Abstract: Human-related information security breaches within organizations are primarily caused by employees who have not been made aware of the importance of protecting the information they work with. Information security awareness is accordingly attracting more attention from industry, because stakeholders are held accountable for the information with which they work. The authors developed an Information Security Retrieval and Awareness model – entitled “ISRA" – that is tailored specifically towards enhancing information security awareness in industry amongst all users of information, to address shortcomings in existing information security awareness models. This paper is principally aimed at expounding a prototype for the ISRA model to highlight the advantages of utilizing the model. The prototype will focus on the non-technical, humanrelated information security issues in industry. The prototype will ensure that all stakeholders in an organization are part of an information security awareness process, and that these stakeholders are able to retrieve specific information related to information security issues relevant to their job category, preventing them from being overburdened with redundant information.
Abstract: Due to the deregulation of the Electric Supply
Industry and the resulting emergence of electricity market, the
volumes of power purchases are on the rise all over the world. In a
bid to meet the customer-s demand in a reliable and yet economic
manner, utilities purchase power from the energy market over and
above its own production. This paper aims at developing an optimal
power purchase model with two objectives viz economy and
environment ,taking various functional operating constraints such as
branch flow limits, load bus voltage magnitudes limits, unit capacity
constraints and security constraints into consideration.The price of
purchased power being an uncertain variable is modeled using fuzzy
logic. DEMO (Differential Evolution For Multi-objective
Optimization) is used to obtain the pareto-optimal solution set of the
multi-objective problem formulated. Fuzzy set theory has been
employed to extract the best compromise non-dominated solution.
The results obtained on IEEE 30 bus system are presented and
compared with that of NSGAII.
Abstract: Societal security, continuity scenarios and methodological cycling approach explained in this article. Namely societal security organizational challenges ask implementation of international standards BS 25999-2 & global ISO 22300 which is a family of standards for business continuity management system. Efficient global organization system is distinguished of high entity´s complexity, connectivity & interoperability, having not only cooperative relations in a fact. Competing business have numerous participating ´enemies´, which are in apparent or hidden opponent and antagonistic roles with prosperous organization system, resulting to a crisis scene or even to a battle theatre. Organization business continuity scenarios are necessary for such ´a play´ preparedness, planning, management & overmastering in real environments.
Abstract: Representing objects in a dynamic domain is essential
in commonsense reasoning under some circumstances. Classical logics
and their nonmonotonic consequences, however, are usually not
able to deal with reasoning with dynamic domains due to the fact that
every constant in the logical language denotes some existing object
in the static domain. In this paper, we explore a logical formalization
which allows us to represent nonexisting objects in commonsense
reasoning. A formal system named N-theory is proposed for this
purpose and its possible application in computer security is briefly
discussed.
Abstract: Topics Disaster and Emergency Management are highly debated among experts. Fast communication will help to deal with emergencies. Problem is with the network connection and data exchange. The paper suggests a solution, which allows possibilities and perspectives of new flexible communication platform to the protection of communication systems for crisis management. This platform is used for everyday communication and communication in crisis situations too.
Abstract: In this study, we propose a network architecture for
providing secure access to information resources of enterprise
network from remote locations in a wireless fashion. Our proposed
architecture offers a very promising solution for organizations which
are in need of a secure, flexible and cost-effective remote access
methodology. Security of the proposed architecture is based on
Virtual Private Network technology and a special role based access
control mechanism with location and time constraints. The flexibility
mainly comes from the use of Internet as the communication medium
and cost-effectiveness is due to the possibility of in-house
implementation of the proposed architecture.
Abstract: Short Message Service (SMS) has grown in
popularity over the years and it has become a common way of
communication, it is a service provided through General System
for Mobile Communications (GSM) that allows users to send text
messages to others.
SMS is usually used to transport unclassified information, but
with the rise of mobile commerce it has become a popular tool for
transmitting sensitive information between the business and its
clients. By default SMS does not guarantee confidentiality and
integrity to the message content.
In the mobile communication systems, security (encryption)
offered by the network operator only applies on the wireless link.
Data delivered through the mobile core network may not be
protected. Existing end-to-end security mechanisms are provided
at application level and typically based on public key
cryptosystem.
The main concern in a public-key setting is the authenticity of
the public key; this issue can be resolved by identity-based (IDbased)
cryptography where the public key of a user can be derived
from public information that uniquely identifies the user.
This paper presents an encryption mechanism based on the IDbased
scheme using Elliptic curves to provide end-to-end security
for SMS. This mechanism has been implemented over the standard
SMS network architecture and the encryption overhead has been
estimated and compared with RSA scheme. This study indicates
that the ID-based mechanism has advantages over the RSA
mechanism in key distribution and scalability of increasing
security level for mobile service.
Abstract: Proposal for a secure stream cipher based on Linear Feedback Shift Registers (LFSR) is presented here. In this method, shift register structure used for polynomial modular division is combined with LFSR keystream generator to yield a new keystream generator with much higher periodicity. Security is brought into this structure by using the Boolean function to combine state bits of the LFSR keystream generator and taking the output through the Boolean function. This introduces non-linearity and security into the structure in a way similar to the Non-linear filter generator. The security and throughput of the suggested stream cipher is found to be much greater than the known LFSR based structures for the same key length.
Abstract: An optimal power flow (OPF) based on particle swarm
optimization (PSO) was developed with more realistic generator
security constraint using the capability curve instead of only Pmin/Pmax
and Qmin/Qmax. Neural network (NN) was used in designing digital
capability curve and the security check algorithm. The algorithm is
very simple and flexible especially for representing non linear
generation operation limit near steady state stability limit and under
excitation operation area. In effort to avoid local optimal power flow
solution, the particle swarm optimization was implemented with
enough widespread initial population. The objective function used in
the optimization process is electric production cost which is
dominated by fuel cost. The proposed method was implemented at
Java Bali 500 kV power systems contain of 7 generators and 20
buses. The simulation result shows that the combination of generator
power output resulted from the proposed method was more economic
compared with the result using conventional constraint but operated
at more marginal operating point.
Abstract: Recently, many existing partially blind signature scheme based on a single hard problem such as factoring, discrete logarithm, residuosity or elliptic curve discrete logarithm problems. However sooner or later these systems will become broken and vulnerable, if the factoring or discrete logarithms problems are cracked. This paper proposes a secured partially blind signature scheme based on factoring (FAC) problem and elliptic curve discrete logarithms (ECDL) problem. As the proposed scheme is focused on factoring and ECDLP hard problems, it has a solid structure and will totally leave the intruder bemused because it is very unlikely to solve the two hard problems simultaneously. In order to assess the security level of the proposed scheme a performance analysis has been conducted. Results have proved that the proposed scheme effectively deals with the partial blindness, randomization, unlinkability and unforgeability properties. Apart from this we have also investigated the computation cost of the proposed scheme. The new proposed scheme is robust and it is difficult for the malevolent attacks to break our scheme.
Abstract: The Internet is the global data communications
infrastructure based on the interconnection of both public and private
networks using protocols that implement Internetworking on a global
scale. Hence the control of protocol and infrastructure development,
resource allocation and network operation are crucial and interlinked
aspects. Internet Governance is the hotly debated and contentious
subject that refers to the global control and operation of key Internet
infrastructure such as domain name servers and resources such as
domain names. It is impossible to separate technical and political
positions as they are interlinked. Furthermore the existence of a
global market, transparency and competition impact upon Internet
Governance and related topics such as network neutrality and
security. Current trends and developments regarding Internet
governance with a focus on the policy-making process, security and
control have been observed to evaluate current and future
implications on the Internet. The multi stakeholder approach to
Internet Governance discussed in this paper presents a number of
opportunities, issues and developments that will affect the future
direction of the Internet. Internet operation, maintenance and
advisory organisations such as the Internet Corporation for Assigned
Names and Numbers (ICANN) or the Internet Governance Forum
(IGF) are currently in the process of formulating policies for future
Internet Governance. Given the controversial nature of the issues at
stake and the current lack of agreement it is predicted that
institutional as well as market governance will remain present for the
network access and content.
Abstract: Rice, which is the staple food in Sierra Leone, is
consumed on a daily basis. It is the most imperative food crop
extensively grown by farmers across all ecologies in the country.
Though much attention is now given to rice grain production through
the small holder commercialization programme (SHCP), however, no
attention has been given in investigating the limitations faced by rice
producers. This paper will contribute to attempts to overcome the
development challenges caused by food insecurity. The objective of
this paper is thus, to analysis the relationship between rice production
and the domestic retail price of rice. The study employed a log linear
model in which, the quantity of rice produced is the dependent
variable, quantity of rice imported, price of imported rice and price of
domestic rice as explanatory variables. Findings showed that, locally
produced rice is even more expensive than the imported rice per ton,
and almost all the inhabitants in the capital city which hosts about
65% of the entire population of the country favor imported rice, as it
is free from stones with other impurities. On the other hand, to
control price and simultaneously increase rice production, the
government should purchase the rice from the farmers and then sell to private retailers.
Abstract: A mobile agent is a software which performs an
action autonomously and independently as a person or an
organizations assistance. Mobile agents are used for searching
information, retrieval information, filtering, intruder recognition in
networks, and so on. One of the important issues of mobile agent is
their security. It must consider different security issues in effective
and secured usage of mobile agent. One of those issues is the
integrity-s protection of mobile agents.
In this paper, the advantages and disadvantages of each method,
after reviewing the existing methods, is examined. Regarding to this
matter that each method has its own advantage or disadvantage, it
seems that by combining these methods, one can reach to a better
method for protecting the integrity of mobile agents. Therefore, this
method is provided in this paper and then is evaluated in terms of
existing method. Finally, this method is simulated and its results are
the sign of improving the possibility of integrity-s protection of
mobile agents.
Abstract: Biometric techniques are gaining importance for
personal authentication and identification as compared to the
traditional authentication methods. Biometric templates are
vulnerable to variety of attacks due to their inherent nature. When a
person-s biometric is compromised his identity is lost. In contrast to
password, biometric is not revocable. Therefore, providing security
to the stored biometric template is very crucial. Crypto biometric
systems are authentication systems, which blends the idea of
cryptography and biometrics. Fuzzy vault is a proven crypto
biometric construct which is used to secure the biometric templates.
However fuzzy vault suffer from certain limitations like nonrevocability,
cross matching. Security of the fuzzy vault is affected
by the non-uniform nature of the biometric data. Fuzzy vault when
hardened with password overcomes these limitations. Password
provides an additional layer of security and enhances user privacy.
Retina has certain advantages over other biometric traits. Retinal
scans are used in high-end security applications like access control to
areas or rooms in military installations, power plants, and other high
risk security areas. This work applies the idea of fuzzy vault for
retinal biometric template. Multimodal biometric system
performance is well compared to single modal biometric systems.
The proposed multi modal biometric fuzzy vault includes combined
feature points from retina and fingerprint. The combined vault is
hardened with user password for achieving high level of security.
The security of the combined vault is measured using min-entropy.
The proposed password hardened multi biometric fuzzy vault is
robust towards stored biometric template attacks.
Abstract: Centrally controlled authentication and authorization services can provide enterprise with an increase in security, more flexible access control solutions and an increased users' trust. By using redirections, users of all Web-based applications within an organization are authenticated at a single well known and secure Web site and using secure communication protocol. Users are first authenticated at the central server using their domain wide credentials before being redirected to a particular Web-based application. The central authentication server will then provide others with pertinence authorization related particulars and credentials of the authenticated user to the specific application. The trust between the clients and the server hosts is established by secure session keys exchange. Case- studies are provided to demonstrate the usefulness and flexibility of the proposed solution.
Abstract: Financial literacy is one of the key factors needed in making informed financial decisions. As businesses continue to be more profit driven, more financial and economic intrigues arise that continue to put individuals at the risk of spending more and more without considering the short term and long term effects. We conducted a study to assess financial literacy and financial decision making among Emiratis. Our results show that financial literacy is lacking among Emiratis. Also, almost half of respondents owe loans to other peoples and 1/5 of them have bank loans. We expect that the outcome of this research will be useful for designing educational programs and policies to promote financial planning and security among Emiratis. We also posit that deeper and more informed understanding of this problem is a precursor for developing effective financial education programs with the aim of improving financial decision- making among Emiratis.
Abstract: Face Recognition has always been a fascinating research area. It has drawn the attention of many researchers because of its various potential applications such as security systems, entertainment, criminal identification etc. Many supervised and unsupervised learning techniques have been reported so far. Principal Component Analysis (PCA), Self Organizing Maps (SOM) and Independent Component Analysis (ICA) are the three techniques among many others as proposed by different researchers for Face Recognition, known as the unsupervised techniques. This paper proposes integration of the two techniques, SOM and PCA, for dimensionality reduction and feature selection. Simulation results show that, though, the individual techniques SOM and PCA itself give excellent performance but the combination of these two can also be utilized for face recognition. Experimental results also indicate that for the given face database and the classifier used, SOM performs better as compared to other unsupervised learning techniques. A comparison of two proposed methodologies of SOM, Local and Global processing, shows the superiority of the later but at the cost of more computational time.
Abstract: Internet security attack could endanger the privacy of
World Wide Web users and the integrity of their data. The attack can
be carried out on today's most secure systems- browsers, including
Netscape Navigator and Microsoft Internet Explorer. There are too
many types, methods and mechanisms of attack where new attack
techniques and exploits are constantly being developed and
discovered. In this paper, various types of internet security attack
mechanisms are explored and it is pointed out that when different
types of attacks are combined together, network security can suffer
disastrous consequences.
Abstract: Extensive use of the Internet coupled with the
marvelous growth in e-commerce and m-commerce has created a
huge demand for information security. The Secure Socket Layer
(SSL) protocol is the most widely used security protocol in the
Internet which meets this demand. It provides protection against
eaves droppings, tampering and forgery. The cryptographic
algorithms RC4 and HMAC have been in use for achieving security
services like confidentiality and authentication in the SSL. But recent
attacks against RC4 and HMAC have raised questions in the
confidence on these algorithms. Hence two novel cryptographic
algorithms MAJE4 and MACJER-320 have been proposed as
substitutes for them. The focus of this work is to demonstrate the
performance of these new algorithms and suggest them as dependable
alternatives to satisfy the need of security services in SSL. The
performance evaluation has been done by using practical
implementation method.
Abstract: Development of cities and villages, agricultural farms
and industrial regions in abutment and/or in the course of streams and
rivers or in prone flood lands has been caused more notations in
hydrology problems and city planning topics. In order to protection
of cities against of flood damages, embankment construction is a
desired and scientific method. The cities that located in arid zones
may damage by floods periodically. Zavvareh city in Ardestan
township(Isfahan province) with 7704 people located in Ardestan
plain that has been damaged by floods that have flowed from
dominant mountainous watersheds in past years with regard to return
period. In this study, according to flowed floods toward Zavvareh
city, was attempt to plan suitable hydraulic structures such as canals,
bridges and collectors in order to collection, conduction and
depletion of city surface runoff.