scholarly journals Assuring the Optimum Security Level for Network, Physical and Cloud Infrastructure

2021 ◽  
Author(s):  
Ali T. Atieh
Keyword(s):  
Electromagnetic Interference ◽  
Cloud Security ◽  
Cyber Attacks ◽  
Security Level ◽  
Optimum Level ◽  
Security Assessment ◽  
It Infrastructure ◽  
Cloud Infrastructure ◽  
Network Infrastructure ◽  
Employee Support

A robust and secure IT infrastructure ensures reliable security, high speeds and connectivity,employee support and accessibility, and a positive user experience for clients. It is hard to managea modern firm without a secure and adaptable IT infrastructure. Technology, when properly setup and networked, can improve back-office processes, increase efficiency, and simplifycommunication. This research explores how an organization assure the optimum level ofinfrastructure security in in three domains: network infrastructure security, physical infrastructuresecurity, and cloud infrastructure security. Running a network infrastructure model comes with avariety of difficulties. The findings suggest that there are few recommendations for assuring rightsecurity level for the network infrastructure, including: conducting a network security assessment,keeping user access privileges to a bare minimum for work, updating programs, investigatingcybersecurity tools and Increasing cyber-awareness. Physical infrastructure security is also crucial.We divided he dangers are divided into the following categories and suggested for appropriatedmeasure: threats by environment, threats by technical infrastructure, threats by humans,inappropriate humidity and temperature, Electrification, Electromagnetic Interference (EMI),Unauthorized physical access. Cloud security is necessitated by the widespread adoption of cloudtechnology, as well as an ever-increasing volume and sophistication of cyber attacks. To ensurethe right level of cloud security, this research recommend to take some measures, including: Transitand Rest Protection, Asset Security. Securing User Management, Integration of compliance andsecurity, Authentication and Identity, and Operational Safety and Security While no amount ofsecurity will ever stop all attacks, organizations can significantly minimize risk of suffering a breachand the fallout from such attacks by taking a few critical steps to secure business’ network, physicaland cloud infrastructure.

scholarly journals Assuring the Optimum Security Level for Network, Physical and Cloud Infrastructure

2021 ◽  
Author(s):  
Ali Atieh
Keyword(s):  
Electromagnetic Interference ◽  
Cloud Security ◽  
Cyber Attacks ◽  
Security Level ◽  
Optimum Level ◽  
Security Assessment ◽  
It Infrastructure ◽  
Cloud Infrastructure ◽  
Network Infrastructure ◽  
Physical Infrastructure

A robust and secure IT infrastructure ensures reliable security, high speeds and connectivity, employee support and accessibility, and a positive user experience for clients. It is hard to manage a modern firm without a secure and adaptable IT infrastructure. Technology, when properly set up and networked, can improve back-office processes, increase efficiency, and simplify communication. This research explores how an organization assure the optimum level of infrastructure security in in three domains: network infrastructure security, physical infrastructure security, and cloud infrastructure security. Running a network infrastructure model comes with a variety of difficulties. The findings suggest that there are few recommendations for assuring right security level for the network infrastructure, including: conducting a network security assessment, keeping user access privileges to a bare minimum for work, updating programs, investigating cybersecurity tools and Increasing cyber-awareness. Physical infrastructure security is also crucial. We divided he dangers are divided into the following categories and suggested for appropriated measure: threats by environment, threats by technical infrastructure, threats by humans, inappropriate humidity and temperature, Electrification, Electromagnetic Interference (EMI), Unauthorized physical access. Cloud security is necessitated by the widespread adoption of cloud technology, as well as an ever-increasing volume and sophistication of cyber attacks. To ensure the right level of cloud security, this research recommend to take some measures, including: Transit and Rest Protection, Asset Security. Securing User Management, Integration of compliance and security, Authentication and Identity, and Operational Safety and Security While no amount of security will ever stop all attacks, organizations can significantly minimize risk of suffering a breach and the fallout from such attacks by taking a few critical steps to secure business’ network, physical and cloud infrastructure.

scholarly journals Cloudstrike: Chaos Engineering for Security and Resiliency in Cloud Infrastructure

2020 ◽  
Author(s):  
Kennedy Torkura
Keyword(s):  
Knowledge Base ◽  
Fault Injection ◽  
Software Tool ◽  
Cloud Security ◽  
Cyber Attacks ◽  
Cloud Infrastructure ◽  
Security Issues ◽  
Security Controls ◽  
Security Models ◽  
Consumption Rates

<div>Most cyber-attacks and data breaches in cloud</div><div>infrastructure are due to human errors and misconfiguration</div><div>vulnerabilities. Cloud customer-centric tools are lacking, and existing</div><div>security models do not efficiently tackle these security challenges.</div><div>Novel security mechanisms are imperative, therefore, we</div><div>propose Risk-driven Fault Injection (RDFI) techniques to tackle</div><div>these challenges. RDFI applies the principles of chaos engineering</div><div>to cloud security and leverages feedback loops to execute, monitor,</div><div>analyze and plan security fault injection campaigns, based on</div><div>a knowledge-base. The knowledge-base consists of fault models</div><div>designed from cloud security best practices and observations</div><div>derived during iterative fault injection campaigns. Furthermore,</div><div>the observations indicate security weaknesses and verify the</div><div>correctness of security attributes (integrity, confidentiality and</div><div>availability) and security controls. Ultimately this knowledge is</div><div>critical in guiding security hardening efforts and risk analysis.</div><div>We have designed and implemented the RDFI strategies including</div><div>various chaos algorithms as a software tool: CloudStrike. Furthermore,</div><div>CloudStrike has been evaluated against infrastructure</div><div>deployed on two major public cloud systems: Amazon Web Service</div><div>and Google Cloud Platform. The time performance linearly</div><div>increases, proportional to increasing attack rates. Similarly, CPU</div><div>and memory consumption rates are acceptable. Also, the analysis</div><div>of vulnerabilities detected via security fault injection has been</div><div>used to harden the security of cloud resources to demonstrate the</div><div>value of CloudStrike. Therefore, we opine that our approaches</div><div>are suitable for overcoming contemporary cloud security issues</div>

scholarly journals Cloudstrike: Chaos Engineering for Security and Resiliency in Cloud Infrastructure

2020 ◽  
Author(s):  
Kennedy Torkura
Keyword(s):  
Knowledge Base ◽  
Fault Injection ◽  
Software Tool ◽  
Cloud Security ◽  
Cyber Attacks ◽  
Cloud Infrastructure ◽  
Security Issues ◽  
Security Controls ◽  
Security Models ◽  
Consumption Rates

<div>Most cyber-attacks and data breaches in cloud</div><div>infrastructure are due to human errors and misconfiguration</div><div>vulnerabilities. Cloud customer-centric tools are lacking, and existing</div><div>security models do not efficiently tackle these security challenges.</div><div>Novel security mechanisms are imperative, therefore, we</div><div>propose Risk-driven Fault Injection (RDFI) techniques to tackle</div><div>these challenges. RDFI applies the principles of chaos engineering</div><div>to cloud security and leverages feedback loops to execute, monitor,</div><div>analyze and plan security fault injection campaigns, based on</div><div>a knowledge-base. The knowledge-base consists of fault models</div><div>designed from cloud security best practices and observations</div><div>derived during iterative fault injection campaigns. Furthermore,</div><div>the observations indicate security weaknesses and verify the</div><div>correctness of security attributes (integrity, confidentiality and</div><div>availability) and security controls. Ultimately this knowledge is</div><div>critical in guiding security hardening efforts and risk analysis.</div><div>We have designed and implemented the RDFI strategies including</div><div>various chaos algorithms as a software tool: CloudStrike. Furthermore,</div><div>CloudStrike has been evaluated against infrastructure</div><div>deployed on two major public cloud systems: Amazon Web Service</div><div>and Google Cloud Platform. The time performance linearly</div><div>increases, proportional to increasing attack rates. Similarly, CPU</div><div>and memory consumption rates are acceptable. Also, the analysis</div><div>of vulnerabilities detected via security fault injection has been</div><div>used to harden the security of cloud resources to demonstrate the</div><div>value of CloudStrike. Therefore, we opine that our approaches</div><div>are suitable for overcoming contemporary cloud security issues</div>

scholarly journals Enhanced Security In Cloud With Multi-Level Intrusion Detection System

2015 ◽  
pp. 9-12
Author(s):  
M. KUZHALISAI ◽  
G. GAYATHRI
Keyword(s):  
Cloud Computing ◽  
Intrusion Detection ◽  
Large Scale ◽  
Detection System ◽  
Computing System ◽  
Cyber Attacks ◽  
Security Level ◽  
Security Service ◽  
Cloud Computing System ◽  
System Resource

Cloud computing is a new type of service which provides large scale computing resource to each customer. Cloud Computing Systems can be easily threatened by various cyber attacks, because most of Cloud computing system needs to contain some Intrusion Detection Systems (IDS) for protecting each Virtual Machine (VM) against threats. In this case, there exists a tradeoff between the security level of the IDS and the system performance. If the IDS provide stronger security service using more rules or patterns, then it needs much more computing resources in proportion to the strength of security. So the amount of resources allocating for customers decreases. Another problem in Cloud Computing is that, huge amount of logs makes system administrators hard to analyse them. In this paper, we propose a method that enables cloud computing system to achieve both effectiveness of using the system resource and strength of the security service without trade-off between them.

Advances in Information, Security, Privacy & Ethics

2015 ◽  
pp. 173-183
Author(s):  
Joseph M. Woodside
Keyword(s):  
Cloud Computing ◽  
Personal Information ◽  
Cloud Security ◽  
Cyber Attacks ◽  
Security Breaches ◽  
Teacher Student ◽  
Delivery Costs ◽  
Administrator Perspective ◽  
Future Of Education ◽  
Prime Target

The future of education lays in the hand of Cloud Computing given the benefits of learning delivery, costs reduction, and innovation. At the same time, the threat of cyber-attacks and security breaches are also mounting for education based organizations and are a prime target given the amount and type of personal information available. This manuscript discusses the cloud security, privacy, and ethical mechanisms required from a teacher, student, and administrator perspective.

Cyber Space Security Assessment Case Study

2018 ◽  
pp. 1060-1092
Author(s):  
Hanaa. M. Said ◽  
Rania El Gohary ◽  
Mohamed Hamdy ◽  
Abdelbadeeh M. Salem
Keyword(s):  
Data Mining ◽  
Cyber Security ◽  
Cyber Attacks ◽  
Assessment Procedure ◽  
Security Assessment ◽  
Reference Measure ◽  
Decision Tress ◽  
Cyber Space ◽  
Reference Measurements

Cyberspace is known as the digital electronic medium for the knowing range of securing in the cyberspace. Therefore the importance of inferring the reference measure in the form of assessment procedure to improve the knowledge and making the decision for the e- government services. A series of the standards build on the application of data mining methods specifically represented as decision tress model, Logistic regression, association rules model, Bayesian network for making reference measurements, to measure the extent of securing the data, and the provided services. The authors discuss various types of cyber-attacks describing how data mining helps in detection and prevention of these attacks. A comparative analysis between a set of selected frameworks is presented. Finally this chapter imparts numbers of applications for the data mining Methodologies in Cyber Security. Results applied on the site of the authority for cleaning and beautifying Cairo governorate in Egypt.

Cyber Security Assessment of NPP I&C Systems

2020 ◽  
pp. 221-238
Author(s):  
Oleksandr Klevtsov ◽  
Artem Symonov ◽  
Serhii Trubchaninov
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Nuclear Power ◽  
Power Plants ◽  
Cyber Attacks ◽  
Security Assessment ◽  
Nuclear Facilities ◽  
Security Risks ◽  
Cyber Threats ◽  
And Control

The chapter is devoted to the issues of cyber security assessment of instrumentation and control systems (I&C systems) of nuclear power plants (NPP). The authors examined the main types of potential cyber threats at the stages of development and operation of NPP I&C systems. Examples of real incidents at various nuclear facilities caused by intentional cyber-attacks or unintentional computer errors during the maintenance of the software of NPP I&C systems are given. The approaches to vulnerabilities assessment of NPP I&C systems are described. The scope and content of the assessment and periodic reassessment of cyber security of NPP I&C systems are considered. An approach of assessment to cyber security risks is described.

scholarly journals Water Security Assessment of China’s One Belt and One Road Region

Water ◽  
2019 ◽  
Vol 11 (3) ◽  
pp. 607 ◽  
Author(s):  
Zhaofang Zhang ◽  
Weijun He ◽  
Min An ◽  
Dagmawi Degefu ◽  
Liang Yuan ◽  
...  
Keyword(s):  
Carrying Capacity ◽  
Water Resource Management ◽  
Driving Forces ◽  
Water Security ◽  
Silk Road ◽  
Utilization Efficiency ◽  
Security Level ◽  
Security Assessment ◽  
Water Utilization ◽  
Environmental Systems

The sustainable development of socioeconomic and environmental systems are highly dependent on water capital and water utilization efficiency. Nowadays, a significant portion of the world is facing water security issues due to a combination of various factors. As a result, socioeconomic and environmental systems are threatened. China is also currently experiencing problems. Water security assessment helps to identify key determining factors for optimal water utilization, so the authors present the Driving Forces-Pressures-Carrying Capacity-State-Impacts-Responses (DPSCIR) water security assessment framework. Unlike previous methods, the proposed framework incorporates the carrying capacity of the environment, and as a result, yields assessment results that are more realistic. As a case study, the proposed framework coupled with the entropy method is applied to assess the water security status of the One Belt and One Road (B&R) region in China. In addition, the water security level of the provinces and municipalities in this region are simulated for the time period from 2017 to 2022 using the Grey Prediction Model. The results show that Responses, State, Pressures, and Carrying Capacity Subsystems greatly influence water security of the region. According to the assessment, water security of the area improved from 2011 to 2016. The results portray the following trend among the three subregions of the study area, the water security of the 21st Maritime Silk Road (One Road) area is better than Silk Road Economic Belt (One Belt) and the Strategy Support and Pivotal Gateway (SSPG) of B&R areas. Generally, from the evaluation results it can be concluded that only focusing on the subsystem of Responses cannot entirely address the water security problems within the B&R area. Therefore, to ensure sustainable water security in the region and in the country, the government needs to design water resource management mechanisms that take all the subsystems into account.

scholarly journals Use of Risk Analysis for Water Security Assessment

2019 ◽  
Vol 295 ◽  
pp. 02008
Author(s):  
Samah Jabari ◽  
Isam Shahrour ◽  
Jamal khatabi
Keyword(s):  
Risk Analysis ◽  
Water Security ◽  
Security Level ◽  
Security Assessment ◽  
Security Issue ◽  
Palestinian Territory

This paper presents analysis of water security using risk analysis. It contributes to an enhanced understanding of the water security issue through creating indicators and their use in the determination of the water security level. The paper presents first the methodology followed in this research, which includes three steps: identification of water risk drivers, the determination of their severity and likelihood and finally the calculation of the water security score. The paper presents the first step of the application of this methodology to Palestinian territory through the identification of the drivers of the water risk and the levels of both the severity and likelihood to be used in future water security assessment.

Sign in / Sign up

Export Citation Format

Share Document