processes availability as well as information confidentiality, integrity and privacy, but also cause changes that interfere in the development process. Security test could be a solution to reduce vulnerabilities. However, the variety of test techniques with the lack of real case studies of applying tests focusing on software development life cycle compromise its effective use. This paper offers an overview of how a Systematic Mapping Study (MS) about security verification, validation and test (VVT) was performed, besides presenting general results about this study.
Keywords: Software test, software security verification validation and test, security test institutionalization, systematic mapping study.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16242274 An E-Assessment Website to Implement Hierarchical Aggregate Assessment
Authors: M. Lesage, G. Raîche, M. Riopel, F. Fortin, D. Sebkhi
Abstract:
This paper describes a Web server implementation of the hierarchical aggregate assessment process in the field of education. This process describes itself as a field of teamwork assessment where teams can have multiple levels of hierarchy and supervision. This process is applied everywhere and is part of the management, education, assessment and computer science fields. The E-Assessment website named “Cluster” records in its database the students, the course material, the teams and the hierarchical relationships between the students. For the present research, the hierarchical relationships are team member, team leader and group administrator appointments. The group administrators have the responsibility to supervise team leaders. The experimentation of the application has been performed by high school students in geology courses and Canadian army cadets for navigation patrols in teams. This research extends the work of Nance that uses a hierarchical aggregation process similar as the one implemented in the “Cluster” application.
Keywords: E-Learning, E-Assessment, Teamwork Assessment, Hierarchical Aggregate Assessment.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18362273 Domain-based Key Management Scheme for Active Network
Authors: Jong-Whoi Shin, Soon-Tai Park, Chong-Sun Hwang
Abstract:
Active network was developed to solve the problem of the current sharing-based network–difficulty in applying new technology, service or standard, and duplicated operation at several protocol layers. Active network can transport the packet loaded with the executable codes, which enables to change the state of the network node. However, if the network node is placed in the sharing-based network, security and safety issues should be resolved. To satisfy this requirement, various security aspects are required such as authentication, authorization, confidentiality and integrity. Among these security components, the core factor is the encryption key. As a result, this study is designed to propose the scheme that manages the encryption key, which is used to provide security of the comprehensive active directory, based on the domain.Keywords: Active Network, Domain-based Key Management, Security Components.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16732272 Cloud Computing Security for Multi-Cloud Service Providers: Controls and Techniques in our Modern Threat Landscape
Authors: Sandesh Achar
Abstract:
Cloud computing security is a broad term that covers a variety of security concerns for organizations that use cloud services. Multi-cloud service providers must consider several factors when addressing security for their customers, including identity and access management, data at rest and in transit, egress and ingress traffic control, vulnerability and threat management, and auditing. This paper explores each of these aspects of cloud security in detail and provides recommendations for best practices for multi-cloud service providers. It also discusses the challenges inherent in securing a multi-cloud environment and offers solutions for overcoming these challenges. By the end of this paper, readers should have a good understanding of the various security concerns associated with multi-cloud environments in the context of today’s modern cyber threats and how to address them.
Keywords: Multi-cloud service, SOC, system organization control, data loss prevention, DLP, identity and access management, IAM.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 7062271 A Study on the Secure ebXML Transaction Models
Authors: Dongkyoo Shin, Dongil Shin, Sukil Cha, Seyoung Kim
Abstract:
ebXML (Electronic Business using eXtensible Markup Language) is an e-business standard, sponsored by UN/CEFACT and OASIS, which enables enterprises to exchange business messages, conduct trading relationships, communicate data in common terms and define and register business processes. While there is tremendous e-business value in the ebXML, security remains an unsolved problem and one of the largest barriers to adoption. XML security technologies emerging recently have extensibility and flexibility suitable for security implementation such as encryption, digital signature, access control and authentication. In this paper, we propose ebXML business transaction models that allow trading partners to securely exchange XML based business transactions by employing XML security technologies. We show how each XML security technology meets the ebXML standard by constructing the test software and validating messages between the trading partners.Keywords: Electronic commerce, e-business standard, ebXML, XML security, secure business transaction.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 17482270 Implementation of SSL Using Information Security Component Interface
Authors: Jong-Whoi Shin, Chong-Sun Hwang
Abstract:
Various security APIs (Application Programming Interfaces) are being used in a variety of application areas requiring the information security function. However, these standards are not compatible, and the developer must use those APIs selectively depending on the application environment or the programming language. To resolve this problem, we propose the standard draft of the information security component, while SSL (Secure Sockets Layer) using the confidentiality and integrity component interface has been implemented to verify validity of the standard proposal. The implemented SSL uses the lower-level SSL component when establishing the RMI (Remote Method Invocation) communication between components, as if the security algorithm had been implemented by adding one more layer on the TCP/IP.Keywords: Component Based Design, Application Programming Interface, Secure Socket Layer, Remote Method Invocation.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15122269 Web Application Security, Attacks and Mitigation
Authors: Ayush Chugh, Gaurav Gupta
Abstract:
Today’s technology is heavily dependent on web applications. Web applications are being accepted by users at a very rapid pace. These have made our work efficient. These include webmail, online retail sale, online gaming, wikis, departure and arrival of trains and flights and list is very long. These are developed in different languages like PHP, Python, C#, ASP.NET and many more by using scripts such as HTML and JavaScript. Attackers develop tools and techniques to exploit web applications and legitimate websites. This has led to rise of web application security; which can be broadly classified into Declarative Security and Program Security. The most common attacks on the applications are by SQL Injection and XSS which give access to unauthorized users who totally damage or destroy the system. This paper presents a detailed literature description and analysis on Web Application Security, examples of attacks and steps to mitigate the vulnerabilities.
Keywords: Attacks, Injection, JavaScript, SQL, Vulnerability, XSS.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 49682268 Enhancing IoT Security: A Blockchain-Based Approach for Preventing Spoofing Attacks
Authors: Salha Alshamrani, Maha Aljohni, Eman Aldhaheri
Abstract:
With the proliferation of Internet of Things (IoT) devices in various industries, there has been a concurrent rise in security vulnerabilities, particularly spoofing attacks. This study explores the potential of blockchain technology in enhancing the security of IoT systems and mitigating these attacks. Blockchain's decentralized and immutable ledger offers significant promise for improving data integrity, transaction transparency, and tamper-proofing. This research develops and implements a blockchain-based IoT architecture and a reference network to simulate real-world scenarios and evaluate a blockchain-integrated intrusion detection system. Performance measures including time delay, security, and resource utilization are used to assess the system's effectiveness, comparing it to conventional IoT networks without blockchain. The results provide valuable insights into the practicality and efficacy of employing blockchain as a security mechanism, shedding light on the trade-offs between speed and security in blockchain deployment for IoT. The study concludes that despite minor increases in time consumption, the security benefits of incorporating blockchain technology into IoT systems outweigh potential drawbacks, demonstrating a significant potential for blockchain in bolstering IoT security.
Keywords: Internet of Thing, Spoofing, IoT, Access control, Blockchain, Raspberry pi.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1182267 Comprehensive Risk Assessment Model in Agile Construction Environment
Authors: Jolanta Tamošaitienė
Abstract:
The article focuses on a developed comprehensive model to be used in an agile environment for the risk assessment and selection based on multi-attribute methods. The model is based on a multi-attribute evaluation of risk in construction, and the determination of their optimality criterion values are calculated using complex Multiple Criteria Decision-Making methods. The model may be further applied to risk assessment in an agile construction environment. The attributes of risk in a construction project are selected by applying the risk assessment condition to the construction sector, and the construction process efficiency in the construction industry accounts for the agile environment. The paper presents the comprehensive risk assessment model in an agile construction environment. It provides a background and a description of the proposed model and the developed analysis of the comprehensive risk assessment model in an agile construction environment with the criteria.
Keywords: Assessment, environment, agile, model, risk.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 11022266 Maintaining User-Level Security in Short Message Service
Authors: T. Arudchelvam, W. W. E. N. Fernando
Abstract:
Mobile phone has become as an essential thing in our life. Therefore, security is the most important thing to be considered in mobile communication. Short message service is the cheapest way of communication via the mobile phones. Therefore, security is very important in the short message service as well. This paper presents a method to maintain the security at user level. Different types of encryption methods are used to implement the user level security in mobile phones. Caesar cipher, Rail Fence, Vigenere cipher and RSA are used as encryption methods in this work. Caesar cipher and the Rail Fence methods are enhanced and implemented. The beauty in this work is that the user can select the encryption method and the key. Therefore, by changing the encryption method and the key time to time, the user can ensure the security of messages. By this work, while users can safely send/receive messages, they can save their information from unauthorised and unwanted people in their own mobile phone as well.
Keywords: SMS, user level security, encryption, mobile communication.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 10652265 Analysis of Threats in Interoperability of Medical Devices
Authors: M. Sandhya, R. M. Madhumitha, Sharmila Sankar
Abstract:
Interoperable medical devices (IMDs) face threats due to the increased attack surface accessible by interoperability and the corresponding infrastructure. Initiating networking and coordination functionalities primarily modify medical systems' security properties. Understanding the threats is a vital first step in ultimately crafting security solutions for such systems. The key to this problem is coming up with some common types of threats or attacks with those of security and privacy, and providing this information as a roadmap. This paper analyses the security issues in interoperability of devices and presents the main types of threats that have to be considered to build a secured system.
Keywords: Interoperability, threats, attacks, medical devices.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15292264 Assessment Methods for Surgical Skill
Authors: Siti Nor Zawani Ahmmad, Eileen Su Lee Ming, Yeong Che Fai, Fauzan Khairi bin Che Harun
Abstract:
The increasingly sophisticated technologies have now been able to provide assistance for surgeons to improve surgical performance through various training programs. Equally important to learning skills is the assessment method as it determines the learning and technical proficiency of a trainee. A consistent and rigorous assessment system will ensure that trainees acquire the specific level of competency prior to certification. This paper reviews the methods currently in use for assessment of surgical skill and some modern techniques using computer-based measurements and virtual reality systems for more quantitative measurementsKeywords: assessment, surgical skill, checklist, global rating, virtual reality
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 24302263 Implementation of Security Algorithms for u-Health Monitoring System
Authors: Jiho Park, Yong-Gyu Lee, Gilwon Yoon
Abstract:
Data security in u-Health system can be an important issue because wireless network is vulnerable to hacking. However, it is not easy to implement a proper security algorithm in an embedded u-health monitoring because of hardware constraints such as low performance, power consumption and limited memory size and etc. To secure data that contain personal and biosignal information, we implemented several security algorithms such as Blowfish, data encryption standard (DES), advanced encryption standard (AES) and Rivest Cipher 4 (RC4) for our u-Health monitoring system and the results were successful. Under the same experimental conditions, we compared these algorithms. RC4 had the fastest execution time. Memory usage was the most efficient for DES. However, considering performance and safety capability, however, we concluded that AES was the most appropriate algorithm for a personal u-Health monitoring system.Keywords: biosignal, data encryption, security measures, u-health
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21302262 Securing Justice: A Critical Analysis of Kenya-s Post 9/11 Security Apparatus
Authors: Peter Ndichu Muriuki
Abstract:
The 9/11 suicide attacks in New York, Washington, D.C., and Pennsylvania, triggered a number of security responses both in the United States of America and other Countries in the World. Kenya, which is an ally and a close partner to North America and Europe, was not left behind. While many states had been parties to numerous terrorism conventions, their response in implementing them had been slow and needed this catalyst. This special case offered a window of opportunity for many “security conscious" regimes in cementing their legal-criminological and political security apparatus. At the international level, the 9/11 case led to the hasty adoption of Security Council resolution 1373 in 2001, which called upon states to adopt wide-ranging and comprehensive steps and strategies to combat international terrorism and to become parties to the relevant international conventions and protocols relating to terrorism. Since then, Kenya has responded with speed in devising social-legal-criminological-political actions.
Keywords: Justice, Policing, Security, Terrorism
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16652261 VANETs: Security Challenges and Future Directions
Authors: Jared Oluoch
Abstract:
Connected vehicles are equipped with wireless sensors that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication. These vehicles will in the near future provide road safety, improve transport efficiency, and reduce traffic congestion. One of the challenges for connected vehicles is how to ensure that information sent across the network is secure. If security of the network is not guaranteed, several attacks can occur, thereby compromising the robustness, reliability, and efficiency of the network. This paper discusses existing security mechanisms and unique properties of connected vehicles. The methodology employed in this work is exploratory. The paper reviews existing security solutions for connected vehicles. More concretely, it discusses various cryptographic mechanisms available, and suggests areas of improvement. The study proposes a combination of symmetric key encryption and public key cryptography to improve security. The study further proposes message aggregation as a technique to overcome message redundancy. This paper offers a comprehensive overview of connected vehicles technology, its applications, its security mechanisms, open challenges, and potential areas of future research.Keywords: VANET, connected vehicles, 802.11p, WAVE, DSRC, trust, security, cryptography.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 22512260 Comparative Analysis and Evaluation of Software Vulnerabilities Testing Techniques
Authors: Khalid Alnafjan, Tazar Hussain, Hanif Ullah, Zia ul haq Paracha
Abstract:
Software and applications are subjected to serious and damaging security threats, these threats are increasing as a result of increased number of potential vulnerabilities. Security testing is an indispensable process to validate software security requirements and to identify security related vulnerabilities. In this paper we analyze and compare different available vulnerabilities testing techniques based on a pre defined criteria using analytical hierarchy process (AHP). We have selected five testing techniques which includes Source code analysis, Fault code injection, Robustness, Stress and Penetration testing techniques. These testing techniques have been evaluated against five criteria which include cost, thoroughness, Ease of use, effectiveness and efficiency. The outcome of the study is helpful for researchers, testers and developers to understand effectiveness of each technique in its respective domain. Also the study helps to compare the inner working of testing techniques against a selected criterion to achieve optimum testing results.
Keywords: Software Security, Security Testing, Testing techniques, vulnerability, AHP.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2898