A lightweight and flexible mutual authentication and key agreement protocol for wearable sensing devices in WBAN

Purpose A wireless body area network (WBAN) is a collection of sensing devices attached to a person’s body that is typically used during health care to track their physical state. This paper aims to study the security challenges and various attacks that occurred while transferring a person’s sensitive medical diagnosis information in WBAN. Design/methodology/approach This technology has significantly gained prominence in the medical field. These wearable sensors are transferring information to doctors, and there are numerous possibilities for an intruder to pose as a doctor and obtain information about the patient’s vital information. As a result, mutual authentication and session key negotiations are critical security challenges for wearable sensing devices in WBAN. This work proposes an improved mutual authentication and key agreement protocol for wearable sensing devices in WBAN. The existing related schemes require more computational and storage requirements, but the proposed method provides a flexible solution with less complexity. Findings As sensor devices are resource-constrained, proposed approach only makes use of cryptographic hash-functions and bit-wise XOR operations, hence it is lightweight and flexible. The protocol’s security is validated using the AVISPA tool, and it will withstand various security attacks. The proposed protocol’s simulation and performance analysis are compared to current relevant schemes and show that it produces efficient outcomes. Originality/value This technology has significantly gained prominence in the medical sector. These sensing devises transmit information to doctors, and there are possibilities for an intruder to pose as a doctor and obtain information about the patient’s vital information. Hence, this paper proposes a lightweight and flexible protocol for mutual authentication and key agreement for wearable sensing devices in WBAN only makes use of cryptographic hash-functions and bit-wise XOR operations. The proposed protocol is simulated using AVISPA tool and its performance is better compared to the existing methods. This paper proposes a novel improved mutual authentication and key-agreement protocol for wearable sensing devices in WBAN.

Path dependency when prioritising disaster and humanitarian response under high levels of conflict: a qualitative case study in South Sudan

In high-conflict scenarios, humanitarian needs often surpass resources, and humanitarians are faced with ongoing challenges of whom to prioritise and where to work. This process is often referred to as ‘targeting’, but this article uses the concept of ‘triage’ to emphasise how prioritisation is a continuous and political process, rather than a one-off exercise to find the best match between needs and programme objectives. This study focused on South Sudan, exploring the formal and informal dynamics at the national, regional and local levels of humanitarian decisions. The article is based on semi-structured interviews and multiple meetings and observations of programmes over four months of fieldwork in 2017. This fieldwork was beset by many of the problems that humanitarians also encounter in their work, including complicated access, logistics difficulties and security challenges. Humanitarian action is meant to be flexibly deployed to respond to priority needs resulting from conflict or disasters, and agencies have multiple tools and policies to facilitate this. However, in reality, we find humanitarian action largely locked into path-dependent areas of intervention because agencies must rely on logistics, trust and local partners, all of which take years to develop, and because local actors’ commitment to see programmes continued.

he Shanghai Cooperation Organization and its role in the contemporary system of international relations (On the 20th anniversary of the SCO)

This year marks the 20th anniversary of the Shanghai Cooperation Organization (SCO). This is a good opportunity to assess its performance over the past two decades, to draw some conclusions, and to discuss possible future developments of the SCO. The author examines milestones in the formation of the SCO, its institutional structure, as well as its key activities which encompass four focal areas: politics, security, economy, and humanitarian cooperation. The paper focuses on the decisions of the 21st SCO Summit in Dushanbe, especially those aimed at strengthening cooperation in combating the eff ects of the SARS-CoV-2 pandemic and addressing security challenges, arising from the latest developments in Afghanistan. The latter particularly imply an increasing threat of terrorism, extremism, and drug traffi cking from Afghanistan to neighboring countries in Central Asia. The author emphasizes the crucial role of the SCO Regional Antiterrorist Structure (RATS) in countering these threats. Finally, the paper addresses both the circumstances and possible implications of Iran’s ascension to a full SCO member, which was approved during the summit in Dushanbe. The author concludes that over the past two decades the SCO has successfully transitioned from an important, yet regional in scope and framework, organization to an infl uential global actor, which plays a major role in the maintenance of peace and security in Central Asia and could serve as a model for the establishment of a new non-confrontational approach to the interstate relations.

Network Slicing Security Controls and Assurance for Verticals

This paper focuses on the security challenges of network slice implementation in 5G networks. We propose that network slice controllers support security by enabling security controls at different network layers. The slice controller orchestrates multilevel domains with resources at a very high level but needs to understand how to define the resources at lower levels. In this context, the main outstanding security challenge is the compromise of several resources in the presence of an attack due to weak resource isolation at different levels. We analysed the current standards and trends directed to mitigate the vulnerabilities mentioned above, and we propose security controls and classify them by efficiency and applicability (easiness to develop). Security controls are a common way to secure networks, but they enforce security policies only in respective areas. Therefore, the security domains allow for structuring the orchestration principles by considering the necessary security controls to be applied. This approach is common for both vendor-neutral and vendor-dependent security solutions. In our classification, we considered the controls in the following fields: (i) fair resource allocation with dynamic security assurance, (ii) isolation in a multilayer architecture and (iii) response to DDoS attacks without service and security degradation.

A Novel Spherical Fuzzy Rough Aggregation Operators Hybrid with TOPSIS Method and Their Application in Decision Making

Industrial control system (ICS) attacks are usually targeted attacks that use the ICS entry approach to get a foothold within a system and move laterally throughout the organization. In recent decades, powerful attacks such as Stuxnet, Duqu, Flame, and Havex have served as wake-up calls for industrial units. All organizations are faced with the rise of security challenges in technological innovations. This paper aims to develop aggregation operators that can be used to address the decision-making problems based on a spherical fuzzy rough environment. Meanwhile, some interesting properties of idempotence, boundedness, and monotonicity for the proposed operators are analyzed. Moreover, we use this newly constructed framework to select ICS security suppliers and validate its acceptability. Furthermore, a different test has been performed based on a new operator to strengthen the suggested approach. Additionally, comparative analysis based on the novel extended TOPSIS method is presented to demonstrate the superiority of the proposed technique. The results show that the conventional approach has a larger area for information representation, better adaptability to the evaluation environment, and higher reliability of the evaluation results.

Analyses of Open Security Issues for Smart Home and Sensor Network Based on Internet of Things

A lot of communication are developed and advanced with different and heterogeneous communication techniques by integration of wireless and wire connection. Conventional technology is mainly focus on information technology based on computer techniques in the field of industry, manufacture and automation fields. It consists of individual skill and technique. As new technologies are developed and enhanced with conventional techniques, a lot of new application is emerged and merged with previous mechanism and skills. The representative application is internet of things services and applications. Internet of things is breakthrough technologies and one of the innovation industries which are called 4 generation industry revolution. Many different types of object and devices are embedded in sensor node. They are inter-connected with optimized open system interconnection protocol over internet, wireless and wire medium. Most of communication is fully inter-connected with conventional techniques at point to point and end to application in general. Most of information in internet of things is weak against attack. This may induce vulnerable features to unauthorized and outside attacker over internet protocol, Bluetooth, Wi-Fi, and so forth. As high and low efficient equipment are merged into heterogeneous infrastructure, IoT communication surroundings has become more complex, Due to limited resources in IoT such as small memory, low power and computing power, IoT devices are vulnerable and disclosed with security problems. In this chapter, we analyzed security challenges and threats based on smart home network under IoT service.

A Compressive Compilation of Cyber Security for Internet of Energy (IoE)

Internet of energy (IoE) is the natural evolution of Smart Grid incorporating the paradigm of internet of things (IoT). This complicated environment has a lot of threats and vulnerabilities, so the security challenges are very complex and specialized. This chapter contains a compilation of the main threats, vulnerabilities, and attacks that can occur in the IoE environment and the critical structure of the electrical grid. The objective is to show the best cybersecurity practices that can support maintaining a safe, reliable, and available electrical network complying with the requirements of availability, integrity, and confidentially of the information. The study includes review of countermeasures, standards, and specialized intrusion detection systems, as mechanisms to solve security problems in IoE. Better understanding of security challenges and solutions in the IoE can be the light on future research work for IoE security.

Practical Align Overview of the Main Frameworks Used by the Companies to Prevent Cyber Incidents

Among the biggest cybercrime or information security challenges, the information security professionals must be up to date with the new risks, cases, and different ways of attacks. Being up to date in this complex and aggressive scenario is a huge challenge and is a necessity to the security professional to fight against the cybercriminals. Additionally, based on this standard of requisites to start an information security program, an immature professional may be confused on the different frameworks used by the industries, mainly ISO/IEC 27000 family, NIST 800-53, NIST Cybersecurity Framework, COBIT, etc. This chapter will help the information security professional to decide where is important to focus efforts, to decide what is feasible and which control does not demand any additional investment. Additionally, this grade helps the InfoSec professionals to compare the information security maturity level within the companies and between the companies, comparing with benchmarks.