Search results for: security assessment

Authors: A. Fathianpour, M. B. Jelodar, S. Wilkinson

Abstract:

This paper outlines the approaches taken to assess multi-hazard assessments. There is currently confusion in assessing multi-hazard impacts, and so this study aims to determine which of the available options are the most useful. The paper uses an international literature search, and analysis of current multi-hazard assessments and a case study to illustrate the effectiveness of the chosen method. Findings from this study will help those wanting to assess multi-hazards to undertake a straightforward approach. The paper is significant as it helps to interpret the various approaches and concludes with the preferred method. Many people in the world live in hazardous environments and are susceptible to disasters. Unfortunately, when a disaster strikes it is often compounded by additional cascading hazards, thus people would confront more than one hazard simultaneously. Hazards include natural hazards (earthquakes, floods, etc.) or cascading human-made hazards (for example, Natural Hazard Triggering Technological disasters (Natech) such as fire, explosion, toxic release). Multi-hazards have a more destructive impact on urban areas than one hazard alone. In addition, climate change is creating links between different disasters such as causing landslide dams and debris flows leading to more destructive incidents. Much of the prevailing literature deals with only one hazard at a time. However, recently sophisticated multi-hazard assessments have started to appear. Given that multi-hazards occur, it is essential to take multi-hazard risk assessment under consideration. This paper aims to review the multi-hazard assessment methods through articles published to date and categorize the strengths and disadvantages of using these methods in risk assessment. Napier City is selected as a case study to demonstrate the necessity of using multi-hazard risk assessments. In order to assess multi-hazard risk assessments, first, the current multi-hazard risk assessment methods were described. Next, the drawbacks of these multi-hazard risk assessments were outlined. Finally, the improvements to current multi-hazard risk assessments to date were summarised. Generally, the main problem of multi-hazard risk assessment is to make a valid assumption of risk from the interactions of different hazards. Currently, risk assessment studies have started to assess multi-hazard situations, but drawbacks such as uncertainty and lack of data show the necessity for more precise risk assessment. It should be noted that ignoring or partial considering multi-hazards in risk assessment will lead to an overestimate or overlook in resilient and recovery action managements.

Keywords: Cascading hazards, multi-hazard, risk assessment, risk reduction.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1045

Authors: Amudha Kadirvelu, Sivalal Sadasivan

Abstract:

While the problem based learning (PBL) approach promotes unsupervised self-directed learning (SDL), many students experience difficulty juggling the role of being an information recipient and information seeker. Logbooks have been used to assess trainee doctors but not in other areas. This study aimed to determine the effectiveness of logbook for assessing SDL during PBL sessions in first year medical students. The log book included a learning checklist and knowledge and skills components. Comparisons with the baseline assessment of student performance in PBL and that at semester end after logbook intervention showed significant improvements in student performance (31.5 ± 8 vs. 17.7 ± 4.4; p<0.001) with a large effect size of 3.93. The learner-s log for PBL has played an important role in enhancing SDL in first year medical students. Learner-s log could be a good self-assessment tool for the undergraduate medical students.

Keywords: Problem based learning, self-directed learning, logbook, self-assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1977

Authors: M. Sarrab, H. Bourdoucen

Abstract:

Mobile applications are verified to check the correctness or evaluated to check the performance with respect to specific security properties such as Availability, Integrity and Confidentiality. Where they are made available to the end users of the mobile application is achievable only to a limited degree using software engineering static verification techniques. The more sensitive the information, such as credit card data, personal medical information or personal emails being processed by mobile application, the more important it is to ensure the confidentiality of this information. Monitoring untrusted mobile application during execution in an environment where sensitive information is present is difficult and unnerving. The paper addresses the issue of monitoring and controlling the flow of confidential information during untrusted mobile application execution. The approach concentrates on providing a dynamic and usable information security solution by interacting with the mobile users during the runtime of mobile application in response to information flow events.

Keywords: Mobile application, Run-time verification, Usable security, Direct information flow.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1920

Authors: Claude Takenga, Rolf-Dietrich Berndt, Erling Si, Markus Diem, Guohui Qiao, Melanie Gau, Michael Brandstoetter, Martin Kampel, Michael Dworzak

Abstract:

In patients with acute lymphoblastic leukaemia (ALL), treatment response is increasingly evaluated with minimal residual disease (MRD) analyses. Flow Cytometry (FCM) is a fast and sensitive method to detect MRD. However, the interpretation of these multi-parametric data requires intensive operator training and experience. This paper presents a pipeline-software, as a ready-to-use FCM-based MRD-assessment tool for the daily clinical practice for patients with ALL. The new tool increases accuracy in assessment of FCM-MRD in samples which are difficult to analyse by conventional operator-based gating since computer-aided analysis potentially has a superior resolution due to utilization of the whole multi-parametric FCM-data space at once instead of step-wise, two-dimensional plot-based visualization. The system developed as a telemedical network reduces the work-load and lab-costs, staff-time needed for training, continuous quality control, operator-based data interpretation. It allows dissemination of automated FCM-MRD analysis to medical centres which have no established expertise for the benefit of an even larger community of diseased children worldwide. We established a telemedical network system for analysis and clinical follow-up and treatment monitoring of Leukaemia. The system is scalable and adapted to link several centres and laboratories worldwide.

Keywords: Data security, flow cytometry, leukaemia, telematics platform, telemedicine.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1528

Authors: V. Ramnarain-Seetohul, J. Abdool Karim, A. Amir

Abstract:

Almost all universities include some form of assignment in their courses. The assignments are either carried out in either in groups or individually. To effectively manage these submitted assignments, a well-designed assignment submission system is needed, hence the need for an online assignment submission system to facilitate the distribution, and collection of assignments on due dates. The objective of such system is to facilitate interaction of lecturers and students for assessment and grading purposes. The aim of this study was to create a web based online assignment submission system for University of Mauritius. The system was created to eliminate the traditional process of giving an assignment and collecting the answers for the assignment. Lecturers can also create automated assessment to assess the students online. Moreover, the online submission system consists of an automatic mailing system which acts as a reminder for students about the deadlines of the posted assignments. System was tested to measure its acceptance rate among both student and lecturers.

Keywords: Assignment, assessment, online, submission

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 7142

Authors: Neilal A. Isaac, Madison Edwards, Kirthana Sugunathevan, Mohan Kumar

Abstract:

The COVID-19 pandemic challenged the education system and forced medical schools to transition to online learning. With this transition, one of the major concerns for students and educators was to ensure that Physical Examination (PE) skills were still being mastered. Thus, the formative peer assessment model was designed to enhance the learning of PE skills during the COVID-19 pandemic in the online learning landscape. Year 1 and year 2 students enrolled in clinical skills courses at the University of Medicine and Health Sciences, St. Kitts were asked to record themselves demonstrating PE skills with a healthy patient volunteer after every skills class. Each student was assigned to exchange feedback with one peer in the course. At the end of the first two semesters of this learning activity, a cross-sectional survey was conducted for the two cohorts of year-1 and year-2 students. The year-1 cohorts most frequently rated the peer assessment exercise as 4 on a 5-point Likert scale, with a mean score of 3.317 [2.759, 3.875]. The year-2 cohorts most frequently rated the peer assessment exercise as 4 on a 5-point Likert scale, with a mean score of 3.597 [2.978, 4.180]. Students indicated that guidance from faculty, flexible deadlines, and detailed and timely feedback from peers were areas for improvement in this process.

Keywords: COVID-19 pandemic, distant learning, online medical education, peer assessment, physical examination.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 316

Authors: Raluca-Cristina Buţurcă, CarlesM.Gasol, Xavier Gabarrell, Dan Scarpete

Abstract:

The environmental performance of rapeseed oil (RO) and rapeseed methyl ester(RME) from winter rape as fuels produced in Romanian agroclimate is analyzed in this paper. The proposed methodology is life cycle assessment (LCA) and takes into consideration the influence of grain production and agroclimatic conditions. This study shows favorable results first for RO and then for RME. When compared to diesel fuel, both studied biofuels show better results in the following impact categories: Abiotic depletion potential (ADP), Ozone layer depletion (ODP) and Photochemical ozone creation potential (POCP).Furthermore, the environmental performance of the two biofuels studied can be improved by changing the type of fertilizer used and also by using biofuels instead of diesel in the field works.

Keywords: Biodiesel, life cycle assessment, rapeseed oil.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2510

Authors: Nameer N. EL-Emam

Abstract:

In this paper, we construct and implement a new Steganography algorithm based on learning system to hide a large amount of information into color BMP image. We have used adaptive image filtering and adaptive non-uniform image segmentation with bits replacement on the appropriate pixels. These pixels are selected randomly rather than sequentially by using new concept defined by main cases with sub cases for each byte in one pixel. According to the steps of design, we have been concluded 16 main cases with their sub cases that covere all aspects of the input information into color bitmap image. High security layers have been proposed through four layers of security to make it difficult to break the encryption of the input information and confuse steganalysis too. Learning system has been introduces at the fourth layer of security through neural network. This layer is used to increase the difficulties of the statistical attacks. Our results against statistical and visual attacks are discussed before and after using the learning system and we make comparison with the previous Steganography algorithm. We show that our algorithm can embed efficiently a large amount of information that has been reached to 75% of the image size (replace 18 bits for each pixel as a maximum) with high quality of the output.

Keywords: Adaptive image segmentation, hiding with high capacity, hiding with high security, neural networks, Steganography.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1953

Authors: Sri Lakshmi Kanniah, Mohd Naz’ri Mahrin

Abstract:

More and more businesses and services are depending on software to run their daily operations and business services. At the same time, cyber-attacks are becoming more covert and sophisticated, posing threats to software. Vulnerabilities exist in the software due to the lack of security practices during the phases of software development. Implementation of secure software development practices can improve the resistance to attacks. Many methods, models and standards for secure software development have been developed. However, despite the efforts, they still come up against difficulties in their deployment and the processes are not institutionalized. There is a set of factors that influence the successful deployment of secure software development processes. In this study, the methodology and results from a systematic literature review of factors influencing the implementation of secure software development practices is described. A total of 44 primary studies were analysed as a result of the systematic review. As a result of the study, a list of twenty factors has been identified. Some of factors that affect implementation of secure software development practices are: Involvement of the security expert, integration between security and development team, developer’s skill and expertise, development time and communication between stakeholders. The factors were further classified into four categories which are institutional context, people and action, project content and system development process. The results obtained show that it is important to take into account organizational, technical and people issues in order to implement secure software development initiatives.

Keywords: Secure software development, software development, software security, systematic literature review.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2426

Authors: Ekrem Aksoy, Nihat Adar, Selçuk Canbek

Abstract:

Ambient Computing or Ambient Intelligence (AmI) is emerging area in computer science aiming to create intelligently connected environments and Internet of Things. In this paper, we propose communication middleware architecture for AmI. This middleware architecture addresses problems of communication, networking, and abstraction of applications, although there are other aspects (e.g. HCI and Security) within general AmI framework. Within this middleware architecture, any application developer might address HCI and Security issues with extensibility features of this platform.

Keywords: AmI, ambient computing, middleware, distributedsystems, software-defined networking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1654

Authors: R. Bremananth

Abstract:

Biometric authentication is an essential task for any kind of real-life applications. In this paper, we contribute two primary paradigms to Iris recognition such as Robust Eyelash Detection (RED) using pathway kernels and hair curve fitting synthesized model. Based on these two paradigms, rotation invariant iris recognition is enhanced. In addition, the presented framework is tested with real-life iris data to provide the authentication for LRC (Learning Resource Center) users. Recognition performance is significantly improved based on the contributed schemes by evaluating real-life irises. Furthermore, the framework has been implemented using Java programming language. Experiments are performed based on 1250 diverse subjects in different angles of variations on the authentication process. The results revealed that the methodology can deploy in the process on LRC management system and other security required applications.

Keywords: Authentication, biometric, eye lashes detection, iris scanning, LRC security, secure access.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 995

Authors: M. Padmavathi, R. M. Suresh

Abstract:

Every machine plays roles of client and server simultaneously in a peer-to-peer (P2P) network. Though a P2P network has many advantages over traditional client-server models regarding efficiency and fault-tolerance, it also faces additional security threats. Users/IT administrators should be aware of risks from malicious code propagation, downloaded content legality, and P2P software’s vulnerabilities. Security and preventative measures are a must to protect networks from potential sensitive information leakage and security breaches. Bit Torrent is a popular and scalable P2P file distribution mechanism which successfully distributes large files quickly and efficiently without problems for origin server. Bit Torrent achieved excellent upload utilization according to measurement studies, but it also raised many questions as regards utilization in settings, than those measuring, fairness, and Bit Torrent’s mechanisms choice. This work proposed a block selection technique using Fuzzy ACO with optimal rules selected using ACO.

Keywords: Ant Colony Optimization (ACO), Bit Torrent, Download time, Peer-to-Peer (P2P) network, Performance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2536

Authors: Muhibul Haque Bhuyan

Abstract:

In the current context, the engineering program educators need to think about how to develop the concepts and complex engineering problem-solving skills through various complex engineering activities by the undergraduate engineering students in various engineering courses. But most of them are facing challenges to assess and evaluate these skills of their students. In this study, detailed assessment and evaluation methods for the undergraduate Electrical and Electronic Engineering (EEE) program are stated using the Outcome-Based Education (OBE) approach. For this purpose, a final year course titled control systems has been selected. The assessment and evaluation approach, course contents, course objectives, course outcomes (COs), and their mapping to the program outcomes (POs) with complex engineering problems and activities via the knowledge profiles, performance indicators, rubrics of assessment, CO and PO attainment data, and other statistics, are reported for a student-cohort of control systems course registered by the students of BSc in EEE program in Spring 2021 Semester at the EEE Department of Southeast University (SEU). It is found that the target benchmark was achieved by the students of that course. Several recommendations for the continuous quality improvement (CQI) process are also provided.

Keywords: Complex engineering problem, knowledge profiles, OBE, control systems course, COs, PIs, POs, assessment rubrics.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 553

Authors: M. G. Albanesi, R. Amadeo

Abstract:

In this paper, a new approach for quality assessment tasks in lossy compressed digital video is proposed. The research activity is based on the visual fixation data recorded by an eye tracker. The method involved both a new paradigm for subjective quality evaluation and the subsequent statistical analysis to match subjective scores provided by the observer to the data obtained from the eye tracker experiments. The study brings improvements to the state of the art, as it solves some problems highlighted in literature. The experiments prove that data obtained from an eye tracker can be used to classify videos according to the level of impairment due to compression. The paper presents the methodology, the experimental results and their interpretation. Conclusions suggest that the eye tracker can be useful in quality assessment, if data are collected and analyzed in a proper way.

Keywords: eye tracker, video compression, video qualityassessment, visual attention

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1572

Authors: K. Sekulová, M. Šimon

Abstract:

This article focuses on upper-extremity musculoskeletal disorders risk assessment model at workplace. In this model are used risk factors that are responsible for musculoskeletal system damage. Based on statistic calculations the model is able to define what risk of MSD threatens workers who are under risk factors. The model is also able to say how MSD risk would decrease if these risk factors are eliminated.

 

Keywords: Ergonomics, musculoskeletal disorders, occupational diseases, risk factors.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2018

Authors: N. Gopalakrishna Kini, Ranjana Paleppady, Akshata K. Naik

Abstract:

Password authentication is one of the widely used methods to achieve authentication for legal users of computers and defense against attackers. There are many different ways to authenticate users of a system and there are many password cracking methods also developed. This paper proposes how best password cracking can be performed on a CPU-GPGPU based system. The main objective of this work is to project how quickly a password can be cracked with some knowledge about the computer security and password cracking if sufficient security is not incorporated to the system.

Keywords: GPGPU, password cracking, secret key, user authentication.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2575

Authors: Matthew J. Zagumny

Abstract:

The current study reports an examination of the QUEST-25 (Q-Assessment of Undergraduate Epistemology and Scientific Thinking) online version for assessing the dispositional attitudes toward scientific thinking and intellectual curiosity among undergraduate students. The QUEST-25 consists of scientific thinking (SIQ-25) and intellectual curiosity (ICIQ-25), which were correlated in hypothesized directions with the Religious Commitment Inventory, Curiosity and Exploration Inventory, Belief in Science scale, and measures of academic self-efficacy. Additionally, concurrent validity was established by the resulting significant differences between those identifying the centrality of religious belief in their lives and those who do not self-identify as being guided daily by religious beliefs. This study demonstrates the utility of the QUEST-25 for research, evaluation, and theory development.

Keywords: Guided-inquiry learning, intellectual curiosity, psychometric assessment, scientific thinking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 723

Authors: Adam Gorine, Faten Spondon

Abstract:

Python is considered the most popular programming language and offers its own ecosystem for archiving and maintaining open-source software packages. This system is called the Python Package Index (PyPI), the repository of this programming language. Unfortunately, one-third of these software packages have vulnerabilities that allow attackers to execute code automatically when a vulnerable or malicious package is installed. This paper contributes to large-scale empirical studies investigating security issues in the Python ecosystem by evaluating package vulnerabilities. These provide a series of implications that can help the security of software ecosystems by improving the process of discovering, fixing, and managing package vulnerabilities. The vulnerable dataset is generated using the NVD, the National Vulnerability Database, and the Snyk vulnerability dataset. In addition, we evaluated 807 vulnerability reports in the NVD and 3900 publicly known security vulnerabilities in Python Package Manager (Pip) from the Snyk database from 2002 to 2022. As a result, many Python vulnerabilities appear in high severity, followed by medium severity. The most problematic areas have been improper input validation and denial of service attacks. A hybrid scanning tool that combines the three scanners, Bandit, Snyk and Dlint, which provide a clear report of the code vulnerability, is also described.

Keywords: Python vulnerabilities, Bandit, Snyk, Dlint, Python Package Index, ecosystem, static analysis, malicious attacks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 146

Authors: Mabrouka Algherinai, Fatma Karkouri

Abstract:

Today, Short Message Service (SMS) is an important means of communication. SMS is not only used in informal environment for communication and transaction, but it is also used in formal environments such as institutions, organizations, companies, and business world as a tool for communication and transactions. Therefore, there is a need to secure the information that is being transmitted through this medium to ensure security of information both in transit and at rest. But, encryption has been identified as a means to provide security to SMS messages in transit and at rest. Several past researches have proposed and developed several encryption algorithms for SMS and Information Security. This research aims at comparing the performance of common Asymmetric encryption algorithms on SMS security. The research employs the use of three algorithms, namely RSA, McEliece, and RABIN. Several experiments were performed on SMS of various sizes on android mobile device. The experimental results show that each of the three techniques has different key generation, encryption, and decryption times. The efficiency of an algorithm is determined by the time that it takes for encryption, decryption, and key generation. The best algorithm can be chosen based on the least time required for encryption. The obtained results show the least time when McEliece size 4096 is used. RABIN size 4096 gives most time for encryption and so it is the least effective algorithm when considering encryption. Also, the research shows that McEliece size 2048 has the least time for key generation, and hence, it is the best algorithm as relating to key generation. The result of the algorithms also shows that RSA size 1024 is the most preferable algorithm in terms of decryption as it gives the least time for decryption.

Keywords: SMS, RSA, McEliece, RABIN.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 630

Authors: A. E. Emam, M. Abd Elghany

Abstract:

The change in orbit evolution between collocated satellites (X, Y) inside +/-0.09° E/W and +/- 0.07° N/S cluster, after one of these satellites is placed in an inclined orbit (satellite X) and the effect of this change in the collocation safety inside the cluster window has been studied and evaluated. Several collocation scenarios had been studied in order to adjust the location of both satellites inside their cluster to maximize the separation between them and safe the mission.

Keywords: Satellite, GEO, collocation, risk assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2280

Authors: Myriam Noureddine, Rachid Noureddine

Abstract:

Following the current economic challenges and competition, all systems, whatever their field, must be efficient and operational during their activity. In this context, it is imperative to anticipate, identify, eliminate and estimate the failures of systems, which may lead to an interruption of their function. This need requires the management of possible risks, through an assessment of the failures criticality following a dependability approach. On the other hand, at the time of new information technologies and considering the networks field evolution, the data transmission has evolved towards a multipoint communication, which can simultaneously transmit information from a sender to multiple receivers. This article proposes the failures criticality assessment of a multipoint communication network, integrates a database of network failures and their quantifications. The proposed approach is validated on a case study and the final result allows having the criticality matrix associated with failures on the considered network, giving the identification of acceptable risks.

Keywords: Dependability, failure, multipoint network, criticality matrix.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1561

Authors: Afrah Saad Mohsen Al-Mahfadi

Abstract:

In rural areas of developing countries, participation of all stakeholders in water supply projects is an important step towards further development. As most of the beneficiaries are women, it is important that they should be involved to achieve successful and sustainable water supply projects. Women are responsible for the management of water both inside and outside home, and often spend more than six-hours a day fetching drinking water from distant water sources. The problem is that rural women play a role of little importance in the water supply projects’ phases in rural Yemen. Therefore, this research aimed at analyzing the different reasons of their lack of participation in projects and in what way a full participation -if achieved- could contribute to sustainable water supply projects in the rural mountainous areas in Yemen. Four water supply projects were selected as a case study in Al-Della'a Alaala sub-district in the Al-Mahweet governorate, two of them were implemented by the Social Fund and Development (SFD), while others were implemented by the General Authority for Rural Water Supply Projects (GARWSSP). Furthermore, the successful Al-Galba project, which is located in Badan district in Ibb governorate, was selected for comparison. The rural women's active participation in water projects have potential consequences including continuity and maintenance improvement, equipment security, and improvement in the overall health and education status of these areas. The majority of respondents taking part in GARWSSP projects estimated that there is no reason to involve women in the project activities. In the comparison project - in which a woman worked as a supervisor and implemented the project – all respondents indicated that the participation of women is vital for sustainability. Therefore, the results of this research are intended to stimulate rural women's participation in the mountainous areas of Yemen.

Keywords: Assessment, rural woman, sustainability, water management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1756

Authors: Kai-Thorsten Wirt

Abstract:

In this paper we present the design of a new encryption scheme. The scheme we propose is a very exible encryption and authentication primitive. We build this scheme on two relatively new design principles: t-functions and fast pseudo hadamard transforms. We recapitulate the theory behind these principles and analyze their security properties and efficiency. In more detail we propose a streamcipher which outputs a message authentication tag along with theencrypted data stream with only little overhead. Moreover we proposesecurity-speed tradeoffs. Our scheme is faster than other comparablet-function based designs while offering the same security level.

Keywords: Cryptography, Combined Primitives, Stream Cipher, MAC, T-Function, FPHT.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1890

Authors: Abd Aziz Bin Abd Shukor, Eftah Binti Moh Hj Abdullah

Abstract:

This case study aims to identify teachers’ perception as regards integrity in School-Ba sed Assessment (PBS) practice. This descriptive study involved 9 teachers from 4 secondary schools in 3 districts in the state of Perak. The respondents had undergone an integrity in PBS Practice interview using a focused group discussion method. The overall findings showed that the teachers believed that integrity in PBS practice could be achieved by adjusting the teaching methods align with learning objectives and the students’ characteristics. Many teachers, parents and student did not understand the best practice of PBS. This would affect the integrity in PBS practice. Teachers did not emphasis the principles and ethics. Their integrity as an innovative public servant may also be affected with the frequently changing assessment system, lack of training and no prior action research. The analysis of findings showed that the teachers viewed that organizational integrity involving the integrity of PBS was difficult to be implemented based on the expectations determined by Malaysia Ministry of Education (KPM). A few elements which assisted in the achievement of PBS integrity were the training, students’ understanding, the parents’ understanding of PBS, environment (involving human resources such as support and appreciation and non-human resources such as technology infrastructure readiness and media). The implications of this study show that teachers, as the PBS implementers, have a strong influence on the integrity of PBS. However, the transformation of behavior involving PBS integrity among teachers requires the stabilisation of support and infrastructure in order to enable the teachers to implement PBS in an ethical manner.

Keywords: Assessment integrity, integrity, perception, school-based assessment.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1563

Authors: Brenden M. Shutt, Lubjana Beshaj, Paul L. Goethals, Ambrose Kam

Abstract:

Communication security is of particular interest to military data networks. A relatively novel approach to network security is blockchain, a cryptographically secured distribution ledger with a decentralized consensus mechanism for data transaction processing. Recent advances in blockchain technology have proposed new techniques for both data validation and trust management, as well as different frameworks for managing dataflow. The purpose of this work is to test the feasibility of different blockchain architectures as applied to military command and control networks. Various architectures are tested through discrete-event simulation and the feasibility is determined based upon a blockchain design’s ability to maintain long-term stable performance at industry standards of throughput, network latency, and security. This work proposes a consortium blockchain architecture with a computationally inexpensive consensus mechanism, one that leverages a Proof-of-Identity (PoI) concept and a reputation management mechanism.

Keywords: Blockchain, command & control network, discrete-event simulation, reputation management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 775

Authors: E. Cenderelli, E. Bruno, G. Iacoviello, A. Lazzini

Abstract:

The financial sector is exposed to the risk of cyber-attacks like any other industrial sector. Furthermore, the topic of CybeRisk (cyber risk) has become particularly relevant given that Information Technology (IT) attacks have increased drastically in recent years, and cannot be stopped by single organizations requiring a response at international and national level. IT risk is never a matter purely for the IT manager, although he clearly plays a key role. A bank's risk management function requires a thorough understanding of the evolving risks as well as the tools and practical techniques available to address them. Upon the request of European and national legislation regarding CybeRisk in the financial system, banks are therefore called upon to strengthen the operational model for CybeRisk management. This will require an important change with a more intense collaboration with the structures that deal with information security for the development of an ad hoc system for the evaluation and control of this type of risk. The aim of the work is to propose a framework for the management and control of CybeRisk that will bridge the gap in the literature regarding the understanding and consideration of CybeRisk as an integral part of business management. The IT function has a strong relevance in the management of CybeRisk, which is perceived mainly as operational risk, but with a positive tendency on the part of risk management to the identification of CybeRisk assessment methods that are increasingly complete, quantitative and able to better describe the possible impacts on the business. The paper provides answers to the research questions: Is it possible to define a CybeRisk governance structure able to support the comparison between risk and security? How can the relationships between IT assets be integrated into a cyberisk assessment framework to guarantee a system of protection and risks control? From a methodological point of view, this research uses a case study approach. The choice of “Monte dei Paschi di Siena” was determined by the specific features of one of Italy’s biggest lenders. It is chosen to use an intensive research strategy: an in-depth study of reality. The case study methodology is an empirical approach to explore a complex and current phenomenon that develops over time. The use of cases has also the advantage of allowing the deepening of aspects concerning the "how" and "why" of contemporary events, on which the scholar has little control. The research bases on quantitative data and qualitative information obtained through semi-structured interviews of an open-ended nature and questionnaires to directors, members of the audit committee, risk, IT and compliance managers, and those responsible for internal audit function and anti-money laundering. The added value of the paper can be seen in the development of a framework based on a mapping of IT assets from which it is possible to identify their relationships for purposes of a more effective management and control of cyber risk.

Keywords: Bank, CybeRisk, information technology, risk management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1365

Authors: S. Hasan, I. Beshara

Abstract:

Infrastructure maintenance is a great challenge facing sustainable development of infrastructure assets due to the high cost of passive implementation of a sustainable maintenance plan. An assessment model of sustainable maintenance for highway infrastructure projects in Egypt is developed in this paper. It helps in improving the implementation of sustainable maintenance criteria. Thus, this paper has applied the analytical hierarchy processes (AHP) to rank and explore the weight of 26 assessment indicators using three hierarchy levels containing the main sustainable categories and subcategories with related indicators. Overall combined weight of each indicator for sustainable maintenance evaluation has been calculated to sum up to a sustainable maintenance performance index (SMI). The results show that the factor "Preventive maintenance cost" has the highest relative contribution factor among others (13.5%), while two factors of environmental performance have the least weights (0.7%). The developed model aims to provide decision makers with information about current maintenance performance and support them in the decision-making process regarding future directions of maintenance activities. It can be used as an assessment performance tool during the operation and maintenance stage. The developed indicators can be considered during designing the maintenance plan. Practices for successful implementation of the model are also presented.

Keywords: Analytical Hierarchy Process, AHP, assessment performance model, KPIs for sustainable maintenance, sustainable maintenance index.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 537

Authors: Supachai Tangwongsan, Sathaporn Kassuvan

Abstract:

The purpose of this research is to develop a security model for voice eavesdropping protection over digital networks. The proposed model provides an encryption scheme and a personal secret key exchange between communicating parties, a so-called voice data transformation system, resulting in a real-privacy conversation. The operation of this system comprises two main steps as follows: The first one is the personal secret key exchange for using the keys in the data encryption process during conversation. The key owner could freely make his/her choice in key selection, so it is recommended that one should exchange a different key for a different conversational party, and record the key for each case into the memory provided in the client device. The next step is to set and record another personal option of encryption, either taking all frames or just partial frames, so-called the figure of 1:M. Using different personal secret keys and different sets of 1:M to different parties without the intervention of the service operator, would result in posing quite a big problem for any eavesdroppers who attempt to discover the key used during the conversation, especially in a short period of time. Thus, it is quite safe and effective to protect the case of voice eavesdropping. The results of the implementation indicate that the system can perform its function accurately as designed. In this regard, the proposed system is suitable for effective use in voice eavesdropping protection over digital networks, without any requirements to change presently existing network systems, mobile phone network and VoIP, for instance.

Keywords: Computer Security, Encryption, Key Exchange, Security Model, Voice Eavesdropping.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1540

Authors: Yun Bai

Abstract:

As a security mechanism, authorization is to provide access control to the system resources according to the polices and rules specified by the security strategies. Either by update or in the initial specification, conflicts in authorization is an issue needs to be solved. In this paper, we propose a new approach to solve conflict by using prioritized logic programs and discuss the uniqueness of its answer set. Addressing conflict resolution from logic programming viewpoint and the uniqueness analysis of the answer set provide a novel, efficient approach for authorization conflict resolution.

Keywords: authorization, formal specification, conflict resolution, prioritized logic program.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1489

Authors: Tomasz L. Nawrocki, Danuta Szwajca

Abstract:

The growing importance of reputation in building enterprise value and achieving long-term competitive advantage creates the need for its measurement and evaluation for the management purposes (effective reputation and its risk management). The paper presents practical application of self-developed corporate reputation assessment model from the viewpoint of stock market investors. The model has a pioneer character and example analysis performed for selected industry is a form of specific test for this tool. In the proposed solution, three aspects - informational, financial and development, as well as social ones - were considered. It was also assumed that the individual sub-criteria will be based on public sources of information, and as the calculation apparatus, capable of obtaining synthetic final assessment, fuzzy logic will be used. The main reason for developing this model was to fulfill the gap in the scope of synthetic measure of corporate reputation that would provide higher degree of objectivity by relying on "hard" (not from surveys) and publicly available data. It should be also noted that results obtained on the basis of proposed corporate reputation assessment method give possibilities of various internal as well as inter-branch comparisons and analysis of corporate reputation impact.

Keywords: Corporate reputation, fuzzy logic, fuzzy model, stock market investors.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1332