Search results for: Internet security
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 1562

Search results for: Internet security

1322 Smart Grids Cyber Security Issues and Challenges

Authors: Imen Aouini, Lamia Ben Azzouz

Abstract:

The energy need is growing rapidly due to the population growth and the large new usage of power. Several works put considerable efforts to make the electricity grid more intelligent to reduce essentially energy consumption and provide efficiency and reliability of power systems. The Smart Grid is a complex architecture that covers critical devices and systems vulnerable to significant attacks. Hence, security is a crucial factor for the success and the wide deployment of Smart Grids. In this paper, we present security issues of the Smart Grid architecture and we highlight open issues that will make the Smart Grid security a challenging research area in the future.

Keywords: Smart grids, smart meters, home area network, neighbor area network.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3949
1321 Reasoning with Dynamic Domains and Computer Security

Authors: Yun Bai

Abstract:

Representing objects in a dynamic domain is essential in commonsense reasoning under some circumstances. Classical logics and their nonmonotonic consequences, however, are usually not able to deal with reasoning with dynamic domains due to the fact that every constant in the logical language denotes some existing object in the static domain. In this paper, we explore a logical formalization which allows us to represent nonexisting objects in commonsense reasoning. A formal system named N-theory is proposed for this purpose and its possible application in computer security is briefly discussed.

Keywords: knowledge representation and reasoning, commonsensereasoning, computer security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1443
1320 Designing a Framework for Network Security Protection

Authors: Eric P. Jiang

Abstract:

As the Internet continues to grow at a rapid pace as the primary medium for communications and commerce and as telecommunication networks and systems continue to expand their global reach, digital information has become the most popular and important information resource and our dependence upon the underlying cyber infrastructure has been increasing significantly. Unfortunately, as our dependency has grown, so has the threat to the cyber infrastructure from spammers, attackers and criminal enterprises. In this paper, we propose a new machine learning based network intrusion detection framework for cyber security. The detection process of the framework consists of two stages: model construction and intrusion detection. In the model construction stage, a semi-supervised machine learning algorithm is applied to a collected set of network audit data to generate a profile of normal network behavior and in the intrusion detection stage, input network events are analyzed and compared with the patterns gathered in the profile, and some of them are then flagged as anomalies should these events are sufficiently far from the expected normal behavior. The proposed framework is particularly applicable to the situations where there is only a small amount of labeled network training data available, which is very typical in real world network environments.

Keywords: classification, data analysis and mining, network intrusion detection, semi-supervised learning.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1795
1319 Remote Monitoring and Control System of Potentiostat Based on the Internet of Things

Authors: Liang Zhao, Guangwen Wang, Guichang Liu

Abstract:

Constant potometer is an important component of pipeline anti-corrosion systems in the chemical industry. Based on Internet of Things (IoT) technology, Programmable Logic Controller (PLC) technology and database technology, this paper developed a set of a constant potometer remote monitoring management system. The remote monitoring and remote adjustment of the working status of the constant potometer are realized. The system has real-time data display, historical data query, alarm push management, user permission management, and supporting Web access and mobile client application (APP) access. The actual engineering project test results show the stability of the system, which can be widely used in cathodic protection systems.

Keywords: Internet of Things, pipe corrosion protection, potentiostat, remote monitoring.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 972
1318 Avoiding Pin Ball Routing Problem in Network Mobility Hand-Off Management

Authors: M. Dinakaran, P. Balasubramanie

Abstract:

With the demand of mobility by users, wireless technologies have become the hotspot developing arena. Internet Engineering Task Force (IETF) working group has developed Mobile IP to support node mobility. The concept of node mobility indicates that in spite of the movement of the node, it is still connected to the internet and all the data transactions are preserved. It provides location-independent access to Internet. After the incorporation of host mobility, network mobility has undergone intense research. There are several intricacies faced in the real world implementation of network mobility significantly the problem of nested networks and their consequences. This article is concerned regarding a problem of nested network called pinball route problem and proposes a solution to eliminate the above problem. The proposed mechanism is implemented using NS2 simulation tool and it is found that the proposed mechanism efficiently reduces the overload caused by the pinball route problem.

Keywords: Mobile IP, Pinball routing problem, NEMO

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1845
1317 Dynamic Adaptability Using Reflexivity for Mobile Agent Protection

Authors: Salima Hacini, Haoua Cheribi, Zizette Boufaïda

Abstract:

The paradigm of mobile agent provides a promising technology for the development of distributed and open applications. However, one of the main obstacles to widespread adoption of the mobile agent paradigm seems to be security. This paper treats the security of the mobile agent against malicious host attacks. It describes generic mobile agent protection architecture. The proposed approach is based on the dynamic adaptability and adopts the reflexivity as a model of conception and implantation. In order to protect it against behaviour analysis attempts, the suggested approach supplies the mobile agent with a flexibility faculty allowing it to present an unexpected behaviour. Furthermore, some classical protective mechanisms are used to reinforce the level of security.

Keywords: Dynamic adaptability, malicious host, mobile agent security, reflexivity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1144
1316 Graphical Password Security Evaluation by Fuzzy AHP

Authors: Arash Habibi Lashkari, Azizah Abdul Manaf, Maslin Masrom

Abstract:

In today's day and age, one of the important topics in information security is authentication. There are several alternatives to text-based authentication of which includes Graphical Password (GP) or Graphical User Authentication (GUA). These methods stems from the fact that humans recognized and remembers images better than alphanumerical text characters. This paper will focus on the security aspect of GP algorithms and what most researchers have been working on trying to define these security features and attributes. The goal of this study is to develop a fuzzy decision model that allows automatic selection of available GP algorithms by taking into considerations the subjective judgments of the decision makers who are more than 50 postgraduate students of computer science. The approach that is being proposed is based on the Fuzzy Analytic Hierarchy Process (FAHP) which determines the criteria weight as a linear formula.

Keywords: Graphical Password, Authentication Security, Attack Patterns, Brute force attack, Dictionary attack, Guessing Attack, Spyware attack, Shoulder surfing attack, Social engineering Attack, Password Entropy, Password Space.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1936
1315 Analysis of Food Security Situation among Nigerian Rural Farmers

Authors: Victoria A. Okwoche, Benjamin C. Asogwa

Abstract:

This paper analysed the food security situation among Nigerian rural farmers. Data collected on 202 rural farmers from Benue State were analysed using descriptive and inferential statistics. The study revealed that majority of the respondents (60.83%) had medium dietary diversity. Furthermore, household daily calorie requirement for the food secure households was 10,723 and the household daily calorie consumption was 12,598, with a surplus index of 0.04. The food security index was 1.16. The Household daily per capita calorie consumption was 3,221.2. For the food insecure households, the household daily calorie requirement was 20,213 and the household daily calorie consumption was 17,393. The shortfall index was 0.14. The food security index was 0.88. The Household daily per capita calorie consumption was 2,432.8. The most commonly used coping strategies during food stress included intercropping (99.2%), reliance on less preferred food (98.1%), limiting portion size at meal times (85.8%) and crop diversification (70.8%).

Keywords: Analysis, food security, rural areas, farmers, Nigeria.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2914
1314 Enhancement of Environmental Security by the Application of Wireless Sensor Network in Nigeria

Authors: Ahmadu Girgiri, Lawan Gana Ali, Mamman M. Baba

Abstract:

Environmental security clearly articulates the perfections and developments of various communities around the world irrespective of the region, culture, religion or social inclination. Although, the present state of insecurity has become serious issue devastating the peace, unity, stability and progress of man and his physical environment particularly in developing countries. Recently, measure of security and it management in Nigeria has been a bottle-neck to the effectiveness and advancement of various sectors that include; business, education, social relations, politics and above all an economy. Several measures have been considered on mitigating environment insecurity such as surveillance, demarcation, security personnel empowerment and the likes, but still the issue remains disturbing. In this paper, we present the application of new technology that contributes to the improvement of security surveillance known as “Wireless Sensor Network (WSN)”. The system is new, smart and emerging technology that provides monitoring, detection and aggregation of information using sensor nodes and wireless network. WSN detects, monitors and stores information or activities in the deployed area such as schools, environment, business centers, public squares, industries, and outskirts and transmit to end users. This will reduce the cost of security funding and eases security surveillance depending on the nature and the requirement of the deployment.

Keywords: Wireless sensor network, node, application, monitoring, insecurity, environment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1737
1313 Proposal of a Model Supporting Decision-Making on Information Security Risk Treatment

Authors: Ritsuko Kawasaki (Aiba), Takeshi Hiromatsu

Abstract:

Management is required to understand all information security risks within an organization, and to make decisions on which information security risks should be treated in what level by allocating how much amount of cost. However, such decision-making is not usually easy, because various measures for risk treatment must be selected with the suitable application levels. In addition, some measures may have objectives conflicting with each other. It also makes the selection difficult. Therefore, this paper provides a model which supports the selection of measures by applying multi-objective analysis to find an optimal solution. Additionally, a list of measures is also provided to make the selection easier and more effective without any leakage of measures.

Keywords: Information security risk treatment, Selection of risk measures, Risk acceptance and Multi-objective optimization.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2134
1312 Emotional Security in Relationship to Tikrit University Students' Emotional Efficiency

Authors: Ibtisam Mahmoud Mohammed Sultan

Abstract:

The present research aims at identifying the level of both emotional security and emotional competence among Tikrit University students. It also meant to know the statistically significant differences according to variables such as gender variables (m-f) and specialization variables (scientific-humanities). The research also attempts to learn what kind of relationship is there between emotional security and emotional efficiency Tikrit University students have achieved. We constructed emotional security measure which consists of 54 items as well as a measure of emotional competence consisting of 46 items. We extracted full psychometric characteristics of both scales. The research sample consisted of 600 students selected randomly and applying the scales on a basic research sample and processed statistical data using a variety of methods, including statistical measure Pearson correlation coefficient, we found a set of results as follows: Tikrit University students possess a high level of emotional security, males enjoy more emotional security than females, there is no difference between students of scientific and humanitarian specialization in variable emotional security, Tikrit University students enjoy a high level of emotional competence, females outperform males in emotional competence level, the humanitarian specialization students excel in emotional competence more than those specialized in non-humanitarian sciences. Furthermore, the research comes up with a positive correlative relationship between these two variables. Through research results, we developed a set of conclusions, proposals, and recommendations.

Keywords: Emotional security, gender variable, specialization variable, Tikrit University students.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 389
1311 Marketing and Commercial Activities Offered on Websites of European Union Banks

Authors: Mario Spremić, Natalija Kokolek, Božidar Jaković, Jurica Šimurina

Abstract:

This paper deals with various questions related to functionality and providing banking services in the European union on the Internet. Due to the fact that we live in the information technologies era, the Internet become a new space for doing economic and business activities in all areas, and especially important in banking. Accepting the busy tempo of life, in the past several years electronic banking has become necessity and a must for most users of banking services. On a sample of 300 web sites of the banks operating in European Union (EU) we conduct the research on the functionality of e-banking services offered through banks web sites with the key objective to reveal to what extent the information technologies are used in their business operations. Characteristics of EU banks websites will be examined and compared to the basic groups of business activities on the web. Also some recommendations for the successful bank web sites will be provided.

Keywords: Electronic banking, electronic business, European Union banks, internet.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1663
1310 Fault and Theft Recognition Using Toro Dial Sensor in Programmable Current Relay for Feeder Security

Authors: R. Kamalakannan, N. Ravi Kumar

Abstract:

Feeder protection is important in transmission and distribution side because if any fault occurs in any feeder or transformer, man power is needed to identify the problem and it will take more time. In the existing system, directional overcurrent elements with load further secured by a load encroachment function can be used to provide necessary security and sensitivity for faults on remote points in a circuit. It is validated only in renewable plant collector circuit protection applications over a wide range of operating conditions. In this method, the directional overcurrent feeder protection is developed by using monitoring of feeder section through internet. In this web based monitoring, the fault and power theft are identified by using Toro dial sensor and its information is received by SCADA (Supervisory Control and Data Acquisition) and controlled by ARM microcontroller. This web based monitoring is also used to monitor the feeder management, directional current detection, demand side management, overload fault. This monitoring system is capable of monitoring the distribution feeder over a large area depending upon the cost. It is also used to reduce the power theft, time and man power. The simulation is done by MATLAB software.

Keywords: Current sensor, distribution feeder protection, directional overcurrent, power theft, protective relay.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 795
1309 A New Approach for Mobile Agent Security

Authors: R. Haghighat far, H. Yarahmadi

Abstract:

A mobile agent is a software which performs an action autonomously and independently as a person or an organizations assistance. Mobile agents are used for searching information, retrieval information, filtering, intruder recognition in networks, and so on. One of the important issues of mobile agent is their security. It must consider different security issues in effective and secured usage of mobile agent. One of those issues is the integrity-s protection of mobile agents. In this paper, the advantages and disadvantages of each method, after reviewing the existing methods, is examined. Regarding to this matter that each method has its own advantage or disadvantage, it seems that by combining these methods, one can reach to a better method for protecting the integrity of mobile agents. Therefore, this method is provided in this paper and then is evaluated in terms of existing method. Finally, this method is simulated and its results are the sign of improving the possibility of integrity-s protection of mobile agents.

Keywords: Integrity, Mobile Agent, Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1759
1308 Quick Reference: Cyber Attacks Awareness and Prevention Method for Home Users

Authors: Haydar Teymourlouei

Abstract:

It is important to take security measures to protect your computer information, reduce identify theft, and prevent from malicious cyber-attacks. With cyber-attacks on the continuous rise, people need to understand and learn ways to prevent from these attacks. Cyber-attack is an important factor to be considered if one is to be able to protect oneself from malicious attacks. Without proper security measures, most computer technology would hinder home users more than such technologies would help. Knowledge of how cyber-attacks operate and protective steps that can be taken to reduce chances of its occurrence are key to increasing these security measures. The purpose of this paper is to inform home users on the importance of identifying and taking preventive steps to avoid cyberattacks. Throughout this paper, many aspects of cyber-attacks will be discuss: what a cyber-attack is, the affects of cyber-attack for home users, different types of cyber-attacks, methodology to prevent such attacks; home users can take to fortify security of their computer.

Keywords: Cyber-attacks, home user, prevention, security, technology.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 7799
1307 Expression of Security Policy in Medical Systems for Electronic Healthcare Records

Authors: Nathan C. Lea, Tony Austin, Stephen Hailes, Dipak Kalra

Abstract:

This paper introduces a tool that is being developed for the expression of information security policy controls that govern electronic healthcare records. By reference to published findings, the paper introduces the theory behind the use of knowledge management for automatic and consistent security policy assertion using the formalism called the Secutype; the development of the tool and functionality is discussed; some examples of Secutypes generated by the tool are provided; proposed integration with existing medical record systems is described. The paper is concluded with a section on further work and critique of the work achieved to date.

Keywords: Information Security Policy, Electronic Healthcare Records, Knowledge Management, Archetypes, Secutypes.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1352
1306 Design of Multiple Clouds Based Global Performance Evaluation Service Broker System

Authors: Dong-Jae Kang, Nam-Woo Kim, Duk-Joo Son, Sung-In Jung

Abstract:

According to dramatic growth of internet services, an easy and prompt service deployment has been important for internet service providers to successfully maintain time-to-market. Before global service deployment, they have to pay the big cost for service evaluation to make a decision of the proper system location, system scale, service delay and so on. But, intra-Lab evaluation tends to have big gaps in the measured data compared with the realistic situation, because it is very difficult to accurately expect the local service environment, network congestion, service delay, network bandwidth and other factors. Therefore, to resolve or ease the upper problems, we propose multiple cloud based GPES Broker system and use case that helps internet service providers to alleviate the above problems in beta release phase and to make a prompt decision for their service launching. By supporting more realistic and reliable evaluation information, the proposed GPES Broker system saves the service release cost and enables internet service provider to make a prompt decision about their service launching to various remote regions.

Keywords: GPES Broker system, Cloud Service Broker, Multiple Cloud, Global performance evaluation service (GPES), Service provisioning

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2047
1305 Design and Implementation of a Memory Safety Isolation Method Based on the Xen Cloud Environment

Authors: Dengpan Wu, Dan Liu

Abstract:

In view of the present cloud security problem has increasingly become one of the major obstacles hindering the development of the cloud computing, put forward a kind of memory based on Xen cloud environment security isolation technology implementation. And based on Xen virtual machine monitor system, analysis of the model of memory virtualization is implemented, using Xen memory virtualization system mechanism of super calls and grant table, based on the virtual machine manager internal implementation of access control module (ACM) to design the security isolation system memory. Experiments show that, the system can effectively isolate different customer domain OS between illegal access to memory data.

Keywords: Cloud security, memory isolation, Xen, virtual machine.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1330
1304 Social Security Reform and Management: The Case of Three Member Territories of the Organisation of Eastern Caribbean States

Authors: Cleopatra Gittens

Abstract:

It has been recognized that some social security and national insurance systems in the Eastern Caribbean are experiencing ageing populations and economic and other crises that will present a financial challenge of being unable to pay pension benefits in fifteen to twenty years. This has implications for the fiscal and economic positions of the countries themselves. Hence, organizations would need to address the issue urgently. The study adds to the body of knowledge on social security systems and social security reforms in Small Island Developing States (SIDS). It also makes recommendations for the types of reforms that social security systems in other SIDS can implement given their special circumstances. Secondary research is used to gather financial and other related information on three social security schemes in the Eastern Caribbean. Actuarial and financial reports and other documents of the social security systems are analysed to obtain financial and static data on each of the schemes. The findings show that the three schemes studied are experiencing steady increases in benefit expenditure versus contributions and increasing pensioner to insured ratios. The schemes will deplete their reserves between 2038 and 2050. Two of the schemes have increased their retirement age while the other has not embarked on any reforms. One scheme has made changes to its contribution percentages. Due to their small size, small populations and other unique circumstances, the social security schemes in the identified territories are not likely to be able to take advantage of all of the reform initiatives that the developed world embarked on when faced with similar problems. These schemes will need to make incremental changes that align with the timeframes recommended by the actuarial studies.

Keywords: Pension benefits, pension, Small Island Developing States, Social Security Reform.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 169
1303 Application of Process Approach to Evaluate the Information Security Risk and its Implementation in an Iranian Private Bank

Authors: Isa Nakhai Kamal Abadi, Esmaeel Saberi, Ehsan Mirjafari

Abstract:

Every organization is continually subject to new damages and threats which can be resulted from their operations or their goal accomplishment. Methods of providing the security of space and applied tools have been widely changed with increasing application and development of information technology (IT). From this viewpoint, information security management systems were evolved to construct and prevent reiterating the experienced methods. In general, the correct response in information security management systems requires correct decision making, which in turn requires the comprehensive effort of managers and everyone involved in each plan or decision making. Obviously, all aspects of work or decision are not defined in all decision making conditions; therefore, the possible or certain risks should be considered when making decisions. This is the subject of risk management and it can influence the decisions. Investigation of different approaches in the field of risk management demonstrates their progress from quantitative to qualitative methods with a process approach.

Keywords: Risk Management, Information Security, Methodology, Probability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1530
1302 Identification of the Electronic City Application Obstacles in Iran

Authors: E. Asgharizadeh, M. Ajalli Geshlajoughi, S. R. Safavi Mirmahalleh

Abstract:

Amazing development of the information technology, communications and internet expansion as well as the requirements of the city managers to new ideas to run the city and higher participation of the citizens encourage us to complete the electronic city as soon as possible. The foundations of this electronic city are in information technology. People-s participation in metropolitan management is a crucial topic. Information technology does not impede this matter. It can ameliorate populace-s participation and better interactions between the citizens and the city managers. Citizens can proffer their ideas, beliefs and votes through digital mass media based upon the internet and computerization plexuses on the topical matters to receive appropriate replies and services. They can participate in urban projects by becoming cognizant of the city views. The most significant challenges are as follows: information and communicative management, altering citizens- views, as well as legal and office documents Electronic city obstacles have been identified in this research. The required data were forgathered through questionnaires to identify the barriers from a statistical community comprising specialists and practitioners of the ministry of information technology and communication, the municipality information technology organization. The conclusions demonstrate that the prioritized electronic city application barriers in Iran are as follows: The support quandaries (non-financial ones), behavioral, cultural and educational plights, the security, legal and license predicaments, the hardware, orismological and infrastructural curbs, the software and fiscal problems.

Keywords: Electronic city, urban management, populace's participation, electronic government, electronic services, electronic organization, electronic infrastructure.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1763
1301 The Internet of Healthcare Things: A European Perspective and a Review of Ethical Concerns

Authors: M. Emmanouilidou

Abstract:

The Internet of Things (IoT) is a disruptive technological paradigm that is at the center of the digital evolution by integrating physical and virtual worlds leading to the creation of extended interconnected ecosystems that are characterized as smart environments. The concept of the IoT has a broad range of applications in different industries including the healthcare sector. The Internet of Healthcare Things (IoHT), a branch of the IoT, is expected to bring promising benefits to all involved stakeholders and accelerate the revolution of the healthcare sector through a transition towards preventive and personalized medicine. The socio-economic challenges that the healthcare sector is facing further emphasize the need for a radical transformation of healthcare systems in both developed and developing countries with the role of pervasive technological innovations, such as IoHT, recognized as key to counteract the relevant challenges. Besides the number of potential opportunities that IoHT presents, there are fundamental ethical concerns that need to be considered and addressed in relation to the application of IoHT. This paper contributes to the discussion of the emerging topic of IoHT by providing an overview of the role and potential of IoHT, highlighting the characteristics of the current and future healthcare landscape, reporting on the up-to-date status of IoHT in Europe and reflecting upon existing research in the ethics of IoHT by incorporating additional ethical dimensions that have been ignored which can provide pathways for future research in the field.

Keywords: Ethics, Europe, healthcare, internet of things.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1764
1300 Hybrid Authentication System Using QR Code with OTP

Authors: Salim Istyaq

Abstract:

As we know, number of Internet users are increasing drastically. Now, people are using different online services provided by banks, colleges/schools, hospitals, online utility, bill payment and online shopping sites. To access online services, text-based authentication system is in use. The text-based authentication scheme faces some drawbacks with usability and security issues that bring troubles to users. The core element of computational trust is identity. The aim of the paper is to make the system more compliable for the imposters and more reliable for the users, by using the graphical authentication approach. In this paper, we are using the more powerful tool of encoding the options in graphical QR format and also there will be the acknowledgment which will send to the user’s mobile for final verification. The main methodology depends upon the encryption option and final verification by confirming a set of pass phrase on the legal users, the outcome of the result is very powerful as it only gives the result at once when the process is successfully done. All processes are cross linked serially as the output of the 1st process, is the input of the 2nd and so on. The system is a combination of recognition and pure recall based technique. Presented scheme is useful for devices like PDAs, iPod, phone etc. which are more handy and convenient to use than traditional desktop computer systems.

Keywords: Graphical Password, OTP, QR Codes, Recognition based graphical user authentication, usability and security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1661
1299 Encryption Efficiency Analysis and Security Evaluation of RC6 Block Cipher for Digital Images

Authors: Hossam El-din H. Ahmed, Hamdy M. Kalash, Osama S. Farag Allah

Abstract:

This paper investigates the encryption efficiency of RC6 block cipher application to digital images, providing a new mathematical measure for encryption efficiency, which we will call the encryption quality instead of visual inspection, The encryption quality of RC6 block cipher is investigated among its several design parameters such as word size, number of rounds, and secret key length and the optimal choices for the best values of such design parameters are given. Also, the security analysis of RC6 block cipher for digital images is investigated from strict cryptographic viewpoint. The security estimations of RC6 block cipher for digital images against brute-force, statistical, and differential attacks are explored. Experiments are made to test the security of RC6 block cipher for digital images against all aforementioned types of attacks. Experiments and results verify and prove that RC6 block cipher is highly secure for real-time image encryption from cryptographic viewpoint. Thorough experimental tests are carried out with detailed analysis, demonstrating the high security of RC6 block cipher algorithm. So, RC6 block cipher can be considered to be a real-time secure symmetric encryption for digital images.

Keywords: Block cipher, Image encryption, Encryption quality, and Security analysis.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2425
1298 Survey of Access Controls in Cloud Computing

Authors: Monirah Alkathiry, Hanan Aljarwan

Abstract:

Cloud computing is one of the most significant technologies that the world deals with, in different sectors with different purposes and capabilities. The cloud faces various challenges in securing data from unauthorized access or modification. Consequently, security risks and levels have greatly increased. Therefore, cloud service providers (CSPs) and users need secure mechanisms that ensure that data are kept secret and safe from any disclosures or exploits. For this reason, CSPs need a number of techniques and technologies to manage and secure access to the cloud services to achieve security goals, such as confidentiality, integrity, identity access management (IAM), etc. Therefore, this paper will review and explore various access controls implemented in a cloud environment that achieve different security purposes. The methodology followed in this survey was conducting an assessment, evaluation, and comparison between those access controls mechanisms and technologies based on different factors, such as the security goals it achieves, usability, and cost-effectiveness. This assessment resulted in the fact that the technology used in an access control affects the security goals it achieves as well as there is no one access control method that achieves all security goals. Consequently, such a comparison would help decision-makers to choose properly the access controls that meet their requirements.

Keywords: Access controls, cloud computing, confidentiality, identity and access management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 730
1297 Cloud Computing: Changing Cogitation about Computing

Authors: Mehrdad Mahdavi Boroujerdi, Soheil Nazem

Abstract:

Cloud Computing is a new technology that helps us to use the Cloud for compliance our computation needs. Cloud refers to a scalable network of computers that work together like Internet. An important element in Cloud Computing is that we shift processing, managing, storing and implementing our data from, locality into the Cloud; So it helps us to improve the efficiency. Because of it is new technology, it has both advantages and disadvantages that are scrutinized in this article. Then some vanguards of this technology are studied. Afterwards we find out that Cloud Computing will have important roles in our tomorrow life!

Keywords: Cloud Computing, Grid Computing, Internet as a Platform, On-demand Computing, Software as a Service.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1633
1296 Security Analysis of Password Hardened Multimodal Biometric Fuzzy Vault

Authors: V. S. Meenakshi, G. Padmavathi

Abstract:

Biometric techniques are gaining importance for personal authentication and identification as compared to the traditional authentication methods. Biometric templates are vulnerable to variety of attacks due to their inherent nature. When a person-s biometric is compromised his identity is lost. In contrast to password, biometric is not revocable. Therefore, providing security to the stored biometric template is very crucial. Crypto biometric systems are authentication systems, which blends the idea of cryptography and biometrics. Fuzzy vault is a proven crypto biometric construct which is used to secure the biometric templates. However fuzzy vault suffer from certain limitations like nonrevocability, cross matching. Security of the fuzzy vault is affected by the non-uniform nature of the biometric data. Fuzzy vault when hardened with password overcomes these limitations. Password provides an additional layer of security and enhances user privacy. Retina has certain advantages over other biometric traits. Retinal scans are used in high-end security applications like access control to areas or rooms in military installations, power plants, and other high risk security areas. This work applies the idea of fuzzy vault for retinal biometric template. Multimodal biometric system performance is well compared to single modal biometric systems. The proposed multi modal biometric fuzzy vault includes combined feature points from retina and fingerprint. The combined vault is hardened with user password for achieving high level of security. The security of the combined vault is measured using min-entropy. The proposed password hardened multi biometric fuzzy vault is robust towards stored biometric template attacks.

Keywords: Biometric Template Security, Crypto Biometric Systems, Hardening Fuzzy Vault, Min-Entropy.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2160
1295 Secure Socket Layer in the Network and Web Security

Authors: Roza Dastres, Mohsen Soori

Abstract:

In order to electronically exchange information between network users in the web of data, different software such as outlook is presented. So, the traffic of users on a site or even the floors of a building can be decreased as a result of applying a secure and reliable data sharing software. It is essential to provide a fast, secure and reliable network system in the data sharing webs to create an advanced communication systems in the users of network. In the present research work, different encoding methods and algorithms in data sharing systems is studied in order to increase security of data sharing systems by preventing the access of hackers to the transferred data. To increase security in the networks, the possibility of textual conversation between customers of a local network is studied. Application of the encryption and decryption algorithms is studied in order to increase security in networks by preventing hackers from infiltrating. As a result, a reliable and secure communication system between members of a network can be provided by preventing additional traffic in the website environment in order to increase speed, accuracy and security in the network and web systems of data sharing.

Keywords: Secure Socket Layer, Security of networks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 510
1294 An Advanced Hybrid P2p Botnet 2.0

Authors: T. T. Lu, H.Y. Liao, M .F. Chen

Abstract:

Recently, malware attacks have become more serious over the Internet by e-mail, denial of service (DoS) or distributed denial of service (DDoS). The Botnets have become a significant part of the Internet malware attacks. The traditional botnets include three parts – botmaster, command and control (C&C) servers and bots. The C&C servers receive commands from botmaster and control the distributions of computers remotely. Bots use DNS to find the positions of C&C server. In this paper, we propose an advanced hybrid peer-to-peer (P2P) botnet 2.0 (AHP2P botnet 2.0) using web 2.0 technology to hide the instructions from botmaster into social sites, which are regarded as C&C servers. Servent bots are regarded as sub-C&C servers to get the instructions from social sites. The AHP2P botnet 2.0 can evaluate the performance of servent bots, reduce DNS traffics from bots to C&C servers, and achieve harder detection bots actions than IRC-based botnets over the Internet.

Keywords: Peer-to-peer, Botnets, Botnet 2.0, Hybridpeer-to-peer

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2428
1293 Authentication Protocol for Wireless Sensor Networks

Authors: Sunil Gupta, Harsh Kumar Verma, AL Sangal

Abstract:

Wireless sensor networks can be used to measure and monitor many challenging problems and typically involve in monitoring, tracking and controlling areas such as battlefield monitoring, object tracking, habitat monitoring and home sentry systems. However, wireless sensor networks pose unique security challenges including forgery of sensor data, eavesdropping, denial of service attacks, and the physical compromise of sensor nodes. Node in a sensor networks may be vanished due to power exhaustion or malicious attacks. To expand the life span of the sensor network, a new node deployment is needed. In military scenarios, intruder may directly organize malicious nodes or manipulate existing nodes to set up malicious new nodes through many kinds of attacks. To avoid malicious nodes from joining the sensor network, a security is required in the design of sensor network protocols. In this paper, we proposed a security framework to provide a complete security solution against the known attacks in wireless sensor networks. Our framework accomplishes node authentication for new nodes with recognition of a malicious node. When deployed as a framework, a high degree of security is reachable compared with the conventional sensor network security solutions. A proposed framework can protect against most of the notorious attacks in sensor networks, and attain better computation and communication performance. This is different from conventional authentication methods based on the node identity. It includes identity of nodes and the node security time stamp into the authentication procedure. Hence security protocols not only see the identity of each node but also distinguish between new nodes and old nodes.

Keywords: Authentication, Key management, Wireless Sensornetwork, Elliptic curve cryptography (ECC).

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3824