Search results for: Security Standards

Authors: Nafise Fareghzadeh

Abstract:

Web services provide significant new benefits for SOAbased applications, but they also expose significant new security risks. There are huge number of WS security standards and processes. At present, there is still a lack of a comprehensive approach which offers a methodical development in the construction of secure WS-based SOA. Thus, the main objective of this paper is to address this needs, presenting a comprehensive method for Web Services Security guaranty in SOA. The proposed method defines three stages, Initial Security Analysis, Architectural Security Guaranty and WS Security Standards Identification. These facilitate, respectively, the definition and analysis of WS-specific security requirements, the development of a WS-based security architecture and the identification of the related WS security standards that the security architecture must articulate in order to implement the security services.

Keywords: Kernel, Repository, Security Standards, WS Security Policy, WS specification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1384

Authors: Sh. Ladan, A. Yari, H. Khodabandeh

Abstract:

The need for Information Security in organizations, regardless of their type and size, is being addressed by emerging standards and recommended best practices. The various standards and practices which evolved in recent years and are still being developed and constantly revised, address the issue of Information Security from different angles. This paper attempts to provide an overview of Information Security Standards and Practices by briefly discussing some of the most popular ones. Through a comparative study of their similarities and differences, some insight can be obtained on how their combination may lead to an increased level of Information Security.

Keywords: Information security management, information security standard, BS7799, ISO 17799, COBIT.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1505

Authors: Daniel Padilla, Edward Guillen

Abstract:

Several wireless networks security standards have been proposed and widely implemented in both business and home environments in order to protect the network from unauthorized access. However, the implementation of such standards is usually achieved by network administrators without even knowing the standards- weaknesses and strengths. The intention of this paper is to evaluate and analyze the impact over the network-s security due to the implementation of the wireless networks security standards WEP, WPA and WLAN 802.1X.

Keywords: 802.1X, vulnerabilities analysis, WEP, wireless security, WPA.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2321

Authors: Yiyang Su, Jörg Neumann, Jan Wetzlich, Florian Thiel

Abstract:

Smart grid is a term used to describe the next generation power grid. New challenges such as integration of renewable and decentralized energy sources, the requirement for continuous grid estimation and optimization, as well as the use of two-way flows of energy have been brought to the power gird. In order to achieve efficient, reliable, sustainable, as well as secure delivery of electric power more and more information and communication technologies are used for the monitoring and the control of power grids. Consequently, the need for cybersecurity is dramatically increased and has converged into several standards which will be presented here. These standards for the smart grid must be designed to satisfy both performance and reliability requirements. An in depth investigation of the effect of retrospectively embedded security in existing grids on it’s dynamic behavior is required. Therefore, a retrofitting plan for existing meters is offered, and it’s performance in a test low voltage microgrid is investigated. As a result of this, integration of security measures into measurement architectures of smart grids at the design phase is strongly recommended.

Keywords: Cyber security, performance, protocols, security standards, smart grid.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 828

Authors: Jiří F. Urbánek, Jiří Barta

Abstract:

Societal security, continuity scenarios and methodological cycling approach explained in this article. Namely societal security organizational challenges ask implementation of international standards BS 25999-2 & global ISO 22300 which is a family of standards for business continuity management system. Efficient global organization system is distinguished of high entity´s complexity, connectivity & interoperability, having not only cooperative relations in a fact. Competing business have numerous participating ´enemies´, which are in apparent or hidden opponent and antagonistic roles with prosperous organization system, resulting to a crisis scene or even to a battle theatre. Organization business continuity scenarios are necessary for such ´a play´ preparedness, planning, management & overmastering in real environments.

Keywords: Business Continuity, Societal Security Crisis Scenarios Cycles.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2109

Authors: Manole Velicanu, Emanuil Rednic

Abstract:

The paper shows the necessity to increase the security level for paper management in the cadastral field by using specific graphical watermarks. Using the graphical watermarking will increase the security in the cadastral content management; furthermore any altered document will be validated afterwards of its originality by checking the graphic watermark. If, by any reasons the document is changed for counterfeiting, it is invalidated and found that is an illegal copy due to the graphic check of the watermarking, check made at pixel level

Keywords: cadastral system, database security, security standards, content management, identity management, watermarking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1486

Authors: Jong-Whoi Shin, Chong-Sun Hwang

Abstract:

Various security APIs (Application Programming Interfaces) are being used in a variety of application areas requiring the information security function. However, these standards are not compatible, and the developer must use those APIs selectively depending on the application environment or the programming language. To resolve this problem, we propose the standard draft of the information security component, while SSL (Secure Sockets Layer) using the confidentiality and integrity component interface has been implemented to verify validity of the standard proposal. The implemented SSL uses the lower-level SSL component when establishing the RMI (Remote Method Invocation) communication between components, as if the security algorithm had been implemented by adding one more layer on the TCP/IP.

Keywords: Component Based Design, Application Programming Interface, Secure Socket Layer, Remote Method Invocation.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1464

Authors: Su Hyung Jo, Ki Young Kim, Sang Ho Lee

Abstract:

Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper relates to a security engine management of router based on a security policy, which is the definition of security function against a network intrusion. This paper explains the security policy and designs the structure of security engine management framework.

Keywords: Policy server, security engine, security management, security policy

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1870

Authors: Arellano Karina, Diego Avila-Pesántez, Leticia Vaca-Cárdenas, Alberto Arellano, Carmen Mantilla

Abstract:

Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.

Keywords: Denial-of-service SIP attacks, MS-DoS-SIP, security model, VoIP-SIP vulnerabilities.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 937

Authors: Alexey Kulik

Abstract:

This article deals with selection standards for national sport teams. The author examines the legal framework for selection criteria and suggests using the most honest criteria.

Keywords: National teams, Standards of forming teams, Selection standards, Sport legislations.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1349

Authors: Gu Tian-yang, Shi Yin-sheng, Fang You-yuan

Abstract:

Software security testing is an important means to ensure software security and trustiness. This paper first mainly discusses the definition and classification of software security testing, and investigates methods and tools of software security testing widely. Then it analyzes and concludes the advantages and disadvantages of various methods and the scope of application, presents a taxonomy of security testing tools. Finally, the paper points out future focus and development directions of software security testing technology.

Keywords: security testing, security functional testing, securityvulnerability testing, testing method, testing tool

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 5062

Authors: Feddaoui Amina

Abstract:

This paper aimed to help researchers and international companies to the differences and similarities between IFRS (International financial reporting standards) and UK GAAP or UK accounting principles, and to the accounting changes between standard setting of the International Accounting Standards Board and the Accounting Standards Board in United Kingdom. We will use in this study statistical methods to calculate similarities and difference frequencies between the UK standards and IFRS standards, according to the PricewaterhouseCoopers report in 2005. We will use the one simple test to confirm or refuse our hypothesis. In conclusion, we found that the gap between UK GAAP and IFRS is small.

Keywords: Accounting, UK GAAP, IFRS, similarities, differences.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3520

Authors: Dominykas Broga

Abstract:

Until recently it would have been unusual to consider classifying population movements and refugees as security problem. However, efforts at shaping our world to make ourselves secure have paradoxically led to ever greater insecurity. The feeling of uncertainty, pertinent throughout all discourses of security, has led to the creation of security production into seemingly benign routines of everyday life. Yet, the paper argues, neither of security discourses accounted for, disclosed and challenged the fundamental aporias embedded in Western security narratives. In turn, the paper aims to unpick the conventional security wisdom, which is haunted with strong ontologies, embedded in the politics of Orientalism, and (in)security nexus. The paper concludes that current security affair conceals the integral impossibility of fulfilling its very own promise of assured security. The paper also provides suggestions about alternative security discourse based on mutual dialogue.

Keywords: Identity, (in)security, migration, ontology

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1553

Authors: Y. Cifuentes, L. Beltrán, L. Ramírez

Abstract:

The availability to deploy mobile applications for health care is increasing daily thru different mobile app stores. But within these capabilities the number of hacking attacks has also increased, in particular into medical mobile applications. The security vulnerabilities in medical mobile apps can be triggered by errors in code, incorrect logic, poor design, among other parameters. This is usually used by malicious attackers to steal or modify the users’ information. The aim of this research is to analyze the vulnerabilities detected in mobile medical apps according to risk factor standards defined by OWASP in 2014.

Keywords: mHealth apps, OWASP, protocols, security vulnerabilities, risk factors.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4339

Authors: Nina V. Zaitseva, Pavel Z. Shur, Nina G. Atiskova

Abstract:

Nowadays harmonization of sanitary and hygienic standards of environmental quality with international standards is crucial part of integration of Russia into the international community. Harmonization of Russian and international ambient air quality standards may be realized by risk-based standards development. In this paper approaches to risk-based standards development and examples of these approaches implementation are presented.

Keywords: Harmonization, health risk assessment, evolutionary modelling, benchmark level, nickel, manganese.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1909

Authors: P. Vazan, P. Tanuska, M. Kebisek, S. Duchovicova

Abstract:

The paper deals with communication standards for control and production system. The authors formulate the requirements for communication security protection. The paper is focused on application protocols of the industrial networks and their basic classification. The typical attacks are analysed and the safety protection, based on requirements for specific industrial network is suggested and defined in this paper.

Keywords: Application protocols, communication standards, industrial networks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1966

Authors: Amjad F. Alharbi, Bashayer A. Alotaibi, Fahd S. Alotaibi

Abstract:

The emergence of Internet of Things (IoT) technology provides capabilities for a huge number of smart devices, services and people to be communicate with each other for exchanging data and information over existing network. While as IoT is progressing, it provides many opportunities for new ways of communications as well it introduces many security and privacy threats and challenges which need to be considered for the future of IoT development. In this survey paper, an IoT security issues as threats and current challenges are summarized. The security architecture for IoT are presented from four main layers. Based on these layers, the IoT security requirements are presented to insure security in the whole system. Furthermore, some researches initiatives related to IoT security are discussed as well as the future direction for IoT security are highlighted.

Keywords: Internet of Things, IoT, IoT security challenges, IoT security requirements, IoT security architecture.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1121

Authors: Ahmed S. Khan, Amin Karim

Abstract:

During the past several decades, the economy of each nation has been significantly affected by globalization and technology. Government regulations and private sector standards affect a majority of world trade. Countries have been working together to establish international standards in almost every field. As a result, workers in all sectors need to have an understanding of standards. Engineering and technology students must not only possess an understanding of engineering standards and applicable government codes, but also learn to apply them in designing, developing, testing and servicing products, processes and systems. Accreditation Board for Engineering & Technology (ABET) criteria for engineering and technology education require students to learn and apply standards in their class projects. This paper is a follow-up of a 2006-2009 NSF initiative awarded to IEEE to help develop tutorials and case study modules for students and encourage standards education at college campuses. It presents the findings of a faculty/institution survey conducted through various U.S.-based listservs representing the major engineering and technology disciplines. The intent of the survey was to the gauge the status of use of standards and regulations in engineering and technology coursework and to identify benchmark practices. In light of survey findings, recommendations are made to standards development organizations, industry, and academia to help enhance the use of standards in engineering and technology curricula.

Keywords: Standards, regulations, ABET, IEEE, engineering and technology curricula.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2796

Authors: Marzieh Mokhtaripour

Abstract:

Security issue and the importance of the function of police to provide practical and psychological contexts in the community has been the main topics among researchers , police and security circles and this subject require to review and analysis mechanisms within the police and its interaction with other parts of the system for providing community safety. This paper examine national and social security in the Internet.

Keywords: Internet National security Social security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1221

Authors: Jamal Bakkas, Mohamed Bahaj, Abdellatif Soklabi

Abstract:

The intense use of the web has made it a very changing environment, its content is in permanent evolution to adapt to the demands. The standards have accompanied this evolution by passing from standards that regroup data with their presentations without any structuring such as HTML, to standards that separate both and give more importance to the structural aspect of the content such as XML standard and its derivatives. Currently, with the appearance of the Semantic Web, ontologies become increasingly present on the web and standards that allow their representations as OWL and RDF/RDFS begin to gain momentum. This paper provided an automatic method that converts XML schema document to ontologies represented in OWL.

Keywords: XML Schema, OWL, RDB, Mapping, Ontology.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2332

Authors: J. P. Dubois, P. G. Jreije

Abstract:

In this paper, a framework is presented trying to make the most secure web system out of the available generic and web security technology which can be used as a guideline for organizations building their web sites. The framework is designed to provide necessary security services, to address the known security threats, and to provide some cover to other security problems especially unknown threats. The requirements for the design are discussed which guided us to the design of secure web system. The designed security framework is then simulated and various quality of service (QoS) metrics are calculated to measure the performance of this system.

Keywords: Web Security, Internet Voting, Firewall, QoS, Latency, Utilization, Throughput.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1298

Authors: Mingaleva Zhanna, Kapuskina Tatiana

Abstract:

The article touches upon questions of information security in Russian Economy. It covers theoretical bases of information security and causes of its development. The theory is proved by the analysis of business activities and the main tendencies of information security development. Perm region has been chosen as the bases for the analysis, being the fastestdeveloping region that uses methods of information security in managing it economy. As a result of the study the authors of the given article have formulated their own vision of the problem of information security in various branches of economy and stated prospects of information security development and its growing role in Russian economy

Keywords: security of business, management of information security, institutional analyses.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1274

Authors: Yun Bai

Abstract:

This paper is to investigate the impplementation of security mechanism in object oriented database system. Formal methods plays an essential role in computer security due to its powerful expressiveness and concise syntax and semantics. In this paper, both issues of specification and implementation in database security environment will be considered; and the database security is achieved through the development of an efficient implementation of the specification without compromising its originality and expressiveness.

Keywords: database security, authorization policy, logic basedspecification

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1677

Authors: Naveed Ghani, Samreen Javed

Abstract:

In today’s heterogeneous network environment, there is a growing demand for distrust clients to jointly execute secure network to prevent from malicious attacks as the defining task of propagating malicious code is to locate new targets to attack. Residual risk is always there no matter what solutions are implemented or whet so ever security methodology or standards being adapted. Security is the first and crucial phase in the field of Computer Science. The main aim of the Computer Security is gathering of information with secure network. No one need wonder what all that malware is trying to do: It's trying to steal money through data theft, bank transfers, stolen passwords, or swiped identities. From there, with the help of our survey we learn about the importance of white listing, antimalware programs, security patches, log files, honey pots, and more used in banks for financial data protection but there’s also a need of implementing the IPV6 tunneling with Crypto data transformation according to the requirements of new technology to prevent the organization from new Malware attacks and crafting of its own messages and sending them to the target. In this paper the writer has given the idea of implementing IPV6 Tunneling Secessions on private data transmission from financial organizations whose secrecy needed to be safeguarded.

Keywords: Network worms, malware infection propagating malicious code, virus, security, VPN.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2752

Authors: R. Chithra, B. Kalaavathi, K. S. Aruna Shivani

Abstract:

Worldwide Interoperability for Microwave Access, is a broadband technology, which can effectively transmit a data across a group of users using Multicast and Broadcast Service. WiMAX belongs to a family of (IEEE 802.16) standards and is evolving as a fourth generation technology. WiMAX is the next generation technology that offers wireless access over long distances. MBS zone, which is a group of base stations that are broadcasting the same multicast packets which defines Multicast and Broadcast services. Handover is a process of transferring an ongoing call or data session from one channel connected to the core network to another channel. The handover causes authentication, delay, packet loss, jitter that mainly affects the communication. In this paper, we present a survey on handover security issues in WiMAX.

Keywords: WiMAX, Handover, Multicast and Broadcast Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1362

Authors: H. Bourdoucen, A. Al Naamany, A. Al Kalbani

Abstract:

Many corporations are seriously concerned about security of networks and therefore, their network supervisors are still reluctant to install WLANs. In this regards, the IEEE802.11i standard was developed to address the security problems, even though the mistrust of the wireless LAN technology is still existing. The thought was that the best security solutions could be found in open standards based technologies that can be delivered by Virtual Private Networking (VPN) being used for long time without addressing any security holes for the past few years. This work, addresses this issue and presents a simulated wireless LAN of IEEE802.11g protocol, and analyzes impact of integrating Virtual Private Network technology to secure the flow of traffic between the client and the server within the LAN, using OPNET WLAN utility. Two Wireless LAN scenarios have been introduced and simulated. These are based on normal extension to a wired network and VPN over extension to a wired network. The results of the two scenarios are compared and indicate the impact of improving performance, measured by response time and load, of Virtual Private Network over wireless LAN.

Keywords: IEEE802.11, VPN, Networking, Secure Wireless, WLAN, Opnet.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2944

Authors: Lei Dou, Mitsuhiro Nakagawa, Fei Yan, Ping Li

Abstract:

Participation in global trade means that Chinas vegetables and fruits industry faces international food safety standards and increased scrutiny worldwide. The objectives of this paper were to investigate how existing food safety standards and regulations in the importing countries impact the export of vegetables and fruits from China. This paper discussed the current and historical situations of Chinas vegetables and fruits export from 1996 to 2010, analyzed the Maximum Residual Limit (MRL) standards of pesticides imposed by importing countries, quantitatively estimated the impacts of food safety standards on Chinas vegetables and fruits export based on a gravity model. The results showed that although transportation distance between trade partners and tariff rates on vegetables and fruits were still the importantly resistant factors for China export, vegetables and fruits export was sensitive to the number of regulated pesticides, the strictness, and the level of food safety standards imposed by importing countries, which showed a significant trade flow effect, stricter food safety standards, increased number of regulated pesticides significantly inhibit China export of vegetables and fruits. Moreover, Chinas food safety standards also showed a significantly effect on vegetables and fruits export, which inhibited export to some extent. KeywordsFood safety standards, MRL, Vegetables, Fruits, Export.

Keywords: Food safety standards, MRL, Vegetables, Fruits, Export.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3184

Authors: N. Alharbi

Abstract:

E-government is becoming more important these days. However, the adoption of e-government is often slowed down by technical and non-technical security factors. Nowadays, there many security models that can make the e-government services more secure. This paper will explain the main security factors that affected the level of e-government security. Moreover, it will also analyse current existing models. Finally, the paper will suggest a comprehensive security model that will contain most of technical and non-technical factors.

Keywords: E-government, technical, non-technical, security model.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2020

Authors: Luc Cessieux, French Navy, Adrien Derock, DCNS/IMATH

Abstract:

Security risk models have been successful in estimating the likelihood of attack for simple security threats. However, modeling complex system and their security risk is even a challenge. Many methods have been proposed to face this problem. Often difficult to manipulate, and not enough all-embracing they are not as famous as they should with administrators and deciders. We propose in this paper a new tool to model big systems on purpose. The software, takes into account attack threats and security strength.

Keywords: Security, risk management, threat, modelization.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1278

Authors: T. Männistö, M. Finger

Abstract:

The events of October 2010, where terrorists managed to get explosive devices onboard of three passenger aircrafts and two air freighters, demonstrated weaknesses of the international air cargo and airmail security. Ever since, postal security has gained interest among policymakers and authorities. This study augments the limited body of academic literature on the topic bydemarcating areas of postal security, identifying relevant stakeholders in each area, and investigating why these stakeholders engage in postal security. Research is based on a case study on Swiss Post’s mail service.

Keywords: Dangerous goods, mail bombs, postal security, supply chain security, theft of mail, trafficking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1629