Search results for: security risks.
1125 Using a Trust-Based Environment Key for Mobile Agent Code Protection
Authors: Salima Hacini, Zahia Guessoum, Zizette Boufaïda
Abstract:
Human activities are increasingly based on the use of remote resources and services, and on the interaction between remotely located parties that may know little about each other. Mobile agents must be prepared to execute on different hosts with various environmental security conditions. The aim of this paper is to propose a trust based mechanism to improve the security of mobile agents and allow their execution in various environments. Thus, an adaptive trust mechanism is proposed. It is based on the dynamic interaction between the agent and the environment. Information collected during the interaction enables generation of an environment key. This key informs on the host-s trust degree and permits the mobile agent to adapt its execution. Trust estimation is based on concrete parameters values. Thus, in case of distrust, the source of problem can be located and a mobile agent appropriate behavior can be selected.Keywords: Internet security, malicious host, mobile agent security, trust management
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14131124 System Security Impact on the Dynamic Characteristics of Measurement Sensors in Smart Grids
Authors: Yiyang Su, Jörg Neumann, Jan Wetzlich, Florian Thiel
Abstract:
Smart grid is a term used to describe the next generation power grid. New challenges such as integration of renewable and decentralized energy sources, the requirement for continuous grid estimation and optimization, as well as the use of two-way flows of energy have been brought to the power gird. In order to achieve efficient, reliable, sustainable, as well as secure delivery of electric power more and more information and communication technologies are used for the monitoring and the control of power grids. Consequently, the need for cybersecurity is dramatically increased and has converged into several standards which will be presented here. These standards for the smart grid must be designed to satisfy both performance and reliability requirements. An in depth investigation of the effect of retrospectively embedded security in existing grids on it’s dynamic behavior is required. Therefore, a retrofitting plan for existing meters is offered, and it’s performance in a test low voltage microgrid is investigated. As a result of this, integration of security measures into measurement architectures of smart grids at the design phase is strongly recommended.Keywords: Cyber security, performance, protocols, security standards, smart grid.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 8841123 Analysis of the Interference from Risk-Determining Factors of Cooperative and Conventional Construction Contracts
Authors: E. Harrer, M. Mauerhofer, T. Werginz
Abstract:
As a result of intensive competition, the building sector is suffering from a high degree of rivalry. Furthermore, there can be observed an unbalanced distribution of project risks. Clients are aimed to shift their own risks into the sphere of the constructors or planners. The consequence of this is that the number of conflicts between the involved parties is inordinately high or even increasing; an alternative approach to counter on that developments are cooperative project forms in the construction sector. This research compares conventional contract models and models with partnering agreements to examine the influence on project risks by an early integration of the involved parties. The goal is to show up deviations in different project stages from the design phase to the project transfer phase. These deviations are evaluated by a survey of experts from the three spheres: clients, contractors and planners. By rating the influence of the participants on specific risk factors it is possible to identify factors which are relevant for a smooth project execution.Keywords: Collaborative work, construction industry, contract-models, influence, partnering, project management, risk.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 8691122 Application of PSK Modulation in ADS-B 1090 Extended Squitter Authentication
Authors: A-Q. Nguyen. A. Amrhar, J. Zambrano, G. Brown, O.A. Yeste-Ojeda, R. Jr. Landry
Abstract:
Since the presence of Next Generation Air Transportation System (NextGen), Automatic Dependent Surveillance-Broadcast (ADS-B) has raised specific concerns related to the privacy and security, due to its vulnerable, low-level of security and limited payload. In this paper, the authors introduce and analyze the combination of Pulse Amplitude Modulation (PAM) and Phase Shift Keying (PSK) Modulation in conventional ADS-B, forming Secure ADS-B (SADS-B) avionics. In order to demonstrate the potential of this combination, Hardware-in-the-loop (HIL) simulation was used. The tests' results show that, on the one hand, SADS-B can offer five times the payload as its predecessor. This additional payload of SADS-B can be used in various applications, therefore enhancing the ability and efficiency of the current ADS-B. On the other hand, by using the extra phase modulated bits as a digital signature to authenticate ADS-B messages, SADS-B can increase the security of ADS-B, thus ensure a more secure aviation as well. More importantly, SADS-B is compatible with the current ADS-B In and Out. Hence, no significant modifications will be needed to implement this idea. As a result, SADS-B can be considered the most promising approach to enhance the capability and security of ADS-B.
Keywords: ADS-B authentication, ADS-B security, NextGen ADS-B, PSK signature, secure ADS-B.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 13001121 Identifying Mitigation Plans in Reducing Usability Risk Using Delphi Method
Authors: Jayaletchumi T. Sambantha Moorthy, Suhaimi bin Ibrahim, Mohd Naz’ri Mahrin
Abstract:
Most quality models have defined usability as a significant factor that leads to improving product acceptability, increasing user satisfaction, improving product reliability, and also financially benefitting companies. Usability is also the best factor that balances both the technical and human aspects of a software product, which is an important aspect in defining quality during software development process. A usability risk consist risk factors that could impact the usability of a software product thereby contributing to negative user experiences and causing a possible software product failure. Hence, it is important to mitigate and reduce usability risks in the software development process itself. By managing possible usability risks in software development process, failure of software product could be reduced. Therefore, this research uses the Delphi method to identify mitigation plans for reducing potential usability risks. The Delphi method is conducted with seven experts from the field of risk management and software development.
Keywords: Usability, Usability Risk, Risk Management, Risk Mitigation, Delphi Method.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 22271120 Survey Based Data Security Evaluation in Pakistan Financial Institutions against Malicious Attacks
Authors: Naveed Ghani, Samreen Javed
Abstract:
In today’s heterogeneous network environment, there is a growing demand for distrust clients to jointly execute secure network to prevent from malicious attacks as the defining task of propagating malicious code is to locate new targets to attack. Residual risk is always there no matter what solutions are implemented or whet so ever security methodology or standards being adapted. Security is the first and crucial phase in the field of Computer Science. The main aim of the Computer Security is gathering of information with secure network. No one need wonder what all that malware is trying to do: It's trying to steal money through data theft, bank transfers, stolen passwords, or swiped identities. From there, with the help of our survey we learn about the importance of white listing, antimalware programs, security patches, log files, honey pots, and more used in banks for financial data protection but there’s also a need of implementing the IPV6 tunneling with Crypto data transformation according to the requirements of new technology to prevent the organization from new Malware attacks and crafting of its own messages and sending them to the target. In this paper the writer has given the idea of implementing IPV6 Tunneling Secessions on private data transmission from financial organizations whose secrecy needed to be safeguarded.
Keywords: Network worms, malware infection propagating malicious code, virus, security, VPN.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 28111119 Use of Novel Algorithms MAJE4 and MACJER-320 for Achieving Confidentiality and Message Authentication in SSL and TLS
Authors: Sheena Mathew, K. Poulose Jacob
Abstract:
Extensive use of the Internet coupled with the marvelous growth in e-commerce and m-commerce has created a huge demand for information security. The Secure Socket Layer (SSL) protocol is the most widely used security protocol in the Internet which meets this demand. It provides protection against eaves droppings, tampering and forgery. The cryptographic algorithms RC4 and HMAC have been in use for achieving security services like confidentiality and authentication in the SSL. But recent attacks against RC4 and HMAC have raised questions in the confidence on these algorithms. Hence two novel cryptographic algorithms MAJE4 and MACJER-320 have been proposed as substitutes for them. The focus of this work is to demonstrate the performance of these new algorithms and suggest them as dependable alternatives to satisfy the need of security services in SSL. The performance evaluation has been done by using practical implementation method.Keywords: Confidentiality, HMAC, Integrity, MACJER-320, MAJE4, RC4, Secure Socket Layer
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18791118 Optimal Location of Multi Type Facts Devices for Multiple Contingencies Using Particle Swarm Optimization
Authors: S. Sutha, N. Kamaraj
Abstract:
In deregulated operating regime power system security is an issue that needs due thoughtfulness from researchers in the horizon of unbundling of generation and transmission. Electric power systems are exposed to various contingencies. Network contingencies often contribute to overloading of branches, violation of voltages and also leading to problems of security/stability. To maintain the security of the systems, it is desirable to estimate the effect of contingencies and pertinent control measurement can be taken on to improve the system security. This paper presents the application of particle swarm optimization algorithm to find the optimal location of multi type FACTS devices in a power system in order to eliminate or alleviate the line over loads. The optimizations are performed on the parameters, namely the location of the devices, their types, their settings and installation cost of FACTS devices for single and multiple contingencies. TCSC, SVC and UPFC are considered and modeled for steady state analysis. The selection of UPFC and TCSC suitable location uses the criteria on the basis of improved system security. The effectiveness of the proposed method is tested for IEEE 6 bus and IEEE 30 bus test systems.
Keywords: Contingency Severity Index, Particle Swarm Optimization, Performance Index, Static Security Assessment.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 27661117 Fingerprint Identification Keyless Entry System
Authors: Chih-Neng Liang, Huang-Bin Huang, Bo-Chiuan Chen
Abstract:
Nowadays, keyless entry systems are widely adopted for vehicle immobilizer systems due to both advantages of security and convenience. Keyless entry systems could overcome brute-force key guessing attack, statistics attack and masquerade attack, however, they can't prevent from thieves stealing behavior. In this paper, we proposed a new architecture try to improve the existent flaws. The integration of the keyless entry system and the fingerprint identification technology is more suitable to implement on the portable transponder to achieve higher security needs. We also adopt and modify AES security protocol for life expectancy and security of the portable transponder. In addition, the identification of a driver's fingerprint makes the service of automatic reinstatement of a driver's preferences become possible. Our design can satisfy not only the three kinds of previous illegal attacks, but also the stealing situation. Furthermore, many practical factors, such as costs, life expectancy and performance, have been well considered in the design of portable transponder.Keywords: Keyless entry-system, fingerprint identification, AES security protocol, vehicle immobilizer system.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 27421116 A Comparative Study of Insurance Policies Worldwide in Public Private Partnerships
Authors: Guanqun Shi, Xueqing Zhang
Abstract:
The frequent occurrence of failures in PPP projects which caused great loss has raised attention from the government as well as the concessionaire. PPPs are complex arrangements for its long operation period and multiple players. Many types of risks in PPP projects may cause the project fail. The insurance is an important tool to transfer the risks. Through a comparison and analysis of international government PPP guidelines and contracts as well as the case studies worldwide, we have identified eight main insurance principles, discussed thirteen insurance types in different stages. An overall procedure would be established to improve the practices in PPP projects.Keywords: Public-private partnerships, insurance, contract, risk.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 8541115 Scenarios of Societal Security and Business Continuity Cycles
Authors: Jiří F. Urbánek, Jiří Barta
Abstract:
Societal security, continuity scenarios and methodological cycling approach explained in this article. Namely societal security organizational challenges ask implementation of international standards BS 25999-2 & global ISO 22300 which is a family of standards for business continuity management system. Efficient global organization system is distinguished of high entity´s complexity, connectivity & interoperability, having not only cooperative relations in a fact. Competing business have numerous participating ´enemies´, which are in apparent or hidden opponent and antagonistic roles with prosperous organization system, resulting to a crisis scene or even to a battle theatre. Organization business continuity scenarios are necessary for such ´a play´ preparedness, planning, management & overmastering in real environments.
Keywords: Business Continuity, Societal Security Crisis Scenarios Cycles.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21641114 OFDM and Fingerprint Authentication for Efficient Airport Security
Authors: K.Amrithavarshini, S.Chandrachudeswaran
Abstract:
This paper presents an idea to improve the efficiency of security checks in airports through the active tracking and monitoring of passengers and staff using OFDM modulation technique and Finger print authentication. The details of the passenger are multiplexed using OFDM .To authenticate the passenger, the fingerprint along with important identification information is collected. The details of the passenger can be transmitted after necessary modulation, and received using various transceivers placed within the premises of the airport, and checked at the appropriate check points, thereby increasing the efficiency of checking. OFDM has been employed for spectral efficiency.Keywords: Orthogonal Frequency Division Multiplexing, FFT Algorithm, Fingerprint Authentication, Airport Security
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18851113 Detection of New Attacks on Ubiquitous Services in Cloud Computing and Countermeasures
Authors: L. Sellami, D. Idoughi, P. F. Tiako
Abstract:
Cloud computing provides infrastructure to the enterprise through the Internet allowing access to cloud services at anytime and anywhere. This pervasive aspect of the services, the distributed nature of data and the wide use of information make cloud computing vulnerable to intrusions that violate the security of the cloud. This requires the use of security mechanisms to detect malicious behavior in network communications and hosts such as intrusion detection systems (IDS). In this article, we focus on the detection of intrusion into the cloud sing IDSs. We base ourselves on client authentication in the computing cloud. This technique allows to detect the abnormal use of ubiquitous service and prevents the intrusion of cloud computing. This is an approach based on client authentication data. Our IDS provides intrusion detection inside and outside cloud computing network. It is a double protection approach: The security user node and the global security cloud computing.
Keywords: Cloud computing, intrusion detection system, privacy, trust.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 10991112 Random Oracle Model of Information Hiding System
Abstract:
Random Oracle Model (ROM) is an effective method for measuring the practical security of cryptograph. In this paper, we try to use it into information hiding system (IHS). Because IHS has its own properties, the ROM must be modified if it is used into IHS. Firstly, we fully discuss why and how to modify each part of ROM respectively. The main changes include: 1) Divide the attacks that IHS may be suffered into two phases and divide the attacks of each phase into several kinds. 2) Distinguish Oracles and Black-boxes clearly. 3) Define Oracle and four Black-boxes that IHS used. 4) Propose the formalized adversary model. And 5) Give the definition of judge. Secondly, based on ROM of IHS, the security against known original cover attack (KOCA-KOCA-security) is defined. Then, we give an actual information hiding scheme and prove that it is KOCA-KOCA-secure. Finally, we conclude the paper and propose the open problems of further research.Keywords: Attack, Information Hiding, Provable Security, Random Oracle Model.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 13481111 Analysis of Security Vulnerabilities for Mobile Health Applications
Authors: Y. Cifuentes, L. Beltrán, L. Ramírez
Abstract:
The availability to deploy mobile applications for health care is increasing daily thru different mobile app stores. But within these capabilities the number of hacking attacks has also increased, in particular into medical mobile applications. The security vulnerabilities in medical mobile apps can be triggered by errors in code, incorrect logic, poor design, among other parameters. This is usually used by malicious attackers to steal or modify the users’ information. The aim of this research is to analyze the vulnerabilities detected in mobile medical apps according to risk factor standards defined by OWASP in 2014.Keywords: mHealth apps, OWASP, protocols, security vulnerabilities, risk factors.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 44111110 An Investigation of Performance versus Security in Cognitive Radio Networks with Supporting Cloud Platforms
Authors: Kurniawan D. Irianto, Demetres D. Kouvatsos
Abstract:
The growth of wireless devices affects the availability of limited frequencies or spectrum bands as it has been known that spectrum bands are a natural resource that cannot be added. Meanwhile, the licensed frequencies are idle most of the time. Cognitive radio is one of the solutions to solve those problems. Cognitive radio is a promising technology that allows the unlicensed users known as secondary users (SUs) to access licensed bands without making interference to licensed users or primary users (PUs). As cloud computing has become popular in recent years, cognitive radio networks (CRNs) can be integrated with cloud platform. One of the important issues in CRNs is security. It becomes a problem since CRNs use radio frequencies as a medium for transmitting and CRNs share the same issues with wireless communication systems. Another critical issue in CRNs is performance. Security has adverse effect to performance and there are trade-offs between them. The goal of this paper is to investigate the performance related to security trade-off in CRNs with supporting cloud platforms. Furthermore, Queuing Network Models with preemptive resume and preemptive repeat identical priority are applied in this project to measure the impact of security to performance in CRNs with or without cloud platform. The generalized exponential (GE) type distribution is used to reflect the bursty inter-arrival and service times at the servers. The results show that the best performance is obtained when security is disabled and cloud platform is enabled.
Keywords: Cloud Platforms, Cognitive Radio Networks, GEtype Distribution, Performance Vs Security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 25211109 Tag Impersonation Attack on Ultra-Lightweight Radio Frequency Identification Authentication Scheme
Authors: Reham Al-Zahrani, Noura Aleisa
Abstract:
The proliferation of Radio Frequency Identification (RFID) technology has raised concerns about system security, particularly regarding tag impersonation attacks. Regarding RFID systems, an appropriate authentication protocol must resist active and passive attacks. A tag impersonation occurs when an adversary's tag is used to fool an authenticating reader into believing it is a legitimate tag. The paper thoroughly analyses the security of the Efficient, Secure, and Practical Ultra-Lightweight RFID Authentication Scheme (ESRAS). It examines the protocol within the context of RFID systems and focuses specifically on its vulnerability to tag impersonation attacks. The Scyther tool is utilized to assess the protocol's security, providing a comprehensive evaluation of ESRAS's effectiveness in preventing unauthorized tag impersonation.
Keywords: RFID, radio frequency identification, impersonation attack, authentication, ultra-lightweight protocols, security.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 871108 Psychosocial Risks and Occupational Health in a Mexican Small and Medium-Sized Enterprises
Authors: Magdalena Escamilla Quintal, Thelma Cetina Canto, Cecilia Aguilar Ortega
Abstract:
Due to the importance that people represent for companies, the setting of a clear control of the risks that threaten the health and the material and financial resources of workers is essential. It is irrelevant if the company is a small and medium-sized enterprise (SME) or a large multinational, or if it is in the construction or service sector. The risk prevention importance is related to a constitutional and human right that all people have; working in a risk-free environment to prevent accidents or illnesses that may influence their quality of life and the tranquility of their family. Therefore, the objective of this study was to determine the level of psychosocial risks (physical and emotional) of the employees of an SME. The participants of this study were 186 employees of a productive sector SME; 151 men and 35 women, all with an average age of 31.77 years. Their seniority inside the SME was between one month and 19.91 years. Ninety-six workers were from the production area, 28 from the management area, as well as 25 from the sales area and 40 from the supplies area. Ninety-three workers were found in Uman, 78 in Playa del Carmen, 11 in Cancun and seven in Cd. del Carmen. We found a statistically significant relationship between the burnout variable and the engagement and psychosomatic complaints as well as between the variables of sex, burnout and psychosomatic complaints. We can conclude that, for benefit of the SME, that there are low levels of burnout and psychosomatic complaints, the women experience major levels of burnout and the men show major levels of psychosomatic complaints. The findings, contributions, limitations and future proposals will be analyzed.
Keywords: Psychosocial risks, SME, burnout, engagement, psychosomatic complaints.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 12121107 Methodology of the Energy Supply Disturbances Affecting Energy System
Authors: J. Augutis, R. Krikstolaitis, L. Martisauskas
Abstract:
Recently global concerns for the energy security have steadily been on the increase and are expected to become a major issue over the next few decades. Energy security refers to a resilient energy system. This resilient system would be capable of withstanding threats through a combination of active, direct security measures and passive or more indirect measures such as redundancy, duplication of critical equipment, diversity in fuel, other sources of energy, and reliance on less vulnerable infrastructure. Threats and disruptions (disturbances) to one part of the energy system affect another. The paper presents methodology in theoretical background about energy system as an interconnected network and energy supply disturbances impact to the network. The proposed methodology uses a network flow approach to develop mathematical model of the energy system network as the system of nodes and arcs with energy flowing from node to node along paths in the network.Keywords: Energy Security, Energy Supply Disturbances, Modeling of Energy System, Network Flow
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14041106 The Tag Authentication Scheme using Self-Shrinking Generator on RFID System
Authors: HangRok Lee, DoWon Hong
Abstract:
Since communications between tag and reader in RFID system are by radio, anyone can access the tag and obtain its any information. And a tag always replies with the same ID so that it is hard to distinguish between a real and a fake tag. Thus, there are many security problems in today-s RFID System. Firstly, unauthorized reader can easily read the ID information of any Tag. Secondly, Adversary can easily cheat the legitimate reader using the collected Tag ID information, such as the any legitimate Tag. These security problems can be typically solved by encryption of messages transmitted between Tag and Reader and by authentication for Tag. In this paper, to solve these security problems on RFID system, we propose the Tag Authentication Scheme based on self shrinking generator (SSG). SSG Algorithm using in our scheme is proposed by W.Meier and O.Staffelbach in EUROCRYPT-94. This Algorithm is organized that only one LFSR and selection logic in order to generate random stream. Thus it is optimized to implement the hardware logic on devices with extremely limited resource, and the output generating from SSG at each time do role as random stream so that it is allow our to design the light-weight authentication scheme with security against some network attacks. Therefore, we propose the novel tag authentication scheme which use SSG to encrypt the Tag-ID transmitted from tag to reader and achieve authentication of tag.Keywords: RFID system, RFID security, self shrinkinggeneratior, authentication, protocol.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 16281105 Trust and Security in Electronic Payments: What We Have and Need to Know?
Authors: Theodosios Tsiakis, George Stephanides, George Pekos
Abstract:
The growth of open networks created the interest to commercialise it. The establishment of an electronic business mechanism must be accompanied by a digital-electronic payment system to transfer the value of transactions. Financial organizations are requested to offer a secure e-payment synthesis with equivalent levels of trust and security served in conventional paper-based payment transactions. The paper addresses the challenge of the first trade problem in e-commerce, provides a brief literature review on electronic payment and attempts to explain the underlying concept and method of trust in relevance to electronic payment.
Keywords: Electronic payment, security, trust, electronic business mechanism.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 27971104 Illuminating the Policies Affecting Energy Security in Malaysia’s Electricity Sector
Authors: Hussain Ali Bekhet, Endang Jati Mat Sahid
Abstract:
For the past few decades, the Malaysian economy has expanded at an impressive pace, whilst, the Malaysian population has registered a relatively high growth rate. These factors had driven the growth of final energy demand. The ballooning energy demand coupled with the country’s limited indigenous energy resources have resulted in an increased of the country’s net import. Therefore, acknowledging the precarious position of the country’s energy self-sufficiency, this study has identified three main concerns regarding energy security, namely; over-dependence on fossil fuel, increasing energy import dependency, and increasing energy consumption per capita. This paper discusses the recent energy demand and supply trends, highlights the policies that are affecting energy security in Malaysia and suggests strategic options towards achieving energy security. The paper suggested that diversifying energy sources, reducing carbon content of energy, efficient utilization of energy and facilitating low-carbon industries could further enhance the effectiveness of the measures as the introduction of policies and initiatives will be more holistic.Keywords: Energy security, electricity, energy policy, renewable energy, energy efficiency, Malaysia.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18281103 Enhance Security in XML Databases: XLog File for Severity-Aware Trust-Based Access Control
Authors: Asmawi A., Affendey L. S., Udzir N. I., Mahmod R.
Abstract:
The topic of enhancing security in XML databases is important as it includes protecting sensitive data and providing a secure environment to users. In order to improve security and provide dynamic access control for XML databases, we presented XLog file to calculate user trust values by recording users’ bad transaction, errors and query severities. Severity-aware trust-based access control for XML databases manages the access policy depending on users' trust values and prevents unauthorized processes, malicious transactions and insider threats. Privileges are automatically modified and adjusted over time depending on user behaviour and query severity. Logging in database is an important process and is used for recovery and security purposes. In this paper, the Xlog file is presented as a dynamic and temporary log file for XML databases to enhance the level of security.
Keywords: XML database, trust-based access control, severity-aware, trust values, log file.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 18521102 Migration Loneliness and Family Links: A Case Narrative
Authors: R.Narchal
Abstract:
Culture and family structure provide a sense security. Further, the chrono, macro and micro contexts of development influence developmental transitions and timetable particularly owing to variations in the macrosystem associated with non normative life events like migration. Migration threatens family links, security and attachment bonds. Rising migratory trends have prompted an increased interest in migration consequences on familial bonds, developmental autonomy, socialization process, and sense of security. This paper takes a narrative approach and applies the attachment paradigm from a lifespan perspective, to examine the settlement experiences of an India-born migrant student in Sydney, Australia. It focuses on her quest to preserve family ties; her remote secure base; her continual struggle to balance dependency and autonomy, a major developmental milestone. As positional parental power is culturally more potent in the Indian society, the paper therefore raises some important concerns related to cultural expectations, adaptation, acculturative stress and sense of security.Keywords: Attachment, family security, migration & loneliness, narrative, remote secure base
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 25031101 Secure Internet Connectivity for Dynamic Source Routing (DSR) based Mobile Ad hoc Networks
Authors: Ramanarayana Kandikattu, Lillykutty Jacob
Abstract:
'Secure routing in Mobile Ad hoc networks' and 'Internet connectivity to Mobile Ad hoc networks' have been dealt separately in the past research. This paper proposes a light weight solution for secure routing in integrated Mobile Ad hoc Network (MANET)-Internet. The proposed framework ensures mutual authentication of Mobile Node (MN), Foreign Agent (FA) and Home Agent (HA) to avoid various attacks on global connectivity and employs light weight hop-by-hop authentication and end-to-end integrity to protect the network from most of the potential security attacks. The framework also uses dynamic security monitoring mechanism to monitor the misbehavior of internal nodes. Security and performance analysis show that our proposed framework achieves good security while keeping the overhead and latency minimal.Keywords: Internet, Mobile Ad hoc Networks, Secure routing.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 14281100 Application of Pattern Search Method to Power System Security Constrained Economic Dispatch
Authors: A. K. Al-Othman, K. M. EL-Nagger
Abstract:
Direct search methods are evolutionary algorithms used to solve optimization problems. (DS) methods do not require any information about the gradient of the objective function at hand while searching for an optimum solution. One of such methods is Pattern Search (PS) algorithm. This paper presents a new approach based on a constrained pattern search algorithm to solve a security constrained power system economic dispatch problem (SCED). Operation of power systems demands a high degree of security to keep the system satisfactorily operating when subjected to disturbances, while and at the same time it is required to pay attention to the economic aspects. Pattern recognition technique is used first to assess dynamic security. Linear classifiers that determine the stability of electric power system are presented and added to other system stability and operational constraints. The problem is formulated as a constrained optimization problem in a way that insures a secure-economic system operation. Pattern search method is then applied to solve the constrained optimization formulation. In particular, the method is tested using one system. Simulation results of the proposed approach are compared with those reported in literature. The outcome is very encouraging and proves that pattern search (PS) is very applicable for solving security constrained power system economic dispatch problem (SCED).
Keywords: Security Constrained Economic Dispatch, Direct Search method, optimization.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 22071099 Denial of Service (DOS) Attack and Its Possible Solutions in VANET
Authors: Halabi Hasbullah, Irshad Ahmed Soomro, Jamalul-lail Ab Manan
Abstract:
Vehicular Ad-hoc Network (VANET) is taking more attention in automotive industry due to the safety concern of human lives on roads. Security is one of the safety aspects in VANET. To be secure, network availability must be obtained at all times since availability of the network is critically needed when a node sends any life critical information to other nodes. However, it can be expected that security attacks are likely to increase in the coming future due to more and more wireless applications being developed and deployed onto the well-known expose nature of the wireless medium. In this respect, the network availability is exposed to many types of attacks. In this paper, Denial of Service (DOS) attack on network availability is presented and its severity level in VANET environment is elaborated. A model to secure the VANET from the DOS attacks has been developed and some possible solutions to overcome the attacks have been discussed.Keywords: Vehicular Ad hoc Network (VANET); security;availability; security attack; Denial of Service (DOS).
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 60831098 An Inter-banking Auditing Security Solution for Detecting Unauthorised Financial Transactions entered by Authorised Insiders
Authors: C. A. Corzo, N. Zhang, F. Corzo
Abstract:
Insider abuse has recently been reported as one of the more frequently occurring security incidents, suggesting that more security is required for detecting and preventing unauthorised financial transactions entered by authorised users. To address the problem, and based on the observation that all authorised interbanking financial transactions trigger or are triggered by other transactions in a workflow, we have developed a security solution based on a redefined understanding of an audit workflow. One audit workflow where there is a log file containing the complete workflow activity of financial transactions directly related to one financial transaction (an electronic deal recorded at an e-trading system). The new security solution contemplates any two parties interacting on the basis of financial transactions recorded by their users in related but distinct automated financial systems. In the new definition interorganizational and intra-organization interactions can be described in one unique audit trail. This concept expands the current ideas of audit trails by adapting them to actual e-trading workflow activity, i.e. intra-organizational and inter-organizational activity. With the above, a security auditing service is designed to detect integrity drifts with and between organizations in order to detect unauthorised financial transactions entered by authorised users.Keywords: Intrusion Detection and Prevention, Authentica-transtionand Identification.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 15411097 Design for Safety: Safety Consideration in Planning and Design of Airport Airsides
Authors: Maithem Al-Saadi, Min An
Abstract:
During airport planning and design stages, the major issues of capacity and safety in construction and operation of an airport need to be taken into consideration. The airside of an airport is a major and critical infrastructure that usually consists of runway(s), taxiway system, and apron(s) etc., which have to be designed according to the international standards and recommendations, and local limitations to accommodate the forecasted demands. However, in many cases, airport airsides are suffering from unexpected risks that occurred during airport operations. Therefore, safety risk assessment should be applied in the planning and design of airsides to cope with the probability of risks and their consequences, and to make decisions to reduce the risks to as low as reasonably practicable (ALARP) based on safety risk assessment. This paper presents a combination approach of Failure Modes, Effect, and Criticality Analysis (FMECA), Fuzzy Reasoning Approach (FRA), and Fuzzy Analytic Hierarchy Process (FAHP) to develop a risk analysis model for safety risk assessment. An illustrated example is used to the demonstrate risk assessment process on how the design of an airside in an airport can be analysed by using the proposed safety design risk assessment model.Keywords: Airport airside planning and design, design for safety, fuzzy reasoning approach, fuzzy AHP, risk assessment.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 21621096 Knowledge Based Concept Analysis Method using Concept Maps and UML: Security Notion Case
Authors: Miquel Colobran, Josep M. Basart
Abstract:
One of the most ancient humankind concerns is knowledge formalization i.e. what a concept is. Concept Analysis, a branch of analytical philosophy, relies on the purpose of decompose the elements, relations and meanings of a concept. This paper aims at presenting a method to make a concept analysis obtaining a knowledge representation suitable to be processed by a computer system using either object-oriented or ontology technologies. Security notion is, usually, known as a set of different concepts related to “some kind of protection". Our method concludes that a more general framework for the concept, despite it is dynamic, is possible and any particular definition (instantiation) depends on the elements used by its construction instead of the concept itself.
Keywords: Concept analysis, Knowledge representation, Security, UML.
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2390