Search results for: hiding with high security

Authors: Raman Paranjape

Abstract:

We present a new approach to evaluation of Cyber Security in Power Systems using the method of modeling the power systems Infrastructure using software agents. Interfaces between module and the home smart meter are recognized as the primary points of intrusion.

Keywords: Power Systems, Modeling and Simulation, Agent systems.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2393

Authors: Excellence Favor, Bakari M. M. Mwinyiwiwa

Abstract:

Access to information holds the key to the empowerment of everybody despite where they are living. This research has been carried out in respect of the people living in developing countries, considering their plight and complex geographical, demographic, social-economic conditions surrounding the areas they live, which hinder access to information and of professionals providing services such as medical workers, which has led to high death rates and development stagnation. Research on Unified Communications and Integrated Collaborations (UCIC) system in the health sector of developing countries aims at creating a possible solution of bridging the digital canyon among the communities. The system is meant to deliver services in a seamless manner to assist health workers situated anywhere to be accessed easily and access information which will enhance service delivery. The proposed UCIC provides the most immersive telepresence experience for one-to-one or many-to-many meetings. Extending to locations anywhere in the world, the transformative platform delivers Ultra-low operating costs through the use of general purpose networks and using special lenses and track systems. The essence of this study is to create a security model for the deployment of the UCIC system in the health sector of developing countries. The model approach used for building the UCIC system security carefully considers the specific requirements for the health sector environment organization such as data centre, national, regional and district hospitals, and health centers IV, III, II and I and then builds the single best possible secure network to meet their needs. The security model demonstrates on how the components of the UCIC system will be protected physically and logically in the health sector environment. The UCIC system once adopted and implemented correctly will bring enhancement to the speed and quality of services offered by health workers. The capacities of UCIC will help health workers shorten decision cycles, accelerate service delivery and save lives by speeding access to information and by making it possible for all health workers and patients to collaborate ubiquitously.

Keywords: Developing Countries, Health Sector Environment, Security, Unified Communications and Integrated Collaborations.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1479

Authors: Magdalena Naplavova, Tomas Ludik, Petr Hruza, Frantisek Bozek

Abstract:

The use of IT equipment has become a part of every day. However, each device that is part of cyberspace should be secured against unauthorized use. It is very important to know the basics of these security devices, but also the basics of safe conduct their owners. This information should be part of every curriculum computer science education in primary and secondary schools. Therefore, the work focuses on the education of pupils in primary and secondary schools on the Internet. Analysis of the current state describes approaches to the education of pupils in security issues on the Internet. The paper presents a questionnaire-based survey which was carried out in the Czech Republic, whose task was to ascertain the level of opinion pupils in primary and secondary schools on the issue of communication in social networks. The research showed that awareness of socio-pathological phenomena on the Internet environment is very low. Based on the results it was proposed appropriate ways of teaching to this issue and its inclusion a proposal of curriculum for primary and secondary schools.

Keywords: Cyberspace, educational system, general awareness, information security, questionnaire, socio-pathological phenomena.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2306

Authors: Ali Soleymani, Zulkarnain Md Ali, Md Jan Nordin

Abstract:

This paper is a review on the aspects and approaches of design an image cryptosystem. First a general introduction given for cryptography and images encryption and followed by different techniques in image encryption and related works for each technique surveyed. Finally, general security analysis methods for encrypted images are mentioned.

Keywords: Image, cryptography, encryption, security, analysis.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2336

Authors: Tim Nedyalkov

Abstract:

A business decision to move to the cloud brings fundamental changes in how an organization develops and delivers its Information Technology solutions. The accelerated pace of digital transformation across businesses and government agencies increases the reliance on cloud-based services. Collecting, managing, and retaining large amounts of data in cloud environments make information security and data privacy protection essential. It becomes even more important to understand what key factors drive successful cloud adoption following the commencement of the Privacy Amendment Notifiable Data Breaches (NDB) Act 2017 in Australia as the regulatory changes impact many organizations and industries. This quantitative correlational research investigated the governance, risk management, and compliance factors contributing to cloud security success. The factors influence the adoption of cloud computing within an organizational context after the commencement of the NDB scheme. The results and findings demonstrated that corporate information security policies, data storage location, management understanding of data governance responsibilities, and regular compliance assessments are the factors influencing cloud computing adoption. The research has implications for organizations, future researchers, practitioners, policymakers, and cloud computing providers to meet the rapidly changing regulatory and compliance requirements.

Keywords: Cloud compliance, cloud security, cloud security governance, data governance, privacy protection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 837

Authors: Ekesa B. Nakhauka, De Lange M., Macharia I., Garming H., Ouma E., Birachi E., Van Asten P., Van-Lauwe B., Blomme G.

Abstract:

Impact of adopting products promoted by the Consortium for Improving Agriculture-based livelihoods in Central Africa (CIALCA) on food and nutrition security was tested. Multi-stage sampling was used to select 7 project mandate areas, 5 villages/mandate area (stratified into action, satellite and control sites) and 913 households. Structured questionnaires were administered; analysis of impact based on comparison between stratums, differences in means tested by ANOVA and significance of difference obtained by Tukey's HSD multiple rank tests. Perception of adequate food sufficiency received a higher rating in action and satellite sites compared to control sites reason being improved agricultural technologies. For >60% of households, worsened food security was due to climatic conditions. Although a higher proportion of households in action and satellite was meeting calorie RDIs in DRC and Burundi the difference was insignificant from control sites. 53% of respondents in control sites indicated a decrease in intake of protein rich foods, this was significantly higher than the proportion in the action (46%) and satellite (41%) sites.

Keywords: Food security, Farmer-households, Nutrition security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1969

Authors: Shubat S. Ahmeda, Ashraf M. Ali Edwila

Abstract:

Short Message Service (SMS) has grown in popularity over the years and it has become a common way of communication, it is a service provided through General System for Mobile Communications (GSM) that allows users to send text messages to others. SMS is usually used to transport unclassified information, but with the rise of mobile commerce it has become a popular tool for transmitting sensitive information between the business and its clients. By default SMS does not guarantee confidentiality and integrity to the message content. In the mobile communication systems, security (encryption) offered by the network operator only applies on the wireless link. Data delivered through the mobile core network may not be protected. Existing end-to-end security mechanisms are provided at application level and typically based on public key cryptosystem. The main concern in a public-key setting is the authenticity of the public key; this issue can be resolved by identity-based (IDbased) cryptography where the public key of a user can be derived from public information that uniquely identifies the user. This paper presents an encryption mechanism based on the IDbased scheme using Elliptic curves to provide end-to-end security for SMS. This mechanism has been implemented over the standard SMS network architecture and the encryption overhead has been estimated and compared with RSA scheme. This study indicates that the ID-based mechanism has advantages over the RSA mechanism in key distribution and scalability of increasing security level for mobile service.

Keywords: Elliptic Curve Cryptography (ECC), End-to-end Security, Identity-based Cryptography, Public Key, RSA, SMS Protocol.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2181

Authors: R. Chithra, B. Kalaavathi, K. S. Aruna Shivani

Abstract:

Worldwide Interoperability for Microwave Access, is a broadband technology, which can effectively transmit a data across a group of users using Multicast and Broadcast Service. WiMAX belongs to a family of (IEEE 802.16) standards and is evolving as a fourth generation technology. WiMAX is the next generation technology that offers wireless access over long distances. MBS zone, which is a group of base stations that are broadcasting the same multicast packets which defines Multicast and Broadcast services. Handover is a process of transferring an ongoing call or data session from one channel connected to the core network to another channel. The handover causes authentication, delay, packet loss, jitter that mainly affects the communication. In this paper, we present a survey on handover security issues in WiMAX.

Keywords: WiMAX, Handover, Multicast and Broadcast Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1365

Authors: Savita Ahlawat, Dhian Kaur

Abstract:

Banishing hunger from the face of earth has been frequently expressed in various international, national and regional level conferences since 1974. Providing food security has become important issue across the world particularly in developing countries. In a developing country like India, where growth rate of population is more than that of the food grains production, food security is a question of great concern. According to the International Food Policy Research Institute's Global Hunger Index, 2011, India ranks 67 of the 81 countries of the world with the worst food security status. After Green Revolution, India became a food surplus country. Its production has increased from 74.23 million tonnes in 1966-67 to 257.44 million tonnes in 2011-12. But after achieving selfsufficiency in food during last three decades, the country is now facing new challenges due to increasing population, climate change, stagnation in farm productivity. Therefore, the main objective of the present paper is to examine the food security situation at national level in the country and further to explain the paradox of food insecurity in a food surplus state of India i.e in Punjab at micro level. In order to achieve the said objectives, secondary data collected from the Ministry of Agriculture and the Agriculture department of Punjab State was analyzed. The result of the study showed that despite having surplus food production the country is still facing food insecurity problem at micro level. Within the Kandi belt of Punjab state, the area adjacent to plains is food secure while the area along the hills falls in food insecure zone. The present paper is divided into following three sections (i) Introduction, (ii) Analysis of food security situation at national level as well as micro level (Kandi belt of Punjab State) (iii) Concluding Observations

Keywords: Availability, consumption, food security, poverty.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 6693

Authors: MooSeop Kim, Juhan Kim, Yongje Choi

Abstract:

Recently, much research has been conducted for security for wireless sensor networks and ubiquitous computing. Security issues such as authentication and data integrity are major requirements to construct sensor network systems. Advanced Encryption Standard (AES) is considered as one of candidate algorithms for data encryption in wireless sensor networks. In this paper, we will present the hardware architecture to implement low power AES crypto module. Our low power AES crypto module has optimized architecture of data encryption unit and key schedule unit which could be applicable to wireless sensor networks. We also details low power design methods used to design our low power AES crypto module.

Keywords: Algorithm, Low Power Crypto Circuit, AES, Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2461

Authors: Sindhu Govardhan, Kenneth G. Crowther

Abstract:

Modernisation of the water sector is leading to increased connectivity and integration of emerging technologies with traditional ones, leading to new security risks. The convergence of Information Technology (IT) with Operation Technology (OT) results in solutions that are spread across larger geographic areas, increasingly consist of interconnected Industrial Internet of Things (IIOT) devices and software, rely on the integration of legacy with modern technologies, use of complex supply chain components leading to complex architectures and communication paths. The result is that multiple parties collectively own and operate these emergent technologies, threat actors find new paths to exploit, and traditional cybersecurity controls are inadequate. Our approach is to explicitly identify and draw data flows that cross trust boundaries between owners and operators of various aspects of these emerging and interconnected technologies. On these data flows, we layer potential attack vectors to create a frame of reference for evaluating possible risks against connected technologies. Finally, we identify where existing controls, mitigations, and other remediations exist across industry partners (e.g., suppliers, product vendors, integrators, water utilities, and regulators). From these, we are able to understand potential gaps in security, the roles in the supply chain that are most likely to effectively remediate those security gaps, and test cases to evaluate and strengthen security across these partners. This informs a “shared responsibility” solution that recognises that security is multi-layered and requires collaboration to be successful. This shared responsibility security framework improves visibility, understanding, and control across the entire supply chain, and particularly for those water utilities that are accountable for safe and continuous operations.

Keywords: Cyber security, shared responsibility, IIOT, threat modelling.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 55

Authors: M. Marsadek, A. Mohamed

Abstract:

Power system security analysis is the most time demanding process due to large number of possible contingencies that need to be analyzed.  In a power system, any contingency resulting in security violation such as line overload or low voltage may occur for a number of reasons at any time.  To efficiently rank a contingency, both probability and the extent of security violation must be considered so as not to underestimate the risk associated with the contingency. This paper proposed a contingency ranking method that take into account the probabilistic nature of power system and the severity of contingency by using a newly developed method based on risk factor.  The proposed technique is implemented on IEEE 24-bus system.

Keywords: Line overload, low voltage, probability, risk factor, severity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1189

Authors: Supachai Tangwongsan, Labhidhorn Pangphuthipong

Abstract:

This research work proposes a model of network security systems aiming to prevent production system in a data center from being attacked by intrusions. Conceptually, we introduce a decoy system as a part of the security system for luring intrusions, and apply network intrusion detection (NIDS), coupled with the decoy system to perform intrusion prevention. When NIDS detects an activity of intrusions, it will signal a redirection module to redirect all malicious traffics to attack the decoy system instead, and hence the production system is protected and safe. However, in a normal situation, traffic will be simply forwarded to the production system as usual. Furthermore, we assess the performance of the model with various bandwidths, packet sizes and inter-attack intervals (attacking frequencies).

Keywords: Intrusion detection, Decoy, Snort, Intrusion prevention.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1699

Authors: A. Arul Lawrence Selvakumar, C. Suresh Ganandhas

Abstract:

This paper describes the study of cryptographic hash functions, one of the most important classes of primitives used in recent techniques in cryptography. The main aim is the development of recent crypt analysis hash function. We present different approaches to defining security properties more formally and present basic attack on hash function. We recall Merkle-Damgard security properties of iterated hash function. The Main aim of this paper is the development of recent techniques applicable to crypt Analysis hash function, mainly from SHA family. Recent proposed attacks an MD5 & SHA motivate a new hash function design. It is designed not only to have higher security but also to be faster than SHA-256. The performance of the new hash function is at least 30% better than that of SHA-256 in software. And it is secure against any known cryptographic attacks on hash functions.

Keywords: Crypt Analysis, cryptographic.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1289

Authors: Nebu Tom John, N. Dhinakaran

Abstract:

Multiparty voice over IP (MVoIP) systems allows a group of people to freely communicate each other via the internet, which have many applications such as online gaming, teleconferencing, online stock trading etc. Peertalk is a peer to peer multiparty voice over IP system (MVoIP) which is more feasible than existing approaches such as p2p overlay multicast and coupled distributed processing. Since the stream mixing and distribution are done by the peers, it is vulnerable to major security threats like nodes misbehavior, eavesdropping, Sybil attacks, Denial of Service (DoS), call tampering, Man in the Middle attacks etc. To thwart the security threats, a security framework called PEERTS (PEEred Reputed Trustworthy System for peertalk) is implemented so that efficient and secure communication can be carried out between peers.

Keywords: Key management system, peer-to-peer voice streaming, reputed trust management system, voice-over-IP.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1831

Authors: G.Kabashi, K.Kadriu, A.Gashi, S.Kabashi, G, Pula, V.Komoni

Abstract:

This paper focuses on PSS/E modeling of wind farms of Doubly-fed Induction Generator (DFIG) type and their impact on issues of power system operation. Since Wind Turbine Generators (WTG) don-t have the same characteristics as synchronous generators, the appropriate modeling of wind farms is essential for transmission system operators to analyze the best options of transmission grid reinforcements as well as to evaluate the wind power impact on reliability and security of supply. With the high excepted penetration of wind power into the power system a simultaneous loss of Wind Farm generation will put at risk power system security and reliability. Therefore, the main wind grid code requirements concern the fault ride through capability and frequency operation range of wind turbines. In case of grid faults wind turbines have to supply a definite reactive power depending on the instantaneous voltage and to return quickly to normal operation.

Keywords: Power System transients, PSS/E dynamic simulationDouble-fed Induction Generator.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4574

Authors: Mir Shahriar Emami

Abstract:

Although it is fully impossible to ensure that a software system is quite secure, developing an acceptable secure software system in a convenient platform is not unreachable. In this paper, we attempt to analyze software development life cycle (SDLC) models from the hardware systems and circuits point of view. To date, the SDLC models pay merely attention to the software security from the software perspectives. In this paper, we present new features for SDLC stages to emphasize the role of systems and circuits in developing secure software system through the software development stages, the point that has not been considered previously in the SDLC models.

Keywords: Systems and circuits security, software security, software process engineering, SDLC, SSDLC.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1680

Authors: Andre Slonopas, Warren Thompson, Zona Kostic

Abstract:

Obfuscation is one of the most useful tools to prevent network compromise. Previous research focused on the obfuscation of the network communications between external-facing edge devices. This work proposes the use of two edge devices, external and internal facing, which communicates via private IPv4 addresses in a software-defined pseudo-random IP hopping. This methodology does not require additional IP addresses and/or resources to implement. Statistical analyses demonstrate that the hopping surface must be at least 1e3 IP addresses in size with a broad standard deviation to minimize the possibility of coincidence of monitored and communication IPs. The probability of breaking the hopping algorithm requires a collection of at least 1e6 samples, which for large hopping surfaces will take years to collect. The probability of dropped packets is controlled via memory buffers and the frequency of hops and can be reduced to levels acceptable for video streaming. This methodology provides an impenetrable layer of security ideal for information and supervisory control and data acquisition systems.

Keywords: Moving Target Defense, cybersecurity, network security, hopping randomization, software defined network, network security theory.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 512

Authors: Jiří Barta

Abstract:

The paper deals with results of a project “Interoperability Workplaces to Support Teaching of Security Management in a Computer Network". This project is focused on the perspectives and possibilities of "new approaches" to education, training and crisis communication of rescue teams in the Czech Republic. It means that common technologies considering new perspectives are used to educate selected members of crisis management. The main part concentrates on possibilities of application of new technology and computer-aided tools to education and training of Integrated Rescue System teams.This project uses the COST principle for the creation of specialized centers and for all communication between these workplaces.

Keywords: Communication of Crisis Management, Information System, Interoperability, specializedcenter, Security Oriented Information System.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1475

Authors: Nour Charara, Iman Jarkass, Maria Sokhn, Elena Mugellini, Omar Abou Khaled

Abstract:

Intelligent Video-Surveillance (IVS) systems are being more and more popular in security applications. The analysis and recognition of abnormal behaviours in a video sequence has gradually drawn the attention in the field of IVS, since it allows filtering out a large number of useless information, which guarantees the high efficiency in the security protection, and save a lot of human and material resources. We present in this paper ADABeV, an intelligent video-surveillance framework for event recognition in crowded scene to detect the abnormal human behaviour. This framework is attended to be able to achieve real-time alarming, reducing the lags in traditional monitoring systems. This architecture proposal addresses four main challenges: behaviour understanding in crowded scenes, hard lighting conditions, multiple input kinds of sensors and contextual-based adaptability to recognize the active context of the scene.

Keywords: Behavior recognition, Crowded scene, Data fusion, Pattern recognition, Video-surveillance

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3590

Authors: Cai Guoqiang, Jia Limin, Zhou Liming, Liang yu, Li xi

Abstract:

This paper analysis the integrated use of safety monitoring with the domestic and international latest research on rail safety protection system, and focus on the implementation of an organic whole system, with the monitoring and early warning, risk assessment, predictive control and emergency rescue system. The system framework, contents and system structure of Security system is proposed completely. It-s pointed out that the Security system is a negative feedback system composed of by safety monitoring and warning system, risk assessment and emergency rescue system. Safety monitoring and warning system focus on the monitoring target monitoring, early warning, tracking, integration of decision-making, for objective and subjective risks factors. Risk assessment system analysis the occurrence of a major Security risk mechanism, determines the standard of the future short, medium and long term safety conditions, and give prop for development of safety indicators, accident analysis and safety standards. Emergency rescue system is with the goal of rapid and effective rescue work for accident, to minimize casualties and property losses.

Keywords: rail safety protection, monitoring and early warning, risk assessment, emergency rescue.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3084

Authors: Yih-Chuan Lin, Jung-Hong Li

Abstract:

In this paper, we propose a reversible watermarking scheme based on histogram shifting (HS) to embed watermark bits into the H.264/AVC standard videos by modifying the last nonzero level in the context adaptive variable length coding (CAVLC) domain. The proposed method collects all of the last nonzero coefficients (or called last level coefficient) of 4×4 sub-macro blocks in a macro block and utilizes predictions for the current last level from the neighbor block-s last levels to embed watermark bits. The feature of the proposed method is low computational and has the ability of reversible recovery. The experimental results have demonstrated that our proposed scheme has acceptable degradation on video quality and output bit-rate for most test videos.

Keywords: Reversible data hiding, H.264/AVC standard, CAVLC, Histogram shifting

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1993

Authors: Pil Seong Park

Abstract:

Homemade HPC clusters are widely used in many small labs, because they are easy to build and cost-effective. Even though incremental growth is an advantage of clusters, it results in heterogeneous systems anyhow. Instead of adding new nodes to the cluster, we can extend clusters to include some other Internet servers working independently on the same LAN, so that we can make use of their idle times, especially during the night. However extension across a firewall raises some security problems with NFS. In this paper, we propose a method to solve such a problem using SSH tunneling, and suggest a modified structure of the cluster that implements it.

Keywords: Extension of HPC clusters, Security, NFS, SSH tunneling.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1854

Authors: F. Matusek, G. Pujolle, R. Reda

Abstract:

Shadow detection is still considered as one of the potential challenges for intelligent automated video surveillance systems. A pre requisite for reliable and accurate detection and tracking is the correct shadow detection and classification. In such a landscape of conditions, privacy issues add more and more complexity and require reliable shadow detection. In this work the intertwining between security, accuracy, reliability and privacy is analyzed and, accordingly, a novel architecture for Privacy Enhancing Video Surveillance (PEVS) is introduced. Shadow detection and masking are dealt with through the combination of two different approaches simultaneously. This results in a unique privacy enhancement, without affecting security. Subsequently, the methodology was employed successfully in a large-scale wireless video surveillance system; privacy relevant information was stored and encrypted on the unit, without transferring it over an un-trusted network.

Keywords: Video Surveillance, Intelligent Video Surveillance, Physical Security, WSSU, Privacy, Shadow Detection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1301

Authors: A. Al Drees, A. Alahmari, R. Almuwayshir

Abstract:

The advanced information technology is becoming an important factor in the development of financial services industry, especially the banking industry. It has introduced new ways of delivering banking to the customer, such as Internet Banking. Banks began to look at electronic banking (e-banking) as a means to replace some of their traditional branch functions using the Internet as a new distribution channel. Some consumers have at least more than one account, and across banks, and access these accounts using e-banking services. To look at the current net worth position, customers have to login to each of their accounts and get the details and work on consolidation. This not only takes ample time but it is a repetitive activity at a specified frequency. To address this point, an account aggregation concept is added as a solution. E-banking account aggregation, as one of the e-banking types, appeared to build a stronger relationship with customers. Account Aggregation Service generally refers to a service that allows customers to manage their bank accounts maintained in different institutions through a common Internet banking operating a platform, with a high concern to security and privacy. This paper presents an overview of an e-banking account aggregation approach as a new service in the e-banking field.

Keywords: E-banking, security, account aggregation, enterprise application development.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1492

Authors: M. S. Razana, Z. W. Shafiuddin

Abstract:

Internal auditing is one of the most important activities for organizations that implement information security management systems (ISMS). The purpose of internal audits is to ensure the ISMS implementation is in accordance to the ISO/IEC 27001 standard and the organization’s own requirements for its ISMS. Competent internal auditors are the main element that contributes to the effectiveness of internal auditing activities. To realize this need, CyberSecurity Malaysia is now in the process of becoming a certification body that certifies ISMS internal auditors. The certification scheme will assess the competence of internal auditors in generic knowledge and skills in management systems, and also in ISMS-specific knowledge and skills. The certification assessment is based on the ISO/IEC 19011 Guidelines for auditing management systems, ISO/IEC 27007 Guidelines for information security management systems auditing and ISO/IEC 27001 Information security management systems requirements. The certification scheme complies with the ISO/IEC 17024 General requirements for bodies operating certification systems of persons. Candidates who pass the exam will be certified as an ISMS Internal Auditor, whose competency will be evaluated every three years.

Keywords: ISMS internal audit, ISMS internal auditor, ISO/IEC 17024, Competence, Certification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1778

Authors: Saleh Dabil

Abstract:

The study will search the level of existence of the sweethearting in Saudi Arabia's Supermarkets in Riyadh. Sweethearting occurs when frontline workers give unauthorized free or uncounted goods and services to customer-s conspirators. The store managers and /or security managers were asked about the sweethearting that occurs in the supermarkets. The characteristics of sweethearting in Riyadh stores were investigated. Two independent variables were related to the report of sweethearting. These independent variables are: The effect of store environment on sweethearting and the security techniques and loss prevention electronics techniques used. This study expected to shed the light about the level of sweethearting in Saudi Arabia and the factors behind it. This study will serve as an exploratory study for such phenomenon in Saudi Arabia as well as both descriptive for the characteristics of sweethearting and explanatory study to link between the environmental and security systems factors to sweethearting.

Keywords: supermarket, stealing, sweethearting, theft.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1837

Authors: Lynette Drevin, Günther R. Drevin

Abstract:

Numerous threats have been identified when using social networks. The question is whether young people are aware of these negative impacts of online and mobile technologies. Will they identify threats when needed? Will they know where to get help? Students and school children were part of a survey where their behavior and use of Facebook and an instant messaging application - MXit were studied. This paper presents some of the results. It can be concluded that awareness on security and privacy issues should be raised. The benefit of doing such a survey is that it may help to direct educational efforts from a young age. In this way children – with their parents – can strive towards more secure behavior. Educators can focus their lessons towards the areas that need attention resulting in safer cyber interaction and ultimately more responsible online use.

Keywords: Facebook, Instant messaging, MXit, Privacy, Social networks Information Security awareness education, Trust.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2664

Authors: Vinay Gautam, Vivek Gautam

Abstract:

With increase in the unauthorized users access, it is required to increase the security in the Near Field Communication (NFC). In the paper we propose a user behavior based enhanced protocol entitled ‘User Behavior based Enhanced Protocol (UBEP)’ to increase the security in NFC enabled devices. The UBEP works on the history of interaction of a user with system.The propose protocol considers four different factors (touch, time and distance & angle) of user behavior to know the authenticity or authorization of the users. These factors can be same for a user during interaction with the system. The UBEP uses two phase user verification system to authenticate a user. Firstly the acquisition phase is used to acquire and store the user interaction with NFC device and the same information is used in future to detect the authenticity of the user. The second phase (recognition) uses analysis of current and previous scenario of user interaction and digital signature verification system to finally authenticate user. The analysis of user based input makes a NFC transaction more advance and secure. This security is very tactical because it is completely depends on usage of the device.

Keywords: Security, Network Field communication, NFC Protocol.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1944

Authors: Noor Suhana Sulaiman, Rohani Abu Bakar, Norrozila Sulaiman

Abstract:

Intrusion Detection System is significant in network security. It detects and identifies intrusion behavior or intrusion attempts in a computer system by monitoring and analyzing the network packets in real time. In the recent year, intelligent algorithms applied in the intrusion detection system (IDS) have been an increasing concern with the rapid growth of the network security. IDS data deals with a huge amount of data which contains irrelevant and redundant features causing slow training and testing process, higher resource consumption as well as poor detection rate. Since the amount of audit data that an IDS needs to examine is very large even for a small network, classification by hand is impossible. Hence, the primary objective of this review is to review the techniques prior to classification process suit to IDS data.

Keywords: Intrusion Detection System, security, soft computing, classification.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1822