Search results for: Security Oriented Information System.

Authors: T. Männistö, M. Finger

Abstract:

The events of October 2010, where terrorists managed to get explosive devices onboard of three passenger aircrafts and two air freighters, demonstrated weaknesses of the international air cargo and airmail security. Ever since, postal security has gained interest among policymakers and authorities. This study augments the limited body of academic literature on the topic bydemarcating areas of postal security, identifying relevant stakeholders in each area, and investigating why these stakeholders engage in postal security. Research is based on a case study on Swiss Post’s mail service.

Keywords: Dangerous goods, mail bombs, postal security, supply chain security, theft of mail, trafficking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1683

Authors: Somlak Wannarumon, Apichai Ritvirool, Thana Boonrit

Abstract:

The paper proposes a new concept in developing collaborative design system. The concept framework involves applying simulation of supply chain management to collaborative design called – 'SCM–Based Design Tool'. The system is developed particularly to support design activities and to integrate all facilities together. The system is aimed to increase design productivity and creativity. Therefore, designers and customers can collaborate by the system since conceptual design. JAG: Jewelry Art Generator based on artificial intelligence techniques is integrated into the system. Moreover, the proposed system can support users as decision tool and data propagation. The system covers since raw material supply until product delivery. Data management and sharing information are visually supported to designers and customers via user interface. The system is developed on Web–assisted product development environment. The prototype system is presented for Thai jewelry industry as a system prototype demonstration, but applicable for other industry.

Keywords: Collaborative design, evolutionary art, jewelry design, supply chain management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1743

Authors: Somlak Wannarumon, Apichai Ritvirool, Thana Boonrit

Abstract:

The paper proposes a new concept in developing collaborative design system. The concept framework involves applying simulation of supply chain management to collaborative design called – 'SCM–Based Design Tool'. The system is developed particularly to support design activities and to integrate all facilities together. The system is aimed to increase design productivity and creativity. Therefore, designers and customers can collaborate by the system since conceptual design. JAG: Jewelry Art Generator based on artificial intelligence techniques is integrated into the system. Moreover, the proposed system can support users as decision tool and data propagation. The system covers since raw material supply until product delivery. Data management and sharing information are visually supported to designers and customers via user interface. The system is developed on Web–assisted product development environment. The prototype system is presented for Thai jewelry industry as a system prototype demonstration, but applicable for other industry.

Keywords: Collaborative design, evolutionary art, jewelry design, supply chain management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1541

Authors: Marco Antonio Lara De la Calleja, María Catalina Ovando Chico, Eduardo Lopez Ruiz

Abstract:

Community empowerment has been proved to be a key element in the solution of the food security problem. As a result of a conceptual analysis, it was found that agricultural production, economic development and governance, are the traditional basis of food security models. Although the literature points to social inclusion as an important factor for food security, no model has considered it as the basis of it. The aim of this research is to identify different dimensions that make an integral model for food security, with emphasis on community empowerment. A diagnosis was made in the study community (Tatoxcac, Zacapoaxtla, Puebla), to know the aspects that impact the level of food insecurity. With a statistical sample integrated by 200 families, the Latin American and Caribbean Food Security Scale (ELCSA) was applied, finding that: in households composed by adults and children, have moderated food insecurity, (ELCSA scale has three levels, low, moderated and high); that result is produced mainly by the economic income capacity and the diversity of the diet on its food. With that being said, a model was developed to promote food security through five dimensions: 1. Regional context of the community; 2. Structure and system of local food; 3. Health and nutrition; 4. Information and technology access; and 5. Self-awareness and empowerment. The specific actions on each axis of the model, allowed a systemic approach needed to attend food security in the community, through the empowerment of society. It is concluded that the self-awareness of local communities is an area of extreme importance, which must be taken into account for participatory schemes to improve food security. In the long term, the model requires the integrated participation of different actors, such as government, companies and universities, to solve something such vital as food security.

Keywords: Community empowerment, food security, model, systemic approach.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1402

Authors: Sokjoon Lee, Howon Kim, Kyoil Chung

Abstract:

RFID system, in which we give identification number to each item and detect it with radio frequency, supports more variable service than barcode system can do. For example, a refrigerator with RFID reader and internet connection will automatically notify expiration of food validity to us. But, in spite of its convenience, RFID system has some security threats, because anybody can get ID information of item easily. One of most critical threats is privacy invasion. Existing privacy protection schemes or systems have been proposed, and these schemes or systems defend normal users from attempts that any attacker tries to get information using RFID tag value. But, these systems still have weakness that attacker can get information using analogous value instead of original tag value. In this paper, we mention this type of attack more precisely and suggest 'Tag Broker Model', which can defend it. Tag broker in this model translates original tag value to random value, and user can only get random value. Attacker can not use analogous tag value, because he/she is not able to know original one from it.

Keywords: Broker, EPC, Privacy, RFID.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1658

Authors: Shang-Ping Lin, Shi-Hwa Lo, Ho-Li Yang

Abstract:

Company mergers and acquisitions reached their peak in the twenty-first century. Mergers and acquisitions have become one of the competitive strategies for external growth. In general, it is believed that mergers and acquisitions can create synergies. However, they require complete information technology system and service integration, especially in the banking industry. Much of the research has focused on performance evaluation, shareholder equity allocation, or even the increase of company market value after the merger and acquisition, whereas few scholars have focused on information system integration post merger and acquisition. This study indicates the role of information systems after a merger and acquisition, explaining the benefits of information system integration using a merger and acquisition case in the banking industry as an example. In addition, we discuss factors that affect the performance of information system integration, and utilize system dynamics to interpret the relationship among factors that affect information system integration performance in the banking industry after a merger and acquisition.

Keywords: Merger and Acquisition, Information SystemIntegration, System Dynamics

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 5272

Authors: Š. Čemerková, M. Wilczková

Abstract:

The paper deals with the importance of information flow for providing of defined level of customer service in the firms. Setting of the criteria for the selection and implementation of logistics information system is a prerequisite for ensuring of the flow of information in firms. The decision on the selection and implementation of logistics information system is linked to the investment costs and operating costs, which are included in the total logistics costs. The article also deals with the conclusions of the research focused on the logistics information system selection in companies in the Czech Republic.

Keywords: Customer service, information system, logistics, research.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1670

Authors: Jehad Al Dallal

Abstract:

Attributes and methods are the basic contents of an object-oriented class. The connectivity among these class members and the relationship between the class and other classes play an important role in determining the quality of an object-oriented system. Class cohesion evaluates the degree of relatedness of class attributes and methods, whereas class coupling refers to the degree to which a class is related to other classes. Researchers have proposed several class cohesion and class coupling measures. However, the correlation between class coupling and class cohesion measures has not been thoroughly studied. In this paper, using classes of three open-source Java systems, we empirically investigate the correlation between several measures of connectivity-based class cohesion and coupling. Four connectivity-based cohesion measures and eight coupling measures are considered in the empirical study. The empirical study results show that class connectivity-based cohesion and coupling internal quality attributes are inversely correlated. The strength of the correlation depends highly on the cohesion and coupling measurement approaches.

Keywords: Object-oriented class, software quality, class cohesion measure, class coupling measure.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2390

Authors: Souvik Bhattacharyya, Gautam Sanyal

Abstract:

Recent years have witnessed the rapid development of the Internet and telecommunication techniques. Information security is becoming more and more important. Applications such as covert communication, copyright protection, etc, stimulate the research of information hiding techniques. Traditionally, encryption is used to realize the communication security. However, important information is not protected once decoded. Steganography is the art and science of communicating in a way which hides the existence of the communication. Important information is firstly hidden in a host data, such as digital image, video or audio, etc, and then transmitted secretly to the receiver.In this paper a data hiding model with high security features combining both cryptography using finite state sequential machine and image based steganography technique for communicating information more securely between two locations is proposed. The authors incorporated the idea of secret key for authentication at both ends in order to achieve high level of security. Before the embedding operation the secret information has been encrypted with the help of finite-state sequential machine and segmented in different parts. The cover image is also segmented in different objects through normalized cut.Each part of the encoded secret information has been embedded with the help of a novel image steganographic method (PMM) on different cuts of the cover image to form different stego objects. Finally stego image is formed by combining different stego objects and transmit to the receiver side. At the receiving end different opposite processes should run to get the back the original secret message.

Keywords: Cover Image, Finite state sequential machine, Melaymachine, Pixel Mapping Method (PMM), Stego Image, NCUT.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2261

Authors: Adriano Bessa Albuquerque, Francisco Jose Barreto Nunes

Abstract:

Software vulnerabilities are increasing and not only impact services and processes availability as well as information confidentiality, integrity and privacy, but also cause changes that interfere in the development process. Security test could be a solution to reduce vulnerabilities. However, the variety of test techniques with the lack of real case studies of applying tests focusing on software development life cycle compromise its effective use. This paper offers an overview of how a Systematic Mapping Study (MS) about security verification, validation and test (VVT) was performed, besides presenting general results about this study.

Keywords: Software test, software security verification validation and test, security test institutionalization, systematic mapping study.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1624

Authors: Jehad Al Dallal

Abstract:

Class cohesion is an important object-oriented software quality attribute. It indicates how much the members in a class are related. Assessing the class cohesion and improving the class quality accordingly during the object-oriented design phase allows for cheaper management of the later phases. In this paper, the notion of distance between pairs of methods and pairs of attribute types in a class is introduced and used as a basis for introducing a novel class cohesion metric. The metric considers the methodmethod, attribute-attribute, and attribute-method direct interactions. It is shown that the metric gives more sensitive values than other well-known design-based class cohesion metrics.

Keywords: Object-oriented software quality, object-orienteddesign, class cohesion.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2268

Authors: Htay Htay Yi, Zin May Aye

Abstract:

Network security is role of the ICT environment because malicious users are continually growing that realm of education, business, and then related with ICT. The network security contravention is typically described and examined centrally based on a security event management system. The firewalls, Intrusion Detection System (IDS), and Intrusion Prevention System are becoming essential to monitor or prevent of potential violations, incidents attack, and imminent threats. In this system, the firewall rules are set only for where the system policies are needed. Dataset deployed in this system are derived from the testbed environment. The traffic as in DoS and PortScan traffics are applied in the testbed with firewall and IDS implementation. The network traffics are classified as normal or attacks in the existing testbed environment based on six machine learning classification methods applied in the system. It is required to be tested to get datasets and applied for DoS and PortScan. The dataset is based on CICIDS2017 and some features have been added. This system tested 26 features from the applied dataset. The system is to reduce false positive rates and to improve accuracy in the implemented testbed design. The system also proves good performance by selecting important features and comparing existing a dataset by machine learning classifiers.

Keywords: False negative rate, intrusion detection system, machine learning methods, performance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1070

Authors: Hideki.Kobayashi, Hiroshi.Osada

Abstract:

The service industry accounts for about 70% of GDP of Japan, and the importance of the service innovation is pointed out. The importance of the system use and the support service increases in the information system that is one of the service industries. However, because the system is not used enough, the purpose for which it was originally intended cannot often be achieved in the CRM system. To promote the use of the system, the effective service method is needed. It is thought that the service model's making and the clarification of the success factors are necessary to improve the operation service of the CRM system. In this research the model of the operation service in the CRM system is made.

Keywords: Information system, Operation service, Serviceinnovation, Solution

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1316

Authors: Jehad Al Dallal

Abstract:

A class in an Object-Oriented (OO) system is the basic unit of design, and it encapsulates a set of attributes and methods. In OO systems, instead of redefining the attributes and methods that are included in other classes, a class can inherit these attributes and methods and only implement its unique attributes and methods, which results in reducing code redundancy and improving code testability and maintainability. Such mechanism is called Class Inheritance. However, some software engineering applications may require accounting for all the inherited class members (i.e., attributes and methods). This paper explains how to account for inherited class members and discusses the software engineering applications that require such consideration.

Keywords: Object-oriented design, inheritance, internal quality attribute, external quality attribute, class flattening.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1354

Authors: A. Habibizad Navin, M. Naghian Fesharaki, M. Mirnia, M. Kargar

Abstract:

In this paper we introduce Digital Probability Hyper Digraph for modeling random variable as the hierarchical data-oriented model.

Keywords: Data-Oriented Models, Data Structure, DigitalProbability Hyper Digraph, Random Variable, Statistic andProbability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1273

Authors: M. S. Razana, Z. W. Shafiuddin

Abstract:

Internal auditing is one of the most important activities for organizations that implement information security management systems (ISMS). The purpose of internal audits is to ensure the ISMS implementation is in accordance to the ISO/IEC 27001 standard and the organization’s own requirements for its ISMS. Competent internal auditors are the main element that contributes to the effectiveness of internal auditing activities. To realize this need, CyberSecurity Malaysia is now in the process of becoming a certification body that certifies ISMS internal auditors. The certification scheme will assess the competence of internal auditors in generic knowledge and skills in management systems, and also in ISMS-specific knowledge and skills. The certification assessment is based on the ISO/IEC 19011 Guidelines for auditing management systems, ISO/IEC 27007 Guidelines for information security management systems auditing and ISO/IEC 27001 Information security management systems requirements. The certification scheme complies with the ISO/IEC 17024 General requirements for bodies operating certification systems of persons. Candidates who pass the exam will be certified as an ISMS Internal Auditor, whose competency will be evaluated every three years.

Keywords: ISMS internal audit, ISMS internal auditor, ISO/IEC 17024, Competence, Certification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1823

Authors: Wiroon Sriborrirux, Sorakrai Kraipui, Nakorn Indra-Payoong

Abstract:

One of the most importance of intelligence in-car and roadside systems is the cooperative vehicle-infrastructure system. In Thailand, ITS technologies are rapidly growing and real-time vehicle information is considerably needed for ITS applications; for example, vehicle fleet tracking and control and road traffic monitoring systems. This paper defines the communication protocols and software design for middleware components of B-VIS (Burapha Vehicle-Infrastructure System). The proposed B-VIS middleware architecture serves the needs of a distributed RFID sensor network and simplifies some intricate details of several communication standards.

Keywords: Middleware, RFID sensor network, Cooperativevehicle-infrastructure system, Enterprise Java Bean.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1535

Authors: Nighat Mir, Sayed Afaq Hussain

Abstract:

Advent enhancements in the field of computing have increased massive use of web based electronic documents. Current Copyright protection laws are inadequate to prove the ownership for electronic documents and do not provide strong features against copying and manipulating information from the web. This has opened many channels for securing information and significant evolutions have been made in the area of information security. Digital Watermarking has developed into a very dynamic area of research and has addressed challenging issues for digital content. Watermarking can be visible (logos or signatures) and invisible (encoding and decoding). Many visible watermarking techniques have been studied for text documents but there are very few for web based text. XML files are used to trade information on the internet and contain important information. In this paper, two invisible watermarking techniques using Synonyms and Acronyms are proposed for XML files to prove the intellectual ownership and to achieve the security. Analysis is made for different attacks and amount of capacity to be embedded in the XML file is also noticed. A comparative analysis for capacity is also made for both methods. The system has been implemented using C# language and all tests are made practically to get the results.

Keywords: Watermarking, Extensible Markup Language (XML), Synonyms, Acronyms, Copyright protection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2281

Authors: Mohamed Bendahmane, Brahim Elfalaki, Mohammed Benattou

Abstract:

One of the major sources of learners' professional difficulties is their heterogeneity. Whether on cognitive, social, cultural or emotional level, learners being part of the same group have many differences. These differences do not allow to apply the same learning process at all learners. Thus, an optimal learning path for one, is not necessarily the same for the other. We present in this paper a model-oriented service to offer to each learner a personalized learning path to acquire the targeted skills.

Keywords: Service-oriented architecture, learning path, web service, personalization, trace analysis.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2034

Authors: Martin Blaha, Ladislav Potužák, Daniel Holesz

Abstract:

This paper focused on application support for technical control of artillery units – PVNPG-14M, especially on interpolation issue. Artillery units of the Army of the Czech Republic, reflecting the current global security neighborhood, can be used outside the Czech Republic. The paper presents principles, evolution and calculation in the process of complete preparation. The paper presents expertise using of application of current artillery communication and information system and suggests the perspective future system. The paper also presents problems in process of complete preparing of fire especially problems in permanently information (firing table) and calculated values. The paper presents problems of current artillery communication and information system and suggests requirements of the future system.

Keywords: Fire for effect, application, fire control, interpolation method, software development.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1154

Authors: N. Gopalakrishna Kini, Ranjana Paleppady, Akshata K. Naik

Abstract:

Password authentication is one of the widely used methods to achieve authentication for legal users of computers and defense against attackers. There are many different ways to authenticate users of a system and there are many password cracking methods also developed. This paper proposes how best password cracking can be performed on a CPU-GPGPU based system. The main objective of this work is to project how quickly a password can be cracked with some knowledge about the computer security and password cracking if sufficient security is not incorporated to the system.

Keywords: GPGPU, password cracking, secret key, user authentication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2624

Authors: Rohiza Ahmad, Rozana Kasbon, Eliza Mazmee Mazlan, Aliza Sarlan

Abstract:

Due to the mobility of users, many information systems are now developed with the capability of supporting retrieval of information from both static and mobile users. Hence, the amount, content and format of the information retrieved will need to be tailored according to the device and the user who requested for it. Thus, this paper presents a framework for the design and implementation of such a system, which is to be developed for communicating final examination related information to the academic community at one university in Malaysia. The concept of personalization will be implemented in the system so that only highly relevant information will be delivered to the users. The personalization concept used will be based on user profiling as well as context. The system in its final state will be accessible through cell phones as well as intranet connected personal computers.

Keywords: System framework, personalization, informationcommunicating system, multi-device.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1386

Authors: Chechen Liao, Chin Yi Yang

Abstract:

Although several factors that affect learning to program have been identified over the years, there continues to be no indication of any consensus in understanding why some students learn to program easily and quickly while others have difficulty. Seldom have researchers considered the problem of how to help the students enhance the programming learning outcome. The research had been conducted at a high school in Taiwan. Students participating in the study consist of 330 tenth grade students enrolled in the Basic Computer Concepts course with the same instructor. Two types of training methods-instruction-oriented and exploration-oriented were conducted. The result of this research shows that the instruction-oriented training method has better learning performance than exploration-oriented training method.

Keywords: Learning performance, programming learning, TDD, training method.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1957

Authors: Sangsuree Vasupongayya

Abstract:

Fair share is one of the scheduling objectives supported on many production systems. However, fair share has been shown to cause performance problems for some users, especially the users with difficult jobs. This work is focusing on extending goaloriented parallel computer job scheduling policies to cover the fair share objective. Goal-oriented parallel computer job scheduling policies have been shown to achieve good scheduling performances when conflicting objectives are required. Goal-oriented policies achieve such good performance by using anytime combinatorial search techniques to find a good compromised schedule within a time limit. The experimental results show that the proposed goal-oriented parallel computer job scheduling policy (namely Tradeofffs( Tw:avgX)) achieves good scheduling performances and also provides good fair share performance.

Keywords: goal-oriented parallel job scheduling policies, fairshare.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1191

Authors: Da-kuan Wei, Xian-zhong Zhou, Dong-jun Xin, Zhi-wei Chen

Abstract:

The information systems with incomplete attribute values and fuzzy decisions commonly exist in practical problems. On the base of the notion of variable precision rough set model for incomplete information system and the rough set model for incomplete and fuzzy decision information system, the variable rough set model for incomplete and fuzzy decision information system is constructed, which is the generalization of the variable precision rough set model for incomplete information system and that of rough set model for incomplete and fuzzy decision information system. The knowledge reduction and heuristic algorithm, built on the method and theory of precision reduction, are proposed.

Keywords: Rough set, Incomplete and fuzzy decision information system, Limited valued tolerance relation, Knowledge reduction, Variable rough set model

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1585

Authors: Nisarg A. Patel, Hiren B. Patel

Abstract:

Quantum cryptography is described as a point-to-point secure key generation technology that has emerged in recent times in providing absolute security. Researchers have started studying new innovative approaches to exploit the security of Quantum Key Distribution (QKD) for a large-scale communication system. A number of approaches and models for utilization of QKD for secure communication have been developed. The uncertainty principle in quantum mechanics created a new paradigm for QKD. One of the approaches for use of QKD involved network fashioned security. The main goal was point-to-point Quantum network that exploited QKD technology for end-to-end network security via high speed QKD. Other approaches and models equipped with QKD in network fashion are introduced in the literature as. A different approach that this paper deals with is using QKD in existing protocols, which are widely used on the Internet to enhance security with main objective of unconditional security. Our work is towards the analysis of the QKD in Mobile ad-hoc network (MANET).

Keywords: QKD, cryptography, quantum cryptography, network performance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 946

Authors: Seyed Nima Tayarani Bathaie

Abstract:

In this paper, an image-receiving system was designed and implemented through optimization of object detection algorithms using Haar features. This optimized algorithm served as face and eye detection separately. Then, cascading them led to a clear image of the user. Utilization of this feature brought about higher security by preventing fraud. This attribute results from the fact that services will be given to the user on condition that a clear image of his face has already been captured which would exclude the inappropriate person. In order to expedite processing and eliminating unnecessary ones, the input image was compressed, a motion detection function was included in the program, and detection window size was confined.

Keywords: Face detection algorithm, Haar features, Security of ATM.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2109

Authors: Mir Shahriar Emami

Abstract:

Although it is fully impossible to ensure that a software system is quite secure, developing an acceptable secure software system in a convenient platform is not unreachable. In this paper, we attempt to analyze software development life cycle (SDLC) models from the hardware systems and circuits point of view. To date, the SDLC models pay merely attention to the software security from the software perspectives. In this paper, we present new features for SDLC stages to emphasize the role of systems and circuits in developing secure software system through the software development stages, the point that has not been considered previously in the SDLC models.

Keywords: Systems and circuits security, software security, software process engineering, SDLC, SSDLC.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1736

Authors: M. Ndaw, G. Mendy, S. Ouya

Abstract:

Information system risk management helps to reduce or eliminate risk by implementing appropriate controls. In this paper, we propose a quantification model of controls impact on information system risks by automatizing the residual criticality estimation step of FMECA which is based on a inductive reasoning. For this, we defined three equations based on type and maturity of controls. For testing, the values obtained with the model were compared to estimated values given by interlocutors during different working sessions and the result is satisfactory. This model allows an optimal assessment of controls maturity and facilitates risk analysis of information system.

Keywords: Information System, Risk, Control, FMECA.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1577

Authors: Do-Woo Kim, Geon Woo Kim, Jun-Ho Lee, Jong-Wook Han

Abstract:

The home in these days has not one computer connected to the Internet but rather a network of many devices within the home, and that network might be connected to the Internet. In such an environment, the potential for attacks is greatly increased. The general security technology can not apply because of the use of various wired and wireless network, middleware and protocol in digital home environment and a restricted system resource of home information appliances. To offer secure home services home network environments have need of access control for various home devices and information when users want to access. Therefore home network access control for user authorization is a very important issue. In this paper we propose access control model using RBAC in home network environments to provide home users with secure home services.

Keywords: Home network, access control, RBAC, security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1911