A survey of common security vulnerabilities and corresponding countermeasures for SaaS

2014 ◽  
Author(s):  
Donghoon Kim ◽  
Mladen A. Vouk
Keyword(s):  
Security Vulnerabilities ◽  
Common Security

scholarly journals Analysis of Security Issues of Edge Computing Based Internet of Things Applications

2020 ◽  
Author(s):  
Shamim Muhammad ◽  
Inderveer Chana ◽  
Supriya Thilakanathan
Keyword(s):  
Internet Of Things ◽  
Edge Computing ◽  
The Internet ◽  
Security Vulnerabilities ◽  
Computing Power ◽  
Security Issues ◽  
Computing Paradigm ◽  
Improved Performance ◽  
The Internet Of Things ◽  
Common Security

Edge computing is a technology that allows resources to be processed or executed close to the edge of the internet. The interconnected network of devices in the Internet of Things has led to an increased amount of data, increasing internet traffic usage every year. Also, edge computing is driving applications and computing power away from the integrated points to areas close to users, leading to improved performance of the application. Despite the explosive growth of the edge computing paradigm, there are common security vulnerabilities associated with the Internet of Things applications. This paper will evaluate and analyze some of the most common security issues that pose a serious threat to the edge computing paradigm.

scholarly journals Security issues and framework of electronic medical record: A review

2020 ◽  
Vol 9 (2) ◽  
Author(s):  
Jibril Adamu ◽  
Raseeda Hamzah ◽  
Marshima Mohd Rosli
Keyword(s):  
Medical Record ◽  
Electronic Medical Record ◽  
Security And Privacy ◽  
Security Threats ◽  
Security Vulnerabilities ◽  
Sql Injection ◽  
Security Issues ◽  
Electronic Medical Record Systems ◽  
Cross Site ◽  
Common Security

The electronic medical record has been more widely accepted due to its unarguable benefits when compared to a paper-based system. As electronic medical record becomes more popular, this raises many security threats against the systems. Common security vulnerabilities, such as weak authentication, cross-site scripting, SQL injection, and cross-site request forgery had been identified in the electronic medical record systems. To achieve the goals of using EMR, attaining security and privacy is extremely important. This study aims to propose a web framework with inbuilt security features that will prevent the common security vulnerabilities in the electronic medical record. The security features of the three most popular and powerful PHP frameworks Laravel, CodeIgniter, and Symfony were reviewed and compared. Based on the results, Laravel is equipped with the security features that electronic medical record currently required. This paper provides descriptions of the proposed conceptual framework that can be adapted to implement secure EMR systems.

scholarly journals An analysis of influence of safe programming techniques on applications efficiency and security

2018 ◽  
Vol 6 ◽  
pp. 12-19
Author(s):  
Tomasz Kobiałka
Keyword(s):  
Theoretical Description ◽  
Security Vulnerabilities ◽  
Programming Techniques ◽  
Safe Programming ◽  
The Impact ◽  
Common Security

The topics covered in this article are the risks that must be taken into account when developing the software. This article gives you an overview of safeguards against some of the anticipated common security vulnerabilities. Based on the written programs, the impact of the various techniques of safe programming on the performance and security of the application has been analyzed. This article presents both a theoretical description of the protections as well as examples of their technical implementation.

Clinical Cybersecurity Training Through Novel High Fidelity Simulations (Preprint)

2018 ◽  
Author(s):  
Christian Dameff ◽  
Jordan Selzer ◽  
Jonathan Fisher ◽  
James Killeen ◽  
Jeffrey Tully
Keyword(s):  
Patient Safety ◽  
Patient Care ◽  
Medical Devices ◽  
Healthcare Systems ◽  
High Fidelity ◽  
Protected Health Information ◽  
Patient Harm ◽  
Security Vulnerabilities ◽  
Clinical Simulations ◽  
Medical Infrastructure

BACKGROUND Cybersecurity risks in healthcare systems have traditionally been measured in data breaches of protected health information but compromised medical devices and critical medical infrastructure raises questions about the risks of disrupted patient care. The increasing prevalence of these connected medical devices and systems implies that these risks are growing. OBJECTIVE This paper details the development and execution of three novel high fidelity clinical simulations designed to teach clinicians to recognize, treat, and prevent patient harm from vulnerable medical devices. METHODS Clinical simulations were developed which incorporated patient care scenarios with hacked medical devices based on previously researched security vulnerabilities. RESULTS Clinician participants universally failed to recognize the etiology of their patient’s pathology as being the result of a compromised device. CONCLUSIONS Simulation can be a useful tool in educating clinicians in this new, critically important patient safety space.

Hardware Information Flow Tracking

2021 ◽  
Vol 54 (4) ◽  
pp. 1-39
Author(s):  
Wei Hu ◽  
Armaiti Ardeshiricham ◽  
Ryan Kastner
Keyword(s):  
Access Control ◽  
Computer Security ◽  
Information Flow ◽  
Hardware Security ◽  
Computing System ◽  
Security Vulnerabilities ◽  
Information Flow Tracking ◽  
Side Channels ◽  
Security Properties ◽  
Tools And Techniques

Information flow tracking (IFT) is a fundamental computer security technique used to understand how information moves through a computing system. Hardware IFT techniques specifically target security vulnerabilities related to the design, verification, testing, manufacturing, and deployment of hardware circuits. Hardware IFT can detect unintentional design flaws, malicious circuit modifications, timing side channels, access control violations, and other insecure hardware behaviors. This article surveys the area of hardware IFT. We start with a discussion on the basics of IFT, whose foundations were introduced by Denning in the 1970s. Building upon this, we develop a taxonomy for hardware IFT. We use this to classify and differentiate hardware IFT tools and techniques. Finally, we discuss the challenges yet to be resolved. The survey shows that hardware IFT provides a powerful technique for identifying hardware security vulnerabilities, as well as verifying and enforcing hardware security properties.

Security Threat Analyses and Attack Models for Approximate Computing Systems

2021 ◽  
Vol 26 (4) ◽  
pp. 1-31
Author(s):  
Pruthvy Yellu ◽  
Landon Buell ◽  
Miguel Mark ◽  
Michel A. Kinsy ◽  
Dongpeng Xu ◽  
...  
Keyword(s):  
Error Resilience ◽  
Security Threats ◽  
Approximate Computing ◽  
Security Threat ◽  
Security Vulnerabilities ◽  
Computing Systems ◽  
Quantitative Analyses ◽  
Resilience Mechanisms ◽  
The Impact ◽  
Attack Models

Approximate computing (AC) represents a paradigm shift from conventional precise processing to inexact computation but still satisfying the system requirement on accuracy. The rapid progress on the development of diverse AC techniques allows us to apply approximate computing to many computation-intensive applications. However, the utilization of AC techniques could bring in new unique security threats to computing systems. This work does a survey on existing circuit-, architecture-, and compiler-level approximate mechanisms/algorithms, with special emphasis on potential security vulnerabilities. Qualitative and quantitative analyses are performed to assess the impact of the new security threats on AC systems. Moreover, this work proposes four unique visionary attack models, which systematically cover the attacks that build covert channels, compensate approximation errors, terminate normal error resilience mechanisms, and propagate additional errors. To thwart those attacks, this work further offers the guideline of countermeasure designs. Several case studies are provided to illustrate the implementation of the suggested countermeasures.

Sign in / Sign up

Export Citation Format

Share Document