Search results for: user level security

Authors: Hee Suk Seo, Tae Kyung Kim

Abstract:

As network components grow larger and more diverse, and as securing them on a host-by-host basis grow more difficult, more sites are turning to a network security model. We concentrate on controlling network access to various hosts and the services they offer, rather than on securing them one by one with a network security model. We present how the policy rules from vulnerabilities stored in SVDB (Simulation based Vulnerability Data Base) are inducted, and how to be used in PBN. In the network security environment, each simulation model is hierarchically designed by DEVS (Discrete EVent system Specification) formalism.

Keywords: SVDB, PBN, DEVS, Network security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1541

Authors: Hyun-Jee Yang, Bit-Na Kwon, Yong-Jun Kim, Hyoung-Kyu Song

Abstract:

In the cooperative transmission scheme, both the cellular system and broadcasting system are composed. Two cellular base stations (CBSs) communicating with a user in the cell edge use cooperative transmission scheme in the conventional scheme. In the case that the distance between two CBSs and the user is distant, the conventional scheme does not guarantee the quality of the communication because the channel condition is bad. Therefore, if the distance between CBSs and a user is distant, the performance of the conventional scheme is decreased. Also, the bad channel condition has bad effects on the performance. The proposed scheme uses two relays to communicate well with CBSs when the channel condition between CBSs and the user is poor. Using the relay in the high attenuation environment can obtain both advantages of the high bit error rate (BER) and throughput performance.

Keywords: Cooperative communications, diversity gain, OFDM, interworking system.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1725

Authors: Nisarg A. Patel, Hiren B. Patel

Abstract:

Quantum cryptography is described as a point-to-point secure key generation technology that has emerged in recent times in providing absolute security. Researchers have started studying new innovative approaches to exploit the security of Quantum Key Distribution (QKD) for a large-scale communication system. A number of approaches and models for utilization of QKD for secure communication have been developed. The uncertainty principle in quantum mechanics created a new paradigm for QKD. One of the approaches for use of QKD involved network fashioned security. The main goal was point-to-point Quantum network that exploited QKD technology for end-to-end network security via high speed QKD. Other approaches and models equipped with QKD in network fashion are introduced in the literature as. A different approach that this paper deals with is using QKD in existing protocols, which are widely used on the Internet to enhance security with main objective of unconditional security. Our work is towards the analysis of the QKD in Mobile ad-hoc network (MANET).

Keywords: QKD, cryptography, quantum cryptography, network performance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 884

Authors: Ashly Joseph, Jithu Paulose

Abstract:

The increased usage of cloud computing has revolutionized the IT landscape, but it has also raised new security concerns. DevSecOps emerged as a way for tackling these difficulties by integrating security into the software development process. However, the rising complexity and sophistication of cyber threats need more advanced solutions. This paper looks into the usage of artificial intelligence (AI) techniques in the DevSecOps framework to increase cloud security. This study uses quantitative and qualitative techniques to assess the usefulness of AI approaches such as machine learning, natural language processing, and deep learning in reducing security issues. This paper thoroughly examines the symbiotic relationship between AI and DevSecOps, concentrating on how AI may be seamlessly integrated into the continuous integration and continuous delivery (CI/CD) pipeline, automated security testing, and real-time monitoring methods. The findings emphasize AI's huge potential to improve threat detection, risk assessment, and incident response skills. Furthermore, the paper examines the implications and challenges of using AI in DevSecOps workflows, considering factors like as scalability, interpretability, and adaptability. This paper adds to a better understanding of AI's revolutionary role in cloud security and provides valuable insights for practitioners and scholars in the field.

Keywords: Cloud Security, DevSecOps, Artificial Intelligence, AI, Machine Learning, Natural Language Processing, NLP, cybersecurity, AI-driven Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 39

Authors: Costin Pribeanu

Abstract:

The model-based approach to user interface design relies on developing separate models capturing various aspects about users, tasks, application domain, presentation and dialog structures. This paper presents a task modeling approach for user interface design and aims at exploring mappings between task, domain and presentation models. The basic idea of our approach is to identify typical configurations in task and domain models and to investigate how they relate each other. A special emphasis is put on applicationspecific functions and mappings between domain objects and operational task structures. In this respect, we will address two layers in task decomposition: a functional (planning) layer and an operational layer.

Keywords: task modeling, user interface design, unit tasks, basic tasks, operational task model.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1850

Authors: Zhaopeng Xuan, Yuan Bian, C. Cailleaux, Jing Qin, S. Traore

Abstract:

Traditional software engineering allows engineers to propose to their clients multiple specialized software distributions assembled from a shared set of software assets. The management of these assets however requires a trade-off between client satisfaction and software engineering process. Clients have more and more difficult to find a distribution or components based on their needs from all of distributed repositories.

This paper proposes a software engineering for a user-driven software product line in which engineers define a Feature Model but users drive the actual software distribution on demand. This approach makes the user become final actor as a release manager in software engineering process, increasing user product satisfaction and simplifying user operations to find required components. In addition, it provides a way for engineers to manage and assembly large software families.

As a proof of concept, a user-driven software product line is implemented for Eclipse, an integrated development environment. An Eclipse feature model is defined, which is exposed to users on a cloud-based built platform from which clients can download individualized Eclipse distributions.

Keywords: Software Product Line, Model-driven Development, Reverse Engineering and Refactoring, Agile Method

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1797

Authors: J. Berčík, A. Mravcová, J. Gálová, K. Neomániová

Abstract:

In an era when everything is increasingly digital, consumers are always looking for new options in solutions to their everyday needs. In this context, mobile apps are developing at an exponential pace. One of the fastest growing segments of mobile technologies is, obviously, e-commerce. It can be predicted that mobile commerce will record nearly three times the global growth of e-commerce across all platforms, which indicates its importance in the given segment. The current coronavirus pandemic is also changing many of the existing paradigms both socially, economically, and technologically, which has a major impact on changing consumer behavior and the emphasis on simplification and clarity of mobile solutions. This is the area that User Experience (UX) and User Interface (UI) designers deal with. Their task is to design a sufficiently attractive and interesting solution that will be available on all mobile devices and at the same time will be easy enough for the customer/visitor to get to the destination or to get the necessary information in a few clicks. The basis for changes in UX design can now be obtained not only through online analytical tools, but also through neuromarketing, especially in the case of mobile devices. The paper highlights possibilities for testing UX design applications on mobile devices using a special platform that combines a stationary eye camera (eye tracking) and facial analysis (facial coding).

Keywords: Emotions, mobile design, user experience, visual attention.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 587

Authors: Serkan Tezgel, Osman Gül, İskender Cahit Şafak

Abstract:

This paper proposes the application of the Smart Security Concept in the East Mediterranean. Smart Security aims to secure critical infrastructure, such as hydrocarbon platforms, against asymmetrical threats. The concept is based on Anti Asymmetrical Area Denial (A3D) which necessitates limiting freedom of action of maritime terrorists and piracy by founding safe and secure maritime areas through sea lines of communication using short range capabilities.

Keywords: Partnership, A3D, Maritime Security, Centers.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1849

Authors: Pang-Chieh Wang, Ting-Wei Hou, Jung-Hsuan Wu, Bo-Chiuan Chen

Abstract:

In this paper we discuss on the security module for the car appliances to prevent stealing and illegal use on other cars. We proposed an open structure including authentication and encryption by embed a security module in each to protect car appliances. Illegal moving and use a car appliance with the security module without permission will lead the appliance to useless. This paper also presents the component identification and deal with relevant procedures. It is at low cost to recover from destroys by the burglar. Expect this paper to offer the new business opportunity to the automotive and technology industry.

Keywords: Automotive, component identification, electronic immobilizer, key management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1811

Authors: Ki Hyun Kim, Jang-Hee Yoo, Kyo Il Chung

Abstract:

This paper proposes a VPN Accelerator Board (VPN-AB), a virtual private network (VPN) protocol designed for trust channel security system (TCSS). TCSS supports safety communication channel between security nodes in internet. It furnishes authentication, confidentiality, integrity, and access control to security node to transmit data packets with IPsec protocol. TCSS consists of internet key exchange block, security association block, and IPsec engine block. The internet key exchange block negotiates crypto algorithm and key used in IPsec engine block. Security Association blocks setting-up and manages security association information. IPsec engine block treats IPsec packets and consists of networking functions for communication. The IPsec engine block should be embodied by H/W and in-line mode transaction for high speed IPsec processing. Our VPN-AB is implemented with high speed security processor that supports many cryptographic algorithms and in-line mode. We evaluate a small TCSS communication environment, and measure a performance of VPN-AB in the environment. The experiment results show that VPN-AB gets a performance throughput of maximum 15.645Gbps when we set the IPsec protocol with 3DES-HMAC-MD5 tunnel mode.

Keywords: TCSS(Trust Channel Security System), VPN(VirtualPrivate Network), IPsec, SSL, Security Processor, Securitycommunication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2075

Authors: Hyunseung Lee, Donghyun Choi, Yunho Lee, Dongho Won, Seungjoo Kim

Abstract:

In Public Wireless LANs(PWLANs), user anonymity is an essential issue. Recently, Juang et al. proposed an anonymous authentication and key exchange protocol using smart cards in PWLANs. They claimed that their proposed scheme provided identity privacy, mutual authentication, and half-forward secrecy. In this paper, we point out that Juang et al.'s protocol is vulnerable to the stolen-verifier attack and does not satisfy user anonymity.

Keywords: PWLANs, user privacy, smart card, authentication, key exchange

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1350

Authors: Adriano Bessa Albuquerque, Francisco Jose Barreto Nunes

Abstract:

Software vulnerabilities are increasing and not only impact services and processes availability as well as information confidentiality, integrity and privacy, but also cause changes that interfere in the development process. Security test could be a solution to reduce vulnerabilities. However, the variety of test techniques with the lack of real case studies of applying tests focusing on software development life cycle compromise its effective use. This paper offers an overview of how a Systematic Mapping Study (MS) about security verification, validation and test (VVT) was performed, besides presenting general results about this study.

Keywords: Software test, software security verification validation and test, security test institutionalization, systematic mapping study.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1586

Authors: Rhoann Kerh, Chen-Fu Chien, Kuo-Yi Lin

Abstract:

In the era of rapidly increasing notebook market, consumer electronics manufacturers are facing a highly dynamic and competitive environment. In particular, the product appearance is the first part for user to distinguish the product from the product of other brands. Notebook product should differ in its appearance to engage users and contribute to the user experience (UX). The UX evaluates various product concepts to find the design for user needs; in addition, help the designer to further understand the product appearance preference of different market segment. However, few studies have been done for exploring the relationship between consumer background and the reaction of product appearance. This study aims to propose a data mining framework to capture the user’s information and the important relation between product appearance factors. The proposed framework consists of problem definition and structuring, data preparation, rules generation, and results evaluation and interpretation. An empirical study has been done in Taiwan that recruited 168 subjects from different background to experience the appearance performance of 11 different portable computers. The results assist the designers to develop product strategies based on the characteristics of consumers and the product concept that related to the UX, which help to launch the products to the right customers and increase the market shares. The results have shown the practical feasibility of the proposed framework.

Keywords: Consumers Decision Making, Product Design, Rough Set Theory, User Experience.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3459

Authors: Ando Leppiman, Kati Kõrbe Kaare, Ott Koppel

Abstract:

Growing demand for gas has rekindled a debate on gas security of supply due to supply interruptions, increasing gas prices, cross-border bottlenecks and a growing reliance on imports over longer distances. Security of supply is defined mostly as an infrastructure package to satisfy N-1 criteria. In case of Estonia, Finland, Latvia and Lithuania all the gas infrastructure is built to supply natural gas only from one single supplier, Russia. In 2012 almost 100% of natural gas to the Eastern Baltic Region was supplied by Gazprom. Under such circumstances infrastructure N-1 criteria does not guarantee security of supply. In the Eastern Baltic Region, the assessment of risk of gas supply disruption has been worked out by applying the method of risk scenarios. There are various risks to be tackled in Eastern Baltic States in terms of improving security of supply, such as single supplier risk, physical infrastructure risk, regulatory gap, fair price and competition. The objective of this paper is to evaluate the energy security of the Eastern Baltic Region within the framework of the European Union’s policies and to make recommendations on how to better guarantee the energy security of the region.

Keywords: Security of supply, supply routes for natural gas, energy balance, diversified supply options, common regulative package.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1877

Authors: K. Venkateswari, U. K. Balaji Saravanan, K. Thangaraj, K. V. Deepana

Abstract:

Image search engines rely on the surrounding textual keywords for the retrieval of images. It is a tedious work for the search engines like Google and Bing to interpret the user’s search intention and to provide the desired results. The recent researches also state that the Google image search engines do not work well on all the images. Consequently, this leads to the emergence of efficient image retrieval technique, which interprets the user’s search intention and shows the desired results. In order to accomplish this task, an efficient image re-ranking framework is required. Sequentially, to provide best image retrieval, the new image re-ranking framework is experimented in this paper. The implemented new image re-ranking framework provides best image retrieval from the image dataset by making use of re-ranking of retrieved images that is based on the user’s desired images. This is experimented in two sections. One is offline section and other is online section. In offline section, the reranking framework studies differently (reference classes or Semantic Spaces) for diverse user query keywords. The semantic signatures get generated by combining the textual and visual features of the images. In the online section, images are re-ranked by comparing the semantic signatures that are obtained from the reference classes with the user specified image query keywords. This re-ranking methodology will increases the retrieval image efficiency and the result will be effective to the user.

Keywords: CBIR, Image Re-ranking, Image Retrieval, Semantic Signature, Semantic Space.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1910

Authors: Costin Pribeanu

Abstract:

The model-based approach to user interface design relies on developing separate models that are capturing various aspects about users, tasks, application domain, presentation and dialog representations. This paper presents a task modeling approach for user interface design and aims at exploring the mappings between task, domain and presentation models. The basic idea of our approach is to identify typical configurations in task and domain models and to investigate how they relate each other. A special emphasis is put on application-specific functions and mappings between domain objects and operational task structures. In this respect, we will distinguish between three layers in the task decomposition: a functional layer, a planning layer, and an operational layer.

Keywords: task modeling, user interface design, unit tasks, basic tasks, operational task model

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1567

Authors: Jong-Whoi Shin, Soon-Tai Park, Chong-Sun Hwang

Abstract:

Active network was developed to solve the problem of the current sharing-based network–difficulty in applying new technology, service or standard, and duplicated operation at several protocol layers. Active network can transport the packet loaded with the executable codes, which enables to change the state of the network node. However, if the network node is placed in the sharing-based network, security and safety issues should be resolved. To satisfy this requirement, various security aspects are required such as authentication, authorization, confidentiality and integrity. Among these security components, the core factor is the encryption key. As a result, this study is designed to propose the scheme that manages the encryption key, which is used to provide security of the comprehensive active directory, based on the domain.

Keywords: Active Network, Domain-based Key Management, Security Components.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1645

Authors: Maha Shamseddine, Amjad Nusayr, Wassim Itani

Abstract:

In this paper, we present a Platform-as-a-Service (PaaS) model for controlling the privacy enforcement mechanisms applied on user data when stored and processed in Cloud data centers. The proposed architecture consists of establishing user configurable ‘sticky’ policies on the Graphical User Interface (GUI) data-bound components during the application development phase to specify the details of privacy enforcement on the contents of these components. Various privacy classification classes on the data components are formally defined to give the user full control on the degree and scope of privacy enforcement including the type of execution containers to process the data in the Cloud. This not only enhances the privacy-awareness of the developed Cloud services, but also results in major savings in performance and energy efficiency due to the fact that the privacy mechanisms are solely applied on sensitive data units and not on all the user content. The proposed design is implemented in a real PaaS cloud computing environment on the Microsoft Azure platform.

Keywords: Privacy enforcement, Platform-as-a-Service privacy awareness, cloud computing privacy.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 721

Authors: M. N. Norshita, B. Z. Halimah, T. S. Tengku Mohammad

Abstract:

The implementation of electronic government started since the initiation of Multimedia Super Corridor (MSC) by the Malaysia government. The introduction of ICT in the public sector especially e-Government initiatives opens up a new book in the government administration throughout the world. The aim or this paper is to discuss the implementation of e-government in Malaysia, covering the result of public user self assessment on Malaysia's electronic government applications. E-services, e-procurement, Generic Office Environment (GOE), Human Resources Management Information System (HRMIS), Project Monitoring System (PMS), Electronic Labor Exchange (ELX) and e-syariah(religion) were the seven flagship application assessed. The study adopted a crosssectional survey research approach and information system literature were used. The analysis was done for 35 responden in pilot test and there was evidence from public user's perspective to suggest that the e-government applications were generally successful.

Keywords: Electronic government, flagship, multimedia super corridor, public user.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3140

Authors: Sandesh Achar

Abstract:

Cloud computing security is a broad term that covers a variety of security concerns for organizations that use cloud services. Multi-cloud service providers must consider several factors when addressing security for their customers, including identity and access management, data at rest and in transit, egress and ingress traffic control, vulnerability and threat management, and auditing. This paper explores each of these aspects of cloud security in detail and provides recommendations for best practices for multi-cloud service providers. It also discusses the challenges inherent in securing a multi-cloud environment and offers solutions for overcoming these challenges. By the end of this paper, readers should have a good understanding of the various security concerns associated with multi-cloud environments in the context of today’s modern cyber threats and how to address them.

Keywords: Multi-cloud service, SOC, system organization control, data loss prevention, DLP, identity and access management, IAM.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 638

Authors: Frederike Ohrem, Lukas Sikorski, Bastian Haarmann

Abstract:

Often the users of a semantic search application are facing the problem that they do not find appropriate terms for their search. This holds especially if the data to be searched is from a technical field in which the user does not have expertise. In order to support the user finding the results he seeks, we developed a domain-specific ontology and implemented it into a search application. The ontology serves as a knowledge base, suggesting technical terms to the user which he can add to his query. In this paper, we present the search application and the underlying ontology as well as the project EnArgus in which the application was developed.

Keywords: Information system, knowledge representation, ontology, semantic search.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1697

Authors: Dongkyoo Shin, Dongil Shin, Sukil Cha, Seyoung Kim

Abstract:

ebXML (Electronic Business using eXtensible Markup Language) is an e-business standard, sponsored by UN/CEFACT and OASIS, which enables enterprises to exchange business messages, conduct trading relationships, communicate data in common terms and define and register business processes. While there is tremendous e-business value in the ebXML, security remains an unsolved problem and one of the largest barriers to adoption. XML security technologies emerging recently have extensibility and flexibility suitable for security implementation such as encryption, digital signature, access control and authentication. In this paper, we propose ebXML business transaction models that allow trading partners to securely exchange XML based business transactions by employing XML security technologies. We show how each XML security technology meets the ebXML standard by constructing the test software and validating messages between the trading partners.

Keywords: Electronic commerce, e-business standard, ebXML, XML security, secure business transaction.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1714

Authors: B. O. Diyaolu

Abstract:

The stadium transcends a field of play to cultural heritage of a club especially when there is security of life and property and a conducive environment with exciting media facilities, CCTV and adequate field of play. Football fans love watching their clubs’ matches especially when nothing discourages their presence in the stadium. This study investigated the influence of security on fans’ attendance during Nigeria Professional Football League matches. Descriptive survey research design was used and the population consists of all Nigeria Professional Football League fans. Simple random sampling technique was used to pick a state from the six geo-political zones. 600 respondents comprising male and female fans were sampled from the ten selected vendors’ stands in each selected state. A structured questionnaire on Security and Fan attendance scale (SFAS) was used. The instrument consists of two sections. Section A seeks information on demographic data of the respondents, while section B was used to elicit information on security and fans’ attendance. The modified instrument which consists of 20 items has a reliability coefficient of 0.73. The hypothesis was tested at 0.05 significance level. The completed questionnaire was collated, coded and analyzed using descriptive statistics of frequency counts and percentage and inferential statistics of chi-square (X²). Findings of this study revealed that adequate security significantly influences fan attendance during Nigeria Professional Football League matches. There is no sport that can develop if the facilities in use are inadequate. Improving the condition of the stadium in Nigeria is paramount to the development of the Nigeria Professional Football League. All stakeholders in the organization of the League must put into consideration the need to improve the standard of the stadium as it will help to increase the attendance of fans during matches. Only the standard ones should be used during matches.

Keywords: Adequate Security, fans attendance, football fans, football stadium, Nigeria Professional Football League.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 535

Authors: Hasan Taştan, Ayşen Ciravoğlu

Abstract:

The rapid growth of the human population and the environmental degradation associated with increased consumption of resources raises concerns on sustainability. Social sustainability constitutes one of the three dimensions of sustainability together with environmental and economic dimensions. Even though there is not an agreement on what social sustainability consists of, it is a well known fact that it necessitates user participation. The fore, this study aims to observe and analyze the role of user participation on social sustainability. In this paper, the links between user participation and indicators of social sustainability have been searched. In order to achieve this, first of all a literature review on social sustainability has been done; accordingly, the information obtained from researches has been used in the evaluation of the projects conducted in the developing countries considering user participation. These examples are taken as role models with pros and cons for the development of the checklist for the evaluation of the case studies. Furthermore, a case study over the post earthquake residential settlements in Turkey have been conducted. The case study projects are selected considering different building scales (differing number of residential units), scale of the problem (post-earthquake settlements, rehabilitation of shanty dwellings) and the variety of users (differing socio-economic dimensions). Decisionmaking, design, building and usage processes of the selected projects and actors of these processes have been investigated in the context of social sustainability. The cases include: New Gourna Village by Hassan Fathy, Quinta Monroy dwelling units conducted in Chile by Alejandro Aravena and Beyköy and Beriköy projects in Turkey aiming to solve the problem of housing which have appeared after the earthquake happened in 1999 have been investigated. Results of the study possible links between social sustainability indicators and user participation and links between user participation and the peculiarities of place. Results are compared and discussed in order to find possible solutions to form social sustainability through user participation. Results show that social sustainability issues depend on communities' characteristics, socio-economic conditions and user profile but user participation has positive effects on some social sustainability indicators like user satisfaction, a sense of belonging and social stability.

Keywords: Housing projects, Residential areas, Social sustainability, User participation.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2756

Authors: Ayush Chugh, Gaurav Gupta

Abstract:

Today’s technology is heavily dependent on web applications. Web applications are being accepted by users at a very rapid pace. These have made our work efficient. These include webmail, online retail sale, online gaming, wikis, departure and arrival of trains and flights and list is very long. These are developed in different languages like PHP, Python, C#, ASP.NET and many more by using scripts such as HTML and JavaScript. Attackers develop tools and techniques to exploit web applications and legitimate websites. This has led to rise of web application security; which can be broadly classified into Declarative Security and Program Security. The most common attacks on the applications are by SQL Injection and XSS which give access to unauthorized users who totally damage or destroy the system. This paper presents a detailed literature description and analysis on Web Application Security, examples of attacks and steps to mitigate the vulnerabilities.

Keywords: Attacks, Injection, JavaScript, SQL, Vulnerability, XSS.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4932

Authors: Ravihansa Rajapakse, Malshika Dias, Kanishka Weerasekara, Anuja Dharmaratne, Prasad Wimalaratne

Abstract:

In this paper we discuss a set of guidelines which could be adapted when designing an audio user interface for the visually impaired. It is based on an audio environment that is focused on audio positioning. Unlike current applications which only interpret Graphical User Interface (GUI) for the visually impaired, this particular audio environment bypasses GUI to provide a direct auditory output. It presents the capability of two dimensional (2D) navigation on audio interfaces. This paper highlights the significance of a 2D audio environment with spatial information in the context of the visually impaired. A thorough usability study has been conducted to prove the applicability of proposed design guidelines for these auditory interfaces. While proving these guidelines, previously unearthed design aspects have been revealed in this study.

Keywords: Human Computer Interaction, Audio User Interfaces, 2D Audio Environment, Visually Impaired Users

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2270

Authors: Ahed Abugabah, Louis Sanzogni

Abstract:

ERP systems are the largest software applications adopted by universities, along with quite significant investments in their implementation. However, unlike other applications little research has been conducted regarding these systems in a university environment. This paper aims at providing a critical review of previous research in ERP system in higher education with a special focus on higher education in Australia. The research not only forms the basis of an evaluation of previous research and research needs, it also makes inroads in identifying the payoff of ERPs in the sector from different perspectives with particular reference to the user. The paper is divided into two parts, the first part focuses on ERP literature in higher education at large, while the second focuses on ERP literature in higher education in Australia.

Keywords: Enterprise resource planning system, higher education, implementation, user level.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 6648

Authors: Salha Alshamrani, Maha Aljohni, Eman Aldhaheri

Abstract:

With the proliferation of Internet of Things (IoT) devices in various industries, there has been a concurrent rise in security vulnerabilities, particularly spoofing attacks. This study explores the potential of blockchain technology in enhancing the security of IoT systems and mitigating these attacks. Blockchain's decentralized and immutable ledger offers significant promise for improving data integrity, transaction transparency, and tamper-proofing. This research develops and implements a blockchain-based IoT architecture and a reference network to simulate real-world scenarios and evaluate a blockchain-integrated intrusion detection system. Performance measures including time delay, security, and resource utilization are used to assess the system's effectiveness, comparing it to conventional IoT networks without blockchain. The results provide valuable insights into the practicality and efficacy of employing blockchain as a security mechanism, shedding light on the trade-offs between speed and security in blockchain deployment for IoT. The study concludes that despite minor increases in time consumption, the security benefits of incorporating blockchain technology into IoT systems outweigh potential drawbacks, demonstrating a significant potential for blockchain in bolstering IoT security.

Keywords: Internet of Thing, Spoofing, IoT, Access control, Blockchain, Raspberry pi.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 55

Authors: Gabriel Chavira, Jorge Orozco, Salvador Nava, Eduardo Álvarez, Julio Rolón, Roberto Pichardo

Abstract:

Ambient Intelligence promotes a shift in computing which involves fitting-out the environments with devices to support context-aware applications. One of main objectives is the reduction to a minimum of the user’s interactive effort, the diversity and quantity of devices with which people are surrounded with, in existing environments; increase the level of difficulty to achieve this goal. The mobile phones and their amazing global penetration, makes it an excellent device for delivering new services to the user, without requiring a learning effort. The environment will have to be able to perceive all of the interaction techniques. In this paper, we present the PICTAC model (Perceiving touch Interaction through TAgging Context), which similarly delivers service to members of a research group.

Keywords: Ambient Intelligence, Tagging Context, Touch Interaction, Touching Services.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1806

Authors: M. Sandhya, R. M. Madhumitha, Sharmila Sankar

Abstract:

Interoperable medical devices (IMDs) face threats due to the increased attack surface accessible by interoperability and the corresponding infrastructure. Initiating networking and coordination functionalities primarily modify medical systems' security properties. Understanding the threats is a vital first step in ultimately crafting security solutions for such systems. The key to this problem is coming up with some common types of threats or attacks with those of security and privacy, and providing this information as a roadmap. This paper analyses the security issues in interoperability of devices and presents the main types of threats that have to be considered to build a secured system.

Keywords: Interoperability, threats, attacks, medical devices.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1489