Abstract: Cloud computing is one of the most significant technologies that the world deals with, in different sectors with different purposes and capabilities. The cloud faces various challenges in securing data from unauthorized access or modification. Consequently, security risks and levels have greatly increased. Therefore, cloud service providers (CSPs) and users need secure mechanisms that ensure that data are kept secret and safe from any disclosures or exploits. For this reason, CSPs need a number of techniques and technologies to manage and secure access to the cloud services to achieve security goals, such as confidentiality, integrity, identity access management (IAM), etc. Therefore, this paper will review and explore various access controls implemented in a cloud environment that achieve different security purposes. The methodology followed in this survey was conducting an assessment, evaluation, and comparison between those access controls mechanisms and technologies based on different factors, such as the security goals it achieves, usability, and cost-effectiveness. This assessment resulted in the fact that the technology used in an access control affects the security goals it achieves as well as there is no one access control method that achieves all security goals. Consequently, such a comparison would help decision-makers to choose properly the access controls that meet their requirements.
Abstract: The inability of organizations to put in place management control measures for Internet of Things (IoT) complexities persists to be a risk concern. Policy makers have been left to scamper in finding measures to combat these security and privacy concerns. IoT forensics is a cumbersome process as there is no standardization of the IoT products, no or limited historical data are stored on the devices. This paper highlights why IoT forensics is a unique adventure and brought out the legal challenges encountered in the investigation process. A quadrant model is presented to study the conflicting aspects in IoT forensics. The model analyses the effectiveness of forensic investigation process versus the admissibility of the evidence integrity; taking into account the user privacy and the providers’ compliance with the laws and regulations. Our analysis concludes that a semi-automated forensic process using machine learning, could eliminate the human factor from the profiling and surveillance processes, and hence resolves the issues of data protection (privacy and confidentiality).
Abstract: The biggest problem in cloud is securing an outsourcing data. A cloud environment cannot be considered to be trusted. It becomes more challenging when outsourced data sources are managed by multiple outsourcers with different access rights. Several methods have been proposed to protect data confidentiality against the cloud service provider to support fine-grained data access control. We propose a method with combined Cipher Text Policy Attribute-based Encryption (CP-ABE) and Timed-release encryption (TRE) secure method to control medical data storage in public cloud.
Abstract: Background: Excessive and inappropriate use of antimicrobial agents among hospitalized patients remains an important patient safety and public health issue worldwide. Not only does this behavior incur unnecessary cost but it is also associated with increased morbidity and mortality. The objective of this study is to obtain an insight into the prescribing patterns of antibiotics in surgical and medical wards, to help identify a scope for improvement in service delivery. Method: A simple point prevalence survey included a convenience sample of 200 patients admitted to medical and surgical wards in a government teaching hospital in Baghdad between October 2017 and April 2018. Data were collected by a trained pharmacy intern using a standardized form. Patient’s demographics and details of the prescribed antibiotics, including dose, frequency of dosing and route of administration, were reported. Patients were included if they had been admitted at least 24 hours before the survey. Patients under 18 years of age, having a diagnosis of cancer or shock, or being admitted to the intensive care unit, were excluded. Data were checked and entered by the authors into Excel and were subjected to frequency analysis, which was carried out on anonymized data to protect patient confidentiality. Results: Overall, 88.5% of patients (n=177) received 293 antibiotics during their hospital admission, with a small variation between wards (80%-97%). The average number of antibiotics prescribed per patient was 1.65, ranging from 1.3 for medical patients to 1.95 for surgical patients. Parenteral third-generation cephalosporins were the most commonly prescribed at a rate of 54.3% (n=159) followed by nitroimidazole 29.4% (n=86), quinolones 7.5% (n=22) and macrolides 4.4% (n=13), while carbapenems and aminoglycosides were the least prescribed together accounting for only 4.4% (n=13). The intravenous route was the most common route of administration, used for 96.6% of patients (n=171). Indications were reported in only 63.8% of cases. Culture to identify pathogenic organisms was employed in only 0.5% of cases. Conclusion: Broad-spectrum antibiotics are prescribed at an alarming rate. This practice may provoke antibiotic resistance and adversely affect the patient outcome. Implementation of an antibiotic stewardship program is warranted to enhance the efficacy, safety and cost-effectiveness of antimicrobial agents.
Abstract: Network security engineers work to keep services available all the time by handling intruder attacks. Intrusion Detection System (IDS) is one of the obtainable mechanisms that is used to sense and classify any abnormal actions. Therefore, the IDS must be always up to date with the latest intruder attacks signatures to preserve confidentiality, integrity, and availability of the services. The speed of the IDS is a very important issue as well learning the new attacks. This research work illustrates how the Knowledge Discovery and Data Mining (or Knowledge Discovery in Databases) KDD dataset is very handy for testing and evaluating different Machine Learning Techniques. It mainly focuses on the KDD preprocess part in order to prepare a decent and fair experimental data set. The J48, MLP, and Bayes Network classifiers have been chosen for this study. It has been proven that the J48 classifier has achieved the highest accuracy rate for detecting and classifying all KDD dataset attacks, which are of type DOS, R2L, U2R, and PROBE.
Abstract: The economical globalization through the liberalization of the markets and capitals boosted the economical development of the nations and the needs for sorting out the disputes arising from the foreign investment. The arbitration, for all the inherent advantages, such as swiftness, arbitrators’ specialise skills and impartiality sets a pacifier tool for the interest in account. Safeguarded the public interest, we face the problem of the confidentiality in the arbitration. The urgent development of impelling mechanisms concerning transparency, guaranty and protection of the interest in account, reveals itself urgent. Through a bibliography review, we will dense the state of art, by going through the several solutions concerning, and pointing out the most suitable. Through the jurisprudential analysis we will point out the solution for the conflict confidentiality/public interest. The transparency, inextricable from the public interest, imposes the arbitration process can be open to all citizens. Transparency rules have been considered at the UNCITRAL in attempting to conciliate the necessity of publicity and the public interest, however still insufficient. The arbitration of foreign investment carries consequences to the citizens of the State. Articulating mechanisms between the arbitral procedures secrecy and the public interest should be adopted. The arbitration of foreign investment, being a tertius genius between the international arbitration and the administrative arbitration would claim its own regulation in each and every States where the confidentiality rules and its exceptions could be identified. One should enquiry where the limit of the citizens’ individual rights protection and the public interest should give way to the principle of transparency
Abstract: South Africa is one of the few countries that have stopped using the same Enumeration Areas (EAs) for census enumeration and dissemination. The advantage of this change is that confidentiality issue could be addressed for census dissemination as the design of geographic unit for collection is mainly to ensure that this unit is covered by one enumerator. The objective of this paper was to evaluate the performance of automated zone design output areas against non-zone design developed geographies using the 2001 census data, and 2011 census to some extent, as the main input. The comparison of the Automated Zone-design Tool (AZTool) census output areas with the Small Area Layers (SALs) and SubPlaces based on confidentiality limit, population distribution, and degree of homogeneity, as well as shape compactness, was undertaken. Further, SPSS was employed for validation of the AZTool output results. The results showed that AZTool developed output areas out-perform the existing official SAL and SubPlaces with regard to minimum population threshold, population distribution and to some extent to homogeneity. Therefore, it was concluded that AZTool program provides a new alternative to the creation of optimised census output areas for dissemination of population census data in South Africa.
Abstract: Internet of Things (IoT) is a powerful industry system, which end-devices are interconnected and automated, allowing the devices to analyze data and execute actions based on the analysis. The IoT technology leverages the technology of Radio-Frequency Identification (RFID) and Wireless Sensor Network (WSN), including mobile and sensor. These technologies contribute to the evolution of IoT. However, due to more devices are connected each other in the Internet, and data from various sources exchanged between things, confidentiality of the data becomes a major concern. This paper focuses on one of the major challenges in IoT; authentication, in order to preserve data integrity and confidentiality are in place. A few solutions are reviewed based on papers from the last few years. One of the proposed solutions is securing the communication between IoT devices and cloud servers with Elliptic Curve Cryptograhpy (ECC) based mutual authentication protocol. This solution focuses on Hyper Text Transfer Protocol (HTTP) cookies as security parameter. Next proposed solution is using keyed-hash scheme protocol to enable IoT devices to authenticate each other without the presence of a central control server. Another proposed solution uses Physical Unclonable Function (PUF) based mutual authentication protocol. It emphasizes on tamper resistant and resource-efficient technology, which equals a 3-way handshake security protocol.
Abstract: Nowadays, security threats in Voice over IP (VoIP) systems are an essential and latent concern for people in charge of security in a corporate network, because, every day, new Denial-of-Service (DoS) attacks are developed. These affect the business continuity of an organization, regarding confidentiality, availability, and integrity of services, causing frequent losses of both information and money. The purpose of this study is to establish the necessary measures to mitigate DoS threats, which affect the availability of VoIP systems, based on the Session Initiation Protocol (SIP). A Security Model called MS-DoS-SIP is proposed, which is based on two approaches. The first one analyzes the recommendations of international security standards. The second approach takes into account weaknesses and threats. The implementation of this model in a VoIP simulated system allowed to minimize the present vulnerabilities in 92% and increase the availability time of the VoIP service into an organization.
Abstract: Internet of things (IOT) is a kind of advanced information technology which has drawn societies’ attention. Sensors and stimulators are usually recognized as smart devices of our environment. Simultaneously, IOT security brings up new issues. Internet connection and possibility of interaction with smart devices cause those devices to involve more in human life. Therefore, safety is a fundamental requirement in designing IOT. IOT has three remarkable features: overall perception, reliable transmission, and intelligent processing. Because of IOT span, security of conveying data is an essential factor for system security. Hybrid encryption technique is a new model that can be used in IOT. This type of encryption generates strong security and low computation. In this paper, we have proposed a hybrid encryption algorithm which has been conducted in order to reduce safety risks and enhancing encryption's speed and less computational complexity. The purpose of this hybrid algorithm is information integrity, confidentiality, non-repudiation in data exchange for IOT. Eventually, the suggested encryption algorithm has been simulated by MATLAB software, and its speed and safety efficiency were evaluated in comparison with conventional encryption algorithm.
Abstract: In any communication, security is the most important issue in today’s world. In this paper, steganography is the process of hiding the important data into other data, such as text, audio, video, and image. The interest in this topic is to provide availability, confidentiality, integrity, and authenticity of data. The steganographic technique that embeds hides content with unremarkable cover media so as not to provoke eavesdropper’s suspicion or third party and hackers. In which many applications of compression, encryption, decryption, and embedding methods are used for digital image steganography. Due to compression, the nose produces in the image. To sustain noise in the image, the LSB insertion technique is used. The performance of the proposed embedding system with respect to providing security to secret message and robustness is discussed. We also demonstrate the maximum steganography capacity and visual distortion.
Abstract: This study explores the experiences of cross-linguistic medical encounters by patients, and their views of receiving language support therein, with a particular focus on Japanese-English cases. The aim of this study is to investigate the reason for the frequent use of a spouse as a communication mediator from a Japanese perspective, through a comparison with that of English speakers. This study conducts an empirical qualitative analysis of the accounts of informants. A total of 31 informants who have experienced Japanese-English cross-linguistic medical encounters were recruited in Australia and Japan for semi-structured in-depth interviews. A breakdown of informants is 15 English speakers and 16 Japanese speakers. In order to obtain a further insight into collected data, additional interviews were held with 4 Australian doctors who are familiar with using interpreters. This study was approved by the Australian National University Human Research Ethics Committee, and written consent to participate in this study was obtained from all participants. The interviews lasted up to over one hour. They were audio-recorded and subsequently transcribed by the author. Japanese transcriptions were translated into English by the author. An analysis of interview data found that patients value relationship in communication. Particularly, Japanese informants, who have an English-speaking spouse, value trust-based communication interventions by their spouse, regardless of the language proficiency of the spouse. In Australia, health care interpreters are required to abide by the national code of ethics for interpreters. The Code defines the role of an interpreter exclusively to be language rendition and enshrines the tenets of accuracy, confidentiality and professional role boundaries. However, the analysis found that an interpreter who strictly complies with the Code sometimes fails to render the real intentions of the patient and their doctor. Findings from the study suggest that an interpreter should not be detached from the context and should be more engaged in the needs of patients. Their needs are not always communicated by an interpreter when they simply follow a professional code of ethics. The concept of relationship-centred care should be incorporated in the professional practice of health care interpreters.
Abstract: Software vulnerabilities are increasing and not only impact services and processes availability as well as information confidentiality, integrity and privacy, but also cause changes that interfere in the development process. Security test could be a solution to reduce vulnerabilities. However, the variety of test techniques with the lack of real case studies of applying tests focusing on software development life cycle compromise its effective use. This paper offers an overview of how a Systematic Mapping Study (MS) about security verification, validation and test (VVT) was performed, besides presenting general results about this study.
Abstract: Cortisol is important to our immune system, regulates our stress response, and is a factor in maintaining brain temperature. Saliva cortisol is a practical and useful non-invasive measurement that signifies the presence of the important hormone. Electrical activity in the jaw muscles typically rises when the muscles are moved during yawning and the electrical level is found to be correlated with the cortisol level. In two studies using identical paradigms, a total of 108 healthy subjects were exposed to yawning-provoking stimuli so that their cortisol levels and electrical nerve impulses from their jaw muscles was recorded. Electrical activity is highly correlated with cortisol levels in healthy people. The Hospital Anxiety and Depression Scale, Yawning Susceptibility Scale, General Health Questionnaire, demographic, health details were collected and exclusion criteria applied for voluntary recruitment: chronic fatigue, diabetes, fibromyalgia, heart condition, high blood pressure, hormone replacement therapy, multiple sclerosis, and stroke. Significant differences were found between the saliva cortisol samples for the yawners as compared with the non-yawners between rest and post-stimuli. Significant evidence supports the Thompson Cortisol Hypothesis that suggests rises in cortisol levels are associated with yawning. Ethics approval granted and professional code of conduct, confidentiality, and safety issues are approved therein.
Abstract: Cloud computing has emerged as a flexible computing paradigm that reshaped the Information Technology map. However, cloud computing brought about a number of security challenges as a result of the physical distribution of computational resources and the limited control that users have over the physical storage. This situation raises many security challenges for data integrity and confidentiality as well as authentication and access control. This work proposes a security mechanism for data integrity that allows a data owner to be aware of any modification that takes place to his data. The data integrity mechanism is integrated with an extended Kerberos authentication that ensures authorized access control. The proposed mechanism protects data confidentiality even if data are stored on an untrusted storage. The proposed mechanism has been evaluated against different types of attacks and proved its efficiency to protect cloud data storage from different malicious attacks.
Abstract: In this paper, we presented an evaluation and analysis of E-Voting Authentication Preparation Scheme (EV-APS). EV-APS applies some modified security aspects that enhance the security measures and adds a strong wall of protection, confidentiality, non-repudiation and authentication requirements. Some of these modified security aspects are Kerberos authentication protocol, PVID scheme, responder certificate validation, and the converted Ferguson e-cash protocol. Authentication and privacy requirements have been evaluated and proved. Authentication guaranteed only eligible and authorized voters were permitted to vote. Also, the privacy guaranteed that all votes will be kept secret. Evaluation and analysis of some of these security requirements have been given. These modified aspects will help in filtering the counter buffer from unauthorized votes by ensuring that only authorized voters are permitted to vote.
Abstract: In this era of online communication, which transacts data in 0s and 1s, confidentiality is a priced commodity. Ensuring safe transmission of encrypted data and their uncorrupted recovery is a matter of prime concern. Among the several techniques for secure sharing of images, this paper proposes a k out of n region incrementing image sharing scheme for color images. The highlight of this scheme is the use of simple Boolean and arithmetic operations for generating shares and the Lagrange interpolation polynomial for authenticating shares. Additionally, this scheme addresses problems faced by existing algorithms such as color reversal and pixel expansion. This paper regenerates the original secret image whereas the existing systems regenerates only the half toned secret image.
Abstract: Access to advanced medical services has been one of the medical challenges faced by our present society especially in distant geographical locations which may be inaccessible. Then the need for telemedicine arises through which live videos of a doctor can be streamed to a patient located anywhere in the world at any time. Patients’ medical records contain very sensitive information which should not be made accessible to unauthorized people in order to protect privacy, integrity and confidentiality. This research work focuses on a more robust security measure which is biometric (fingerprint) as a form of access control to data of patients by the medical specialist/practitioner.
Abstract: Introduction: To update ourselves and understand the
concept of latest electronic formats available for Health care
providers and how it could be used and developed as per standards.
The idea is to correlate between the patients Manual Medical Records
keeping and maintaining patients Electronic Information in a Health
care setup in this world. Furthermore, this stands with adapting to the
right technology depending upon the organization and improve our
quality and quantity of Healthcare providing skills. Objective: The
concept and theory is to explain the terms of Electronic Medical
Record (EMR), Electronic Health Record (EHR) and Personal Health
Record (PHR) and selecting the best technical among the available
Electronic sources and software before implementing. It is to guide
and make sure the technology used by the end users without any
doubts and difficulties. The idea is to evaluate is to admire the uses
and barriers of EMR-EHR-PHR. Aim and Scope: The target is to
achieve the health care providers like Physicians, Nurses, Therapists,
Medical Bill reimbursements, Insurances and Government to assess
the patient’s information on easy and systematic manner without
diluting the confidentiality of patient’s information. Method: Health
Information Technology can be implemented with the help of
Organisations providing with legal guidelines and help to stand by
the health care provider. The main objective is to select the correct
embedded and affordable database management software and
generating large-scale data. The parallel need is to know how the
latest software available in the market. Conclusion: The question lies
here is implementing the Electronic information system with
healthcare providers and organization. The clinicians are the main
users of the technology and manage us to “go paperless”. The fact is
that day today changing technologically is very sound and up to date.
Basically, the idea is to tell how to store the data electronically safe
and secure. All three exemplifies the fact that an electronic format
has its own benefit as well as barriers.
Abstract: Cortisol is essential to the regulation of the immune
system and pathological yawning is a symptom of multiple sclerosis
(MS). Electromyography activity (EMG) in the jaw muscles typically
rises when the muscles are moved – extended or flexed; and yawning
has been shown to be highly correlated with cortisol levels in healthy
people as shown in the Thompson Cortisol Hypothesis. It is likely
that these elevated cortisol levels are also seen in people with MS.
The possible link between EMG in the jaw muscles and rises in saliva
cortisol levels during yawning were investigated in a randomized
controlled trial of 60 volunteers aged 18-69 years who were exposed
to conditions that were designed to elicit the yawning response.
Saliva samples were collected at the start and after yawning, or at the
end of the presentation of yawning-provoking stimuli, in the absence
of a yawn, and EMG data was additionally collected during rest and
yawning phases. Hospital Anxiety and Depression Scale, Yawning
Susceptibility Scale, General Health Questionnaire, demographic,
and health details were collected and the following exclusion criteria
were adopted: chronic fatigue, diabetes, fibromyalgia, heart
condition, high blood pressure, hormone replacement therapy,
multiple sclerosis, and stroke. Significant differences were found
between the saliva cortisol samples for the yawners, t (23) = -4.263, p
= 0.000, as compared with the non-yawners between rest and poststimuli,
which was non-significant. There were also significant
differences between yawners and non-yawners for the EMG
potentials with the yawners having higher rest and post-yawning
potentials. Significant evidence was found to support the Thompson
Cortisol Hypothesis suggesting that rises in cortisol levels are
associated with the yawning response. Further research is underway
to explore the use of cortisol as a potential diagnostic tool as an assist
to the early diagnosis of symptoms related to neurological disorders.
Bournemouth University Research & Ethics approval granted:
JC28/1/13-KA6/9/13. Professional code of conduct, confidentiality,
and safety issues have been addressed and approved in the Ethics
submission. Trials identification number: ISRCTN61942768.
http://www.controlled-trials.com/isrctn/