XTEA CRYPTOGRAPHY IMPLEMENTATION  IN ANDROID CHATTING APP

Information security plays a significant role in information society. Cryptography is a key proof of concept to increasing the security of information assets and has been deployed in various algorithms. Among cryptography algorithms is Extended Tiny Encryption Algorithm. This study aims to describe a recent Android Apps to realize XTEA Cryptography in mobile form. In addition, a thorough example is presented to enable readers gain understanding on how it works within our Android Apps.

Download Full-text

The formation of information security culture of college students

Informatics and Education ◽

10.32517/0234-0453-2019-34-9-29-36 ◽

2019 ◽

pp. 29-36

Author(s):

I. D. Rudinskiy ◽

D. Ya. Okolot

Keyword(s):

College Students ◽

Information Security ◽

Information Society ◽

Technical Aspect ◽

Data Sources ◽

Structural Components ◽

Security Culture ◽

The Individual ◽

Information Security Culture ◽

Ability And Willingness

The article discusses aspects of the formation of information security culture of college students. The relevance of the work is due to the increasing threats to the information security of the individual and society due to the rapid increase in the number of information services used. Based on this, one of the important problems of the development of the information society is the formation of a culture of information security of the individual as part of the general culture in its socio-technical aspect and as part of the professional culture of the individual. The study revealed the structural components of the phenomenon of information security culture, identified the reasons for the interest in the target group of students. It justifies the need for future mid-level specialists to form an additional universal competency that ensures the individual’s ability and willingness to recognize the need for certain information, to identify and evaluate the reliability and reliability of data sources. As a result of the study, recommendations were formulated on the basis of which a culture of information security for college students can be formed and developed and a decomposition of this process into enlarged stages is proposed. The proposals on the list of disciplines are formulated, within the framework of the study of which a culture of information security can develop. The authors believe that the recommendations developed will help future mid-level specialists to master the universal competency, consisting in the ability and willingness to recognize the need for certain information, to identify and evaluate the reliability and reliability of data sources, as well as to correctly access the necessary information and its further legitimate use, which ultimately forms a culture of information security.

Download Full-text

Writing on the Wall: A Case of State Colleges and Universities

International Journal of Advanced Research in Computer Science and Software Engineering ◽

10.23956/ijarcsse.v8i1.528 ◽

2018 ◽

Vol 8 (1) ◽

pp. 79

Author(s):

Judith Barlaan

Keyword(s):

Information Security ◽

Assessment Tool ◽

The Philippines ◽

Colleges And Universities ◽

State Colleges ◽

Top Executives ◽

Information Security Governance ◽

Information Assets ◽

Compliance With The Law ◽

Institutional Reputation

Information security is imperative for state colleges and universities (SUCs) to have a sound information security in protecting their information assets, enhancing institutional reputation and ensuring compliance with the law. This paper presents the level of implementation of information security in the state colleges and universities (SUCs) in the Philippines. Data used was based on questionnaire adapted from the Information Security Governance (ISG) Assessment Tool for Higher Education(EDUCAUSE/Internet2 Security Task 2004) and was distributed to a total of 30 individuals who are responsible in managing and keeping the information assets of the SUCS. Findings revealed that information security is not yet fully implemented among the SUCS, this is a clear indication of failure or disaster, and these institutions are vulnerable to information security threats. SUCs are encouraged to implement comprehensive information security program at a strategic level involving the board of regents and top executives for safety and security.

Download Full-text

The Current Status and Improvement Plan of Information Security Implementation System and Governance - Review for Building a Safe and Secure Intelligence Information Society -

ADMINISTRATIVE LAW JOURNAL ◽

10.35979/alj.2019.02.56.173 ◽

2019 ◽

Vol 56 ◽

pp. 173-198

Author(s):

Dongin Ahn

Keyword(s):

Information Security ◽

Information Society ◽

Current Status ◽

Improvement Plan

Download Full-text

A game of information security investment considering security insurance and complementary information assets

International Transactions in Operational Research ◽

10.1111/itor.12972 ◽

2021 ◽

Author(s):

Xiaofei Qian ◽

Wujuan Yang ◽

Jun Pei ◽

Xinbao Liu ◽

Panos M. Pardalos

Keyword(s):

Information Security ◽

Complementary Information ◽

Security Investment ◽

Information Assets ◽

Information Security Investment

Download Full-text

ANALYSIS OF ROUTER ATTACK WITH SECURITY INFORMATION AND EVENT MANAGEMENT AND IMPLICATIONS IN INFORMATION SECURITY INDEX

Cyber Security dan Forensik Digital ◽

10.14421/csecurity.2019.2.1.1388 ◽

2019 ◽

Vol 2 (1) ◽

pp. 1-7

Author(s):

CITRA ARFANUDIN ◽

Bambang Sugiantoro ◽

Yudi Prayudi

Keyword(s):

Information Security ◽

Forensic Analysis ◽

Event Management ◽

Information Security Management System ◽

Security Information ◽

Information Assets ◽

Security Index ◽

Syn Flooding ◽

The Government ◽

The Impact

Information security is a need to secure organizational information assets. The government as the regulator issues an Information Security Management System (ISMS) and Information Security Index (US) as a measure of information security in the agency of a region. Security Information and Event Management (SIEM) is a security technology to secure information assets. SIEM is expected to provide information on attacks that occur on the router network and increase the value of the Indeks KAMI of government agencies. However, the use of SIEM is still questionable whether it can recognize a router attack and its impact on the value of our index. This research simulates attacks on routers with 8 attacks namely Mac Flooding, ARP-Poisoning, CDP Flooding, DHCP Starvation, DHCP Rogue, SYN Flooding SSH Bruteforce and FTP Bruteforce. 8 types of attacks followed by digital forensic analysis using the OSCAR method to see the impact on routers and SIEM. Also measured is index KAMI before and after the SIEM to be able to measure the effect of SIEM installation on the value of index KAMI. It was found that the use of SIEM to conduct security monitoring proved successful in identifying attacks, but not all were recognized by SIEM. SIEM only recognizes DHCP Starvation, DHCP Rogue, SSH Bruteforce and FTP Bruteforce. Mac Flooding, ARP-Poisoning, CDP Flooding, SYN Flooding attacks are not recognized by SIEM because routers do not produce logs. Also obtained is the use of SIEM proven to increase our index from the aspect of technology

Download Full-text

Secure Information Assets with Data: An Information Security Governance Framework Using Orchestrated Data Analytics from a Holistic Perspective

Proceedings of the 2016 International Conference on Computer Science and Electronic Technology ◽

10.2991/cset-16.2016.43 ◽

2016 ◽

Author(s):

Huaying Chen ◽

Zhijun Song

Keyword(s):

Information Security ◽

Data Analytics ◽

Governance Framework ◽

Security Governance ◽

Holistic Perspective ◽

Secure Information ◽

Information Security Governance ◽

Information Assets

Download Full-text

Plausibly Deniable Chemical Encryption: Hiding a Molecule in a Haystack

10.26434/chemrxiv.12901766 ◽

2020 ◽

Author(s):

Wojciech Nogaś

Keyword(s):

Chemical Analysis ◽

Organic Molecule ◽

Encryption Algorithm ◽

Proof Of Concept ◽

Small Organic Molecule ◽

The Cost

We propose an outline of plausibly deniable chemical encryption algorithm, a technique aimed at increasing the cost of a small organic molecule identification in a sample by means of chemical analysis through mixing it with a rationally designed randomized mixture of analytical interferents, in a remote analogy to other domains of cryptography. The algorithm is then applied in a proof-of-concept demonstration example.

Download Full-text

Security of ICTs Supporting Healthcare Activities

Handbook of Research on ICTs for Human-Centered Healthcare and Social Care Services ◽

10.4018/978-1-4666-3986-7.ch011 ◽

2013 ◽

pp. 208-228

Author(s):

José Manuel Gaivéo

Keyword(s):

Information Security ◽

Information And Communication Technologies ◽

International Security ◽

Communication Technologies ◽

Risk Classification ◽

Organizational Information ◽

Security Standard ◽

Information And Communication ◽

Information Assets ◽

Level Of Risk

Healthcare activities and all that are related with it are conducted by people. This single fact has brought up many precautions about patients and about information related with their health. Using information and communication technologies to support this kind of information requires particular attention about what happens, namely about who can use it and for what it can be used. This chapter intends to identify the vulnerabilities that could be explored, using an international security standard to support a proactive attitude in face of potential threats that explore the identified vulnerabilities, damaging organizational information assets. Another intention is the establishment of a basis of references in information security to define a level of risk classification to build a referential to the potential that a given threat has to exploit the vulnerabilities of an asset, preventing damages to personal and organizational property, including information, and also activity continuity.

Download Full-text

The Role of Information Security and Cryptography in Digital Democracy

Human Rights and Ethics ◽

10.4018/978-1-4666-6433-3.ch086 ◽

2015 ◽

pp. 1564-1580

Author(s):

Theodosios Tsiakis

Keyword(s):

Human Rights ◽

Information Security ◽

Information Society ◽

Communication Systems ◽

Security And Privacy ◽

Constitutional Rights ◽

Critical Question ◽

Role Of Government ◽

Wrong Thing

The preponderant dilemma organisations confront currently is which way to homologate and superintend access for a broad mass of services and products and in parallel to preserve security and privacy. Information technology is rapidly changing, is inherently complex, and complexity kills security. There is an ongoing technical race to maintain security that does not take into account the human factors. The new technological infrastructure affects the degree of anonymity and confidentiality in mass-market computer-based systems and basically determines the evolution of democratic-political culture. Thus, in examining the issue of security, cryptography, privacy in the use of computers and Internet, forms the primary interest form the moral side of view, about what is the right and wrong thing to do, rather than in a legal frame, about what is legal and illegal. Security and privacy are not ethical or moral issues. They are fundamental human rights. In this societal change, the challenges of the information society are many but foremost is the protection of human rights. Addressing the critical question of how technological trends are both helping and hindering the advancement of human rights is essential in the specific digital environment. The democratic key concept is the efficient use of digital resources. We do not only need a culture of security (information), we further need to ensure the security of cultures, meaning that everyone should be able to freely exercise their constitutional rights. The role of this chapter is to bring to the surface the rights (human) implications of ICT and the information society. It enlightens the technical community, which designs, implements, and secures information and communication systems, with an understanding of human rights principles and foundational underpinnings. It highlights the role of government implications, identifies the role and relationship between the stakeholders, and indicates the balance between information security and freedom in order to understand that security, freedom, and rights (human), are not opposite concepts but coexist and progress in parallel.

Download Full-text

The Different Aspects of Information Security Education

Handbook of Research on Information and Cyber Security in the Fourth Industrial Revolution - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-4763-1.ch007 ◽

2018 ◽

pp. 182-204

Author(s):

Suchinthi Fernando

Keyword(s):

Information Technology ◽

Information Security ◽

Communication Systems ◽

Basic Education ◽

Information Technology Professionals ◽

Security Education ◽

Information And Communication ◽

Subject Areas ◽

Information Assets ◽

The Way

This chapter discusses the importance of information security education for everyone, ranging from organizations to professionals and students, all the way through to individual users of information and communication systems. It discusses the different subject areas in information security and shows how instead of being intimidated by it, different categories of users can obtain varying depths of information security education based on their cyber-activities and need for knowledge. Information security professionals would require an in-depth knowledge in all aspects of information security, and information technology professionals and students would require an overall education in these areas, while most users of information and communication systems would only require a basic education to help protect their information assets in cyberspace.

Download Full-text