Search results for: security assessment
2259 A Biometric Template Security Approach to Fingerprints Based on Polynomial Transformations
Authors: Ramon Santana
Abstract:
The use of biometric identifiers in the field of information security, access control to resources, authentication in ATMs and banking among others, are of great concern because of the safety of biometric data. In the general architecture of a biometric system have been detected eight vulnerabilities, six of them allow obtaining minutiae template in plain text. The main consequence of obtaining minutia templates is the loss of biometric identifier for life. To mitigate these vulnerabilities several models to protect minutiae templates have been proposed. Several vulnerabilities in the cryptographic security of these models allow to obtain biometric data in plain text. In order to increase the cryptographic security and ease of reversibility, a minutiae templates protection model is proposed. The model aims to make the cryptographic protection and facilitate the reversibility of data using two levels of security. The first level of security is the data transformation level. In this level generates invariant data to rotation and translation, further transformation is irreversible. The second level of security is the evaluation level, where the encryption key is generated and data is evaluated using a defined evaluation function. The model is aimed at mitigating known vulnerabilities of the proposed models, basing its security on the impossibility of the polynomial reconstruction.Keywords: Fingerprint, template protection, bio-cryptography, minutiae protection.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 8422258 Towards a Security Model against Denial of Service Attacks for SIP Traffic
Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla
Abstract:
Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.
Keywords: Denial-of-service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 9912257 Efficacy of Self-Assessment in Written Production among High School Students
Authors: Yoko Suganuma Oi
Abstract:
The purpose of the present study is to find the efficacy of high school student self-assessment of written production. It aimed to explore the following two research questions: 1) How is topic development of their written production improved after student self-assessment and teacher feedback? 2) Does the consistency between student self-assessment and teacher assessment develop after student self-assessment and teacher feedback? The data came from the written production of 82 Japanese high school students aged from 16 to 18 years old, an American English teacher and one Japanese English teacher. Students were asked to write English compositions, about 150 words, for thirty minutes without using dictionaries. It was conducted twice at intervals of two months. Students were supposed to assess their own compositions by themselves. Teachers also assessed students’ compositions using the same assessment sheet. The results showed that both teachers and students assessed the second compositions higher than the first compositions. However, there was not the development of the consistency in coherence.Keywords: Feedback, self-assessment, topic development.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 19012256 No-Reference Image Quality Assessment using Blur and Noise
Authors: Min Goo Choi, Jung Hoon Jung, Jae Wook Jeon
Abstract:
Assessment for image quality traditionally needs its original image as a reference. The conventional method for assessment like Mean Square Error (MSE) or Peak Signal to Noise Ratio (PSNR) is invalid when there is no reference. In this paper, we present a new No-Reference (NR) assessment of image quality using blur and noise. The recent camera applications provide high quality images by help of digital Image Signal Processor (ISP). Since the images taken by the high performance of digital camera have few blocking and ringing artifacts, we only focus on the blur and noise for predicting the objective image quality. The experimental results show that the proposed assessment method gives high correlation with subjective Difference Mean Opinion Score (DMOS). Furthermore, the proposed method provides very low computational load in spatial domain and similar extraction of characteristics to human perceptional assessment.Keywords: No Reference, Image Quality Assessment, blur, noise.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 38792255 Design and Implementation of Security Middleware for Data Warehouse Signature Framework
Authors: Mayada AlMeghari
Abstract:
Recently, grid middlewares have provided large integrated use of network resources as the shared data and the CPU to become a virtual supercomputer. In this work, we present the design and implementation of the middleware for Data Warehouse Signature (DWS) Framework. The aim of using the middleware in the proposed DWS framework is to achieve the high performance by the parallel computing. This middleware is developed on Alchemi.Net framework to increase the security among the network nodes through the authentication and group-key distribution model. This model achieves the key security and prevents any intermediate attacks in the middleware. This paper presents the flow process structures of the middleware design. In addition, the paper ensures the implementation of security for DWS middleware enhancement with the authentication and group-key distribution model. Finally, from the analysis of other middleware approaches, the developed middleware of DWS framework is the optimal solution of a complete covering of security issues.
Keywords: Middleware, parallel computing, data warehouse, security, group-key, high performance.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3382254 Taxonomy of Structured P2P Overlay Networks Security Attacks
Authors: Zied Trifa, Maher Khemakhem
Abstract:
The survey and classification of the different security attacks in structured peer-to-peer (P2P) overlay networks can be useful to computer system designers, programmers, administrators, and users. In this paper, we attempt to provide a taxonomy of structured P2P overlay networks security attacks. We have specially focused on the way these attacks can arise at each level of the network. Moreover, we observed that most of the existing systems such as Content Addressable Network (CAN), Chord, Pastry, Tapestry, Kademlia, and Viceroy suffer from threats and vulnerability which lead to disrupt and corrupt their functioning. We hope that our survey constitutes a good help for who-s working on this area of research.Keywords: P2P, Structured P2P Overlay Networks, DHT, Security, classification
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 17632253 Information System Security Effectiveness Attributes: A Tanzanian Company Case Study
Authors: Nerey H. Mvungi, Mosses Makoko
Abstract:
In today-s highly globalised and competitive world access to information plays key role in having an upper hand between business rivals. Hence, proper protection of such crucial resource is core to any modern business. Implementing a successful information security system is basically centered around three pillars; technical solution involving both software and hardware, information security controls to translate the policies and procedure in the system and the people to implement. This paper shows that a lot needs to be done for countries adapting information technology to process, store and distribute information to secure adequately such core resource.Keywords: security, information systems, controls, technology, practices.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 26132252 Classification of Attaks over Cloud Environment
Authors: Karim Abouelmehdi, Loubna Dali, Elmoutaoukkil Abdelmajid, Hoda Elsayed Eladnani Fatiha, Benihssane Abderahim
Abstract:
The security of cloud services is the concern of cloud service providers. In this paper, we will mention different classifications of cloud attacks referred by specialized organizations. Each agency has its classification of well-defined properties. The purpose is to present a high-level classification of current research in cloud computing security. This classification is organized around attack strategies and corresponding defenses.Keywords: Cloud computing, security, classification, risk.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 20832251 Organizational Data Security in Perspective of Ownership of Mobile Devices Used by Employees for Works
Authors: B. Ferdousi, J. Bari
Abstract:
With advancement of mobile computing, employees are increasingly doing their job-related works using personally owned mobile devices or organization owned devices. The Bring Your Own Device (BYOD) model allows employees to use their own mobile devices for job-related works, while Corporate Owned, Personally Enabled (COPE) model allows both organizations and employees to install applications onto organization-owned mobile devices used for job-related works. While there are many benefits of using mobile computing for job-related works, there are also serious concerns of different levels of threats to the organizational data security. Consequently, it is crucial to know the level of threat to the organizational data security in the BOYD and COPE models. It is also important to ensure that employees comply with the organizational data security policy. This paper discusses the organizational data security issues in perspective of ownership of mobile devices used by employees, especially in BYOD and COPE models. It appears that while the BYOD model has many benefits, there are relatively more data security risks in this model than in the COPE model. The findings also showed that in both BYOD and COPE environments, a more practical approach towards achieving secure mobile computing in organizational setting is through the development of comprehensive cybersecurity policies balancing employees’ need for convenience with organizational data security. The study helps to figure out the compliance and the risks of security breach in BYOD and COPE models.
Keywords: Data security, mobile computing, BYOD, COPE, cybersecurity policy, cybersecurity compliance.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3732250 The Application of Regulatory Impact Assessment (RIA) on the Czech Financial Market
Authors: Jana Chvalkovska, Petr Jansky, Petr Teply
Abstract:
The impact assessment in its various forms has recently become a very important part of policy-making and legislation in many different countries. Regulatory impact assessment (RIA) is yet another set of analytical methods deployed in the legislation of the European Union, of many developed countries as well as in many developing ones such as Mexico, Malaysia and Philippines. The aim of this paper is to provide a theoretical background for economic models in regulatory impact assessment and an overview of their application especially on the financial market in the Czech Republic. We found out an inadequate application of these models, what makes room for further research in this field.Keywords: regulatory impact assessment, RIA, impact evaluation, building societies, Czech Republic
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14602249 Extending the Aspect Oriented Programming Joinpoint Model for Memory and Type Safety
Authors: Amjad Nusayr
Abstract:
Software security is a general term used to any type of software architecture or model in which security aspects are incorporated in this architecture. These aspects are not part of the main logic of the underlying program. Software security can be achieved using a combination of approaches including but not limited to secure software designs, third part component validation, and secure coding practices. Memory safety is one feature in software security where we ensure that any object in memory is have a valid pointer or a reference with a valid type. Aspect Oriented Programming (AOP) is a paradigm that is concerned with capturing the cross-cutting concerns in code development. AOP is generally used for common cross-cutting concerns like logging and Database transaction managing. In this paper we introduce the concepts that enable AOP to be used for the purpose of memory and type safety. We also present ideas for extending AOP in software security practices.
Keywords: Aspect oriented programming, programming languages, software security, memory and type safety.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4152248 Peer Assessment in the Context of Project-Based Learning Online
Authors: Y. Benjelloun Touimi, N. Faddouli, S. Bennani, M. Khalidi Idrissi
Abstract:
The pedagogy project has been proven as an active learning method, which is used to develop learner-s skills and knowledge.The use of technology in the learning world, has filed several gaps in the implementation of teaching methods, and online evaluation of learners. However, the project methodology presents challenges in the assessment of learners online. Indeed, interoperability between E-learning platforms (LMS) is one of the major challenges of project-based learning assessment. Firstly, we have reviewed the characteristics of online assessment in the context of project-based teaching. We addressed the constraints encountered during the peer evaluation process. Our approach is to propose a meta-model, which will describe a language dedicated to the conception of peer assessment scenario in project-based learning. Then we illustrate our proposal by an instantiation of the meta-model through a business process in a scenario of collaborative assessment on line.Keywords: Online project based learning, meta-model, peer assessment process.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 23722247 Computer-Based Assessment of Pre-assigned Individual Education Plans in Special Education
Authors: Yasar Guneri Sahin, Mehmet Cudi Okur
Abstract:
Assessment of IEP (Individual Education Plan) is an important stage in the area of special education. This paper deals with this problem by introducing computer software which process the data gathered from application of IEP. The software is intended to be used by special education institution in Turkey and allows assessment of school and family trainings. The software has a user friendly interface and its design includes graphical developer tools.Keywords: Disabled individual, software for education, assessment of education, special education.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16052246 Comparison of Valuation Techniques for Bone Age Assessment
Authors: N. Olarte L, A. Rubiano F, A. Mejía F.
Abstract:
This comparison of valuation techniques for bone age assessment is a work carried out by the Telemedicine Research Group of the Military University - TIGUM, as a preliminary to the Design and development a treatment system of hand and wrist radiological images for children aged 0-6 years to bone age assessment . In this paper the techniques mentioned for decades have been the most widely used and the statistically significant. Althought, initially with the current project, it wants to work with children who have limit age, this comparison and evaluation techniques work will help in the future to expand the study subject in the system to bone age assessment, implementing more techniques, tools and deeper analysis to accomplish this purpose.Keywords: Atlas, Bone Age Assessment, Hand and Wrist Radiograph, Image Processing
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 25122245 Biometric Steganography Using Variable Length Embedding
Authors: Souvik Bhattacharyya, Indradip Banerjee, Anumoy Chakraborty, Gautam Sanyal
Abstract:
Recent growth in digital multimedia technologies has presented a lot of facilities in information transmission, reproduction and manipulation. Therefore, the concept of information security is one of the superior articles in the present day situation. The biometric information security is one of the information security mechanisms. It has the advantages as well as disadvantages. The biometric system is at risk to a range of attacks. These attacks are anticipated to bypass the security system or to suspend the normal functioning. Various hazards have been discovered while using biometric system. Proper use of steganography greatly reduces the risks in biometric systems from the hackers. Steganography is one of the fashionable information hiding technique. The goal of steganography is to hide information inside a cover medium like text, image, audio, video etc. through which it is not possible to detect the existence of the secret information. Here in this paper a new security concept has been established by making the system more secure with the help of steganography along with biometric security. Here the biometric information has been embedded to a skin tone portion of an image with the help of proposed steganographic technique.
Keywords: Biometrics, Skin tone detection, Series, Polynomial, Cover Image, Stego Image.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 26702244 Improving the Security of Internet of Things Using Encryption Algorithms
Authors: Amirhossein Safi
Abstract:
Internet of things (IOT) is a kind of advanced information technology which has drawn societies’ attention. Sensors and stimulators are usually recognized as smart devices of our environment. Simultaneously, IOT security brings up new issues. Internet connection and possibility of interaction with smart devices cause those devices to involve more in human life. Therefore, safety is a fundamental requirement in designing IOT. IOT has three remarkable features: overall perception, reliable transmission, and intelligent processing. Because of IOT span, security of conveying data is an essential factor for system security. Hybrid encryption technique is a new model that can be used in IOT. This type of encryption generates strong security and low computation. In this paper, we have proposed a hybrid encryption algorithm which has been conducted in order to reduce safety risks and enhancing encryption's speed and less computational complexity. The purpose of this hybrid algorithm is information integrity, confidentiality, non-repudiation in data exchange for IOT. Eventually, the suggested encryption algorithm has been simulated by MATLAB software, and its speed and safety efficiency were evaluated in comparison with conventional encryption algorithm.
Keywords: Internet of things, security, hybrid algorithm, privacy.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 41972243 Alignment between Understanding and Assessment Practice among Secondary School Teachers
Authors: Eftah Bte. Moh @ Hj Abdullah, Izazol Binti Idris, Abd Aziz Bin Abd Shukor
Abstract:
This study aimed to identify the alignment of understanding and assessment practices among secondary school teachers. The study was carried out using quantitative descriptive study. The sample consisted of 164 teachers who taught Form 1 and 2 from 11 secondary schools in the district of North Kinta, Perak, Malaysia. Data were obtained from 164 respondents who answered Expectation Alignment Understanding and Practices of School Assessment (PEKDAPS) questionnaire. The data were analysed using SPSS 17.0+. The Cronbach’s alpha value obtained through PEKDAPS questionnaire pilot study was 0.86. The results showed that teachers' performance in PEKDAPS based on the mean value was less than 3, which means that perfect alignment does not occur between the understanding and practices of school assessment. Two major PEKDAPS sub-constructs of articulation across grade and age and usability of the system were higher than the moderate alignment of the understanding and practices of school assessment (Min=2.0). The content focused of PEKDAPs sub-constructs which showed lower than the moderate alignment of the understanding and practices of school assessment (Min=2.0). Another two PEKDAPS subconstructs of transparency and fairness and the pedagogical implications showed moderate alignment (2.0). The implications of the study is that teachers need to fully understand the importance of alignment among components of assessment, learning and teaching and learning objectives as strategies to achieve quality assessment process.
Keywords: Alignment, assessment practices, School Based Assessment, understanding.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 20022242 Analysis of Suitability of Online Assessment by Maintaining Critical Thinking
Authors: Mohamed Chabi, Mohammad Shahid Jamil, Mahmoud I Syam
Abstract:
The purpose of this study is to determine whether paper assessment especially in the subject mathematics will ever be completely replaced by online assessment using Learning Management System and Content Management System such as blackboard. Testing students has moved from the traditional scribbling and sketching on paper towards working online on a screen and keyboard. It is found that online assessment by using selective types of questions like multiple choices, true or false and final answer questions don’t reflect the actual understanding of students in solving the problems and teachers can’t determine the weakness points of students. In addition, it is showed that OBMCQs are a very good tool for self-assessment and when teachers are testing for knowledge and facts. But when it comes to the skills, OBMCQs are poor tools for measuring the ability to apply knowledge to complex math problem.
Keywords: Paper assessment, online assessment, learning management system, content management system.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 20372241 Privacy of RFID Systems: Security of Personal Data for End-Users
Authors: Firoz Khan
Abstract:
Privacy of RFID systems is receiving increasing attention in the RFID community. RFID privacy is important as the RFID tags will be attached to all kinds of products and physical objects including people. The possible abuse or excessive use of RFID tracking capability by malicious users can lead to potential privacy violations. In this paper, we will discuss how the different industries use RFID and the potential privacy and security issues while RFID is implemented in these industries. Although RFID technology offers interesting services to customer and retailers, it could also endanger the privacy of end-users. Personal data can be leaked if a protection mechanism is not deployed in the RFID systems. The paper summarizes many different solutions for implementing privacy and security while deploying RFID systems.Keywords: RFID, privacy, security, encryption.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 9752240 A Worst Case Estimation of the Inspection Rate by a Berthing Policy in a Container Terminal
Authors: K.H. Yang
Abstract:
After the terrorist attack on September 11, 2001 in U.S., the container security issue got high attention, especially by U.S. government, which deployed a lot of measures to promote or improve security systems. U.S. government not only enhances its national security system, but allies with other countries against the potential terrorist attacks in the future. For example CSI (Container Security Initiative), it encourages foreign ports outside U.S. to become CSI ports as a part of U.S. anti-terrorism network. Although promotion of the security could partly reach the goal of anti-terrorism, that will influence the efficiency of container supply chain, which is the main concern when implementing the inspection measurements. This paper proposes a quick estimation methodology for an inspection service rate by a berth allocation heuristic such that the inspection activities will not affect the original container supply chain. Theoretical and simulation results show this approach is effective.Keywords: Berth allocation, Container, Heuristic, Inspection.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14112239 Regional Security Issue: Central Asian Countries and NATO Cooperation (On the Example of Kazakhstan)
Authors: Karakulov Y., Baizakova K.
Abstract:
Kazakhstan attaches the great importance to cooperation with European countries within the framework of multilateral security organizations such as NATO. Cooperation of Kazakhstan with the NATO is a prominent aspect of strengthening of regional security of republic. It covers a wide spectrum of areas, such as reform of sector of defense and security, military operative compatibility of armed forces of NATO member-countries and Kazakhstan, civil emergency planning and scientific cooperation. The cooperation between Kazakhstan and NATO is based on the mutual interests of neighboring republics in the region so that the existing forms of cooperation between Kazakhstan and NATO will not be negatively perceived both in Asia as well as among CIS countries. Kazakhstan tailors its participation in the PfP programme through an annual Individual Partnership Programme, selecting those activities that will help achieve the goals it has set in the IPAP. Level of cooperation within the limits of PfP essentially differs on each republic. Cooperation with Kazakhstan progressed most of all since has been signed IPAP from the NATOKeywords: Central Asia, Kazakhstan, NATO cooperation, regional security
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21692238 AES and ECC Mixed for ZigBee Wireless Sensor Security
Authors: Saif Al-alak, Zuriati Ahmed, Azizol Abdullah, Shamala Subramiam
Abstract:
In this paper, we argue the security protocols of ZigBee wireless sensor network in MAC layer. AES 128-bit encryption algorithm in CCM* mode is secure transferred data; however, AES-s secret key will be break within nearest future. Efficient public key algorithm, ECC has been mixed with AES to rescue the ZigBee wireless sensor from cipher text and replay attack. Also, the proposed protocol can parallelize the integrity function to increase system performance.Keywords: AES, ECC, Multi-level security, ZigBee
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 33812237 Implicit Authorization Mechanism of Object-Oriented Database
Authors: Haibo Hu, Hong Xiang
Abstract:
Due to its special data structure and manipulative principle, Object-Oriented Database (OODB) has a particular security protection and authorization methods. This paper first introduces the features of security mechanism about OODB, and then talked about authorization checking process of OODB. Implicit authorization mechanism is based on the subject hierarchies, object hierarchies and access hierarchies of the security authorization modes, and simplifies the authorization mode. In addition, to combine with other authorization mechanisms, implicit authorization can make protection on the authorization of OODB expediently and effectively.
Keywords: Object-oriented database(OODB), security protection, authorization mechanism, implicit authorization, authorization check.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 17222236 Design and Development of an Efficient and Cost-Effective Microcontroller-Based Irrigation Control System to Enhance Food Security
Authors: Robert A. Sowah, Stephen K. Armoo, Koudjo M. Koumadi, Rockson Agyeman, Seth Y. Fiawoo
Abstract:
The development of the agricultural sector in Ghana has been reliant on the use of irrigation systems to ensure food security. However, the manual operation of these systems has not facilitated their maximum efficiency due to human limitations. This paper seeks to address this problem by designing and implementing an efficient, cost effective automated system which monitors and controls the water flow of irrigation through communication with an authorized operator via text messages. The automatic control component of the system is timer based with an Atmega32 microcontroller and a real time clock from the SM5100B cellular module. For monitoring purposes, the system sends periodic notification of the system on the performance of duty via SMS to the authorized person(s). Moreover, the GSM based Irrigation Monitoring and Control System saves time and labour and reduces cost of operating irrigation systems by saving electricity usage and conserving water. Field tests conducted have proven its operational efficiency and ease of assessment of farm irrigation equipment due to its costeffectiveness and data logging capabilities.
Keywords: Agriculture, control system, data logging, food security, irrigation system, microcontroller.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 52082235 Vulnerabilities of IEEE 802.11i Wireless LAN CCMP Protocol
Authors: M. Junaid , Muid Mufti, M. Umar Ilyas
Abstract:
IEEE has recently incorporated CCMP protocol to provide robust security to IEEE 802.11 wireless LANs. It is found that CCMP has been designed with a weak nonce construction and transmission mechanism, which leads to the exposure of initial counter value. This weak construction of nonce renders the protocol vulnerable to attacks by intruders. This paper presents how the initial counter can be pre-computed by the intruder. This vulnerability of counter block value leads to pre-computation attack on the counter mode encryption of CCMP. The failure of the counter mode will result in the collapse of the whole security mechanism of 802.11 WLAN.
Keywords: Information Security, Cryptography, IEEE 802.11i, Computer security, Wireless LAN
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 26932234 Enhancing Security and Privacy Protocols in Telehealth: A Comprehensive Approach across IoT/Fog/Cloud Environments
Authors: Yunyong Guo, Man Wang, Bryan Guo, Nathan Guo
Abstract:
This paper presents an advanced security and privacy model tailored for Telehealth systems, emphasizing end-to-end protection across IoT, Fog, and Cloud components. The proposed model integrates encryption, key management, intrusion detection, and privacy-preserving measures to safeguard patient data. A comprehensive simulation study evaluates the model's effectiveness in scenarios such as unauthorized access, physical breaches, and insider threats. Results indicate notable success in detecting and mitigating threats yet underscore areas for refinement. The study contributes insights into the intricate balance between security and usability in Telehealth environments, setting the stage for continued advancements.
Keywords: Cloud, enhancing security, Fog, IoT, telehealth.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 622233 Integrating Blockchain and Internet of Things Platforms: An Empirical Study on Immunization Cold Chain
Authors: F. Abujalala, A. Elmangoush, M. Ashibani
Abstract:
The adoption of Blockchain technology introduces the possibility to decentralize cold chain systems. This adaptation enhances them to be more efficient, accessible, verifiable, and data security. Additionally, the Internet of Things (IoT) concept is considered as an added-value to various application domains. Cargo tracking and cold chain are a few to name. However, the security of the IoT transactions and integrated devices remains one of the key challenges to the IoT application’s success. Consequently, Blockchain technology and its consensus protocols have been used to solve many information security problems. In this paper, we discuss the advantages of integrating Blockchain technology into IoT platform to improve security and provide an overview of existing literature on integrating Blockchain and IoT platforms. Then, we present the immunization cold chain solution as a use-case that could be applied to any critical goods based on integrating Hyperledger fabric platform and IoT platform.
Keywords: Blockchain, Hyperledger fabric, internet of things, security, traceability.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 7482232 Health Risk Assessment of PET Bottles in GCC
Authors: M. M. Mortula
Abstract:
Bottle water is getting very popular all through the world; especially in the gulf countries as the main source of drinking water. However, concerns over leaching of toxic chemicals are increasing. In this study, a health risk assessment was conducted in accordance with the guidelines indicated by United States Environmental Protection Agency (USEPA). It is conducted based on leaching of Diethyl Phthalate (DEP) from Polyethylene terephthalate (PET). The toxicity and exposure assessment of diethyl phthalate was conducted to characterize its risk on human health. Risk management is also discussed.Keywords: Toxicity, diethyl phthalate, PET, risk Assessment.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 41522231 A Programming Assessment Software Artefact Enhanced with the Help of Learners
Authors: Romeo A. Botes, Imelda Smit
Abstract:
The demands of an ever changing and complex higher education environment, along with the profile of modern learners challenge current approaches to assessment and feedback. More learners enter the education system every year. The younger generation expects immediate feedback. At the same time, feedback should be meaningful. The assessment of practical activities in programming poses a particular problem, since both lecturers and learners in the information and computer science discipline acknowledge that paper-based assessment for programming subjects lacks meaningful real-life testing. At the same time, feedback lacks promptness, consistency, comprehensiveness and individualisation. Most of these aspects may be addressed by modern, technology-assisted assessment. The focus of this paper is the continuous development of an artefact that is used to assist the lecturer in the assessment and feedback of practical programming activities in a senior database programming class. The artefact was developed using three Design Science Research cycles. The first implementation allowed one programming activity submission per assessment intervention. This pilot provided valuable insight into the obstacles regarding the implementation of this type of assessment tool. A second implementation improved the initial version to allow multiple programming activity submissions per assessment. The focus of this version is on providing scaffold feedback to the learner – allowing improvement with each subsequent submission. It also has a built-in capability to provide the lecturer with information regarding the key problem areas of each assessment intervention.
Keywords: Programming, computer-aided assessment, technology-assisted assessment, programming assessment software, design science research, mixed-method.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 9942230 A Practice of Zero Trust Architecture in Financial Transactions
Authors: L. Wang, Y. Chen, T. Wu, S. Hu
Abstract:
In order to enhance the security of critical financial infrastructure, this study carries out a transformation of the architecture of a financial trading terminal to a zero trust architecture (ZTA), constructs an active defense system for the cybersecurity, improves the security level of trading services in the Internet environment, enhances the ability to prevent network attacks and unknown risks, and reduces the industry and security risks brought about by cybersecurity risks. This study introduces Software Defined Perimeter (SDP) technology of ZTA, adapts and applies it to a financial trading terminal to achieve security optimization and fine-grained business grading control. The upgraded architecture of the trading terminal moves security protection forward to the user access layer, replaces VPN to optimize remote access and significantly improves the security protection capability of Internet transactions. The study achieves: 1. deep integration with the access control architecture of the transaction system; 2. no impact on the performance of terminals and gateways, and no perception of application system upgrades; 3. customized checklist and policy configuration; 4. introduction of industry-leading security technology such as single-packet authorization (SPA) and secondary authentication. This study carries out a successful application of ZTA in the field of financial trading, and provides transformation ideas for other similar systems while improving the security level of financial transaction services in the Internet environment.
Keywords: Zero trust, trading terminal, architecture, network security, cybersecurity.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 222