High-Level Security Issues in Multimedia/Hypertext Systems

Purpose This study/ paper aims to empirically examine the user attitude on perceived security of enterprise systems (ES) mobility. Organizations are adopting mobile technologies for various business applications including ES to increase the flexibility and to gain sustainable competitive advantage. At the same time, end-users are exposed to security issues when using mobile technologies. The ES have seen breaches and malicious intrusions thereby more sophisticated recreational and commercial cybercrimes have been witnessed. ES have seen data breaches and malicious intrusions leading to more sophisticated cybercrimes. Considering the significance of security in ES mobility, the research questions in this study are: What are the security issues of ES mobility? What are the influences of users’ attitude towards those security issues? What is the impact of users’ attitude towards security issues on perceived security of ES mobility? Design/methodology/approach These questions are addressed by empirically testing a security model of mobile ES by collecting data from users of ES mobile systems. Hypotheses were evolved and tested by data collected through a survey questionnaire. The questionnaire survey was administered to 331 users from Chinese small and medium-sized enterprises (SME). The data was statistically analysed by tools such as correlation, factor analysis, regression and the study built a structural equation model (SEM) to examine the interactions between the variables. Findings The study results have identified the following security issues: users’ attitude towards mobile device security issues; users’ attitude towards wireless network security issues; users’ attitude towards cloud computing security issues; users’ attitude towards application-level security issues; users’ attitude towards data (access) level security issues; and users’ attitude towards enterprise-level security issues. Research limitations/implications The study results are based on a sample of users from Chinese SMEs. The findings may lack generalizability. Therefore, researchers are encouraged to examine the model in a different context. The issues requiring further investigation are the role of gender and type of device on perceived security of ES mobile systems. Practical implications The results show that the key security issues are related to a mobile device, wireless network, cloud computing, applications, data and enterprise. By understanding these issues and the best practices, organizations can maintain a high level of security of their mobile ES. Social implications Apart from understanding the best practices and the key issues, the authors suggest management and end-users to work collaboratively to achieve a high level of security of the mobile ES. Originality/value This is an empirical study conducted from the users’ perspective for validating the set of research hypotheses related to key security issues on the perceived security of mobile ES.

Download Full-text

Techniques and Trends Towards Various Dimensions of Robust Security Testing in Global Software Engineering

Human Factors in Global Software Engineering - Advances in Systems Analysis, Software Engineering, and High Performance Computing ◽

10.4018/978-1-5225-9448-2.ch009 ◽

2019 ◽

pp. 219-251

Author(s):

Muhammad Sulleman Memon ◽

Mairaj Nabi Bhatti ◽

Manzoor Ahmed Hashmani ◽

Muhammad Shafique Malik ◽

Naveed Murad Dahri

Keyword(s):

Complete Analysis ◽

Security Testing ◽

Safety Issues ◽

Software Vulnerabilities ◽

Security Issues ◽

Evaluation Strategies ◽

Software Program ◽

High Level ◽

Technical Assessment ◽

Global Software Engineering

With the growth of software vulnerabilities, the demand for security integration is increasingly necessary to more effectively achieve the goal of secure software development globally. Different practices are used to keep the software intact. These practices should also be examined to obtain better results depending on the level of security. The security of a software program device is a characteristic that permeates the whole system. To resolve safety issues in a software program security solutions have to be implemented continually throughout each web page. The motive of this study is to offer a complete analysis of safety, wherein protection testing strategies and equipment can be categorized into: technical evaluation strategies and non-technical assessment strategies. This study presents high-level ideas in an easy form that would help professionals and researchers solve software security testing problems around the world. One way to achieve these goals is to separate security issues from other enforcement issues so that they can be resolved independently and applied globally.

Download Full-text

Hybrid Botnet Detection Based on Host and Network Analysis

Journal of Computer Networks and Communications ◽

10.1155/2020/9024726 ◽

2020 ◽

Vol 2020 ◽

pp. 1-16

Author(s):

Suzan Almutairi ◽

Saoucene Mahfoudh ◽

Sultan Almutairi ◽

Jalal S. Alowibdi

Keyword(s):

Cyber Security ◽

False Positive Rate ◽

General Technique ◽

Botnet Detection ◽

Security Issues ◽

Positive Rate ◽

Communication Traffic ◽

And Performance ◽

High Level ◽

And Control

Botnet is one of the most dangerous cyber-security issues. The botnet infects unprotected machines and keeps track of the communication with the command and control server to send and receive malicious commands. The attacker uses botnet to initiate dangerous attacks such as DDoS, fishing, data stealing, and spamming. The size of the botnet is usually very large, and millions of infected hosts may belong to it. In this paper, we addressed the problem of botnet detection based on network’s flows records and activities in the host. Thus, we propose a general technique capable of detecting new botnets in early phase. Our technique is implemented in both sides: host side and network side. The botnet communication traffic we are interested in includes HTTP, P2P, IRC, and DNS using IP fluxing. HANABot algorithm is proposed to preprocess and extract features to distinguish the botnet behavior from the legitimate behavior. We evaluate our solution using a collection of real datasets (malicious and legitimate). Our experiment shows a high level of accuracy and a low false positive rate. Furthermore, a comparison between some existing approaches was given, focusing on specific features and performance. The proposed technique outperforms some of the presented approaches in terms of accurately detecting botnet flow records within Netflow traces.

Download Full-text

Communication Cost Optimized Session Key Transmission Scheme for WSN Based on Non-Perfect Secret Sharing

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.631-632.882 ◽

2014 ◽

Vol 631-632 ◽

pp. 882-888

Author(s):

Zong Xiao Lan ◽

Ge Ming Xia ◽

Ao Long Zhou

Keyword(s):

Secret Sharing ◽

Data Partitioning ◽

Communication Cost ◽

Symmetric Encryption ◽

Transmission Scheme ◽

Session Key ◽

Communication Costs ◽

Security Issues ◽

Asymmetric Encryption ◽

High Level

With the extensively applying of Wireless Sensor Networks (WSN), its' security drew more and more attention. In all the security issues in WSN, session key is fundamental one with great challenge. Due to the constraints of limited hardware resources and computational capabilities, use asymmetric encryption mechanisms in session key are not suitable for WSN. And there are usually a puzzle for existing symmetric encryption mechanisms that they produced heavy communication cost. In this paper, we presented a session key transmission scheme based on an algorithm ofData Partitioning with Coding, namedDPC. By using of non-perfect secret sharing, we optimized the communication costs significantly and keep the security in high level. The analysis and simulations prove that our scheme has good performance.

Download Full-text

Public Sector Transformation in the Digital Age: Obstacles and Challenges for the Government of Indonesia

Iapa Proceedings Conference ◽

10.30589/proceedings.2019.223 ◽

2019 ◽

pp. 75

Author(s):

Putri Hening ◽

Gozali Harda Kumara

Keyword(s):

Public Sector ◽

Information Dissemination ◽

Policy Formulation ◽

The Public ◽

Indonesian Government ◽

Security Issues ◽

Digital Era ◽

Technological Developments ◽

The Government ◽

High Level

The world has now entered the digital era. Rapid technological developments spur the transformation from the manual era to the digital era. A series of trends in this era are present such as high-level usage of the internet, the birth of social networks, the development of various applications, and fast amount of information dissemination. This trend has brought a series of changes to various sector including the public sector. The presence of digital tools in this era has changed the way Indonesian government in providing public services. This era has also changed the community's approach to interact with the government through online platforms. The transformation into the digital era also influences the process of drafting public policies, from the agenda settings, policy formulation, implementation, until evaluation. Privacy and data security issues are also present in this era. This paper analyzes how the digital era has transformed the public sector in Indonesia and the obstacles and challenges faced by the Indonesian government. This paper will also provide recommendations to overcome these obstacles and challenges. This research is conducted by using qualitative and quantitative method. In analyzing data, researcher do three simultaneously activities based on Miles and Huberman model.

Download Full-text

Corruption, the Challenge for Kosovo Institutions

European Journal of Multidisciplinary Studies ◽

10.26417/ejms.v1i2.p204-209 ◽

2016 ◽

Vol 1 (2) ◽

pp. 204

Author(s):

Reshat Maliqi

Keyword(s):

Logical Consequence ◽

Point Of View ◽

Prevention Measures ◽

Transparency International ◽

Contemporary World ◽

Security Issues ◽

The Subject ◽

The Republic ◽

Countries In Transition ◽

High Level

The subject as per work, corruption, the challenge for Kosovo institutions, is broadly and actual theme that covers the theoretical and practical treatment. The corruption, which has been described as using the public power for certain purposes, is a very complex subject. Stands for the characteristics of many societies and states and for the last couple of years it has been understood as in great form present phenomenon within the countries in transition, within those which are undeveloped as well as with developed ones, and stands for an obstacle for democracy implementation. From a systematically point of view, corruption has caused, and it continues to do so, many concerns in all countries on Earth, and especially in Kosovo. In accordance to Transparency International report, corruption is one of the biggest challenges of contemporary world. The aim of the importance of studying of this problem through this subject is identifying the scope, structure and dynamics of this phenomenon; to analyse overall impact of general factors. In accordance to identification of corruption problems, local and international reports with of high level of this kind of criminal act, among other areas as well as per security issues, corruption has been seen as serious wound for our society. The justification of this work is logical consequence of corruption phenomenon in the Republic of Kosovo. The reason, consequences and the fight against the corruption is always the subject of numerous researches and conversation between researches, politicians and other actors dealing with this problem, not leaving aside the segment of civil society. These problems stand for the subject of study of this work from my point of view with the purpose of sharing the overall concern due to this phenomenon. During this study many different methodologies will be used, as well as the methodology of analyses of cases of corruption, method of comparative analyses, comparative methodology and statistical method of creation and fight against the corruption in Kosovo from 2012 – 2104. For fight and suppression of corruption, the society and institutions in Kosovo, among the prevention measures, would have to implement so far reached measures in criminalistics in accordance to contemporary trends in secure management. The final aim of this work is practical use of its results and statistics in society’s efforts to prevent, to limit or to eliminate the corruption phenomenon in Kosovo

Download Full-text

Wildcard Fields-Based Partitioning for Fast and Scalable Packet Classification in Vehicle-to-Everything

Sensors ◽

10.3390/s19112563 ◽

2019 ◽

Vol 19 (11) ◽

pp. 2563 ◽

Cited By ~ 2

Author(s):

Jaehyung Wee ◽

Jin-Ghoo Choi ◽

Wooguil Pak

Keyword(s):

Decision Tree ◽

Communication Networks ◽

High Speed ◽

Classification Performance ◽

Packet Classification ◽

Classification Algorithms ◽

Packet Processing ◽

Security Issues ◽

Security Of Network ◽

High Level

Vehicle-to-Everything (V2X) requires high-speed communication and high-level security. However, as the number of connected devices increases exponentially, communication networks are suffering from huge traffic and various security issues. It is well known that performance and security of network equipment significantly depends on the packet classification algorithm because it is one of the most fundamental packet processing functions. Thus, the algorithm should run fast even with the huge set of packet processing rules. Unfortunately, previous packet classification algorithms have focused on the processing speed only, failing to be scalable with the rule-set size. In this paper, we propose a new packet classification approach balancing classification speed and scalability. It can be applied to most decision tree-based packet classification algorithms such as HyperCuts and EffiCuts. It determines partitioning fields considering the rule duplication explicitly, which makes the algorithm memory-effective. In addition, the proposed approach reduces the decision tree size substantially with the minimal sacrifice of classification performance. As a result, we can attain high-speed packet classification and scalability simultaneously, which is very essential for latest services such as V2X and Internet-of-Things (IoT).

Download Full-text

Threat Analysis in Goal-Oriented Security Requirements Modelling

Computer Systems and Software Engineering ◽

10.4018/978-1-5225-3923-0.ch085 ◽

2017 ◽

pp. 2025-2042 ◽

Cited By ~ 2

Author(s):

Per Håkon Meland ◽

Elda Paja ◽

Erlend Andreas Gjære ◽

Stéphane Paul ◽

Fabiano Dalpiaz ◽

...

Keyword(s):

Traffic Management ◽

Mutual Influence ◽

Automated Analysis ◽

Security Requirements ◽

Tool Support ◽

Security Issues ◽

Raising Awareness ◽

Goal Modelling ◽

Threat Modelling ◽

High Level

Goal and threat modelling are important activities of security requirements engineering: goals express why a system is needed, while threats motivate the need for security. Unfortunately, existing approaches mostly consider goals and threats separately, and thus neglect the mutual influence between them. In this paper, the authors address this deficiency by proposing an approach that extends goal modelling with threat modelling and analysis. The authors show that this effort is not trivial and a trade-off between visual expressiveness, usability and usefulness has to be considered. Specifically, the authors integrate threat modelling with the socio-technical security modelling language (STS-ml), introduce automated analysis techniques that propagate threats in the combined models, and present tool support that enables reuse of threats facilitated by a threat repository. The authors illustrate their approach on a case study from the Air Traffic Management (ATM) domain, from which they extract some practical challenges. The authors conclude that threats provide a useful foundation and justification for the security requirements that the authors derive from goal modelling, but this should not be considered as a replacement to risk assessment. The usage of goals and threats early in the development process allows raising awareness of high-level security issues that occur regardless of the chosen technology and organizational processes.

Download Full-text

Biometric

Web Services ◽

10.4018/978-1-5225-7501-6.ch042 ◽

2019 ◽

pp. 769-787

Author(s):

Ajay Rawat ◽

Shivani Gambhir

Keyword(s):

Cloud Computing ◽

Case Studies ◽

Service Level ◽

Security And Privacy ◽

Service Level Agreements ◽

Security Issues ◽

Security Applications ◽

High Level

Cloud computing lacks control over physical and logical aspects of the system, which imposes profound changes in security and privacy procedure; hence, it needs a high level of security. Currently, many researchers and developments are being done to provide client service-level agreements regarding security issues. These researchers are attracted towards biometrics and its security applications, since it is based on biometric traits, thus providing a high level of security. Due to biometrics' benefits and cloud advantages, the collaboration of cloud and biometrics have open up wide areas this field. This chapter discusses some case studies of integration of biometrics and cloud computing.

Download Full-text

Controlling Controversy: 1995–1997

Truth to Power ◽

10.1093/oso/9780190940003.003.0003 ◽

2019 ◽

pp. 42-56

Author(s):

Richard N. Cooper

Keyword(s):

Climate Change ◽

Former Yugoslavia ◽

Financial Situation ◽

Global Trends ◽

Economic Issues ◽

Security Issues ◽

Future Challenges ◽

Internal Policy ◽

High Level

As a leading international economist with prior high-level policy experience, Richard Cooper brought to the National Intelligence Council chairmanship an unusual level of authority on economic issues. This proved valuable in internal policy disputes over Japan’s financial situation, in which the NIC successfully challenged the Treasury Department’s assessment. His tenure also saw the challenges of dealing with the former Yugoslavia after the Dayton Accords brokered a tenuous peace, as well as the NIC’s first foray into nontraditional security issues such as climate change. Finally, the NIC published an influential report called Global Trends 2010, looking out 15 years to anticipate future challenges—and initiating a series of reports issued by the NIC every four years thereafter.

Download Full-text