Confidential Data Protection as a Means of Ensuring Information Security

This article presents issues of protecting confidential data, ways to support information security, types of information security threats resulting in an authorized access to confidential data, countermeasures and security measures to ensure confidential data security. Keywords: confidential data, information security, information security threat(s), personal data, information systems, data security.

Download Full-text

Data Security Threats Sources

Global Information Diffusion and Management in Contemporary Society - Advances in Knowledge Acquisition, Transfer, and Management ◽

10.4018/978-1-5225-5393-9.ch006 ◽

2019 ◽

pp. 153-171

Author(s):

Nasim Talebi ◽

Emmanuel Ayaburi ◽

Suhail Chakravarty

Keyword(s):

Information Security ◽

Data Security ◽

Organizational Characteristics ◽

Security Threats ◽

Privacy Rights ◽

Security Threat ◽

Behavioral Issues ◽

Industry Type ◽

Organizational Perspective ◽

External Attack

Driven by the difficulty in achieving complete security with technical tools, business investigators are looking into organizational and behavioral issues that could help make systems more secure. This chapter looks at the security of systems from the organizational perspective. Specifically, this study attempts to identify if different organizations have different predisposition to particular type(s) of security threat sources. Using publicly available security breach data from a privacy rights clearinghouse to investigate which organizational characteristics predisposes an institution to an external or internal threat source, it was concluded that as size of organization and the number of its valuable documents increase by one unit, the organization's probability of suffering an internal attacks decrease. Furthermore, when executive members have a business degree rather than information-security-related degrees, the likelihood of suffering an internal attack increases. Also, the probability of an organization suffering an internal or external attack is not based on its industry type.

Download Full-text

Bezpieczeństwo informacyjne w jednostkach samorządu terytorialnego

Studia Prawnoustrojowe ◽

10.31648/sp.4897 ◽

2020 ◽

pp. 89-106

Author(s):

Jacek Gerwatowski

Keyword(s):

Local Government ◽

Information Security ◽

Public Administration ◽

New Technologies ◽

Public Information ◽

Personal Data ◽

Security Threats ◽

Cyber Terrorism ◽

Types Of Information

This article analyses issues in the feld of information and IT securityand attempts to explain what is meant by information security and presentspotential opportunities and threats in this feld. The article discusses various types of information security threats, from those with a “traditional” character, such as espionage, through to threats resulting from the developmentof new technologies, e.g. cyber-terrorism and threats resulting from the activities of natural forces. The article presents the tasks of public administration and local government units in the feld of information security resulting,inter alia, from the provisions of the Act on access to public information orregulations on the protection of personal data.

Download Full-text

Social engineering as a threat to personal financial security

National Interests Priorities and Security ◽

10.24891/ni.17.1.150 ◽

2021 ◽

Vol 17 (1) ◽

pp. 150-166

Author(s):

Andrei L. LOMAKIN ◽

Evgenii Yu. KHRUSTALEV ◽

Gleb A. KOSTYURIN

Keyword(s):

Information Security ◽

Personal Information ◽

Public Awareness ◽

Social Engineering ◽

Training System ◽

Security Threats ◽

Security Threat ◽

Public And Private ◽

Security Issues ◽

The Government

Subject. As the socio-economic relationships are getting digitalized so quickly, the society faces more and more instances of cybercrime. To effectively prevent arising threats to personal information security, it is necessary to know key social engineering methods and security activities to mitigate consequences of emerging threats. Objectives. We herein analyze and detect arising information security threats associated with social engineering. We set forth basic guidelines for preventing threats and improving the personal security from social engineering approaches. Methods. The study relies upon methods of systems analysis, synthesis, analogy and generalization. Results. We determined the most frequent instances associated with social engineering, which cause personal information security threats and possible implications. The article outlines guidelines for improving the persona; security from social engineering approaches as an information security threat. Conclusions and Relevance. To make information security threats associated with social engineering less probable, there should be a comprehensive approach implying two strategies. First, the information security protection should be technologically improved, fitted with various data protection, antivirus, anti-fishing software. Second, people should be more aware of information security issues. Raising the public awareness, the government, heads of various departments, top executives of public and private organizations should set an integrated training system for people, civil servants, employees to proliferate the knowledge of information security basics.

Download Full-text

Security in Android

INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY ◽

10.24297/ijct.v12i10.2983 ◽

2014 ◽

Vol 12 (10) ◽

pp. 3990-3996

Author(s):

Amritesh Kumar Sharma ◽

Arun Kumar Singh ◽

Pankaj P. Singh

Keyword(s):

Information Security ◽

Rapid Growth ◽

New Technologies ◽

Security Measures ◽

Security Threat ◽

Sensitive Data ◽

Security Risks ◽

Malicious User ◽

Security Controls ◽

Areas Of Concern

New technologies have always created new areas of concern for information security teams. Usually it provides time for the development of effective security controls. The rapid growth of the smartphone in market and the use of these devices for so many sensitive data have led to the emergence of security threat. A malicious user or malware on a device can create a number of risks for an organization, and so the fact that these devices are not necessarily connected does not translate to a lack of security risks. This paper will discuss why it is important to secure an Android device, what some of the potential vulnerabilities are, and security measures that can be introduced to provide a baseline of security of data on Googleâ€™s mobile OS

Download Full-text

Role of Biometric security for The Enhancement of Data Security

INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY ◽

10.24297/ijct.v14i10.1832 ◽

2015 ◽

Vol 14 (10) ◽

pp. 6184-6189

Author(s):

Himanshu Gupta ◽

Kapil Chauhan

Keyword(s):

Cyber Security ◽

Data Security ◽

User Authentication ◽

Personal Data ◽

Personal Identification ◽

Fingerprint Recognition ◽

Digital Data ◽

Security Measures ◽

Biometric Security ◽

Area Of Concern

In today's society, data security is the big problem for every business organization or an individual. Most found threat is theft of personal data and information. With time digital data become more prevalent, personnel try to secure their information by using highly encrypted passwords and authentication identities, but, the misuse and theft of these security measures are rising in lot of theft cases Taking advantage of security flaws in authentication identities ends up in cards being duplicated or counterfeited and hence misused. This increasing fight with cyber security has been the sole reason ofÂ makingÂ biometric security systems, theÂ important area of concern is that how doÂ one can implement the biometric security for increasing of data security.Â First unique feature which is found different in every human is Fingerprints; Humans have used fingerprints for personal identification. Presently, most of the organisation useÂ fingerprint recognition for authentication processÂ it is one of the oldest and most commonly used biometrics, with high accuracy & generally easy and efficient and fast.Â In this paper we propose the idea to use fingerprint recognition along with the user authentication password or to access the data or information. Since the only person who can access information is the person linked to it, no thief can gain access. It also makes your data, very hard for cyber criminals to hack into.

Download Full-text

Analysis of information security threats when processing confidential data in mobile systems

Bezopasnost informacionnyh tehnology ◽

10.26583/bit.2021.1.08 ◽

2021 ◽

Vol 28 (1) ◽

pp. 95-105

Author(s):

Victor A. Khvostov ◽

Alexey V. Skrypnikov ◽

Evgeniy A. Rogozin ◽

Ludmila A. Obuhova ◽

Dmitriy G. Silka

Keyword(s):

Information Security ◽

Mobile Systems ◽

Security Threats ◽

Confidential Data

Download Full-text

Biometric Approach for Confidentiality in Cloud Computing

SAMRIDDHI A Journal of Physical Sciences Engineering and Technology ◽

10.18090/samriddhi.v10i01.9 ◽

2018 ◽

Vol 10 (01) ◽

pp. 65-70

Author(s):

Pankaj Mishra ◽

Dev Ratna Singh

Keyword(s):

Private Information ◽

Data Security ◽

Personal Data ◽

Security Measures ◽

Biometric System ◽

Security Systems ◽

Biometric Security ◽

Digital Database ◽

Cyber Safety ◽

Identity Cards

Nowadays, progress in technology have made life simple by giving us higher levels of knowledge through the innovation of various devices. However, all technical invention harbours the potential of invisible threats to its users. One leading danger is theft of private information and data. As digital database get more prevailing, user’s attempt to prevent their data with extremely encrypted Identity cards and passwords. However, the abuse and theft of these security measures are on the rise. Taking benefit of security fault in Identity cards result in the cards gets duplicated and get misused. This increasing conflict of the cyber safety has lead to the start of biometric security method. Defining the main variation between the methods of biometric system used to verify user identity will focus on the benefits and limitations of personal data security systems.

Download Full-text

Encryption of DES Algorithm in Information Security

10.31227/osf.io/d9p6b ◽

2018 ◽

Author(s):

Andysah Putera Utama Siahaan

Keyword(s):

Information Security ◽

Data Security ◽

Block Cipher ◽

Personal Data ◽

Block Size ◽

Data Encryption ◽

Business Practices ◽

Security Systems ◽

Data Encryption Standard ◽

Private Key

Information security is the protection of personal and non-personal data from various threats to guarantee privacy. For business practices, data security can reduce business risk, and increase the return of investment and business opportunities. In designing information system security systems, there are information security aspects that need to be considered. Many threats will come before the information circulating. Information is a matter that will be targeted by wild parties. Cryptographic algorithms are needed to protect data from these threats. Data Encryption Standard (DES) belongs to the symmetry cryptography system and is classified as a block cipher type. DES operates on 64-bit block size. DES encrypts 64 plaintext bits into 64-bit ciphertext using 56 private key bits or subkeys. The internal key is generated from an external key that is 64 bits long. The DES method is an excellent cryptographic technique used to secure data. DES has 16 rounds to ensure safer data against unexpected attacks. Applying DES to data encryption will be very useful for protecting data.

Download Full-text

Safeguarding the Information Systems in an Organization through Different Technologies, Policies, and Actions

Computer and Information Science ◽

10.5539/cis.v12n2p117 ◽

2019 ◽

Vol 12 (2) ◽

pp. 117

Author(s):

Hend K. Alkahtani

Keyword(s):

Information System ◽

Information Security ◽

Security Policy ◽

Background Information ◽

Security Threats ◽

Security Threat ◽

Information Security Policy ◽

Study Results ◽

Improved Performance ◽

Awareness Level

Background: Information system use has substantially increased among the organization based on its effective integration of the resources and improved performance. The increasing reliance on the information system serves as a great security threat for the firms. Objective: The study intends to evaluate the security of the information system in the organization located in the region of Saudi Arabia, concerning the user’s awareness level. Methods: The quantitative design of the study is adopted which uses the survey approach. A close-ended questionnaire is used for evaluating the awareness level among the individuals. A total of 109 participants (males and females) in the Saudi Company were recruited for the study. Results: Despite the implementation of the policy, employees were unaware of it. The study highlights that the development of the firm’s information security policy requires the firm to make employees aware of the significance of the information security. Conclusion: The study concludes that the organization needs to educate the workforce of the information security policy and develop their necessary understanding of the information security system. This allows the employees to identify and report security threats and risks which helps in the improvement of information security awareness.

Download Full-text

Security Audit Logging in Microservice-Based Systems: Survey of Architecture Patterns

Voprosy kiberbezopasnosti ◽

10.21681/2311-3456-2021-2-71-80 ◽

2021 ◽

pp. 71-80

Author(s):

Alexander Barabanov ◽

◽

Denis Makrushin ◽

Keyword(s):

Information Security ◽

Service Oriented Architecture ◽

Security Requirements ◽

Incident Management ◽

Security Threats ◽

Security Threat ◽

Audit Process ◽

Internal Event ◽

High Level ◽

Security Standards

Objective. Service-oriented architecture increases technical abilities for attacker to move laterally and maintain multiple pivot points inside of compromised environment. Microservice-based infrastructure brings more challenges for security architect related to internal event visibility and monitoring. Properly implemented logging and audit approach is a baseline for security operations and incident management. The aim of this study is to provide helpful resource to application and product security architects, software and operation engineers on existing architecture patterns to implement trustworthy logging and audit process in microservice-based environments. Method. In this paper, we conduct information security threats modeling and a systematic review of major electronic databases and libraries, security standards and presentations at the major security conferences as well as architecture whitepapers of industry vendors with relevant products. Results and practical relevance. In this work based on research papers and major security conferences presentations analysis, we identified industry best practices in logging audit patterns and its applicability depending on environment characteristic. We provided threat modeling for typical architecture pattern of logging system and identified 8 information security threats. We provided security threat mitigation and as a result of 11 high-level security requirements for audit logging system were identified. High-level security requirements can be used by application security architect in order to secure their products

Download Full-text