Analysis of information security service for internet application

Background/Objectives: With the proliferation of online platforms, information is generated every second, and there is an urgent need to firstly store the huge amount of data and secondly to secure that data. The level of sophistication is increasing day by day, so alongside the demand for excessive computational power and resources also hikes up. With the advancements in technology and with the concepts like globalization coming into picture, people find the need of sharing information important. Methods/Statistical Analysis: Information security aspects are analyzed based on confidentiality, integrity, availability, authentication, authorization and non-Repudiation. Findings: Different web application needs different security parameter and out of these authentication and access control are among the top security issues which can be resolved by using two factor and three factor authentication and are more effective with respect to mobility. Application/Improvement: Most handheld devices have built-in sensors which can be used for self authentication and authorization. Device ID, fingerprint, iris, SMS based OTPs add extra security to information security.

Download Full-text

A review on Privacy-Preserving Data Preprocessing

10.54216/jcim.040202 ◽

2020 ◽

pp. 16-30

Author(s):

Mukesh Soni ◽

◽

YashKumar Barot ◽

...

Keyword(s):

Health Care ◽

Information Security ◽

Social Insurance ◽

Disease Outbreaks ◽

Security And Privacy ◽

Health Care Information ◽

Privacy And Security ◽

Healthcare Data ◽

Security Issues ◽

Care Information

Health care information has great potential for improving the health care system and also providing fast and accurate outcomes for patients, predicting disease outbreaks, gaining valuable information for prediction in future, preventing such diseases, reducing healthcare costs, and improving overall health. In any case, deciding the genuine utilization of information while saving the patient's identity protection is an overwhelming task. Regardless of the amount of medical data it can help advance clinical science and it is essential to the accomplishment of all medicinal services associations, at the end information security is vital. To guarantee safe and solid information security and cloud-based conditions, It is critical to consider the constraints of existing arrangements and systems for the social insurance of information security and assurance. Here we talk about the security and privacy challenges of high-quality important data as it is used mainly by the healthcare structure and similar industry to examine how privacy and security issues occur when there is a large amount of healthcare information to protect from all possible threats. We will discuss ways that these can be addressed. The main focus will be on recently analyzed and optimized methods based on anonymity and encryption, and we will compare their strengths and limitations, and this chapter closes at last the privacy and security recommendations for best practices for privacy of preprocessing healthcare data.

Download Full-text

A Formal Approach to Modeling the Characteristics of Users of Social Networks Regarding Information Security Issues

Advances in Artificial Systems for Medicine and Education II - Advances in Intelligent Systems and Computing ◽

10.1007/978-3-030-12082-5_44 ◽

2019 ◽

pp. 485-494

Author(s):

Andriy Peleshchyshyn ◽

Volodymyr Vus ◽

Solomiia Albota ◽

Oleksandr Markovets

Keyword(s):

Social Networks ◽

Information Security ◽

Formal Approach ◽

Security Issues

Download Full-text

Study on Information Security Issues of E-Commerce

IOP Conference Series Materials Science and Engineering ◽

10.1088/1757-899x/452/3/032050 ◽

2018 ◽

Vol 452 ◽

pp. 032050

Author(s):

Qiaofen Ji

Keyword(s):

Information Security ◽

Security Issues

Download Full-text

Multilevel classification of security threats in cloud computing

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i1.5.9157 ◽

2017 ◽

Vol 7 (1.5) ◽

pp. 253

Author(s):

N. Srinivasu ◽

O. Sree Priyanka ◽

M. Prudhvi ◽

G. Meghana

Keyword(s):

Cloud Computing ◽

Web Application ◽

Service Level Agreement ◽

Service Level ◽

Security Threats ◽

Security Threat ◽

Security Issues ◽

Network Applications ◽

Storage Network ◽

Multilevel Classification

Cloud Security was provided for the services such as storage, network, applications and software through internet. The Security was given at each layer (Saas, Paas, and Iaas), in each layer, there are some security threats which became the major problem in cloud computing. In Saas, the security issues are mainly present in Web Application services and this issue can be overcome by web application scanners and service level agreement(SLA). In Paas, the major problem is Data Transmission. During transmission of data, some data may be lost or modified. The PaaS environment accomplishes proficiency to some extent through duplication of information. The duplication of information makes high accessibility of information for engineers and clients. However, data is never fully deleted instead the pointers to the data are deleted. In order to overcome this problem the techniques that used are encryption[12], data backup. In Iaas the security threat that occurs in is virtualization and the techniques that are used to overcome the threats are Dynamic Security Provisioning(DSC), operational security procedure, for which Cloud Software is available in the market, for e.g. Eucalyptus, Nimbus 6.

Download Full-text

Research on Information Security Monitoring and Early Warning Mechanism of Internet Application Network Based on Particle Swarm Optimization

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering - Multimedia Technology and Enhanced Learning ◽

10.1007/978-3-030-51103-6_21 ◽

2020 ◽

pp. 241-253

Author(s):

Feng Chen ◽

Hong Zou ◽

Xue-sheng Li

Keyword(s):

Particle Swarm Optimization ◽

Information Security ◽

Early Warning ◽

Particle Swarm ◽

Swarm Optimization ◽

Security Monitoring ◽

Early Warning Mechanism ◽

Internet Application ◽

Monitoring And Early Warning

Download Full-text

PRACTICAL IMPLEMENTATION OF THE MODEL OF FORMATION OF CADETS' READINESS TO ENSURE INFORMATION SECURITY IN PROFESSIONAL ACTIVITIES

SOCIETY INTEGRATION EDUCATION Proceedings of the International Scientific Conference ◽

10.17770/sie2021vol1.6470 ◽

2021 ◽

Vol 1 ◽

pp. 119-129

Author(s):

Dmitry Dvoretsky ◽

Natalia Kolesnikova ◽

Oksana Makarkina ◽

Kira Lagvilava

Keyword(s):

Information Systems ◽

Information Security ◽

Information Technologies ◽

The State ◽

Practical Implementation ◽

Positive Trend ◽

Pedagogical Tools ◽

Professional Activities ◽

Security Issues ◽

The Stability

The mass introduction of information technologies in the activities of state structures has made it possible to transfer the efficiency of their functioning to a qualitatively new level. Unfortunately, as a means of action, they have characteristic vulnerabilities and can be used not only for good, but also for harm. For the state, as a guarantor of the stability of a civilized society, the issue of ensuring the security of information processing is particularly important. Despite the automation of many information processes, the most vulnerable link in the work of information systems remains a person. A person acts as an operator of information systems and a consumer of information. The entire service process depends on the competence of the operator and the quality of his perception. There are areas of government activity where the cost of error is particularly high. These include ensuring the life and health of citizens, protecting public order and the state system, and ensuring territorial integrity. The specifics of the spheres must be taken into account when ensuring the security of information. This study concerns official activities that are provided by paramilitary groups. Currently, there is a discrepancy in the level of competence of new personnel in the first months of service. The author traces the shortcomings of general and special professional qualities in the field of information security. The purpose of the study is to substantiate certain pedagogical means of forming cadets ' readiness to ensure information security. As forms of theoretical knowledge, we will use the traditional hypothesis and model, as well as functionally distinguishable judgments – problem, assumption, idea and principle. Empirical forms of knowledge will be observation (experimental method) and fixation of facts. To evaluate the effectiveness of the developed pedagogical tools, we use statistical methods: observation (documented and interrogated) and calculation of generalizing indicators. To formulate conclusions, we will use logical methods: building conclusions and argumentation. The approbation of certain pedagogical tools described in this article showed a significant positive trend in terms of competence in information security issues.

Download Full-text

POSITIONS OF STATES OF THE ASIA-PACIFIC REGION REGARDING THE ADOPTION OF RESOLUTIONS ON INTERNATIONAL INFORMATION SECURITY ISSUES WITHIN THE FRAMES OF THE UN

ACTUAL PROBLEMS OF INTERNATIONAL RELATIONS ◽

10.17721/apmv.2019.139.0.13-26 ◽

2019 ◽

pp. 13-26

Author(s):

Mykola Ryzhkov ◽

Anastasiia Siabro

Keyword(s):

Information Security ◽

International Development ◽

Information Technologies ◽

Large Scale ◽

New Technologies ◽

Technological Development ◽

Security System ◽

Asia Pacific ◽

Security Issues ◽

The World

Achievements in the sphere of automatization and telecommunication are an essential component of transformation of the international peace and security system. This article presents, that consequences of changes are of a dual character. On the one hand, new technologies are becoming an important component of society modernization strategies in developing countries, on the other hand, they can be used for armament modernization or creation of new means of confrontation in modern international relations. APR countries face the most relevant issue of information technologies usage. The article deals with the process of discussion of new challenges and threats to international security, emerging as a result of development and large-scale implementation of information-communication technologies. Positions of states regarding the adoption of resolution in the sphere of international information security were studied through examples of Japan, India, and China. It is proved in the article, that information technologies have become an important component of the security system in the world. Technologies usage may lead to steady international development as well as to information arms race. That is why working out a common position on international information security issues is of crucial importance. It is within the framework of the UN, that different states of the world are given an opportunity to express their visions of the problem of international information security and work out common approaches to its solution. The article shows, that states’ positions have similar as well as different features. For instance, all states express concern regarding possible limitation of technology transfer for the establishment of a more controlled international political environment. But states’ positions have major differences as to mechanisms of information security provision. Thus, Japan and India strive to achieve a balanced system of international information security, which should at the same time have preventive mechanisms against the emergence of threats in the information and science and technology spheres and guarantee continuation of scientific-technological development, which is a crucial component of development and modernization strategies in many countries of the world. China came forward with position of strong regulation of international information security issues and suggested framing of corresponding regulations of the states’ conduct in the cyberspace.

Download Full-text

High Security Mechanism: Fragmentation and Replication in the Cloud with Auto Update in the System.

APTIKOM Journal on Computer Science and Information Technologies ◽

10.34306/csit.v5i2.138 ◽

2020 ◽

Vol 5 (2) ◽

pp. 54-59

Author(s):

Shrutika Khobragade ◽

Rohini Bhosale ◽

Rahul Jiwahe

Keyword(s):

Cloud Computing ◽

Low Cost ◽

Vital Role ◽

Third Party ◽

Key Generation ◽

Huge Amount ◽

Security Issues ◽

Hash Key ◽

Use Of Internet ◽

High Quality Service

Cloud Computing makes immense use of internet to store a huge amount of data. Cloud computing provides high quality service with low cost and scalability with less requirement of hardware and software management. Security plays a vital role in cloud as data is handled by third party hence security is the biggest concern to matter. This proposed mechanism focuses on the security issues on the cloud. As the file is stored at a particular location which might get affected due to attack and will lost the data. So, in this proposed work instead of storing a complete file at a particular location, the file is divided into fragments and each fragment is stored at various locations. Fragments are more secured by providing the hash key to each fragment. This mechanism will not reveal all the information regarding a particular file even after successful attack. Here, the replication of fragments is also generated with strong authentication process using key generation. The auto update of a fragment or any file is also done here. The concept of auto update of filles is done where a file or a fragment can be updated online. Instead of downloading the whole file, a fragment can be downloaded to update. More time is saved using this methodology.

Download Full-text

VIRTUAL REALITY: U.S. INFORMATION SECURITY THREATS CONCEPT AND ITS INTERNATIONAL DIMENSION

MGIMO Review of International Relations ◽

10.24833/2071-8160-2014-3-36-128-136 ◽

2014 ◽

pp. 128-136

Author(s):

E. V. Batueva

Keyword(s):

United States ◽

Information Security ◽

Cyber Security ◽

Security Policy ◽

The United States ◽

Main Task ◽

Security Issues ◽

Cyber Space ◽

National Information ◽

The U.S

The development of ICT and the formation of the global information space changed the agenda of national and international security. Such key characteristics of cyberspace as openness, accessibility, anonymity, and identification complexity determined the rise of actors in cyber space and increased the level of cyber threats. Based on the analyses of the U.S. agencies' approach, the author defines three major groups of threats: use of ICT by states, criminals and terrorists. This concept is shared by the majority of the countries involved in the international dialogue on information security issues and is fundamental for providing cyber security policy on both national and international levels. The United States is developing a complex strategy for cyber space that includes maximization of ICT's advantages in all strategically important fields as well as improvement of national information systems and networks security. On the international level the main task for the American diplomacy is to guarantee the U.S. information dominance. The United States is the only country that takes part practically in all international and regional fora dealing with cyber security issues. However process of the development of a global cyber security regime is not going to be fast due to countries' different approaches to key definitions and lack of joint understanding of cyber security issues as well as due to the position of the countries, among all the United States, that are not interested in any new obligatory international norms and principles. Such American policy aims at saving the possibility of using cyberspace capacity in reaching political and military goals, thus keeping the global leadership.

Download Full-text

ISSUES OF AUTOMATION OF THE AUDIT IN ACCORDANCE WITH GOST R 57580.2-2018

Interexpo GEO-Siberia ◽

10.33764/2618-981x-2021-6-268-275 ◽

2021 ◽

Vol 6 ◽

pp. 268-275

Author(s):

Anastasia V. Sitskaya ◽

Valeria A. Tabakaeva ◽

Valentin V. Selifanov

Keyword(s):

Information Security ◽

Financial Market ◽

Quantitative Assessment ◽

Modern World ◽

Security Audit ◽

Huge Amount ◽

Timely Manner ◽

Qualitative And Quantitative ◽

Entire Country ◽

Individual Client

The modern world can be characterized by a huge amount of information and computerization of all spheres of human activity. But one of the most valuable information can be considered the information that concerns financial organizations. There are incidents of information security in financial organizations that can lead not only to the violation of the interests of an individual client, but also to the crisis of the financial market of the entire country. Information security audit allows you to detect violations in the organization's information system in a timely manner, which significantly increases the security of information. Often, timely and rapid receipt of a qualitative and quantitative assessment of the level of security allows you to avoid an incident. To improve the accuracy of estimates and reduce the time of their receipt, the application "Audit57580" was developed, the relevance of which is discussed in detail in the article.

Download Full-text