Search results for: Nutrition security

Authors: Wanqing You, Kai Qian, Xi He, Ying Qian

Abstract:

In this paper, the potential security issues brought by the virtualization of a Software Defined Networks (SDN) would be analyzed. The virtualization of SDN is achieved by FlowVisor (FV). With FV, a physical network is divided into multiple isolated logical networks while the underlying resources are still shared by different slices (isolated logical networks). However, along with the benefits brought by network virtualization, it also presents some issues regarding security. By examining security issues existing in an OpenFlow network, which uses FlowVisor to slice it into multiple virtual networks, we hope we can get some significant results and also can get furtherdiscussions among the security of SDN virtualization.

Keywords: FlowVisor, Network virtualization, Potential threats, Possible solutions.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2120

Authors: Manole Velicanu, Emanuil Rednic

Abstract:

The paper shows the necessity to increase the security level for paper management in the cadastral field by using specific graphical watermarks. Using the graphical watermarking will increase the security in the cadastral content management; furthermore any altered document will be validated afterwards of its originality by checking the graphic watermark. If, by any reasons the document is changed for counterfeiting, it is invalidated and found that is an illegal copy due to the graphic check of the watermarking, check made at pixel level

Keywords: cadastral system, database security, security standards, content management, identity management, watermarking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1486

Authors: Yudha Prambudia, Masaru Nakano

Abstract:

Due to rapid economic growth, Indonesia's energy needs is rapidly increasing. Indonesia-s primary energy consumption has doubled in 2007 compared to 2003. Indonesia's status change from oil net-exporter to oil net-importer country recently has increased Indonesia's concern over energy security. Due to this, oil import becomes center of attention in the dynamics of Indonesia's energy security. Conventional studies addressing Indonesia's energy security have focused on energy production sector. This study explores Indonesia-s energy security considering energy import sector by modeling and simulating Indonesia-s energy-related policies using system dynamics. Simulation result of Indonesia's energy security in 2020 in Business-As-Usual scenario shows that in term of supply demand ratio, energy security will be very high, but also it poses high dependence on energy import. The Alternative scenario result shows lower energy security in term of supply demand ratio and much lower dependence on energy import. It is also found that the Alternative scenario produce lower GDP growth.

Keywords: Energy security, modeling, simulation, system dynamics.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2078

Authors: H. P. Kerry

Abstract:

Drone technology has become a significant discourse in a nation’s national security, while this technology could constitute a danger to national security on the one hand, on the other hand, it is used in developed and developing countries for border security, and in some cases, for protection of security agents and migrants. In the case of Nigeria, drones are used by the military to monitor and tighten security around the borders. However, terrorist groups have devised a means to utilize the technology to their advantage. Therefore, the potential danger in the widespread proliferation of this technology has become a myriad of risks. The research on the effects of cross-border use of drones in Nigerian national security looks at the negative and positive consequences of using drone technology. The study employs the use of interviews and relevant documents to obtain data while the study applied the Just War theory to justify the reason why countries use force; it further buttresses the points with what the realist theory thinks about the use of force. In conclusion, the paper recommends that the Nigerian government through the National Assembly should pass a bill for the establishment of a law that will guide the use of armed and unarmed drones in Nigeria enforced by the Nigeria Civil Aviation Authority and the office of the National Security Adviser.

Keywords: Armed drones, cross-border, drones, national security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1026

Authors: Marinela Mircea

Abstract:

The development of information and communication technology, the increased use of the internet, as well as the effects of the recession within the last years, have lead to the increased use of cloud computing based solutions, also called on-demand solutions. These solutions offer a large number of benefits to organizations as well as challenges and risks, mainly determined by data visualization in different geographic locations on the internet. As far as the specific risks of cloud environment are concerned, data security is still considered a peak barrier in adopting cloud computing. The present study offers an approach upon ensuring the security of cloud data, oriented towards the whole data life cycle. The final part of the study focuses on the assessment of data security in the cloud, this representing the bases in determining the potential losses and the premise for subsequent improvements and continuous learning.

Keywords: cloud computing, data life cycle, data security, security assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2101

Authors: Ja'far Alqatawna, Jawed Siddiqi, Babak Akhgar, Mohammad Hjouj Btoush

Abstract:

A great deal of research works in the field information systems security has been based on a positivist paradigm. Applying the reductionism concept of the positivist paradigm for information security means missing the bigger picture and thus, the lack of holism which could be one of the reasons why security is still overlooked, comes as an afterthought or perceived from a purely technical dimension. We need to reshape our thinking and attitudes towards security especially in a complex and dynamic environment such as e- Business to develop a holistic understanding of e-Business security in relation to its context as well as considering all the stakeholders in the problem area. In this paper we argue the suitability and need for more inductive interpretive approach and qualitative research method to investigate e-Business security. Our discussion is based on a holistic framework of enquiry, nature of the research problem, the underling theoretical lens and the complexity of e-Business environment. At the end we present a research strategy for developing a holistic framework for understanding of e-Business security problems in the context of developing countries based on an interdisciplinary inquiry which considers their needs and requirements.

Keywords: e-Business Security, Complexity, Methodological considerations, interpretive qualitative research and Case study method.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1468

Authors: Nooraneda Mutalip Laidey

Abstract:

Privacy is sacred and would normally be expected and preserved by an individual. Online privacy is no longer about the right to be left alone, but also includes the right not to be monitored. However, with the revelations made by United States National Security Agency former employee Edward Snowden that the government is spying on internet communications, individuals’ privacy can no longer be expected. Therefore, this paper is intended to evaluate law related to privacy protection in the digital domain, who should govern it and whether invasion to a person’s privacy is a necessary justification to preserve national security.

Keywords: Cyberspace, data protection, national security, privacy.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3166

Authors: Erhan Turgut, Salih Ergün, Abdülkadir Öz

Abstract:

Terror is a modern war strategy which uses violence as a means of communication in order to achieve political objectives. In today’s security environment narrowing the propaganda field of terrorist organization is the primary goal for the security forces. In this sense, providing and maintaining public support is the most necessary ability for security units. Rather than enemy and threat-oriented approach, homeland security oriented approach is essential to ensure public support. In this study, terror assumed as a homeland security issue and assigning the law enforcement forces with military status is analyzed.

Keywords: Terrorism, Counter-terrorism, Military Status Law-enforcement.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2144

Authors: Sahar Dehyouri, Seyed Jamal Farajollah Hosseini

Abstract:

Perspective of food security in 21 century showed shortage of food that production is faced to vital problem. Food security strategy is applied longtime method to assess required food. Meanwhile, nanotechnology revolution changes the world face. Nanotechnology is adequate method utilize of its characteristics to decrease environmental problems and possible further access to food for small farmers. This article will show impact of production and adoption of nanocrops on food security. Population is researchers of agricultural research center of Esfahan province. The results of study show that there was a relationship between uses, conversion, distribution, and production of nanocrops, operative human resources, operative circumstance, and constrains of usage of nanocrops and food security. Multivariate regression analysis by enter model shows that operative circumstance, use, production and constrains of usage of nanocrops had positive impact on food security and they determine in four steps 20 percent of it.

Keywords: adoption, food safety, food security, nanocrops

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1708

Authors: Jamuna Bhandari

Abstract:

String matching also known as pattern matching is one of primary concept for network security. In this area the effectiveness and efficiency of string matching algorithms is important for applications in network security such as network intrusion detection, virus detection, signature matching and web content filtering system. This paper presents brief review on some of string matching techniques used for network security.

Keywords: Filtering, honeypot, network telescope, pattern, string, signature.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2653

Authors: Violeta Damjanovic-Behrendt

Abstract:

This paper presents an approach for optimal cyber security decisions to protect instances of a federated Internet of Things (IoT) platform in the cloud. The presented solution implements the repeated Stackelberg Security Game (SSG) and a model called Stochastic Human behaviour model with AttRactiveness and Probability weighting (SHARP). SHARP employs the Subjective Utility Quantal Response (SUQR) for formulating a subjective utility function, which is based on the evaluations of alternative solutions during decision-making. We augment the repeated SSG (including SHARP and SUQR) with a reinforced learning algorithm called Naïve Q-Learning. Naïve Q-Learning belongs to the category of active and model-free Machine Learning (ML) techniques in which the agent (either the defender or the attacker) attempts to find an optimal security solution. In this way, we combine GT and ML algorithms for discovering optimal cyber security policies. The proposed security optimization components will be validated in a collaborative cloud platform that is based on the Industrial Internet Reference Architecture (IIRA) and its recently published security model.

Keywords: Security, internet of things, cloud computing, Stackelberg security game, machine learning, Naïve Q-learning.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1476

Authors: Amir Rashid, M. Saleem Khan, Freeha Zafar

Abstract:

This work presents a new approach of securing a wireless network. The configuration is focused on securing & Protecting wireless network traffic for a small network such as a home or dorm room. The security Mechanism provided both authentication, allowing only known authorized users access to the wireless network, and encryption, preventing anyone from reading the wireless traffic. The mentioned solution utilizes the open source free S/WAN software which implements the Internet Protocol Security –IPSEC. In addition to wireless components, wireless NIC in PC and wireless access point needs a machine running Linux to act as security gateway. While the current configuration assumes that the wireless PC clients are running Linux, Windows XP/VISTA/7 based machines equipped with VPN software which will allow to interface with this configuration.

Keywords: Wireless network security, security network, authentication, encryption and internet protocol security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2096

Authors: Daniel C. S. Lim, W. Y. Tan

Abstract:

The world is facing a growing food crisis. The concerns of food nutritional value, food safety and food security are becoming increasingly real. There is also a direct relationship to the risk of diseases, particularly chronic diseases, to the food we consume. So, there are increasing concerns about the modern day food ecosystem creating foods that can provide the nutritional components for organ function sustenance, as well as, taking a serious view on diet-related diseases. This paper addresses some of the above concerns and gives an overview of the current global situation relating to food nutrition and safety. The paper reviews nutritional aspects of food today compared to those of the last century, compares whole foods found in supermarkets versus those organically grown, as well as population behaviour towards food choices. It provides scientific insights into the effects of some of the global trends such as climate change and other changes environmental changes, and presents what individuals and corporations are doing to use the latest nutritional technologies as strategic assets. Finally, it briefly highlights some of the innovative solutions that are being applied to address several of the above concerns.

Keywords: Food crisis, food safety, nutritional aspects of food today compared to those of the last century, global trends.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1533

Authors: Ai Cheo Yeo, Md. Mahbubur Rahim, Yin Ying Ren

Abstract:

Persuasive technology has been applied in marketing, health, environmental conservation, safety and other domains and is found to be quite effective in changing people-s attitude and behaviours. This research extends the application domains of persuasive technology to information security awareness and uses a theory-driven approach to evaluate the effectiveness of a web-based program developed based on the principles of persuasive technology to improve the information security awareness of end users. The findings confirm the existence of a very strong effect of the webbased program in raising users- attitude towards information security aware behavior. This finding is useful to the IT researchers and practitioners in developing appropriate and effective education strategies for improving the information security attitudes for endusers.

Keywords: Information security, persuasive technology, ITsecurity-aware behaviour, theory of planned behaviour survey.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2359

Authors: Soon-Tai Park, Haeryong Park, Myoung-sun Noh, Yoo-Jae Won

Abstract:

There are many expand of Wi-Fi zones provided mobile careers and usage of wireless access point at home as increase of usage of wireless internet caused by the use of smart phone. This paper shows wireless local area network status, security threats of WLAN and functionality of major wireless access point in Korea. We propose security countermeasures concerned with life cycle of access point from manufacturing to installation, using and finally disposal. There needed to releasing with configured secure at access point. Because, it is most cost effective resolution than stage of installation or other life cycle of access point.

Keywords: Wireless LAN Security, Wi-Fi Security, Wireless Access Point, Product Life-Cycle

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1877

Authors: Raziya Ashimova

Abstract:

This article is devoted to the problems of the disproportional development of regions in the Republic Kazakhstan. The threats proceeding from problem regions, make strong impact on the country-s sustainable development, therefore they are necessary to be considered at the level of national security.

Keywords: Economic development, Kazakhstan, National security regional economy.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1275

Authors: Oktia Woro Kasmini Handayani, Bambang Budi Raharjo, Efa Nugroho, Bertakalswa Hermawati

Abstract:

Obesity prevalence and severe malnutrition in Indonesia has increased from 2007 to 2013. The utilization of local resources in nutritional program planning can be used to program efficiency and to reach the goal. The aim of this research is to plan a nutrition program based on local resources for urban fringe areas in a developing country. This research used a qualitative approach, with a focus on local resources including social capital, social system, cultural system. The study was conducted in Mijen, Central Java, as one of the urban fringe areas in Indonesia. Purposive and snowball sampling techniques are used to determine participants. A total of 16 participants took part in the study. Observation, interviews, focus group discussion, SWOT analysis, brainstorming and Miles and Huberman models were used to analyze the data. We have identified several local resources, such as the contributions from nutrition cadres, social organizations, social financial resources, as well as the cultural system and social system. The outstanding contribution of nutrition cadres is the participation and creativity to improve nutritional status. In addition, social organizations, like the role of the integrated health center for children (Pos Pelayanan Terpadu), can be engaged in the nutrition program planning. This center is supported by House of Nutrition to assist in nutrition program planning, and provide social support to families, neighbors and communities as social capitals. The study also reported that cultural systems that show appreciation for well-nourished children are a better way to improve the problem of balanced nutrition. Social systems such as teamwork and mutual cooperation can also be a potential resource to support nutritional programs and overcome associated problems. The impact of development in urban areas such as the introduction of more green areas which improve the perceived status of local people, as well as new health services facilitated by people and companies, can also be resources to support nutrition programs. Local resources in urban fringe areas can be used in the planning of nutrition programs. The expansion of partnership with all stakeholders, empowering the community through optimizing the roles of nutrition care centers for children as our recommendation with regard to nutrition program planning.

Keywords: Developing country, local resources, nutrition program, urban fringe.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 992

Authors: Hee Suk Seo, Tae Kyung Kim

Abstract:

As network components grow larger and more diverse, and as securing them on a host-by-host basis grow more difficult, more sites are turning to a network security model. We concentrate on controlling network access to various hosts and the services they offer, rather than on securing them one by one with a network security model. We present how the policy rules from vulnerabilities stored in SVDB (Simulation based Vulnerability Data Base) are inducted, and how to be used in PBN. In the network security environment, each simulation model is hierarchically designed by DEVS (Discrete EVent system Specification) formalism.

Keywords: SVDB, PBN, DEVS, Network security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1526

Authors: Nisarg A. Patel, Hiren B. Patel

Abstract:

Quantum cryptography is described as a point-to-point secure key generation technology that has emerged in recent times in providing absolute security. Researchers have started studying new innovative approaches to exploit the security of Quantum Key Distribution (QKD) for a large-scale communication system. A number of approaches and models for utilization of QKD for secure communication have been developed. The uncertainty principle in quantum mechanics created a new paradigm for QKD. One of the approaches for use of QKD involved network fashioned security. The main goal was point-to-point Quantum network that exploited QKD technology for end-to-end network security via high speed QKD. Other approaches and models equipped with QKD in network fashion are introduced in the literature as. A different approach that this paper deals with is using QKD in existing protocols, which are widely used on the Internet to enhance security with main objective of unconditional security. Our work is towards the analysis of the QKD in Mobile ad-hoc network (MANET).

Keywords: QKD, cryptography, quantum cryptography, network performance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 850

Authors: Serkan Tezgel, Osman Gül, İskender Cahit Şafak

Abstract:

This paper proposes the application of the Smart Security Concept in the East Mediterranean. Smart Security aims to secure critical infrastructure, such as hydrocarbon platforms, against asymmetrical threats. The concept is based on Anti Asymmetrical Area Denial (A3D) which necessitates limiting freedom of action of maritime terrorists and piracy by founding safe and secure maritime areas through sea lines of communication using short range capabilities.

Keywords: Partnership, A3D, Maritime Security, Centers.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1831

Authors: Sultan Alharby, Nick Harris, Alex Weddell, Jeff Reeve

Abstract:

The concept of the Internet of Things (IoT) has received much attention over the last five years. It is predicted that the IoT will influence every aspect of our lifestyles in the near future. Wireless Sensor Networks are one of the key enablers of the operation of IoTs, allowing data to be collected from the surrounding environment. However, due to limited resources, nature of deployment and unattended operation, a WSN is vulnerable to various types of attack. Security is paramount for reliable and safe communication between IoT embedded devices, but it does, however, come at a cost to resources. Nodes are usually equipped with small batteries, which makes energy conservation crucial to IoT devices. Nevertheless, security cost in terms of energy consumption has not been studied sufficiently. Previous research has used a security specification of 802.15.4 for IoT applications, but the energy cost of each security level and the impact on quality of services (QoS) parameters remain unknown. This research focuses on the cost of security at the IoT media access control (MAC) layer. It begins by studying the energy consumption of IEEE 802.15.4 security levels, which is followed by an evaluation for the impact of security on data latency and throughput, and then presents the impact of transmission power on security overhead, and finally shows the effects of security on memory footprint. The results show that security overhead in terms of energy consumption with a payload of 24 bytes fluctuates between 31.5% at minimum level over non-secure packets and 60.4% at the top security level of 802.15.4 security specification. Also, it shows that security cost has less impact at longer packet lengths, and more with smaller packet size. In addition, the results depicts a significant impact on data latency and throughput. Overall, maximum authentication length decreases throughput by almost 53%, and encryption and authentication together by almost 62%.

Keywords: Internet of Things, IEEE 802.15.4, security cost evaluation, wireless sensor network, energy consumption.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1440

Authors: Pang-Chieh Wang, Ting-Wei Hou, Jung-Hsuan Wu, Bo-Chiuan Chen

Abstract:

In this paper we discuss on the security module for the car appliances to prevent stealing and illegal use on other cars. We proposed an open structure including authentication and encryption by embed a security module in each to protect car appliances. Illegal moving and use a car appliance with the security module without permission will lead the appliance to useless. This paper also presents the component identification and deal with relevant procedures. It is at low cost to recover from destroys by the burglar. Expect this paper to offer the new business opportunity to the automotive and technology industry.

Keywords: Automotive, component identification, electronic immobilizer, key management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1797

Authors: Ki Hyun Kim, Jang-Hee Yoo, Kyo Il Chung

Abstract:

This paper proposes a VPN Accelerator Board (VPN-AB), a virtual private network (VPN) protocol designed for trust channel security system (TCSS). TCSS supports safety communication channel between security nodes in internet. It furnishes authentication, confidentiality, integrity, and access control to security node to transmit data packets with IPsec protocol. TCSS consists of internet key exchange block, security association block, and IPsec engine block. The internet key exchange block negotiates crypto algorithm and key used in IPsec engine block. Security Association blocks setting-up and manages security association information. IPsec engine block treats IPsec packets and consists of networking functions for communication. The IPsec engine block should be embodied by H/W and in-line mode transaction for high speed IPsec processing. Our VPN-AB is implemented with high speed security processor that supports many cryptographic algorithms and in-line mode. We evaluate a small TCSS communication environment, and measure a performance of VPN-AB in the environment. The experiment results show that VPN-AB gets a performance throughput of maximum 15.645Gbps when we set the IPsec protocol with 3DES-HMAC-MD5 tunnel mode.

Keywords: TCSS(Trust Channel Security System), VPN(VirtualPrivate Network), IPsec, SSL, Security Processor, Securitycommunication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2055

Authors: Adriano Bessa Albuquerque, Francisco Jose Barreto Nunes

Abstract:

Software vulnerabilities are increasing and not only impact services and processes availability as well as information confidentiality, integrity and privacy, but also cause changes that interfere in the development process. Security test could be a solution to reduce vulnerabilities. However, the variety of test techniques with the lack of real case studies of applying tests focusing on software development life cycle compromise its effective use. This paper offers an overview of how a Systematic Mapping Study (MS) about security verification, validation and test (VVT) was performed, besides presenting general results about this study.

Keywords: Software test, software security verification validation and test, security test institutionalization, systematic mapping study.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1569

Authors: Ando Leppiman, Kati Kõrbe Kaare, Ott Koppel

Abstract:

Growing demand for gas has rekindled a debate on gas security of supply due to supply interruptions, increasing gas prices, cross-border bottlenecks and a growing reliance on imports over longer distances. Security of supply is defined mostly as an infrastructure package to satisfy N-1 criteria. In case of Estonia, Finland, Latvia and Lithuania all the gas infrastructure is built to supply natural gas only from one single supplier, Russia. In 2012 almost 100% of natural gas to the Eastern Baltic Region was supplied by Gazprom. Under such circumstances infrastructure N-1 criteria does not guarantee security of supply. In the Eastern Baltic Region, the assessment of risk of gas supply disruption has been worked out by applying the method of risk scenarios. There are various risks to be tackled in Eastern Baltic States in terms of improving security of supply, such as single supplier risk, physical infrastructure risk, regulatory gap, fair price and competition. The objective of this paper is to evaluate the energy security of the Eastern Baltic Region within the framework of the European Union’s policies and to make recommendations on how to better guarantee the energy security of the region.

Keywords: Security of supply, supply routes for natural gas, energy balance, diversified supply options, common regulative package.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1857

Authors: Jong-Whoi Shin, Soon-Tai Park, Chong-Sun Hwang

Abstract:

Active network was developed to solve the problem of the current sharing-based network–difficulty in applying new technology, service or standard, and duplicated operation at several protocol layers. Active network can transport the packet loaded with the executable codes, which enables to change the state of the network node. However, if the network node is placed in the sharing-based network, security and safety issues should be resolved. To satisfy this requirement, various security aspects are required such as authentication, authorization, confidentiality and integrity. Among these security components, the core factor is the encryption key. As a result, this study is designed to propose the scheme that manages the encryption key, which is used to provide security of the comprehensive active directory, based on the domain.

Keywords: Active Network, Domain-based Key Management, Security Components.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1629

Authors: Sandesh Achar

Abstract:

Cloud computing security is a broad term that covers a variety of security concerns for organizations that use cloud services. Multi-cloud service providers must consider several factors when addressing security for their customers, including identity and access management, data at rest and in transit, egress and ingress traffic control, vulnerability and threat management, and auditing. This paper explores each of these aspects of cloud security in detail and provides recommendations for best practices for multi-cloud service providers. It also discusses the challenges inherent in securing a multi-cloud environment and offers solutions for overcoming these challenges. By the end of this paper, readers should have a good understanding of the various security concerns associated with multi-cloud environments in the context of today’s modern cyber threats and how to address them.

Keywords: Multi-cloud service, SOC, system organization control, data loss prevention, DLP, identity and access management, IAM.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 600

Authors: Dongkyoo Shin, Dongil Shin, Sukil Cha, Seyoung Kim

Abstract:

ebXML (Electronic Business using eXtensible Markup Language) is an e-business standard, sponsored by UN/CEFACT and OASIS, which enables enterprises to exchange business messages, conduct trading relationships, communicate data in common terms and define and register business processes. While there is tremendous e-business value in the ebXML, security remains an unsolved problem and one of the largest barriers to adoption. XML security technologies emerging recently have extensibility and flexibility suitable for security implementation such as encryption, digital signature, access control and authentication. In this paper, we propose ebXML business transaction models that allow trading partners to securely exchange XML based business transactions by employing XML security technologies. We show how each XML security technology meets the ebXML standard by constructing the test software and validating messages between the trading partners.

Keywords: Electronic commerce, e-business standard, ebXML, XML security, secure business transaction.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1699

Authors: Jong-Whoi Shin, Chong-Sun Hwang

Abstract:

Various security APIs (Application Programming Interfaces) are being used in a variety of application areas requiring the information security function. However, these standards are not compatible, and the developer must use those APIs selectively depending on the application environment or the programming language. To resolve this problem, we propose the standard draft of the information security component, while SSL (Secure Sockets Layer) using the confidentiality and integrity component interface has been implemented to verify validity of the standard proposal. The implemented SSL uses the lower-level SSL component when establishing the RMI (Remote Method Invocation) communication between components, as if the security algorithm had been implemented by adding one more layer on the TCP/IP.

Keywords: Component Based Design, Application Programming Interface, Secure Socket Layer, Remote Method Invocation.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1464

Authors: Ayush Chugh, Gaurav Gupta

Abstract:

Today’s technology is heavily dependent on web applications. Web applications are being accepted by users at a very rapid pace. These have made our work efficient. These include webmail, online retail sale, online gaming, wikis, departure and arrival of trains and flights and list is very long. These are developed in different languages like PHP, Python, C#, ASP.NET and many more by using scripts such as HTML and JavaScript. Attackers develop tools and techniques to exploit web applications and legitimate websites. This has led to rise of web application security; which can be broadly classified into Declarative Security and Program Security. The most common attacks on the applications are by SQL Injection and XSS which give access to unauthorized users who totally damage or destroy the system. This paper presents a detailed literature description and analysis on Web Application Security, examples of attacks and steps to mitigate the vulnerabilities.

Keywords: Attacks, Injection, JavaScript, SQL, Vulnerability, XSS.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4913