Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 1690

Search results for: IoT security challenges

1690 Security of Internet of Things: Challenges, Requirements and Future Directions

Authors: Amjad F. Alharbi, Bashayer A. Alotaibi, Fahd S. Alotaibi

Abstract:

The emergence of Internet of Things (IoT) technology provides capabilities for a huge number of smart devices, services and people to be communicate with each other for exchanging data and information over existing network. While as IoT is progressing, it provides many opportunities for new ways of communications as well it introduces many security and privacy threats and challenges which need to be considered for the future of IoT development. In this survey paper, an IoT security issues as threats and current challenges are summarized. The security architecture for IoT are presented from four main layers. Based on these layers, the IoT security requirements are presented to insure security in the whole system. Furthermore, some researches initiatives related to IoT security are discussed as well as the future direction for IoT security are highlighted.

Keywords: Internet of Things, IoT, IoT security challenges, IoT security requirements, IoT security architecture.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 777
1689 Security Threats on Wireless Sensor Network Protocols

Authors: H. Gorine, M. Ramadan Elmezughi

Abstract:

In this paper, we investigate security issues and challenges facing researchers in wireless sensor networks and countermeasures to resolve them. The broadcast nature of wireless communication makes Wireless Sensor Networks prone to various attacks. Due to resources limitation constraint in terms of limited energy, computation power and memory, security in wireless sensor networks creates different challenges than wired network security. We will discuss several attempts at addressing the issues of security in wireless sensor networks in an attempt to encourage more research into this area.

Keywords: Malicious nodes, network security, soft encryption, threats, wireless sensor networks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1190
1688 VANETs: Security Challenges and Future Directions

Authors: Jared Oluoch

Abstract:

Connected vehicles are equipped with wireless sensors that aid in Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication. These vehicles will in the near future provide road safety, improve transport efficiency, and reduce traffic congestion. One of the challenges for connected vehicles is how to ensure that information sent across the network is secure. If security of the network is not guaranteed, several attacks can occur, thereby compromising the robustness, reliability, and efficiency of the network. This paper discusses existing security mechanisms and unique properties of connected vehicles. The methodology employed in this work is exploratory. The paper reviews existing security solutions for connected vehicles. More concretely, it discusses various cryptographic mechanisms available, and suggests areas of improvement. The study proposes a combination of symmetric key encryption and public key cryptography to improve security. The study further proposes message aggregation as a technique to overcome message redundancy. This paper offers a comprehensive overview of connected vehicles technology, its applications, its security mechanisms, open challenges, and potential areas of future research.

Keywords: VANET, connected vehicles, 802.11p, WAVE, DSRC, trust, security, cryptography.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1921
1687 Cloud Computing for E-Learning with More Emphasis on Security Issues

Authors: Sajjad Hashemi, Seyyed Yasser Hashemi

Abstract:

In today's world, success of most systems depend on the use of new technologies and information technology (IT) which aimed to increase efficiency and satisfaction of users. One of the most important systems that use information technology to deliver services is the education system. But for educational services in the form of E-learning systems, hardware and software equipment should be containing high quality, which requires substantial investment. Because the vast majority of educational establishments can not invest in this area so the best way for them is reducing the costs and providing the E-learning services by using cloud computing. But according to the novelty of the cloud technology, it can create challenges and concerns that the most noted among them are security issues. Security concerns about cloud-based E-learning products are critical and security measures essential to protect valuable data of users from security vulnerabilities in products. Thus, the success of these products happened if customers meet security requirements then can overcome security threats. In this paper tried to explore cloud computing and its positive impact on E- learning and put main focus to identify security issues that related to cloud-based E-learning efforts which have been improve security and provide solutions in management challenges.

Keywords: Cloud computing, E-Learning, Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2948
1686 Towards a Secure Storage in Cloud Computing

Authors: Mohamed Elkholy, Ahmed Elfatatry

Abstract:

Cloud computing has emerged as a flexible computing paradigm that reshaped the Information Technology map. However, cloud computing brought about a number of security challenges as a result of the physical distribution of computational resources and the limited control that users have over the physical storage. This situation raises many security challenges for data integrity and confidentiality as well as authentication and access control. This work proposes a security mechanism for data integrity that allows a data owner to be aware of any modification that takes place to his data. The data integrity mechanism is integrated with an extended Kerberos authentication that ensures authorized access control. The proposed mechanism protects data confidentiality even if data are stored on an untrusted storage. The proposed mechanism has been evaluated against different types of attacks and proved its efficiency to protect cloud data storage from different malicious attacks.

Keywords: Access control, data integrity, data confidentiality, Kerberos authentication, cloud security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1369
1685 Challenges for Security in Wireless Sensor Networks (WSNs)

Authors: Muazzam A. Khan, Ghalib A. Shah, Muhammad Sher

Abstract:

Wireless sensor network is formed with the combination of sensor nodes and sink nodes. Recently Wireless sensor network has attracted attention of the research community. The main application of wireless sensor network is security from different attacks both for mass public and military. However securing these networks, by itself is a critical issue due to many constraints like limited energy, computational power and lower memory. Researchers working in this area have proposed a number of security techniques for this purpose. Still, more work needs to be done.In this paper we provide a detailed discussion on security in wireless sensor networks. This paper will help to identify different obstacles and requirements for security of wireless sensor networks as well as highlight weaknesses of existing techniques.

Keywords: Wireless senor networks (WSNs), security, denial of service, black hole, cryptography, stenography.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2619
1684 A Review in Recent Development of Network Threats and Security Measures

Authors: Roza Dastres, Mohsen Soori

Abstract:

Networks are vulnerable devices due to their basic feature of facilitating remote access and data communication. The information in the networks needs to be kept secured and safe in order to provide an effective communication and sharing device in the web of data. Due to challenges and threats of the data in networks, the network security is one of the most important considerations in information technology infrastructures. As a result, the security measures are considered in the network in order to decrease the probability of accessing the secured data by the hackers. The purpose of network security is to protect the network and its components from unauthorized access and abuse in order to provide a safe and secured communication device for the users. In the present research work a review in recent development of network threats and security measures is presented and future research works are also suggested. Different attacks to the networks and security measured against them are discussed in order to increase security in the web of data. So, new ideas in the network security systems can be presented by analyzing the published papers in order to move forward the research field.

Keywords: Network threats, network security, security measures, firewalls.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 214
1683 Addressing Data Security in the Cloud

Authors: Marinela Mircea

Abstract:

The development of information and communication technology, the increased use of the internet, as well as the effects of the recession within the last years, have lead to the increased use of cloud computing based solutions, also called on-demand solutions. These solutions offer a large number of benefits to organizations as well as challenges and risks, mainly determined by data visualization in different geographic locations on the internet. As far as the specific risks of cloud environment are concerned, data security is still considered a peak barrier in adopting cloud computing. The present study offers an approach upon ensuring the security of cloud data, oriented towards the whole data life cycle. The final part of the study focuses on the assessment of data security in the cloud, this representing the bases in determining the potential losses and the premise for subsequent improvements and continuous learning.

Keywords: cloud computing, data life cycle, data security, security assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1819
1682 Security Engine Management of Router based on Security Policy

Authors: Su Hyung Jo, Ki Young Kim, Sang Ho Lee

Abstract:

Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper relates to a security engine management of router based on a security policy, which is the definition of security function against a network intrusion. This paper explains the security policy and designs the structure of security engine management framework.

Keywords: Policy server, security engine, security management, security policy

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1568
1681 Comparison of Security Challenges and Issues of Mobile Computing and Internet of Things

Authors: Aabiah Nayeem, Fariha Shafiq, Mustabshra Aftab, Rabia Saman Pirzada, Samia Ghazala

Abstract:

In this modern era of technology, the concept of Internet of Things is very popular in every domain. It is a widely distributed system of things in which the data collected from sensory devices is transmitted, analyzed locally/collectively then broadcasted to network where action can be taken remotely via mobile/web apps. Today’s mobile computing is also gaining importance as the services are provided during mobility. Through mobile computing, data are transmitted via computer without physically connected to a fixed point. The challenge is to provide services with high speed and security. Also, the data gathered from the mobiles must be processed in a secured way. Mobile computing is strongly influenced by internet of things. In this paper, we have discussed security issues and challenges of internet of things and mobile computing and we have compared both of them on the basis of similarities and dissimilarities.

Keywords: Embedded computing, internet of things, mobile computing, and wireless technologies.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 729
1680 Web Service Security Method To SOA Development

Authors: Nafise Fareghzadeh

Abstract:

Web services provide significant new benefits for SOAbased applications, but they also expose significant new security risks. There are huge number of WS security standards and processes. At present, there is still a lack of a comprehensive approach which offers a methodical development in the construction of secure WS-based SOA. Thus, the main objective of this paper is to address this needs, presenting a comprehensive method for Web Services Security guaranty in SOA. The proposed method defines three stages, Initial Security Analysis, Architectural Security Guaranty and WS Security Standards Identification. These facilitate, respectively, the definition and analysis of WS-specific security requirements, the development of a WS-based security architecture and the identification of the related WS security standards that the security architecture must articulate in order to implement the security services.

Keywords: Kernel, Repository, Security Standards, WS Security Policy, WS specification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1193
1679 Research on Software Security Testing

Authors: Gu Tian-yang, Shi Yin-sheng, Fang You-yuan

Abstract:

Software security testing is an important means to ensure software security and trustiness. This paper first mainly discusses the definition and classification of software security testing, and investigates methods and tools of software security testing widely. Then it analyzes and concludes the advantages and disadvantages of various methods and the scope of application, presents a taxonomy of security testing tools. Finally, the paper points out future focus and development directions of software security testing technology.

Keywords: security testing, security functional testing, securityvulnerability testing, testing method, testing tool

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4564
1678 Can We Secure Security?

Authors: Dominykas Broga

Abstract:

Until recently it would have been unusual to consider classifying population movements and refugees as security problem. However, efforts at shaping our world to make ourselves secure have paradoxically led to ever greater insecurity. The feeling of uncertainty, pertinent throughout all discourses of security, has led to the creation of security production into seemingly benign routines of everyday life. Yet, the paper argues, neither of security discourses accounted for, disclosed and challenged the fundamental aporias embedded in Western security narratives. In turn, the paper aims to unpick the conventional security wisdom, which is haunted with strong ontologies, embedded in the politics of Orientalism, and (in)security nexus. The paper concludes that current security affair conceals the integral impossibility of fulfilling its very own promise of assured security. The paper also provides suggestions about alternative security discourse based on mutual dialogue.

Keywords: Identity, (in)security, migration, ontology

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1149
1677 The Future of Electronic Money

Authors: Maria E. de Boyrie, Darlene Nelson, James A. Nelson

Abstract:

The history of money is described in relationship to the history of computing. With the transformation and acceptance of money as information, major challenges to the security of money have involved engineering, computer science, and management. Research opportunities and challenges are described as money continues its transformation into information.

Keywords: Electronic, information, money, risk.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1690
1676 Smart Grids Cyber Security Issues and Challenges

Authors: Imen Aouini, Lamia Ben Azzouz

Abstract:

The energy need is growing rapidly due to the population growth and the large new usage of power. Several works put considerable efforts to make the electricity grid more intelligent to reduce essentially energy consumption and provide efficiency and reliability of power systems. The Smart Grid is a complex architecture that covers critical devices and systems vulnerable to significant attacks. Hence, security is a crucial factor for the success and the wide deployment of Smart Grids. In this paper, we present security issues of the Smart Grid architecture and we highlight open issues that will make the Smart Grid security a challenging research area in the future.

Keywords: Smart grids, smart meters, home area network, neighbor area network.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3449
1675 Systems and Software Safety and Security

Authors: Marzieh Mokhtaripour

Abstract:

Security issue and the importance of the function of police to provide practical and psychological contexts in the community has been the main topics among researchers , police and security circles and this subject require to review and analysis mechanisms within the police and its interaction with other parts of the system for providing community safety. This paper examine national and social security in the Internet.

Keywords: Internet National security Social security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1033
1674 A Novel Security Framework for the Web System

Authors: J. P. Dubois, P. G. Jreije

Abstract:

In this paper, a framework is presented trying to make the most secure web system out of the available generic and web security technology which can be used as a guideline for organizations building their web sites. The framework is designed to provide necessary security services, to address the known security threats, and to provide some cover to other security problems especially unknown threats. The requirements for the design are discussed which guided us to the design of secure web system. The designed security framework is then simulated and various quality of service (QoS) metrics are calculated to measure the performance of this system.

Keywords: Web Security, Internet Voting, Firewall, QoS, Latency, Utilization, Throughput.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1044
1673 Institutional Aspects of Information Security in Russian Economy

Authors: Mingaleva Zhanna, Kapuskina Tatiana

Abstract:

The article touches upon questions of information security in Russian Economy. It covers theoretical bases of information security and causes of its development. The theory is proved by the analysis of business activities and the main tendencies of information security development. Perm region has been chosen as the bases for the analysis, being the fastestdeveloping region that uses methods of information security in managing it economy. As a result of the study the authors of the given article have formulated their own vision of the problem of information security in various branches of economy and stated prospects of information security development and its growing role in Russian economy

Keywords: security of business, management of information security, institutional analyses.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1106
1672 Combination of Information Security Standards to Cover National Requirements

Authors: Sh. Ladan, A. Yari, H. Khodabandeh

Abstract:

The need for Information Security in organizations, regardless of their type and size, is being addressed by emerging standards and recommended best practices. The various standards and practices which evolved in recent years and are still being developed and constantly revised, address the issue of Information Security from different angles. This paper attempts to provide an overview of Information Security Standards and Practices by briefly discussing some of the most popular ones. Through a comparative study of their similarities and differences, some insight can be obtained on how their combination may lead to an increased level of Information Security.

Keywords: Information security management, information security standard, BS7799, ISO 17799, COBIT.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1275
1671 A Formal Implementation of Database Security

Authors: Yun Bai

Abstract:

This paper is to investigate the impplementation of security mechanism in object oriented database system. Formal methods plays an essential role in computer security due to its powerful expressiveness and concise syntax and semantics. In this paper, both issues of specification and implementation in database security environment will be considered; and the database security is achieved through the development of an efficient implementation of the specification without compromising its originality and expressiveness.

Keywords: database security, authorization policy, logic basedspecification

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1336
1670 Scenarios of Societal Security and Business Continuity Cycles

Authors: Jiří F. Urbánek, Jiří Barta

Abstract:

Societal security, continuity scenarios and methodological cycling approach explained in this article. Namely societal security organizational challenges ask implementation of international standards BS 25999-2 & global ISO 22300 which is a family of standards for business continuity management system. Efficient global organization system is distinguished of high entity´s complexity, connectivity & interoperability, having not only cooperative relations in a fact. Competing business have numerous participating ´enemies´, which are in apparent or hidden opponent and antagonistic roles with prosperous organization system, resulting to a crisis scene or even to a battle theatre. Organization business continuity scenarios are necessary for such ´a play´ preparedness, planning, management & overmastering in real environments.

Keywords: Business Continuity, Societal Security Crisis Scenarios Cycles.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1793
1669 Performance Evaluation of Para-virtualization on Modern Mobile Phone Platform

Authors: Yang Xu, Felix Bruns, Elizabeth Gonzalez, Shadi Traboulsi, Klaus Mott, Attila Bilgic

Abstract:

Emergence of smartphones brings to live the concept of converged devices with the availability of web amenities. Such trend also challenges the mobile devices manufactures and service providers in many aspects, such as security on mobile phones, complex and long time design flow, as well as higher development cost. Among these aspects, security on mobile phones is getting more and more attention. Microkernel based virtualization technology will play a critical role in addressing these challenges and meeting mobile market needs and preferences, since virtualization provides essential isolation for security reasons and it allows multiple operating systems to run on one processor accelerating development and cutting development cost. However, virtualization benefits do not come for free. As an additional software layer, it adds some inevitable virtualization overhead to the system, which may decrease the system performance. In this paper we evaluate and analyze the virtualization performance cost of L4 microkernel based virtualization on a competitive mobile phone by comparing the L4Linux, a para-virtualized Linux on top of L4 microkernel, with the native Linux performance using lmbench and a set of typical mobile phone applications.

Keywords: L4 microkernel, virtualization overhead, mobilephone.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1739
1668 System Security Impact on the Dynamic Characteristics of Measurement Sensors in Smart Grids

Authors: Yiyang Su, Jörg Neumann, Jan Wetzlich, Florian Thiel

Abstract:

Smart grid is a term used to describe the next generation power grid. New challenges such as integration of renewable and decentralized energy sources, the requirement for continuous grid estimation and optimization, as well as the use of two-way flows of energy have been brought to the power gird. In order to achieve efficient, reliable, sustainable, as well as secure delivery of electric power more and more information and communication technologies are used for the monitoring and the control of power grids. Consequently, the need for cybersecurity is dramatically increased and has converged into several standards which will be presented here. These standards for the smart grid must be designed to satisfy both performance and reliability requirements. An in depth investigation of the effect of retrospectively embedded security in existing grids on it’s dynamic behavior is required. Therefore, a retrofitting plan for existing meters is offered, and it’s performance in a test low voltage microgrid is investigated. As a result of this, integration of security measures into measurement architectures of smart grids at the design phase is strongly recommended.

Keywords: Cyber security, performance, protocols, security standards, smart grid.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 585
1667 E-government Security Modeling: Explaining Main Factors and Analysing Existing Models

Authors: N. Alharbi

Abstract:

E-government is becoming more important these days. However, the adoption of e-government is often slowed down by technical and non-technical security factors. Nowadays, there many security models that can make the e-government services more secure. This paper will explain the main security factors that affected the level of e-government security. Moreover, it will also analyse current existing models. Finally, the paper will suggest a comprehensive security model that will contain most of technical and non-technical factors.

Keywords: E-government, technical, non-technical, security model.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1762
1666 Survey of Access Controls in Cloud Computing

Authors: Monirah Alkathiry, Hanan Aljarwan

Abstract:

Cloud computing is one of the most significant technologies that the world deals with, in different sectors with different purposes and capabilities. The cloud faces various challenges in securing data from unauthorized access or modification. Consequently, security risks and levels have greatly increased. Therefore, cloud service providers (CSPs) and users need secure mechanisms that ensure that data are kept secret and safe from any disclosures or exploits. For this reason, CSPs need a number of techniques and technologies to manage and secure access to the cloud services to achieve security goals, such as confidentiality, integrity, identity access management (IAM), etc. Therefore, this paper will review and explore various access controls implemented in a cloud environment that achieve different security purposes. The methodology followed in this survey was conducting an assessment, evaluation, and comparison between those access controls mechanisms and technologies based on different factors, such as the security goals it achieves, usability, and cost-effectiveness. This assessment resulted in the fact that the technology used in an access control affects the security goals it achieves as well as there is no one access control method that achieves all security goals. Consequently, such a comparison would help decision-makers to choose properly the access controls that meet their requirements.

Keywords: Access controls, cloud computing, confidentiality, identity and access management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 226
1665 A Taxonomy of Internal Attacks in Wireless Sensor Network

Authors: Muhammad R Ahmed, Xu Huang, Dharmendra Sharma

Abstract:

Developments in communication technologies especially in wireless have enabled the progress of low-cost and lowpower wireless sensor networks (WSNs). The features of such WSN are holding minimal energy, weak computational capabilities, wireless communication and an open-medium nature where sensors are deployed. WSN is underpinned by application driven such as military applications, the health sector, etc. Due to the intrinsic nature of the network and application scenario, WSNs are vulnerable to many attacks externally and internally. In this paper we have focused on the types of internal attacks of WSNs based on OSI model and discussed some security requirements, characterizers and challenges of WSNs, by which to contribute to the WSN-s security research.

Keywords: Wireless sensor network, internal attacks, security, OSI model.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2755
1664 Security Risk Analysis Based on the Policy Formalization and the Modeling of Big Systems

Authors: Luc Cessieux, French Navy, Adrien Derock, DCNS/IMATH

Abstract:

Security risk models have been successful in estimating the likelihood of attack for simple security threats. However, modeling complex system and their security risk is even a challenge. Many methods have been proposed to face this problem. Often difficult to manipulate, and not enough all-embracing they are not as famous as they should with administrators and deciders. We propose in this paper a new tool to model big systems on purpose. The software, takes into account attack threats and security strength.

Keywords: Security, risk management, threat, modelization.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1068
1663 Assessing Stakeholders’ Interests in Postal Security

Authors: T. Männistö, M. Finger

Abstract:

The events of October 2010, where terrorists managed to get explosive devices onboard of three passenger aircrafts and two air freighters, demonstrated weaknesses of the international air cargo and airmail security. Ever since, postal security has gained interest among policymakers and authorities. This study augments the limited body of academic literature on the topic bydemarcating areas of postal security, identifying relevant stakeholders in each area, and investigating why these stakeholders engage in postal security. Research is based on a case study on Swiss Post’s mail service.

Keywords: Dangerous goods, mail bombs, postal security, supply chain security, theft of mail, trafficking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1399
1662 Prototype for Enhancing Information Security Awareness in Industry

Authors: E. Kritzinger, E. Smith

Abstract:

Human-related information security breaches within organizations are primarily caused by employees who have not been made aware of the importance of protecting the information they work with. Information security awareness is accordingly attracting more attention from industry, because stakeholders are held accountable for the information with which they work. The authors developed an Information Security Retrieval and Awareness model – entitled “ISRA" – that is tailored specifically towards enhancing information security awareness in industry amongst all users of information, to address shortcomings in existing information security awareness models. This paper is principally aimed at expounding a prototype for the ISRA model to highlight the advantages of utilizing the model. The prototype will focus on the non-technical, humanrelated information security issues in industry. The prototype will ensure that all stakeholders in an organization are part of an information security awareness process, and that these stakeholders are able to retrieve specific information related to information security issues relevant to their job category, preventing them from being overburdened with redundant information.

Keywords: Information security, information security awareness, information security awareness programs

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1392
1661 Authentication Protocol for Wireless Sensor Networks

Authors: Sunil Gupta, Harsh Kumar Verma, AL Sangal

Abstract:

Wireless sensor networks can be used to measure and monitor many challenging problems and typically involve in monitoring, tracking and controlling areas such as battlefield monitoring, object tracking, habitat monitoring and home sentry systems. However, wireless sensor networks pose unique security challenges including forgery of sensor data, eavesdropping, denial of service attacks, and the physical compromise of sensor nodes. Node in a sensor networks may be vanished due to power exhaustion or malicious attacks. To expand the life span of the sensor network, a new node deployment is needed. In military scenarios, intruder may directly organize malicious nodes or manipulate existing nodes to set up malicious new nodes through many kinds of attacks. To avoid malicious nodes from joining the sensor network, a security is required in the design of sensor network protocols. In this paper, we proposed a security framework to provide a complete security solution against the known attacks in wireless sensor networks. Our framework accomplishes node authentication for new nodes with recognition of a malicious node. When deployed as a framework, a high degree of security is reachable compared with the conventional sensor network security solutions. A proposed framework can protect against most of the notorious attacks in sensor networks, and attain better computation and communication performance. This is different from conventional authentication methods based on the node identity. It includes identity of nodes and the node security time stamp into the authentication procedure. Hence security protocols not only see the identity of each node but also distinguish between new nodes and old nodes.

Keywords: Authentication, Key management, Wireless Sensornetwork, Elliptic curve cryptography (ECC).

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3417