Ways of providing information security and confidentiality under conditions of digitalization

A detailed description of confidential information is given. Software products that are used to protect information in modern conditions are described. Requirements for employees of organizations to ensure data confidentiality are formulated. The main rules for processing valuable information are listed, and the conclusion is made that it is necessary not only to install specialized programs in organizations, but also to make personnel follow the instructions while working with any information, especially those that contain confidential data.

Download Full-text

Improved Algorithm of Steganography Combined with Cryptography

International Journal for Research in Applied Science and Engineering Technology ◽

10.22214/ijraset.2021.35792 ◽

2021 ◽

Vol 9 (VI) ◽

pp. 3793-3804

Author(s):

Anees Banu

Keyword(s):

Information Security ◽

Multimedia Information ◽

Secret Data ◽

Confidential Information ◽

Additional Layer ◽

Confidential Data ◽

The World ◽

Cryptographic Algorithms ◽

Written Form ◽

Improved Algorithm

When it comes to preventing unauthorised access to, destruction of, or inspection of confidential data, information security has always been a major factor. Multimedia information is now used in every field throughout the world. The confidential information that is used in these areas must be kept secure. There are a variety of methods for keeping data secure. One of these is steganography, which is concealing information within other data into a format that the cover information remains unchanged. Cryptography, an encryption process that scrambles data into a written form that is sometimes referred to as a hash, is an auxiliary approach for securing information. Steganography and cryptography each have their own set of benefits and drawbacks. Even though both technologies give security, it is usually a good practise to combine Cryptographic algorithms to create additional layers of security. When cryptographic with steganography are combined, a multi-layer security paradigm is created. The proposed work's main goal is to add an additional layer of protection by using cryptography and steganography to encrypt and embed secret data conveyed across an insecure channel.

Download Full-text

The Market Value and Reputational Effects from Lost Confidential Information

International Journal of Financial Management ◽

10.21863/ijfm/2015.5.4.020 ◽

2015 ◽

Vol 5 (4) ◽

Cited By ~ 2

Author(s):

Joseph K. Tanimura ◽

Eric W. Wehrly

Keyword(s):

Information Security ◽

Market Value ◽

Direct Costs ◽

Publicly Traded ◽

Confidential Information ◽

Publicly Traded Companies ◽

Security Breaches ◽

Customer Information ◽

Employee Information

According to many business publications, firms that experience information security breaches suffer substantial reputational penalties. This paper examines incidents in which confidential information, for a firms customers or employees, is stolen from or lost by publicly traded companies. Firms that experience such breaches suffer statistically significant losses in the market value of their equity. On the whole, the data indicate that these losses are of similar magnitudes to the direct costs. Thus, direct costs, and not reputational penalties, are the primary deterrents to information security breaches. Contrary to many published assertions, on average, firms that lose customer information do not suffer reputational penalties. However, when firms lose employee information, we find significant reputational penalties.

Download Full-text

Protective Coating Based on Carbon Nanotubes to Ensure Information Security of Particularly Important Objects and Confidential Information

"Smart Technologies" for Society, State and Economy - Lecture Notes in Networks and Systems ◽

10.1007/978-3-030-59126-7_19 ◽

2020 ◽

pp. 164-171

Author(s):

Ilya S. Dvuzhilov ◽

Yulia V. Dvuzhilova ◽

Mikhail M. Belonenko

Keyword(s):

Carbon Nanotubes ◽

Information Security ◽

Protective Coating ◽

Confidential Information

Download Full-text

AUTOMATED SYSTEM FOR ESTIMATION-EFFICIENCYSOFTWARE MEANS OF IN-FORMATION PROTECTION

Automation and modeling in design and management of ◽

10.30987/article_5cf2d22c9dcd72.20436206 ◽

2019 ◽

Vol 2019 (2) ◽

pp. 25-32

Author(s):

Алексей Горлов ◽

Aleksey Gorlov ◽

Михаил Рытов ◽

Mikhail Rytov ◽

Дмитрий Лысов ◽

...

Keyword(s):

Information Security ◽

Automated System ◽

Security Threats ◽

Information Protection ◽

Technical Documentation ◽

Confidential Information ◽

Hardware System ◽

Material Costs ◽

Software And Hardware

This article discusses the process of automating the assessment of the effectiveness of software and hardware information protection by creating an automated system. The main functions of the proposed system are: conducting an audit of information security, forming a model of information security threats, forming recommendations for creating a software and hardware system for protecting information, and creating organizational-technical documentation. The developed automated system for evaluating the effectiveness of software and hardware protection of information allows in an automated way to build a model of information security threats, to form organizational and technical documentation governing the protection of confidential information, and also to make recommendations for improving the software and hardware system for protecting information. The use of this system will significantly reduce the time and material costs of auditing information security and developing additional measures to protect information.

Download Full-text

Conceptual principles for ensuring effective protection of information in the context of economic security of the enterprise

Ekonomìka ta upravlìnnâ APK ◽

10.33245/2310-9262-2020-155-1-84-92 ◽

2020 ◽

pp. 84-92

Author(s):

A.V. Pecheniuk

Keyword(s):

Information Security ◽

Information And Communication Technologies ◽

Security Policy ◽

Criminal Responsibility ◽

Economic Security ◽

Information Policy ◽

Security System ◽

Theory And Practice ◽

Confidential Information ◽

Information Security Policy

The necessity of formation of an effective information security system of the enterprise is substantiated. It is emphasized that when designing an information policy, the firm must comply with the requirements of the current legislation, take into account the level of technical support, especially the regulation of employees' access to confidential information, etc. It is stated that the costs of organizing information security measures should be appropriate to its value. The article identifies major threats that could be breached by confidential information. The list of the main normative legal acts aimed at bringing to civil, administrative and criminal responsibility for illegal collection, disclosure and use of information constituting a trade secret. The main stages of building an information security policy are summarized, the most common types of information threats related to the use of modern computer technologies are described. The necessity of developing a domestic original accounting (management) program that could be used in the long term by the vast majority of Ukrainian enterprises is pointed out. There are three groups of tools that are applied in the theory and practice of information security of the enterprise (active, passive and combined), emphasizing the need for planning and continuous monitoring in real time of all important processes and conditions that affect data security. It is noted that even if the information security system is built taking into account all modern methods and means of protection, it does not guarantee one hundred percent protection of the information resources of the enterprise, but a well-designed information security policy allows to minimize the corresponding risks. Key words: information security, information policy, information security, confidential information, information threats, information and communication technologies, software.

Download Full-text

INFORMATION SECURITY AS A COMPONENT OF THE ECONOMIC SECURITY OF THE ENTERPRISE

Business security management in modern conditions ◽

10.26526/chapter_60258635b4a2f5.44169199 ◽

2021 ◽

pp. 119-129

Author(s):

Vera Shumilina ◽

Elena Tetunashvili

Keyword(s):

Information Security ◽

Information Leakage ◽

Economic Security ◽

Confidential Information ◽

Unauthorized Access ◽

Modern Enterprise

The article is devoted to the study of information security as an integral part of the economic security of any modern enterprise. Threats are described that can lead to disclosure of confidential information, leakage of confidential information, unauthorized access to protected information, etc. Means and ways of countering the presented threats are also given

Download Full-text

Database Encryption for Balance Between Performance and Security

Journal of Information Assurance & Cybersecurity ◽

10.5171/2021.614511 ◽

2021 ◽

pp. 1-9

Author(s):

André Gomes ◽

Carla Santos ◽

Cristina Wanzeller ◽

Pedro Martins

Keyword(s):

Information Security ◽

Confidential Information ◽

Digital World ◽

Database Encryption ◽

World Information ◽

A Company

In an increasingly digital world, information security is a very recurring theme and a growing concern for companies. This involves the protection of data and confidential or non-confidential information of a company, which transit between all its sectors and between the organization and its stakeholders.

Download Full-text

Message Security Using a Combination of Hill Cipher and RSA Algorithms

Jurnal Matematika Dan Ilmu Pengetahuan Alam LLDikti Wilayah 1 (JUMPA) ◽

10.54076/jumpa.v1i1.38 ◽

2021 ◽

Vol 1 (1) ◽

pp. 20-28

Author(s):

Yogi Suryo Santoso

Keyword(s):

Information Security ◽

Data Confidentiality ◽

Validity Data ◽

Security Issues ◽

Data Authentication ◽

Hill Cipher ◽

Data Validity ◽

Mathematical Techniques ◽

Cryptographic Techniques ◽

Rsa Cryptography

The process of exchanging digital messages is increasingly being used due to its easy and practical use. But the process of exchanging digital messages is vulnerable to being tapped by unauthorized people. Cryptography is the study of mathematical techniques related to aspects of information security, such as data confidentiality, data validity, data integrity, and data authentication. With cryptography, the process of exchanging messages between two people can be done securely. Thus, cryptographic techniques are used to overcome security issues when exchanging messages. The methods used in this study are hybrid hill cipher and RSA cryptography. In this study it was shown that hybrid hill cipher cryptography with a 3x3 matrix key and RSA with a 512 bit key can overcome security issues when exchanging data so that messages sent cannot be read by unauthorized people.

Download Full-text

Digital Image Steganography

Advanced Image Processing Techniques and Applications - Advances in Computational Intelligence and Robotics ◽

10.4018/978-1-5225-2053-5.ch015 ◽

2017 ◽

pp. 324-346 ◽

Cited By ~ 1

Author(s):

Chitra A. Dhawale ◽

Naveen D. Jambhekar

Keyword(s):

Communication Network ◽

Performance Analysis ◽

Information Security ◽

Digital Image ◽

Data Communication ◽

Image Steganography ◽

Digital Data ◽

Confidential Information ◽

Unauthorized Access ◽

Data Communication Network

Digital data transmitted over the insecure communication can be prone to attacks. Intruders try various attacks to unauthorized access of the confidential information. The Steganography is such as security system that provide the protection to the images, text and other type of data digitally transferred through the data communication network. This chapter elaborates the basics of Digital Image Steganographic techniques from ancient era to digital edge, types of images used for the steganography, payload used for the steganography, various attacks and different algorithms that can provide the information security. The performance analysis of the various Digital Image Steganographic algorithms are discussed. The current applications and their necessities are discussed in this chapter.

Download Full-text

Information Security and Risk Management

Encyclopedia of Multimedia Technology and Networking, Second Edition ◽

10.4018/978-1-60566-014-1.ch090 ◽

2009 ◽

pp. 668-674 ◽

Cited By ~ 3

Author(s):

Thomas M. Chen

Keyword(s):

Risk Management ◽

Information Security ◽

Denial Of Service ◽

Modern Society ◽

Limited Resources ◽

Management Process ◽

News Reports ◽

Risk Management Process ◽

Confidential Data ◽

Information Assets

It is easy to find news reports of incidents where an organization’s security has been compromised. For example, a laptop was lost or stolen, or a private server was accessed. These incidents are noteworthy because confidential data might have been lost. Modern society depends on the trusted storage, transmission, and consumption of information. Information is a valuable asset that is expected to be protected. Information security is often considered to consist of confidentiality, integrity, availability, and accountability (Blakley, McDermott, & Geer, 2002). Confidentiality is the protection of information against theft and eavesdropping. Integrity is the protection of information against unauthorized modification and masquerade. Availability refers to dependable access of users to authorized information, particularly in light of attacks such as denial of service against information systems. Accountability is the assignment of responsibilities and traceability of actions to all involved parties. Naturally, any organization has limited resources to dedicate to information security. An organization’s limited resources must be balanced against the value of its information assets and the possible threats against them. It is often said that information security is essentially a problem of risk management (Schneier, 2000). It is unreasonable to believe that all valuable information can be kept perfectly safe against all attacks (Decker, 2001). An attacker with unlimited determination and resources can accomplish anything. Given any defenses, there will always exist a possibility of successful compromise. Instead of eliminating all risks, a more practical approach is to strategically craft security defenses to mitigate or minimize risks to acceptable levels. In order to accomplish this goal, it is necessary to perform a methodical risk analysis (Peltier, 2005). This article gives an overview of the risk management process.

Download Full-text