TOOP Trust Architecture

AbstractWhile information security nowadays represents a core concern for any organization, Trust Management is usually less elaborated and is only important when two or more organizations cooperate towards a common objective. The overall Once-Only Principle Project (TOOP) architecture relies on the concept of trusted sources of information and on the existence of a secure exchange channel between the Data Providers and the Data Consumers in this interaction framework. Trust and information security are two cross-cutting concerns of paramount importance. These two concerns are overlapping, but not identical and they span all of the interoperability layers, from the legal down to the technical, passing through organizational and semantic layers. While information security aims at the preservation of confidentiality, integrity and availability of information, trust establishment guarantees that the origin and the destination of the data and documents are authentic (authenticity) and trustworthy (trustworthiness), and that data and documents are secured against any modification by untrusted parties (integrity). In this chapter, the TOOP Trust Architecture is presented, starting from a simple abstract model of interaction between two agents down to the detailed end-to-end trust establishment architecture, modeled onto the Toop Reference Architecture presented in the previous chapter.

Download Full-text

MEASUREMENT ERRORS AFFECTING THE CHARACTERISTICS OF MULTI-POSITION SYSTEMS, AND WAYS TO REDUCE THEM

InterConf ◽

10.51582/interconf.7-8.06.2021.035 ◽

2021 ◽

pp. 333-346

Author(s):

Andriy Аrtikula ◽

Dmytro Britov ◽

Volodymyr Dzhus ◽

Borys Haibadulov ◽

Anastasiia Haibadulova ◽

...

Keyword(s):

Information System ◽

Information Security ◽

Human Development ◽

Measurement Errors ◽

Information Needs ◽

Single System ◽

Sources Of Information ◽

Different Types ◽

System Errors ◽

System Characteristics

Modern wide development of science and technology causes the growth of information needs in all branches of human development. At present, there are all opportunities to increase information security by combining sources of information into a single system. At the same time, when merging, specific difficulties and features emerge, which together make it difficult to implement the proposed solutions. The paper considers the peculiarity of combining different types of radar stations into a single information system. Errors of measurements of separate parameters and their influence on system characteristics are considered. Options for solving the problems that have arisen are proposed.

Download Full-text

Remote Platform Attestation

Trust Modeling and Management in Digital Environments ◽

10.4018/978-1-61520-682-7.ch001 ◽

2010 ◽

pp. 1-19

Author(s):

Xuhua Ding ◽

Liang Gu ◽

Robert H. Deng ◽

Bing Xie ◽

Hong Mei

Keyword(s):

Conceptual Model ◽

Systematic Study ◽

Trust Management ◽

Distributed Environment ◽

Remote Attestation ◽

Trust Establishment ◽

Quality Attestation ◽

Trust Attestation ◽

Root Of Trust

One of the key mechanisms for trust establishment among different platforms is remote attestation, which allows a platform to vouch for its trust related characteristics to a remote challenger. In this chapter, the authors propose a new conceptual model for remote attestation consisting of four basic ingredients: root of trust, attestation objective, object measurement, and attestation process. With this model, they present a systematic study on the remote attestation, including the methodologies applied for implementing the four elements and the principles for designing an attestation scheme. The authors also examine existing remote attestation schemes in the literature by grouping them into two main types: integrity attestation and quality attestation. They discuss both the strength and the limitations of each type of scheme and explain how they can be applied in trust management in distributed environment.

Download Full-text

END-TO-END INFORMATION SECURITY OF PRIVATE CLOUD COMPUTING

Systems and Means of Informatics ◽

10.14357/08696527200407 ◽

2020 ◽

Keyword(s):

Cloud Computing ◽

Information Security ◽

Private Cloud ◽

End To End ◽

Private Cloud Computing

Download Full-text

Information Security of Critically Important Information Systems

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.d4380.118419 ◽

2019 ◽

Vol 8 (4) ◽

pp. 9030-9034

Keyword(s):

Information System ◽

Information Systems ◽

Information Security ◽

Legal Regulation ◽

Security Threats ◽

Legal Basis ◽

Sources Of Information ◽

Effective Mechanism ◽

System Information

The article provides a comprehensive analysis of the concepts related to the information security of critically important information systems in Russia. Today, problems exist, which are associated with numerous threats to Russian information security due to the rapidly increasing role of the information sphere. To solve these problems, an effective mechanism is needed to prevent and eliminate these threats. To develop the organizational and legal basis of the mechanism, it is necessary to define a number of concepts, such as information security, critically important information system, information infrastructure, etc. The authors explore Russian legal regulation, as well as international experience and research on this topic. The article shows the main sources of information security threats and defines general principles and approaches to ensuring information security of critically important information systems. The concept and types of critically important information systems are identified and the necessity of developing and improving their legal regulation is substantiated. A number of legal and organizational measures aimed at ensuring the information system security of Russian infrastructure are proposed.

Download Full-text

Fast Packet Inspection for End-To-End Encryption

Electronics ◽

10.3390/electronics9111937 ◽

2020 ◽

Vol 9 (11) ◽

pp. 1937

Author(s):

So-Yeon Kim ◽

Sun-Woo Yun ◽

Eun-Young Lee ◽

So-Hyeon Bae ◽

Il-Gu Lee

Keyword(s):

Information Security ◽

Information Transfer ◽

High Speed ◽

Personal Data ◽

Security System ◽

Frame Structure ◽

Inspection Time ◽

Deep Packet Inspection ◽

End To End ◽

Packet Inspection

With the recent development and popularization of various network technologies, communicating with people at any time, and from any location, using high-speed internet, has become easily accessible. At the same time, eavesdropping, data interception, personal data leakage, and distribution of malware during the information transfer process have become easier than ever. Recently, to respond to such threats, end-to-end encryption (E2EE) technology has been widely implemented in commercial network services as a popular information security system. However, with the use of E2EE technology, it is difficult to check whether an encrypted packet is malicious in an information security system. A number of studies have been previously conducted on deep packet inspection (DPI) through trustable information security systems. However, the E2EE is not maintained when conducting a DPI, which requires a long inspection time. Thus, in this study, a fast packet inspection (FPI) and its frame structure for quickly detecting known malware patterns while maintaining E2EE are proposed. Based on the simulation results, the proposed FPI allows for inspecting packets approximately 14.4 and 5.3 times faster, respectively, when the inspection coverage is 20% and 100%, as compared with a DPI method under a simulation environment in which the payload length is set to 640 bytes.

Download Full-text

Konsep Pengamanan Video Conference Dengan Enkripsi AES-GCM Pada Aplikasi Zoom

METHOMIKA: Jurnal Manajemen Informatika dan Komputerisasi Akuntansi ◽

10.46880/jmika.v4i2.211 ◽

2020 ◽

Vol 4 (1) ◽

pp. 109-113

Author(s):

Jamaluddin Jamaluddin ◽

◽

Naikson Saragih ◽

Roni Simamora ◽

Rimbun Siringoringo

Keyword(s):

Information Security ◽

Video Conferencing ◽

Security System ◽

Video Conference ◽

Interaction Patterns ◽

Online Interaction ◽

Use Of Technology ◽

End To End ◽

Patterns Of Interaction

The conditions of the Covid-19 pandemic, which began to plague at the end of 2019, brought about major changes to the patterns of interaction in society. Activities that have been carried out directly have begun to shift to activities carried out online. The use of technology, especially in applications for online interaction patterns such as video conferencing applications, is an alternative. The Zoom Cloud Meeting application is widely used by people who initially had doubts about its security system. By implementing end-to-end encryption with AES-256-GCM, it has been able to convince clients on the information security side to keep using the Zoom Cloud Meeting application.

Download Full-text

The information trust formation process for informal caregivers of people with dementia: a qualitative study

Journal of Documentation ◽

10.1108/jd-01-2021-0014 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Laura Sbaffi ◽

Sarah Hargreaves

Keyword(s):

Information Seeking ◽

Information Needs ◽

Informal Caregivers ◽

Ease Of Use ◽

Sources Of Information ◽

Structured Interviews ◽

Content Type ◽

People With Dementia ◽

Trust Formation ◽

Information Trust

PurposeThis paper provides new insights on trust formation during information-seeking processes of informal caregivers of people with dementia and identifies the sources of information deemed as trustworthy by caregivers.Design/methodology/approachThe study adopts a phenomenological qualitative approach in the form of in-depth, semi-structured interviews with a sample of 20 informal caregivers.FindingsCaregivers trust sources that are perceived as authoritative and particularly value the information and advice provided by other caregivers. Trust in information can be divided into subjective and objective, but both are important precursors to the actual use of the information. The information available to caregivers is sufficient in quantity but inadequate in terms of ease of use, clarity and usefulness. Often, some key information needs remain unsatisfied due to the lack of timeliness, relevance and personalisation of the information.Practical implicationsThis paper provides recommendations for information and healthcare providers on how to improve communication and information relevance for informal caregivers of people with dementia.Originality/valueThis paper contributes to a more comprehensive perspective on caregivers’ information trust formation processes, which takes into account both the characteristics of the information and caregivers’ individual factors.

Download Full-text

USE OF OPEN SOURCES OF INFORMATION IN THE INTERESTS OF INTELLIGENCE AND ENSURING INFORMATION SECURITY

MEST Journal ◽

10.12709/mest.09.09.01.05 ◽

2021 ◽

Vol 9 (1) ◽

pp. 37-45

Author(s):

Olena Ivanenko

Keyword(s):

Information Security ◽

National Security ◽

World Wide ◽

Social Processes ◽

Sources Of Information ◽

Open Source Intelligence ◽

Intelligence Services ◽

The World ◽

Processing Information ◽

Political Economic

The study of the experience of using open sources of information in the interests of intelligence-by-intelligence services studied the methodology and organization of the use of open sources of information in the interests of intelligence and information security of the country. Methods of collecting, analyzing, and processing information are considered, sources for information use are clarified. Information security is an integral part of national security and is closely linked to open-source intelligence. Nowadays, this type of intelligence is relevant because sometimes the ability to obtain intelligence through closed sources is significantly limited. The information obtained in this way should be carefully checked and analyzed, compared with the information obtained through intelligence and vice versa. The considered advantages of open sources of information are that the risk of failure of the agent is excluded or considerable means and efforts for the search of such are saved. The information provided by the World Wide Web is truly inexhaustible. In total, more than two-thirds of the intelligence obtained is obtained through open sources of information. The studied methods of working with information obtained from open sources have shown that analytical intelligence is a component of intelligence activities, which consists of identifying, evaluating, forecasting various political, economic, and social processes, events, activities based on information, mostly obtained from open sources, extracted by an exploration of other types (agency, technical).

Download Full-text

Harmonization of Accounting, Auditing and Analysis in a Digital Economy

Accounting Analysis Auditing ◽

10.26794/2408-9303-2018-5-3-16-23 ◽

2018 ◽

Vol 5 (3) ◽

pp. 16-23 ◽

Cited By ~ 8

Author(s):

O. V. Rozhnova

Keyword(s):

Information Security ◽

Negative Impact ◽

Accounting Information ◽

Digital Technologies ◽

Digital Economy ◽

Information Resource ◽

Sources Of Information ◽

Integrated Reporting ◽

Continuous Interaction ◽

Different Sources

The article analyzes the reasons for the need for harmonization of various areas of accounting, including ambiguity in the interpretation of a number of terms, the meaning of important indicators, the application of certain methods, and the lack of a unified concept that unite all areas of accounting with a single goal. In a digital economy, the negative impact of these differences on the effectiveness of the accounting area is manifested especially bright. As a result, the transformation of the accounting sphere becomes a priority in the situation when the information, knowledge of any subject of the economy represents a resource of the highest value. In the article, only four areas of research are considered, according to which, first of all, it is necessary to achieve a correspondence between the areas of the accounting sphere: the approach to virtual operations; scope of using probabilistic indicators; terminology; details of accounting information. Also, a proposal was made to develop a unified concept for accounting, auditing and analysis in the digital economy (including also integrated reporting in the accounting area). This concept should be based on the capabilities of digital technologies that allow instant communication between different sources of information and handle Big Date. The goal of a single accounting concept is to create knowledge (information resource) in relation to both individual economic entities and their groups, as well as other new structures and forms of their cooperation for all interested users. Three principles on which the development of the accounting sphere in the conditions of the digital economy should be built: the provision of information security; continuous interaction of the accounting sector with other areas of the economy; visualization of knowledge. These three principles form the priority directions for further research into the development of the accounting sector in the digital economy.

Download Full-text

Trust in information sources during the COVID-19 pandemic. A Romanian case study

Communications ◽

10.1515/commun-2020-0052 ◽

2021 ◽

Vol 0 (0) ◽

Author(s):

Raluca Buturoiu ◽

Nicoleta Corbu ◽

Denisa-Adriana Oprea ◽

Mădălina Boțan

Keyword(s):

Interpersonal Communication ◽

Information Source ◽

Fake News ◽

Sources Of Information ◽

Specific Source ◽

Fact Checking ◽

Information Trust ◽

Government Websites ◽

Source Of Information

Abstract Higher levels of trust in credible sources of information in times of crisis such as the current COVID-19 pandemic increase public compliance with official recommendations, minimizing health risks and helping authorities manage the crisis. Based on a national survey (N=1160), this article explores (a) actual levels of trust in various sources of information (government websites, legacy media, social media, and interpersonal communication) during the pandemic and (b) a number of predictors of such trust. Results show that during the period studied government websites were the most trusted source of information. Trust in an information source is correlated with consumption of COVID-19–related news from that specific source, media fact-checking, and self-perception about the incidence of COVID-19–related fake news. Only income and age are significant trust predictors, and only with respect to specific source types.

Download Full-text