Policy Technologies for Security Management in Coalition Networks

The goal of policy-based security management is to enable military personnel to specify security requirements in terms of simple, intuitive goals. These goals are translated into the concrete system settings in a way that the system behaves in a consistent and desirable way. This technology minimizes the technical expertise required by military personnel and automates security management while allowing a high level control by the human in the loop. This chapter describes a framework for managing security policies, and an overview of two prototypes that simplify different aspects of policy management in the context of coalition operations.

Download Full-text

The Effect of Firewall Testing Types on Cloud Security Policies

International Journal of Strategic Information Technology and Applications ◽

10.4018/jsita.2012070105 ◽

2012 ◽

Vol 3 (3) ◽

pp. 60-68 ◽

Cited By ~ 1

Author(s):

Annie Shebanow ◽

Richard Perez ◽

Caroline Howard

Keyword(s):

Defense Mechanisms ◽

Security Requirements ◽

Security Policies ◽

Cloud Environment ◽

Sensitive Data ◽

Network Systems ◽

New Techniques ◽

Software And Hardware ◽

High Level ◽

Gain Access

An important aspect of security requirements is a firm understanding of the threats to systems so that specific defense mechanisms can be implemented. Globally scattered network systems and on-demand access to systems such as cloud computing require a high level of security, because the software and hardware of networks are integrated in vulnerable shared or outsourced environments. Hackers are relentless in finding new techniques to gain access to sensitive data. Securing infrastructures is a challenging task, but when researchers identify and investigate potential threats and create solutions, vulnerabilities may be reduced. The purpose of this paper is to explore how use, misuse, positive and negative, obstacle, and abuse testing cases of firewalls have broadened the security policies that mitigate or prevent threats in a cloud environment.

Download Full-text

A Framework for ICT Security Policy Management

Advances in IT Standards and Standardization Research - Frameworks for ICT Policy ◽

10.4018/978-1-61692-012-8.ch001 ◽

2010 ◽

pp. 1-14 ◽

Cited By ~ 3

Author(s):

Sitalakshmi Venkatraman

Keyword(s):

Information And Communication Technologies ◽

Security Policy ◽

Security Policies ◽

Policy Management ◽

Business Operations ◽

Information And Communication ◽

Policy Alignment ◽

Ict Infrastructure ◽

High Level ◽

Ict Security

Organisations around the world are increasingly relying on the potential of information and communication technologies (ICTs) for their business operations as well as competitiveness. Huge amounts of money and time are invested on ICT infrastructure as there exists a high level of business dependency on ICT. Hence, protecting the ICT resources using effective security policies is of utmost importance for the sustenance of organisations. With the recent exponential rise in ICT security threats witnessed worldwide, governments and businesses are trying to successfully develop ICT security policies for their internal and external operations. While ICT security best practices are quite similar globally, ICT security policy management is very much localised and specific to different business scenarios and applications. Moreover, ICT security policies in an organization keep evolving from time to time and more recently changes take place at a much faster pace. This situation warrants a pragmatic framework for the development and management of ICT security policies in an organisation. Much research has focused on formulating frameworks for ICT management in general and there is a paucity of guidelines in literature for ICT security policy management, in particular. This chapter explores ICT security management issues faced in different environments and proposes an integrated framework for managing ICT security policies in an iterative manner. The framework provides the flexibility and adaptability for different organisations to follow the guidelines effectively as it emphasises on policy alignment with business objectives. Since the framework underpins the continuous improvement philosophy, it caters to ICT security policy reform and implementations for the future as well.

Download Full-text

Aligning Two Specifications for Controlling Information Security

International Journal of Cyber Warfare and Terrorism ◽

10.4018/ijcwt.2014040104 ◽

2014 ◽

Vol 4 (2) ◽

pp. 46-62

Author(s):

Riku Nykänen ◽

Tommi Kärkkäinen

Keyword(s):

Information Security ◽

Security Management ◽

Security Requirements ◽

Information Security Management ◽

Security Controls ◽

Information Security Management System ◽

Security Control ◽

High Level ◽

Iec 27001 ◽

Iec 27002

Assuring information security is a necessity in modern organizations. Many recommendations for information security management exist, which can be used to define a baseline of information security requirements. ISO/IEC 27001 prescribes a process for an information security management system, and guidance to implement security controls is provided in ISO/IEC 27002. Finnish National Security Auditing Criteria (KATAKRI) has been developed by the national authorities in Finland as a tool to verify maturity of information security practices. KATAKRI defines both security control objectives and security controls to meet an objective. Here the authors compare and align these two specifications in the process, structural, and operational level, focusing on the security control objectives and the actual controls. Even if both specifications share the same topics on high level, the results reveal the differences in the scope and in the included security controls.

Download Full-text

Simulation facility for development of high level control code at the SSC

Nuclear Instruments and Methods in Physics Research Section A Accelerators Spectrometers Detectors and Associated Equipment ◽

10.1016/0168-9002(94)91535-0 ◽

1994 ◽

Vol 352 (1-2) ◽

pp. 333-335

Author(s):

G. Bourianoff ◽

B. Cole ◽

M. Botlo ◽

S. Hunt ◽

A. Romero ◽

...

Keyword(s):

Level Control ◽

Control Code ◽

High Level

Download Full-text

Robust Tracking Controller for a DC/DC Buck-Boost Converter–Inverter–DC Motor System

Energies ◽

10.3390/en11102500 ◽

2018 ◽

Vol 11 (10) ◽

pp. 2500 ◽

Cited By ~ 4

Author(s):

Eduardo Hernández-Márquez ◽

Carlos Avila-Rea ◽

José García-Sánchez ◽

Ramón Silva-Ortigoza ◽

Gilberto Silva-Ortigoza ◽

...

Keyword(s):

Motor System ◽

Dc Motor ◽

Boost Converter ◽

Differential Flatness ◽

Robust Tracking ◽

Level Control ◽

Tracking Controller ◽

The One ◽

High Level ◽

Better Than

This paper has two aims. The first is to develop a robust hierarchical tracking controller for the DC/DC Buck-Boost–inverter–DC motor system. This controller considers a high level control for the inverter–DC motor subsystems and a low level control for the DC/DC Buck-Boost converter subsystem. Such controls solve the tracking task associated with the angular velocity of the motor shaft and the output voltage of the converter, respectively, via the differential flatness approach. The second aim is to present a comparison of the robust hierarchical controller to a passive controller. This, with the purpose of showing that performance achieved with the hierarchical controller proposed in this paper, is better than the one achieved with the passive controller. Both controllers are experimentally implemented on a prototype of the DC/DC Buck-Boost–inverter–DC motor system by using Matlab-Simulink along with the DS1104 board from dSPACE. According to experimental results, the proposal in the present paper achieves a better performance than the passive controller.

Download Full-text

Intrusion Detection System for AES Encripted Low-Power IoT Networks

10.14210/cotb.v12.p392-399 ◽

2021 ◽

Author(s):

Eduardo De Oliveira Burger Monteiro Luiz ◽

Alessandro Copetti ◽

Luciano Bertini ◽

Juliano Fontoura Kazienko

Keyword(s):

Low Power ◽

Detection System ◽

Denial Of Service ◽

Security Requirements ◽

Power Devices ◽

Dos Attacks ◽

Reflection Attack ◽

Ipv6 Protocol ◽

Iot Devices ◽

High Level

The introduction of the IPv6 protocol solved the problem of providingaddresses to network devices. With the emergence of the Internetof Things (IoT), there was also the need to develop a protocolthat would assist in connecting low-power devices. The 6LoWPANprotocols were created for this purpose. However, such protocolsinherited the vulnerabilities and threats related to Denial of Service(DoS) attacks from the IPv4 and IPv6 protocols. In this paper, weprepare a network environment for low-power IoT devices usingCOOJA simulator and Contiki operating system to analyze theenergy consumption of devices. Besides, we propose an IntrusionDetection System (IDS) associated with the AES symmetric encryptionalgorithm for the detection of reflection DoS attacks. Thesymmetric encryption has proven to be an appropriate methoddue to low implementation overhead, not incurring in large powerconsumption, and keeping a high level of system security. The maincontributions of this paper are: (i) implementation of a reflectionattack algorithm for IoT devices; (ii) implementation of an intrusiondetection system using AES encryption; (iii) comparison ofthe power consumption in three distinct scenarios: normal messageexchange, the occurrence of a reflection attack, and runningIDS algorithm. Finally, the results presented show that the IDSwith symmetric cryptography meets the security requirements andrespects the energy limits of low-power sensors.

Download Full-text

Military History and Strategic Studies as Imperatives for National Security Development in Nigeria

UJAH Unizik Journal of Arts and Humanities ◽

10.4314/ujah.v21i4.11 ◽

2021 ◽

Vol 21 (4) ◽

pp. 188-200

Author(s):

Chiemela Godwin Wambu ◽

Amaechi Ehimatie

Keyword(s):

National Security ◽

Military Personnel ◽

International System ◽

Historical Analysis ◽

Military History ◽

Security Policies ◽

Primary Sources ◽

Military Institution ◽

The Military ◽

Strategic Studies

Nigerian military history is an aspect of Nigerian history that reconstructs the philosophies, beliefs, life and times of military personnel in relation to time and place. On the other hand, strategic studies involve a study of the security policies and political conduct of states in their interaction within the international system. Since it is the military institution that implements these security policies, itself central to the objectives of states in international politics, it is logical to view military history and strategic studies as pivotal to the securitydevelopment of the Nigerian nation as it is for every other nation. Given this understanding, this study attempts to situate Nigerian military history and strategic studies as imperatives for national security development in Nigeria. To achieve its goal, the paper employs mostly secondary and but a few primary sources subjected to content historical analysis from which it was deduced that military history and strategic studies are important for the advancement of security development in Nigeria. Keywords: Military, Strategic Studies, History, Security

Download Full-text

A flexible user-interface for audiovisual presentation and interactive control in neurobehavioral experiments

F1000Research ◽

10.12688/f1000research.2-20.v2 ◽

2013 ◽

Vol 2 ◽

pp. 20

Author(s):

Christopher T Noto ◽

Suleman Mazhar ◽

James Gnadt ◽

Jagmeet S Kanwal

Keyword(s):

User Interface ◽

Data Acquisition ◽

Digital Signal Processor ◽

Digital Signal ◽

Stimulus Presentation ◽

Cost Effective ◽

Level Control ◽

Interactive Control ◽

High Level ◽

Behavioral Monitoring

A major problem facing behavioral neuroscientists is a lack of unified, vendor-distributed data acquisition systems that allow stimulus presentation and behavioral monitoring while recording neural activity. Numerous systems perform one of these tasks well independently, but to our knowledge, a useful package with a straightforward user interface does not exist. Here we describe the development of a flexible, script-based user interface that enables customization for real-time stimulus presentation, behavioral monitoring and data acquisition. The experimental design can also incorporate neural microstimulation paradigms. We used this interface to deliver multimodal, auditory and visual (images or video) stimuli to a nonhuman primate and acquire single-unit data. Our design is cost-effective and works well with commercially available hardware and software. Our design incorporates a script, providing high-level control of data acquisition via a sequencer running on a digital signal processor to enable behaviorally triggered control of the presentation of visual and auditory stimuli. Our experiments were conducted in combination with eye-tracking hardware. The script, however, is designed to be broadly useful to neuroscientists who may want to deliver stimuli of different modalities using any animal model.

Download Full-text

A Model-Driven Security Requirements Approach to Deduce Security Policies Based on OrBAC

Information Security and Cryptology - Lecture Notes in Computer Science ◽

10.1007/978-3-319-16745-9_9 ◽

2015 ◽

pp. 150-169

Author(s):

Denisse Muñante Arzapalo ◽

Vanea Chiprianov ◽

Laurent Gallon ◽

Philippe Aniorté

Keyword(s):

Security Requirements ◽

Security Policies ◽

Model Driven

Download Full-text