Information Security

2016 ◽  
pp. 244-266
Author(s):  
Sofienne Srihi ◽  
Farhat Fnaiech ◽  
Ala Balti ◽  
Habib Hamam
Keyword(s):  
Information Security ◽  
Confidential Data

In this chapter, we define Information Security (IS) and elaborate on the different methods and technology used. We proceed to explain some of the IS tools and risks found in private and confidential data. We detail the latest algorithms and systems of security and discuss how to implement those systems in business to upgrade performances and increase profits.

scholarly journals Improved Algorithm of Steganography Combined with Cryptography

2021 ◽  
Vol 9 (VI) ◽  
pp. 3793-3804
Author(s):  
Anees Banu
Keyword(s):  
Information Security ◽  
Multimedia Information ◽  
Secret Data ◽  
Confidential Information ◽  
Additional Layer ◽  
Confidential Data ◽  
The World ◽  
Cryptographic Algorithms ◽  
Written Form ◽  
Improved Algorithm

When it comes to preventing unauthorised access to, destruction of, or inspection of confidential data, information security has always been a major factor. Multimedia information is now used in every field throughout the world. The confidential information that is used in these areas must be kept secure. There are a variety of methods for keeping data secure. One of these is steganography, which is concealing information within other data into a format that the cover information remains unchanged. Cryptography, an encryption process that scrambles data into a written form that is sometimes referred to as a hash, is an auxiliary approach for securing information. Steganography and cryptography each have their own set of benefits and drawbacks. Even though both technologies give security, it is usually a good practise to combine Cryptographic algorithms to create additional layers of security. When cryptographic with steganography are combined, a multi-layer security paradigm is created. The proposed work's main goal is to add an additional layer of protection by using cryptography and steganography to encrypt and embed secret data conveyed across an insecure channel.

Information Security and Risk Management

2009 ◽  
pp. 668-674 ◽  
Author(s):  
Thomas M. Chen
Keyword(s):  
Risk Management ◽  
Information Security ◽  
Denial Of Service ◽  
Modern Society ◽  
Limited Resources ◽  
Management Process ◽  
News Reports ◽  
Risk Management Process ◽  
Confidential Data ◽  
Information Assets

It is easy to find news reports of incidents where an organization’s security has been compromised. For example, a laptop was lost or stolen, or a private server was accessed. These incidents are noteworthy because confidential data might have been lost. Modern society depends on the trusted storage, transmission, and consumption of information. Information is a valuable asset that is expected to be protected. Information security is often considered to consist of confidentiality, integrity, availability, and accountability (Blakley, McDermott, & Geer, 2002). Confidentiality is the protection of information against theft and eavesdropping. Integrity is the protection of information against unauthorized modification and masquerade. Availability refers to dependable access of users to authorized information, particularly in light of attacks such as denial of service against information systems. Accountability is the assignment of responsibilities and traceability of actions to all involved parties. Naturally, any organization has limited resources to dedicate to information security. An organization’s limited resources must be balanced against the value of its information assets and the possible threats against them. It is often said that information security is essentially a problem of risk management (Schneier, 2000). It is unreasonable to believe that all valuable information can be kept perfectly safe against all attacks (Decker, 2001). An attacker with unlimited determination and resources can accomplish anything. Given any defenses, there will always exist a possibility of successful compromise. Instead of eliminating all risks, a more practical approach is to strategically craft security defenses to mitigate or minimize risks to acceptable levels. In order to accomplish this goal, it is necessary to perform a methodical risk analysis (Peltier, 2005). This article gives an overview of the risk management process.

scholarly journals Analysis of information security threats when processing confidential data in mobile systems

2021 ◽  
Vol 28 (1) ◽  
pp. 95-105
Author(s):  
Victor A. Khvostov ◽  
Alexey V. Skrypnikov ◽  
Evgeniy A. Rogozin ◽  
Ludmila A. Obuhova ◽  
Dmitriy G. Silka
Keyword(s):  
Information Security ◽  
Mobile Systems ◽  
Security Threats ◽  
Confidential Data

scholarly journals Development of a Model for Detecting Unauthorized Traffic

2020 ◽  
pp. 6-11
Author(s):  
Alexey Babenko ◽  
Yuliya Gushchina
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Computer Network ◽  
Educational Institutions ◽  
High Tech ◽  
Government Agencies ◽  
Network Resources ◽  
Confidential Data ◽  
Transmission Of Information ◽  
Global Study

Information systems and technologies are the main means of increasing people’s productivity and efficiency. And today, along with the tasks of effective processing and transmission of information, the most important task is to ensure the information security of enterprises. According to the global study by InfoWatch, the number of information leaks is growing every year. The largest number of data leaks were recorded in high-tech companies, educational institutions, government agencies and banks. Most often, network traffic is a threat. This threat consists in the interception of data over the network, the purpose of which is to obtain confidential data, passwords, corporate secrets, addresses of network computers, etc. There is a need to create hardware and software tools to protect network resources. Therefore, creating a tool for detecting unauthorized traffic is relevant. The authors consider the problem of information security in the enterprise computer network and carry out the analysis of unauthorized traffic in order to identify its signs. The researchers analyze methods for detecting unauthorized traffic to select the best one and present a developed formalized model for detecting unauthorized traffic.

scholarly journals Ways of providing information security and confidentiality under conditions of digitalization

2020 ◽  
Vol 2020 (1) ◽  
pp. 71-75
Author(s):  
I Rybin ◽  
A Grafov
Keyword(s):  
Information Security ◽  
Data Confidentiality ◽  
Confidential Information ◽  
Software Products ◽  
Confidential Data

A detailed description of confidential information is given. Software products that are used to protect information in modern conditions are described. Requirements for employees of organizations to ensure data confidentiality are formulated. The main rules for processing valuable information are listed, and the conclusion is made that it is necessary not only to install specialized programs in organizations, but also to make personnel follow the instructions while working with any information, especially those that contain confidential data.

Design and Realization of Digital Signature System

2012 ◽  
Vol 562-564 ◽  
pp. 872-875
Author(s):  
Xin Cui ◽  
Li Jiang
Keyword(s):  
Information Security ◽  
Digital Signature ◽  
Data Transmission ◽  
Computer Network ◽  
Test Results ◽  
Digital Campus ◽  
Safety Communication ◽  
Security Technologies ◽  
Wide Range ◽  
Confidential Data

The crux of safety communication of computer network lies in the accuracy of data transmission and the security of confidential data. Information security is the premise and foundation of all communication based on computer network. Business online becomes much more risky. Security technologies, such as authentication, encryption, must be implemented to ensure the security of the transactions. Digital signature technology plays an irreplaceable role in the fields of identification and authentication, data integrity, anti-repudiation and so on, which has a very wide range of application in e-commerce and e-government. The radical methods and traits of digital signature are introduced. The approach of digital signature based on Java is presented, and its rationality, effectively and feasibility are reasoned, the test results achieved the expected goals and ensured the confidentiality, integrity, and non-repudiation of the information. This solution can be widely used in digital campus, enterprise nets, etc, and has a good application prospect.

scholarly journals Confidential Data Protection as a Means of Ensuring Information Security

2018 ◽  
Vol 3 (2) ◽  
pp. 85
Author(s):  
Chicherov K.A. ◽  
Norkina A. N.
Keyword(s):  
Information Security ◽  
Data Security ◽  
Personal Data ◽  
Security Threats ◽  
Security Measures ◽  
Security Threat ◽  
Confidential Data ◽  
Security Information ◽  
Types Of Information ◽  
Authorized Access

This article presents issues of protecting confidential data, ways to support information security, types of information security threats resulting in an authorized access to confidential data, countermeasures and security measures to ensure confidential data security. Keywords: confidential data, information security, information security threat(s), personal data, information systems, data security.

Information Security Threats in ERP Enabled E-Governance

2013 ◽  
pp. 825-837
Author(s):  
Geetanjali Sahi ◽  
Sushila Madan
Keyword(s):  
Information Security ◽  
Enterprise Resource Planning ◽  
Information Needs ◽  
Resource Planning ◽  
Integrated System ◽  
The Public ◽  
Government Organizations ◽  
Government Functions ◽  
Confidential Data ◽  
The Government

E-governance offers different e-Services to its citizens so that they can interact with the government in a more effective way. Enterprise Resource Planning (ERP), when implemented in the E-governance domain, combines all the government functions together into one single integrated system with a central database. This system serves the information needs of all the departments across geographies, while allowing them to communicate with each other. For this it is necessary to understand that government has become more dependent on modern technologies that have the potential to create seamless, responsive, and citizen-centric government for the benefit of all. At the same time, it has become increasingly vulnerable to a range of risks, from interruption of operations that are based on computers to loss of confidential data. Government agencies at all levels (national, provincial, and local) must protect the computer systems that they own and operate. Information security requires a combination of business, management, and technical measures in an on-going process. Security is costly, but like privacy, it should be addressed in the design phase and periodically reviewed. This chapter contributes to the ERP enabled E-governance literature for understanding threats and risks, clarification and investigation of the techniques in mitigating these challenges and issues involved in improving E-governance security. The interest generated by the ERP phenomenon in the public sector, and the peculiarities of this sector make specific studies of ERP in government organizations necessary. This is an issue which has not yet been widely addressed in the open literature.

Information Security Threats in ERP Enabled E-Governance

2011 ◽  
pp. 158-170 ◽  
Author(s):  
Geetanjali Sahi ◽  
Sushila Madan
Keyword(s):  
Information Security ◽  
Enterprise Resource Planning ◽  
Information Needs ◽  
Resource Planning ◽  
Integrated System ◽  
The Public ◽  
Government Organizations ◽  
Government Functions ◽  
Confidential Data ◽  
The Government

E-governance offers different e-Services to its citizens so that they can interact with the government in a more effective way. Enterprise Resource Planning (ERP), when implemented in the e-governance domain, combines all the government functions together into one single integrated system with a central database. This system serves the information needs of all the departments across geographies, while allowing them to communicate with each other. For this it is necessary to understand that government has become more dependent on modern technologies that have the potential to create seamless, responsive, and citizen-centric government for the benefit of all. At the same time, it has become increasingly vulnerable to a range of risks, from interruption of operations that are based on computers to loss of confidential data. Government agencies at all levels (national, provincial, and local) must protect the computer systems that they own and operate. Information security requires a combination of business, management, and technical measures in an on-going process. Security is costly, but like privacy, it should be addressed in the design phase and periodically reviewed. This chapter contributes to the ERP enabled e-governance literature for understanding threats and risks, clarification and investigation of the techniques in mitigating these challenges and issues involved in improving e-governance security. The interest generated by the ERP phenomenon in the public sector, and the peculiarities of this sector make specific studies of ERP in government organizations necessary. This is an issue which has not yet been widely addressed in the open literature.

scholarly journals The protect mobile user data in Russia

2020 ◽  
Vol 10 (3) ◽  
pp. 3184
Author(s):  
Anna Zharova
Keyword(s):  
Law Enforcement ◽  
Information Security ◽  
Mobile Phone ◽  
Ethical Issues ◽  
Personal Information ◽  
Complete Information ◽  
Mobile User ◽  
State Regulation ◽  
Confidential Data ◽  
User Data

This paper studies the issue the information security for smartphone users in Russia. The report analyses the regulations the state uses to prevent undeclared functionality and malicious programs in mobile phones in Russia; the law enforcement practice in this area; the responsibility of legal entities, officials and persons for non-compliance with the requirements for standardization, ensuring information security and violation of declaration of conformity. The paper develops proposals to improve state regulation of undeclared functionality of mobile devices providing the collection of information, including confidential data. The report discusses specific ethical issues related to privacy, including matters relating to compensation for damage resulting from the leakage of personal information and develops proposals for legal ensuring the information security of mobile phone users. The report first outlines the main actors, terms and concepts used in the report. Second the standards for mobile phone developers, although there is no guarantee of complete information security. In this case, the peculiarity of Russia is that standards used in the field of information security are voluntary. Third how law enforcement agencies protect the user community. In this case there is a potential danger that this may entail uncontrolled access of government agencies to confidential data.

Sign in / Sign up

Export Citation Format

Share Document