Journal articles on the topic 'Information security projects'
To see the other types of publications on this topic, follow the link: Information security projects.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Information security projects.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Sommestad, Teodor, Mathias Ekstedt, Hannes Holm, and Muhammad Afzal. "Security mistakes in information system deployment projects." Information Management & Computer Security 19, no. 2 (June 7, 2011): 80–94. http://dx.doi.org/10.1108/09685221111143033.
Full text
2
Vasilishin, Igor, Evgeny Khaimin, and Lyudmila Khaimina. "The Project Approach in Training of Information Security Students." Russian Digital Libraries Journal 23, no. 1-2 (March 3, 2020): 210–15. http://dx.doi.org/10.26907/1562-5419-2020-23-1-2-210-215.
Full text
3
Fedosov, Alexander, and Anastasia Karnaukhova. "The Problem of Ensuring the Information Security of Children and Adolescents in the Context of Educational Internet Projects Implementation." Mathematics and Informatics LXIV, no. 1 (February 25, 2021): 84–98. http://dx.doi.org/10.53656/math2021-1-6-the.
Full textAbstract:
The continuous development of technologies on the Internet leads to new threats that can harm the physical and mental health of children and adolescents and their personal safety. The article analyses the importance of creating a culture of information security for children and adolescents, which is necessary to neutralize the negative consequences of Internet threats, highlights the main problems in ensuring the security and development of children in the information space. The article describes the results of the study of Internet projects directed at creating a culture of information security of children and adolescents, as well as projects aimed at ensuring their information security on the Internet. It has been shown that sufficient attention to the problem of creating a culture of information security for children and adolescents has already been paid at the State level and the relevance of solving the problem of developing and implementing educational programs that provide systematic study of the foundations of information security for students has been justified.
4
Goonetillake, M. D. J. S., Rangana Jayashanka, and S. V. Rathnayaka. "Predicting Security-Vulnerable Developers Based on Their Techno-Behavioral Characteristics." International Journal of Information Security and Privacy 16, no. 1 (January 2022): 1–26. http://dx.doi.org/10.4018/ijisp.2022010103.
Full textAbstract:
Assigning developers for highly secured software projects requires identifying developers’ tendency to contribute towards vulnerable software codes called developer-centric security vulnerability to mitigate issues on human resource management, financial and project timelines. There are problems in assessing the previous codebases in evaluating the developer-centric security vulnerability level of each developer. Thus, this paper suggests a method to evaluate this through the techno-behavioral features of their previous projects. Consequently, we present results of an exploratory study of the developer-centric security vulnerability level prediction using a dataset of 1827 developers by logically selecting 13 techno-behavioral features. Our results depict that there is a correlation between techno-behavioral features and developer-centric security vulnerability with 89.46% accuracy. This model enables to predict developer-centric security vulnerability level of any developer if the required techno-behavioral features are available avoiding the analysis of his/her previous codebases.
5
Kultygin, Oleg P. "Economic efficiency assessment of projects for the information systems creation." Journal Of Applied Informatics 16, no. 95 (October 29, 2021): 117–25. http://dx.doi.org/10.37791/2687-0649-2021-16-5-117-125.
Full textAbstract:
The article is concerned with an approach to assess the economic efficiency of IT projects, which results are recommended to be used when choosing the informatization version for organizations of various types. This approach is based on the calculation of such indicators as capital costs for an IT project, the magnitude of the projected change in operating costs to ensure the functioning of the IS (information system), the growth rate in the efficiency of business processes as a result of informatization, as well as the costs to ensure the required level of information security. The analysis results of modern trends in the IS development for informatization of organization business processes are given, which made it possible to identify the main features of the solutions offered on the market. The analysis of direct and indirect costs for an IT project is shown to be rather difficult in a number of cases, which leads to inaccuracies in assessing its economic efficiency. In this case, the estimated payback period of the project (usually unreasonably short) can be exceeded many times in practice. At the same time, as a result of rapid progress in the field of information technology, the IT projects results are subjected to intense obsolescence, so long payback periods can lead to significant losses for the organization implementing the project. The consideration of the influence of the information security threats and the necessary additional funds for its provision on the forecast indicators for the economic efficiency of the proposed IT projects can significantly affect the decisions on choosing not only the configuration of the IS but the platform on which it operates as well. The article proposes an approach to determine the costs for ensuring information security, which should be considered when assessing the IT project economic efficiency. A mathematical model is described to choose an option for the tables rational placement on IS units (database servers) used by employees of various geographically detached divisions of an enterprise, which will allow reducing operating costs for this system operation.
6
OU YANG, YU-PING, HOW-MING SHIEH, JUN-DER LEU, and GWO-HSHIUNG TZENG. "A VIKOR-BASED MULTIPLE CRITERIA DECISION METHOD FOR IMPROVING INFORMATION SECURITY RISK." International Journal of Information Technology & Decision Making 08, no. 02 (June 2009): 267–87. http://dx.doi.org/10.1142/s0219622009003375.
Full textAbstract:
Most multicriteria methods focus on ranking and selecting from a set of alternatives. These methods are usually used to compare all alternatives based on the synthesized scorings within a normalized scale with respect to the same criteria in multicriteria problems. However, the decision makers often simultaneously manage one or several alternatives/projects with conflicting and noncommensurable criteria to reduce the gaps to achieve the aspired grade in practice. They then need to rank the gaps that have not been reduced or improved (the unimproved gaps) for the alternatives/projects or aspects of a project to get the most benefit. Because these compared alternatives/projects do not usually have the same criteria/aspects, traditional methods are unsuitable to deal with them. Thus, this research proposes a new VIKOR method to solve this problem; this new method allows the decision maker to understand these gaps of the projects/aspects and rank them to improve these large gaps in control items to achieve the aspired level. Its concept originates in compromise solutions, in particular the VIKOR method. In addition, this research also provides an example of improving information security risk to demonstrate the suitability of this new method. The results show the effectiveness of the new method.
7
Chandrakumar, T., and S. Parthasarathy. "Enhancing Data Security in ERP Projects Using XML." International Journal of Enterprise Information Systems 8, no. 1 (January 2012): 51–65. http://dx.doi.org/10.4018/jeis.2012010104.
Full textAbstract:
Enterprise resource planning (ERP) is integrated packaged software, which addresses most fundamental business processing functionality across different functional areas and business units, in a single software system, with single database and accessible through a unified interface and channel of communication. Meeting security requirements for privacy, confidentiality and integrity is essential in order to move business online ERP System requires an accurate, precise and Data security in business concepts of the enterprise. The authors introduce basic features and security of ERP System using Extensible Mark-up Language (XML) technology. Traditionally, XML security has developed along two distinct though related lines of research, corresponding to two facts of the XML security notion. The first fact defines XML security as a set of security techniques (encryption, digital signature) tightly coupled with XML to maintain the main features of the XML semi-structured data model while adding to it all necessary security capabilities. In this paper we will explore XML Signature specification from W3C and its implementation in .NET.
8
Švedaitė, Eglė. "JRMAD METHOD USES OF INFORMATION TECHNOLOGY SECURITY / JRMAD METODO PANAUDOJIMAS TAIKANT INFORMACINIŲ TECHNOLOGIJŲ SAUGOS POLITIKĄ." Mokslas - Lietuvos ateitis 3, no. 1 (August 22, 2011): 29–32. http://dx.doi.org/10.3846/mla.2011.006.
Full textAbstract:
Analyzing the flexible uses security problems in existing information technology systems. Looking for way to ensure the safety of the reaction time to smooth access to more projects in development. Review of projects undertaken. Codified in the project design and development components. Made of the findings of the methods used to discover, which exclude parts of the draft rule and resort to emergency planning in the early part of the project development phase. Analytical result: JRMAD mixed method, allowing simultaneous two of the project and the time to change the current system.
9
ADEBOWALE, AJAYI, NICULAE GOGA, OTUSILE OLUWABUKOLA, and ABEL SAMUEL. "Formal Methods in Information Security." INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY 14, no. 4 (February 9, 2015): 5621–31. http://dx.doi.org/10.24297/ijct.v14i4.1963.
Full textAbstract:
Formal methods use mathematical models for analysis and verification at any part of the program life-cycle. The use of formal methods is admitted, recommended, and sometimes prescribed in safety-and security-related standards dealing, e.g., with avionics, railways, nuclear energy, and secure information systems. This paper describes the state of the art in the industrial use of formal methods ininformation security with a focus on verification of security protocols. Given the vast scope of available solutions, attention has been focused just on the most popular and most representative ones, without exhaustiveness claims. We describe some of the highlights of our survey by presenting a series of industrial projects, and we draw some observations from these surveys and records of experience. Based on this, we discuss issues surrounding the industrial adoption of formal methods in security protocol engineering.
10
Ghafarian, Ahmad. "Ideas for projects in undergraduate information assurance and security courses." ACM SIGCSE Bulletin 39, no. 3 (June 25, 2007): 322. http://dx.doi.org/10.1145/1269900.1268889.
Full text
11
Momcheva, Galina, Teodora Bakardjieva, Veselina Spasova, and Antonina Ivanova. "VARNA FREE UNIVERSITY’S PROJECTS FOR DEVELOPING OF CYBERSECURITY EDUCATION AND TRAINING – “CYBERMAGICIANS” PROJECT." Education and Technologies Journal 12, no. 2 (August 1, 2021): 516–18. http://dx.doi.org/10.26883/2010.212.3903.
Full textAbstract:
Varna Free University has a tradition in teaching cyber security through bachelor’s, master’s and doctoral degrees and LLL (Lifelong Learning) courses for school teachers and students. The latest Cyberwizards project stems from the need to teach teachers and students how to protect themselves online, how to manage their digital identity, what types of information to publish. The university project aims to develop training courses and research methodologies to develop effective and sustainable cyber learning solutions aimed at digital protection and security.
12
Ramtohul, Avinash, and K. M. S. Soyjaudah. "Information security governance for e-services in southern African developing countries e-Government projects." Journal of Science & Technology Policy Management 7, no. 1 (March 7, 2016): 26–42. http://dx.doi.org/10.1108/jstpm-04-2014-0014.
Full textAbstract:
Purpose – Highly sensitive information pertaining to citizens and government transactions is processed in an electronic format, making information security a critical part of e-Government applications and architectures. Information security measures should ideally span from authentication to authorisation and from logical/physical access control to auditing of electronic transactions and log books. The lack of such measures compromises confidentiality, integrity and availability of information. Today, most e-Government projects in developing countries in Southern Africa Developing Community (SADC) face challenges in two main areas, namely, information security and application software integration. This paper aims to discuss and analyse the information security requirements for e-Government projects and proposes an information security governance model for service-based architectures (SBAs). Design/methodology/approach – The current state of information security in emerging economies in SADC countries was researched. The main problems identified were the lack of software integration and information security governance, policy and administration. The design consists of three basic layers: information security governance defined at the strategic level of the government; information security policy/management defined at the management/operational level; and information security measures, implemented at the technical level. This section also proposes a policy for implementing public key infrastructures to protect information, transactions and e-services. A Token-Ring-based mechanism for implementing Single-Sign-On has also been developed as part of this study. Findings – The main problems identified were the lack of software integration and information security governance, policy and administration. These challenges are causing e-government projects to stagnate. Practical implications – The proposed approach for implementing information security in e-Government systems will ensure a holistic approach to ensuring confidentiality, integrity and non-repudiation, allowing e-Government maturity to progress from “interaction” to “online transaction” stage in emerging economies. Originality/value – Research has not focused on developing a solution for emerging economies which are facing difficulties in integration software applications to deploy end-to-end e-services and to produce an underlying identity management architecture and information security governance to secure the e-services developed and deployed using an SBA. The work produced in this paper is specific to SBAs in e-government environments where legacy systems already exist. The work includes: information security governance defined at the strategic level of the government; information security policy/management defined at the management/operational level; and information security measures implemented at the technical level. This section also proposes a policy for implementing public key infrastructures to protect information, transactions and e-services. A Token-Ring-based mechanism for implementing Single-Sign-On has also been developed as part of this study.
13
Khrutba, Viktoriia, Yuliia Nikitchenko, and Roksolana Lysak. "ANALYSIS OF PRECONDITIONS ON FORMATION OF MENTAL ENVIRONMENT IN SECURITY PROJECTS." Management of Development of Complex Systems, no. 44 (November 30, 2020): 42–48. http://dx.doi.org/10.32347/2412-9933.2020.44.42-48.
Full textAbstract:
A project approach is used to solve security issues. Realization of security projects is efficient in case of plenty stakeholders participating. Stakeholders may represent representatives of government, business and society. Formation of common values focused on security for all stakeholder groups will provide an efficient implementation of security projects. It demands to create an appropriate mental environment. Acquisition of necessary knowledge, skills and abilities takes place in the process of learning and professional activity. And as early as possible the mental environment is formed, then a readiness of stakeholders on implementation of security projects will be higher. With this aim there was conducted a survey among students to determine their understanding of security issues importance and their willingness to participate in security projects. Most respondents have considered that pursuit of higher education in appropriate major and development of career are highly important issues as well as students endeavor to increase own education level. Respondents have understanding the importance of security issue and they are ready to increase its level. When asked about the importance of different types of security, everyone has chosen the safety of life. Respondents have also demonstrated an understanding of financial and information security importance. Students of last years training have focused their attention to occupational safety. Regarding an environmental safety, according to respondents, it always remains relevant. Conducted analysis allowed to conclude that there is a basis for mental environment formation in security projects. It contributes to rapid and efficient implementation of projects and achievement of targeted goal. Considering the above-mentioned there can be a conclusion that the basis of mental environment formation is a precondition for implementation of security projects. However, in order to successfully achieve certain results in security projects, it is necessary to create a favorable mental environment that will help to create the common security-focused values for all stakeholders.
14
Shushura, Oleksii M., Liudmyla A. Asieieva, Oleksiy L. Nedashkivskiy, Yevhen V. Havrylko, Yevheniia O. Moroz, Saule S. Smailova, and Magzhan Sarsembayev. "SIMULATION OF INFORMATION SECURITY RISKS OF AVAILABILITY OF PROJECT DOCUMENTS BASED ON FUZZY LOGIC." Informatyka, Automatyka, Pomiary w Gospodarce i Ochronie Środowiska 12, no. 3 (September 30, 2022): 64–68. http://dx.doi.org/10.35784/iapgos.3033.
Full textAbstract:
The widespread use of computer technology, its rapid development and use in almost all areas of human activity requires constant updating of information security issues. The activities of many enterprises in the field of IT, construction, and other areas are of a project nature and therefore further research on information security management of projects is relevant. Appearance of changes and the current state of the project results at certain points of time describe the documents that accompany it. In this paper, the information structure of the project is considered as a set of specific documents. During the life cycle of each project document, which includes the creation, transfer, preservation and transformation, there are generally threats to its confidentiality, integrity, accessibility and authenticity. This paper develops a method for assessing the risks of violation of the availability of project documents in solving information security problems. A formal description of many project documents in the form of a generalized hierarchical structure is presented, the connection of documents with the operations performed on them and information systems used during these operations is formalized. Given the incompleteness and dimension of the data, the based on fuzzy logic model was developed to assess the risk of document accessibility. Approaches to the assessment of the damage from the violation of the availability of the project document and the method of calculating the overall assessment of the risk of violation of the documents availability are proposed. The results presented in this paper can be used in decision-making processes regarding information security of projects in organizations that have project activities. The approaches proposed in this paper can serve as a basis for the creation of specialized information technologies to automate the calculation of project risk assessments.
15
Zachko, Oleg B., and Dmytro S. Kobylkin. "УПРАВЛІННЯ ОСВІТНІМИ ПРОЕКТАМИ В БЕЗПЕКО-ОРІЄНТОВАНИХ СИСТЕМАХ ЗАСОБАМИ ВІРТУАЛЬНОГО СИТУАЦІЙНОГО ЦЕНТРУ." Information Technologies and Learning Tools 65, no. 3 (July 1, 2018): 12. http://dx.doi.org/10.33407/itlt.v65i3.2237.
Full textAbstract:
In the article a thorough analysis of the conducted researches on the implementation of information and web-technologies in educational projects has been conducted. It allowed to form the problems of the formation of a safe-oriented culture and to form the relevance of conducting research on the implementation of an educational project for the creation of a virtual situational centre. The profiling of project mission of "Virtual situational centre for the formation of a security-oriented culture" which defines the main vectors of the project's development was formulated and described. For creation of virtual situational centre online platform for the development of a security-oriented culture, the Moodle system has been used. The use of this system, distributed under the GPL license and verified by international practice, is a significant advantage of using the virtual situational centre for formation of a security-oriented culture, in addition to provide efficient access to electronic teaching materials at a user-friendly time. The main criteria of educational projects functioning effectiveness are determined, which allow to substantiate the configuration of educational projects in the system of vocational education. The communicational model of project management of a virtual situational centre implementation, which describes the dependencies of creating a virtual situational centre and the functioning of its components, has been formed. The influence of the project environment on the project of a virtual situational centre creating and the consequences of its influence on the success of the centre’s implementation was explored. Practical results from the implementation of the educational project of the virtual situational centre are described and the didactic possibilities of using the online platform of the centre are presented. There are formed the additions to the terminology database of management the projects, programs and portfolios of projects by introducing new definitions. The result of the study is the implementation of an Internet platform with educational projects for specialists in the civil protection service, which will form a safe-oriented culture and promote the implementation of cross-border projects for the integration of the civil protection system of Ukraine into European security structures to ensure the safety of the vital activities of the population and territories.
16
Yoon, Kichan, Sewon Park, Solji Choi, and Munjae Lee. "A Proposal for Public Health Information System-Based Health Promotion Services." Processes 8, no. 3 (March 15, 2020): 338. http://dx.doi.org/10.3390/pr8030338.
Full textAbstract:
This study aims to examine the current status and utilization of 22 health promotion projects that use the health care information system. We investigate the health promotion examination results for a counseling project held at health centers, which use information connected with the Health Insurance Corporation. First, we review the status of 22 health promotion projects, including 13 integrated health promotion projects and 9 other health promotion projects. Next, we examine the linkages between the 22 projects and other health promotion systems. Consequently, despite accumulating vast amounts of data, only 10 places could be linked to health promotion data in the health and medical information system; the Social Security Information Service was the only exception to this trend. The Public Health Information System (PHIS) had the lowest data utilization rate in the project. The study results show that it is necessary to utilize data from local health and medical institutions in order to provide information system-based health promotion services. In particular, it seems to be effective when health and medical institutions provided various counseling services and other linked services to local residents in connection with the Korea Health Insurance Corporation’s health examination results.
17
Romero Izurieta, Richard, Segundo Moisés Toapanta Toapanta, Luis Jhony Caucha Morales, María Mercedes Baño Hifóng, Eriannys Zharayth Gómez Díaz, Luis Enrique Mafla Gallegos, Ma Roció Maciel Arellano, and José Antonio Orizaga Trejo. "Model to Optimize the Management of Strategic Projects Using Genetic Algorithms in a Public Organization." Information 13, no. 11 (November 9, 2022): 533. http://dx.doi.org/10.3390/info13110533.
Full textAbstract:
Public organizations lack adequate models and methods to efficiently support and manage processes related to information security and IT investments. The objective is to optimize the management of strategic projects planned to improve the information security of a public organization and make efficient use of its available resources. The deductive method and exploratory research were used to review and analyze the available information. A mathematical model resulted that optimizes two objectives: (1) minimizing the costs of the strategic projects to be executed, and (2) maximizing the percentage of improvement in the organization’s information security. According to the result of the simulation, a subset of planned strategic projects was obtained that allows improving the information security of a public organization from 84.64% to 92.20%, considering the budgetary limitations of the organization. It was concluded that the proposed model is efficient, practical and can be a support tool for the IT management of a public organization.
18
Muñoz, Antonio, Aristeidis Farao, Jordy Ryan Casas Correia, and Christos Xenakis. "P2ISE: Preserving Project Integrity in CI/CD Based on Secure Elements." Information 12, no. 9 (August 31, 2021): 357. http://dx.doi.org/10.3390/info12090357.
Full textAbstract:
During the past decade, software development has evolved from a rigid, linear process to a highly automated and flexible one, thanks to the emergence of continuous integration and delivery environments. Nowadays, more and more development teams rely on such environments to build their complex projects, as the advantages they offer are numerous. On the security side however, most environments seem to focus on the authentication part, neglecting other critical aspects such as the integrity of the source code and the compiled binaries. To ensure the soundness of a software project, its source code must be secured from malicious modifications. Yet, no method can accurately verify that the integrity of the project’s source code has not been breached. This paper presents P2ISE, a novel integrity preserving tool that provides strong security assertions for developers against attackers. At the heart of P2ISE lies the TPM trusted computing technology which is leveraged to ensure integrity preservation. We have implemented the P2ISE and quantitatively assessed its performance and efficiency.
19
Scheuer, Sabrina, Pia Ferner, Yvonne Prinzellner, and Georg Aumayr. "Collection of End User Requirements and Use Cases during a Pandemic—Towards a Framework for Applied Research Projects." Information 13, no. 5 (May 15, 2022): 255. http://dx.doi.org/10.3390/info13050255.
Full textAbstract:
Research projects in the security domain often aim to develop innovative technology-based solutions for end users (e.g., situational awareness tools, crisis management tools). The pandemic crisis hit hard and without warning, not only influencing our everyday life but also the scientific community. To continue applied research projects during a pandemic, work structures needed to be adapted (e.g., user requirements collection, use case development), as face-to-face events were impossible but crucial to collect high quality requirements with a variety of different stakeholders. To ensure continued multi-stakeholder engagement we developed an overarching framework for collecting user requirements and use cases in an online setting and applied the framework within two research projects. The framework consists of four steps with the aim to assure high quality user requirements and use case collection (first analysis, stakeholder consultation, evaluation and prioritization, technical evaluation). The two projects presented in this paper provide insight on the potential of the framework. The framework offers a structured approach that fits for many different security research projects in terms of the easy application and its transferability. The main advantages (e.g., easily adaptable, reduced workshop time, no need to travel, suitability for different contexts and project types, etc.) and drawbacks (e.g., organization of online events, feedback collection time, etc.) of the framework are presented and discussed in this paper to offer increased stakeholder engagement. Empirical testing of the framework is proposed.
20
Gunarathna, M. A. C. L., R. J. Yang, S. Jayasuriya, K. Wang, T. Samarasinghalage, and Y. Zang. "Opportunities for using blockchain in distributed solar energy projects." IOP Conference Series: Earth and Environmental Science 1101, no. 2 (November 1, 2022): 022047. http://dx.doi.org/10.1088/1755-1315/1101/2/022047.
Full textAbstract:
Abstract The involvement of many stakeholders from diverse sectors throughout the distributed solar energy (DSE) project lifecycle and their discrete commitments to the project have lessened the stakeholder understanding in each other’s contribution. Communication between the stakeholders is not continuous and systematic; thus, the project information is not well-communicated for accurate decision making. Therefore, DSE projects have not yet won the complete stakeholder trust and its adoption in the building industry is not yet fully accepted. This study aims at exploring the opportunities for using blockchain technology to reduce/eliminate the trust issues and communication gaps along the DSE lifecycle. The study conducts 50 semi-structured interviews with building and energy stakeholders to identify the issues/ limitations which (1) reduce the stakeholder trust on DSE technologies and applications and (2) generate communication gaps along the DSE project lifecycle. Findings reveal that most of the issues/ limitations occurred due to the unavailability of a common platform for communication and information sharing, unavailability of information, improper record keeping and limited information security. The unique features of blockchain technology such as (1) distributed ledger technology (DLT), (2) smart contracts, (3) token-based access control, and (4) automated consensus and forking can effectively eliminate the identified issues/ limitations by providing (1) information accuracy and reliability, (2) information security, (3) open access to project information, (4) systematic record keeping and (5) proper governance of the system. The outcome of this study provides a systematic approach to increase the quality of communication in DSE projects design and management.
21
Korniyenko, Bogdan, and Liliya Galata. "MODELING OF INFORMATION SECURITY SYSTEM IN COMPUTER NETWORK." Information systems and technologies security, no. 1 (1) (2019): 36–41. http://dx.doi.org/10.17721/ists.2019.1.36-41.
Full textAbstract:
This article presents simulation modeling process as the way to study the behavior of the Information Security system. Graphical Network Simulator is used for modeling such system and Kali Linux is used for penetration testing and security audit. To implement the project GNS3 package is selected. GNS3 is a graphical network emulator that allows you to simulate a virtual network of more than 20 different manufacturers on a local computer, connect a virtual network to a real one, add a full computer to the network, Third-party Applications for network packet analysis are supported. Depending on the hardware platform on which GNS3 will be used, it is possible to build complex projects consisting of routers Cisco, Cisco ASA, Juniper, as well as servers running network operating systems. Using modeling in the design of computing systems, you can: estimate the bandwidth of the network and its components; identify vulnerability in the structure of computing system; compare different organizations of a computing system; make a perspective development forecast for computer system; predict future requirements for network bandwidth; estimate the performance and the required number of servers in the network; compare various options for computing system upgrading; estimate the impact of software upgrades, workstations or servers power, network protocols changes on the computing system. Research computing system parameters with different characteristics of the individual components allows us to select the network and computing equipment, taking into account its performance, quality of service, reliability and cost. As the cost of a single port in active network equipment can vary depends on the manufacturer's equipment, technology used, reliability, manageability. The modeling can minimize the cost of equipment for the computing system. The modeling becomes effective when the number of workstations is 50-100, and when it more than 300, the total savings could reach 30-40% of project cost
22
Jorgensona, J. Lisa. "Mapping global water projects: improving access to donor investment information on the web." Water Policy 5, no. 3 (June 1, 2003): 203–12. http://dx.doi.org/10.2166/wp.2003.0012.
Full textAbstract:
This paper discusses a series of discusses how web sites now report international water project information, and maps the combined donor investment in more than 6000 water projects, active since 1995. The maps show donor investment: • has addressed water scarcity, • has improved access to improvised water resources, • correlates with growth in GDP, • appears to show a correlation with growth in net private capital flow, • does NOT appear to correlate with growth in GNI. Evaluation indicates problems in the combined water project portfolios for major donor organizations: •difficulties in grouping projects over differing Sector classifications, food security, or agriculture/irrigation is the most difficult. • inability to map donor projects at the country or river basin level because 60% of the donor projects include no location data (town, province, watershed) in the title or abstracts available on the web sites. • no means to identify donor projects with utilization of water resources from training or technical assistance. • no information of the source of water (river, aquifer, rainwater catchment). • an identifiable quantity of water (withdrawal amounts, or increased water efficiency) is not provided. • differentiation between large scale verses small scale projects. Recommendation: Major donors need to look at how the web harvests and combines their information, and look at ways to agree on a standard template for project titles to include more essential information. The Japanese (JICA) and the Asian Development Bank provide good models.
23
Haq, Naveed Ul, Ammar Aftab Raja, Safia Nosheen, and Muhammad Faisal Sajjad. "Determinants of client satisfaction in web development projects from freelance marketplaces." International Journal of Managing Projects in Business 11, no. 3 (July 2, 2018): 583–607. http://dx.doi.org/10.1108/ijmpb-02-2017-0017.
Full textAbstract:
Purpose The purpose of this paper is to identify the major factors of client satisfaction (CS) that are critical for web development projects in freelance marketplaces. This quantitative study is done from the point of view of the web development services clients. Five major dimensions were proposed as determinants of CS from the literature review: ease of use, user interface, information, security and privacy. Design/methodology/approach A web-based survey methodology is used as the main data collection instrument. Statistical techniques such as confirmatory factor analysis and multiple linear regressions are used to analyze 162 responses of questionnaires. Findings The findings suggest that all factors do influence CS. In terms of strength, security had the highest level of impact on CS, so it is the strongest determinant among all factors. After security, ease of use and information are considered as strong determinants. So, this study concludes that the five major determinates do affect CS in web development projects from freelance marketplaces. Research limitations/implications This research is limited only to the top freelance marketplaces, such as Upwork, Freelancer, Fiverr, Guru, Envato Studio, etc. The sample size is relatively small and this study is focused on web development projects only. Moreover, this research is focused only on the characteristics or attributes of the projects final outcome, i.e. website. Practical implications This study attempts to identify the important factors that have a relation with CS, thus giving freelancers an indication of what to look for when working on any web development project posted by any client in a freelance marketplace. Understanding the determinants of CS will also help Pakistani information technology freelancers involved in web development projects and services to increase their project performance, improve their CS rate and increment client following. Originality/value This presents the first study on the determinants of CS in web development projects from freelance marketplaces.
24
Bakhracheva, Yulia, Aleksej Panin, and Arina Aleeva. "Development of a Software Package for Ensuring the Security of Web Projects Based on CMS WordPress." NBI Technologies, no. 2 (October 2021): 5–11. http://dx.doi.org/10.15688/nbit.jvolsu.2021.2.1.
Full textAbstract:
For every company that develops modern Internet projects, one of the most important tasks is to ensure the necessary level of information protection in its web project. When an Internet project developing company consistently protects its information system, it creates a reliable and secure environment for its activities on the World Wide Web. Damage, leakage, lack and theft of information from the site will inevitably lead to a decrease in the level of trust in the organization as a whole, as well as to problems with the law, which is always a loss for each company. For example, there may be losses from the bad reputation of the developer, the lack of customers, the costs of resuming the stable operation of an Internet project based on the WordPress content management system, or the loss of important information contained in the system. In the paper, an algorithm of the software complex was developed, which includes three main blocks: data acquisition and backup creation, processing of information about the system, and the use of protection mechanisms. A software package has been developed to ensure the security of web projects based on CMS WordPress.
25
Miller, Louise. "An Internet-based Accounting Information Systems Project." American Journal of Business Education (AJBE) 5, no. 6 (October 30, 2012): 743–52. http://dx.doi.org/10.19030/ajbe.v5i6.7396.
Full textAbstract:
This paper describes a student project assignment used in an accounting information systems course. We are now truly immersed in the internet age, and while many required accounting information systems courses and textbooks introduce database design, accounting software development, cloud computing, and internet security, projects involving the actual integration of these topics with accounting concepts in a single comprehensive student project on the internet are uncommon. The project described gives students experience and knowledge of an internet-based accounting system using an online database. Although this project was used in an accounting information systems course, it could also be utilized in other courses such as introductory database management systems, advanced web design, financial technology systems, or introductory information technology. The project can be easily modified to align with the experience and sophistication of the students taking the course.
26
Nikishin, V. D. "Reputational Security and Media Security of Companies and Projects in the context of Sustainable Development Goals and ESG Principles." Actual Problems of Russian Law 17, no. 9 (June 14, 2022): 73–82. http://dx.doi.org/10.17803/1994-1471.2022.142.9.073-082.
Full textAbstract:
In the information field of high-tech projects, the following speech actions can be committed that form the objective side of offenses (crimes): defamation (defamatory speech actions), faking (fake speech acts), verbal extremism (extremist speech actions). It is proved that defamatory and fake information attacks are also possible in connection with the «interpretation» of publicly available «green» information about the organization: its statements and ESG strategy, non-financial reporting, etc. — for compliance with 1) planned entities — entities reflected in non-financial statements; 2) entities reflected in statements, strategies, non-financial reporting — actual data. Due to the fact that in the emerging judicial practice of ESG disputes, the attention of courts is paid to the form of statements, when considering such disputes, it is proposed to use the tools developed within the framework of judicial linguistics to identify the meaning (content) of units of various levels, determine the meaning or form of expression of meaning and classify it to a certain class (statement, opinion, assessment, assumption), establishing the presence or absence of certain content in the text, etc. The author proves that ensuring media security is an integral part of sustainable development and proposes a definition of the media security and reputational security of an organization (project). The paper provides for the risk management model of the media security of the organization (project). It is proved that from the point of view of project management, media security risk management claims to be an independent group of processes within the framework of project management. Media security risk management relies on the tools embedded in the methodology of the law of sustainable development: on system analysis and decision-making theory.
27
Seixas, Renato de Melo, Luiz Mauricio Furtado Maués, Carolina Caldas Neves Rosa, and Fabriccio de Almeida Oliveira. "Building Information Modeling (BIM) para gestão da segurança do trabalho em obras de habitações populares." Ambiente Construído 22, no. 3 (September 2022): 235–54. http://dx.doi.org/10.1590/s1678-86212022000300617.
Full textAbstract:
Resumo A construção civil possui características peculiares, como baixa comunicação entre os projetistas e os responsáveis técnicos pela execução da obra, além de grande rotatividade de operários, o que gera dificuldades para implantação de uma cultura de segurança eficaz. O surgimento de tecnologias vem contribuindo para a melhoria da comunicação e segurança, um exemplo é o Building Information Modeling (BIM), que possibilita a modelagem computacional da obra, que oferece dados detalhados do seu andamento ainda na fase de projeto. Esta pesquisa objetiva realizar a modelagem de uma obra vertical de interesse social. A modelagem baseou-se nos padrões estabelecidos pela NR 18. Finalizada a modelagem, os resultados foram confrontados com o cenário real da obra objetivando avaliar incompatibilidades com o que se é exigido pela NR. Para a modelagem utilizou-se os softwares Revit, MS Project e Naviswork. Concluiu-se que a obra não atendia alguns aspectos exigidos pela NR, além de falta de projetos, erros de dimensionamento e problemas de execução. Quanto aos responsáveis técnicos pela obra, foi avaliado que o uso do BIM em sua obra poderia trazer benefícios para o seu trabalho e facilitar a tomada de decisões.
28
Alashwali, Eman. "Incorporating hacking projects in computer and information security education: an empirical study." International Journal of Electronic Security and Digital Forensics 6, no. 3 (2014): 185. http://dx.doi.org/10.1504/ijesdf.2014.064406.
Full text
29
Wurster, Simone. "Development of a Specification for Data Interchange Between Information Systems in Public Hazard Prevention." International Journal of IT Standards and Standardization Research 11, no. 1 (January 2013): 46–66. http://dx.doi.org/10.4018/jitsr.2013010103.
Full textAbstract:
Standards and specifications for public security are missing in many technical aspects as well as the areas of communication protocols and security management. Several research gaps related to these fields exist, particularly regarding R&D stage standardisation. Sherif et al. (2007) offer a framework to investigate project management aspects leading to successful standardisation. Its applicability for R&D stage security standardisation was examined and mainly proved by a recent InfraNorm survey in the German security research program. The German project InfraNorm aims at initiating the development of standards and specifications for the protection of transportation infrastructure. This article gives insight into the development of such a specification based on R&D results. Besides providing practical examples for activities related to Sherif et al.’s (2007) framework, the article suggests its extension. Standardisation challenges and solutions are also unveiled. The article finishes by outlining key aspects which may influence the adoption of the specification and by giving a short overview of current results. Application fields of the findings include, in particular, fast track standardisation procedures with voluntary implementation of the results, standardisations of R&D results and standardisation projects from small groups.
30
Boyko, S. "Political and Legal Framework of the International Information Security." International Trends / Mezhdunarodnye protsessy 19, no. 4 (2021): 6–25. http://dx.doi.org/10.17994/it.2021.19.4.67.4.
Full textAbstract:
The article covers the policy of the Russian Federation in the field of international information security. The purpose of the study is to identify the key directions for strengthening international cooperation in the area of information security. The article examines the state of bilateral cooperation on international information security issues in particular on the example of the Agreement between the Russian Federation and the People’s Republic of China on cooperation in the field of international information security. The article analyzes Russian initiatives put forward in regional and multilateral organizations. Thus, special attention is paid to cooperation within BRICS, the SCO, the CSTO and ASEAN. Regional and interregional interaction in this area increases stability and security of the respective regions, taking into account the national interests of the parties involved. The article also studies the Russian projects promoted at the global level, namely, the UN General Assembly resolutions adopted by the initiative of the Russian Federation. Russia and its partners contributed to the adoption of a set of 13 international rules, principles and norms of responsible behavior of states in the information space. Convocation of an Open-Ended Working Group, whose mandate has been extended until 2025, has become an important contribution of Russia to institutionalization of the profile discussion mechanism within the UN. The author concludes that Russian projects and cooperation agreements reached can foster the development of political and legal framework of the international information security system. The focus on promoting the formation of such a system is confirmed by the updated Basic principles of the State Policy of the Russian Federation in the field of international information security. However, these initiatives are not exhaustive. Therefore, the formation of such a system requires the efforts of the entire world community.
31
Chubaievskyi, Vitaliy, Valerii Lakhno, Olena Kryvoruchko, Dmytro Kasatkin, Alona Desiatko, and Andrii Blozva. "EFFICIENCY OF THE INDICATORS INVESTMENT CALCULATION METHOD IN THE INFORMATION SECURITY SYSTEM OF INFORMATION OBJECTS." Cybersecurity: Education, Science, Technique 12, no. 4 (June 24, 2021): 96–107. http://dx.doi.org/10.28925/2663-4023.2021.12.96107.
Full textAbstract:
The article analyzes publications on the evaluation of investments in information security (IS) of objects of informatization (OBI). The possibility and necessity of obtaining the necessary data have been substantiated, contributing to a reliable assessment of the effectiveness of measures aimed at increasing the company’s IS. In the study process, the modelling methods have been used. A methodology is proposed for calculating indicators from investment activities in the context of increasing IS metrics of OBI. A specific example of such simulation is described. The proposed methodology provides an assessment of the damage prevention from a cyber-attack. The amount of the damage prevention from a cyber-attack is taken as a basic indicator for calculating the economic effect of investing in information security tools (IST). The performed simulation modelling allowed taking into account the relative uncertainty of the real situation with IS of OBI. The conducted study will help practitioners in the field of IS to obtain informed decisions to increase the efficiency of investment projects in the field of IS for OBI, using the approach outlined in the study. Unlike the existing ones, the proposed methodology takes into account both direct and indirect factors of investment projects in the field of IS of OBI
32
Ivanusa, A., S. Yemelyanenko, and E. Morsch. "METHODS AND MODELS OF SAFETY-FOCUSED STAKEHOLDER MANAGEMENT IN CIVIL PROTECTION PROJECTS." Bulletin of Lviv State University of Life Safety 19 (August 5, 2019): 36–43. http://dx.doi.org/10.32447/20784643.19.2019.03.
Full textAbstract:
The information analysis of successful practices of implementation of life safety projects was conducted, which allowed determining necessary models and methods of safety-focused stakeholders management in civil protection projects. Fire risk assessment at public gathering places has shown that the risks of human deaths in such structures to a large extent depend on the duration of the maximum permissible values of dangerous fire factors, which make it impossible to conduct safe evacuation of people. Improving the effectiveness of the implementation of the program for the creation and development of a security system at public gathering places, which include protective structures, requires the use of methods and models based on the use of information technology, system approach and security-focused man-agement. To construct stakeholder management models, based on the analysis of causative relationships and the use of the Japanese P2M knowledge system, a conceptual model of security-focused project management in the civil protec-tion system was initially constructed, which takes into account: the state of the turbulent environment of civil protection projects implementation, scale of emergency situation, key factors for the success of civil protection projects implemen-tation, regulatory framework of Ukraine and world methodologies for project management, physiological and physio-logical condition of people, strategic objectives, and performance indicators. Stakeholder management models reflect the evacuation routes of traffic flows from the public gathering places to the shelter facility, as well as the parameters that influence the movement of people in separate evacuation areas that need to be taken into account when calculating the time of implementation of civil protection projects. Using system analysis and topological synthesis of flexible technological lines, the mathematical apparatus describing the stakeholder management in civil protection project, the requirements of the regulatory framework for ensuring safety of people in protective structures, the calculation of opti-mal placement of people in the shelter facilities, which makes it possible to implement the project of ensuring the safety of people at the public gathering places in the neighborhood of the Lviv State University of Life Safety.
33
Lakhno, Valeriy, Volodimir Malyukov, Berik Akhmetov, Dmytro Kasatkin, and Liubov Plyska. "Development of a model for choosing strategies for investing in information security." Eastern-European Journal of Enterprise Technologies 2, no. 3 (110) (April 30, 2021): 43–51. http://dx.doi.org/10.15587/1729-4061.2021.228313.
Full textAbstract:
This paper has proposed a model of the computational core for the decision support system (DSS) when investing in the projects of information security (IS) of the objects of informatization (OBI). Including those OBI that can be categorized as critically important. Unlike existing solutions, the proposed model deals with decision-making issues in the ongoing process of investing in the projects to ensure the OBI IS by a group of investors. The calculations were based on the bilinear differential quality games with several terminal surfaces. Finding a solution to these games is a big challenge. It is due to the fact that the Cauchy formula for bilinear systems with arbitrary strategies of players, including immeasurable functions, cannot be applied in such games. This gives grounds to continue research on finding solutions in the event of a conflict of multidimensional objects. The result was an analytical solution based on a new class of bilinear differential games. The solution describes the interaction of objects investing in OBI IS in multidimensional spaces. The modular software product "Cybersecurity Invest decision support system " (Ukraine) for the Windows platform is described. Applied aspects of visualization of the results of calculations obtained with the help of DSS have been also considered. The Plotly library for the Python algorithmic language was used to visualize the results. It has been shown that the model reported in this work can be transferred to other tasks related to the development of DSS in the process of investing in high-risk projects, such as information technology, cybersecurity, banking, etc.
34
Radhakrishnan, Abirami, John Stephen Davis, and Dessa David. "Examining the Critical Success Factors in IT Projects." International Journal of Information Technology Project Management 13, no. 1 (January 2022): 1–38. http://dx.doi.org/10.4018/ijitpm.290423.
Full textAbstract:
Many companies experience IT project failures in relatively new areas such as Big Data, Data Science, Enterprise Systems, Blockchain, Cloud Computing, IT security, and IoT. Because of inadequate research in identifying critical success factors for these projects, we conducted a Delphi study employing separate panels for each of two kinds of project implementations, those using a predictive lifecycle approach and those using an adaptive lifecycle approach. We found common critical success factors: user/client involvement, senior management support, effective monitoring and control, effective communication and feedback, good change and configuration management, having a competent project manager, proper project leadership, and excellent vendor performance. Both predictive and adaptive lifecycle IT projects had certain unique critical success factors. The findings provide guidance to IT Project Managers.
35
Çağlayan, Mehmet Ufuk. "Review of Some Recent European Cybersecurity Research and Innovation Projects." Infocommunications journal 14, no. 4 (2022): 70–78. http://dx.doi.org/10.36244/icj.2022.4.10.
Full textAbstract:
This paper reviews research from several EU Projects that have addressed cybersecurity using techniques based on Machine Learning, including the security of Mobile Networks and the Internet of Things (IoT). These research projects have considered IoT Gateways and their design, security and performance, the security of digital health systems that are interconnected across Europe to provide health services to pople who travel through the EU, and related issues of the energy consumption and sustainability in Information and Communication Technologies (ICT) and their cybersecurity. The methods used in much of these research projects are based on Machine Learning both for attack detection and dynamic attack mitigation, as well as performance analysis and measurement techniques based on applied probability models.
36
Kyivska, Kateryna, and Svitlana Tsiutsiura. "Implementation of artificial intelligence in the construction industry and analysis of existing technologies." Technology audit and production reserves 2, no. 2(58) (April 30, 2021): 12–15. http://dx.doi.org/10.15587/2706-5448.2021.229532.
Full textAbstract:
The object of research is the process of using information technology in the construction industry. One of the most problematic areas is increasing the efficiency of the construction industry through the introduction of digital technologies. The research carried out is based on the application of an approach that is implemented using artificial intelligence. The study used machine learning and fuzzy logic methods to mark visual data and analyze it for potential threats, as well as to reduce all possible risks. The main feature of this approach is that using machine learning technology, it is possible to reduce the risks of a project before they affect its profit. So, using artificial intelligence in combination with BIM technologies, it is possible to predict work on construction projects based on real-time data, past activities and other factors in such a way as to optimize construction processes. The benefits to be gained from implementing digital processes will become even more evident in future projects as AI continues to analyze company data. This is due to the fact that the proposed approach using fuzzy logic has a number of features, in particular, the more information machine learning algorithms process, the more complex they become. As a result, they provide even more useful information and allow to make even better decisions. This provides an opportunity to minimize risks and efficiently allocate resources when working on projects. Compared to conventional information technology, artificial intelligence can be used to build a knowledge-based security management system and combine statistical probabilities to help mitigate security risks in construction projects.
37
Siountri, Konstantina, Emmanouil Skondras, and Dimitrios D. Vergados. "Developing Smart Buildings Using Blockchain, Internet of Things, and Building Information Modeling." International Journal of Interdisciplinary Telecommunications and Networking 12, no. 3 (July 2020): 1–15. http://dx.doi.org/10.4018/ijitn.2020070101.
Full textAbstract:
Building information modeling (BIM) is a revolutionary technology that provides all the necessary mechanisms to achieve end-to-end communication, data exchange and information sharing between project actors, leading to smarter outcomes for communities and more efficient projects for AEC service providers. 3D models generated in the context of engaging in the BIM process and as-delivered physical assets through building management systems (BMS) adopt Internet of Things (IoT) architectures and services. However, the orchestration of IoT devices in a highly modular environment with many moving parts and inter-dependencies between the stakeholders of this environment, lead to many security issues. This article focuses on applying novel technologies in the construction industry, such as BIM, IoT, and Blockchain, but also on examining their interconnection and interoperability on a proposed system architecture on a case of a building (museum), where efficient security, management and monitoring are considered crucial factors for the unobstructed operation of the organization that hosts.
38
Shao, Yanli, Jingru Zhao, Xingqi Wang, Weiwei Wu, and Jinglong Fang. "Research on Cross-Company Defect Prediction Method to Improve Software Security." Security and Communication Networks 2021 (August 24, 2021): 1–19. http://dx.doi.org/10.1155/2021/5558561.
Full textAbstract:
As the scale and complexity of software increase, software security issues have become the focus of society. Software defect prediction (SDP) is an important means to assist developers in discovering and repairing potential defects that may endanger software security in advance and improving software security and reliability. Currently, cross-project defect prediction (CPDP) and cross-company defect prediction (CCDP) are widely studied to improve the defect prediction performance, but there are still problems such as inconsistent metrics and large differences in data distribution between source and target projects. Therefore, a new CCDP method based on metric matching and sample weight setting is proposed in this study. First, a clustering-based metric matching method is proposed. The multigranularity metric feature vector is extracted to unify the metric dimension while maximally retaining the information contained in the metrics. Then use metric clustering to eliminate metric redundancy and extract representative metrics through principal component analysis (PCA) to support one-to-one metric matching. This strategy not only solves the metric inconsistent and redundancy problem but also transforms the cross-company heterogeneous defect prediction problem into a homogeneous problem. Second, a sample weight setting method is proposed to transform the source data distribution. Wherein the statistical source sample frequency information is set as an impact factor to increase the weight of source samples that are more similar to the target samples, which improves the data distribution similarity between the source and target projects, thereby building a more accurate prediction model. Finally, after the above two-step processing, some classical machine learning methods are applied to build the prediction model, and 12 project datasets in NASA and PROMISE are used for performance comparison. Experimental results prove that the proposed method has superior prediction performance over other mainstream CCDP methods.
39
Wu, Zhijun, Yun Zhang, and Enzhong Xu. "Multi-Authority Revocable Access Control Method Based on CP-ABE in NDN." Future Internet 12, no. 1 (January 16, 2020): 15. http://dx.doi.org/10.3390/fi12010015.
Full textAbstract:
For the future of the Internet, because information-centric network (ICN) have natural advantages in terms of content distribution, mobility, and security, it is regarded as a potential solution, or even the key, to solve many current problems. Named Data Network (NDN) is one of the research projects initiated by the United States for network architecture. NDN is a more popular project than ICN. The information cache in the NDN separates content from content publishers, but content security is threatened because of the lack of security controls. Therefore, a multi-authority revocable access control method based on CP-ABE needs to be proposed. This method constructs a proxy-assisted access control scheme, which can implement effective data access control in NDN networks, and the scheme has high security. Because of the partial decryption on the NDN node, the decryption burden of the consumer client in the solution is reduced, and effective user and attribute revocation is achieved, and forward security and backward security are ensured, and collusion attacks are prevented. Finally, through the other security and performance analysis of the scheme of this paper, it proves that the scheme is safe and efficient.
40
Vrhovec, Simon, and Blaž Markelj. "The relation between project team conflict and user resistance in software projects." PLOS ONE 16, no. 11 (November 16, 2021): e0260059. http://dx.doi.org/10.1371/journal.pone.0260059.
Full textAbstract:
This study aims to explore the relation between conflict in the project team and user resistance to change in software projects. Following a cross-sectional research design, a survey was conducted among 1,000 largest companies in Slovenia (N = 114). The results of PLS-SEM analysis indicate that task and process conflicts in the project team are associated with user resistance. This study is among the first to associate conflict within the project team and user resistance in the implementing organization. It is also one of the first studies to investigate the relations between different types of conflict and user resistance. Project managers may invest resources into adequately managing conflicts within the project team related to tasks in which the project team interacts with users of developed software to lower user resistance. Project with poorly defined roles (e.g., agile and information security projects) may be more prone to user resistance than projects with clearly defined roles.
41
Morceiro, Paulo César, Milene Simone Tessarin, and Joaquim José Martins Guilhoto. "Productive complex of defense and security in Brazil: dimensional, sectoral and technological impacts." Economia Aplicada 22, no. 3 (November 28, 2018): 89–118. http://dx.doi.org/10.11606/1980-5330/ea132559.
Full textAbstract:
In a novel way, we have measured the Brazilian defense and security complex. It corresponded to 3.7% of the Brazilian GDP in 2014. We have also estimated that the investment projects of Armed Forces have high socioeconomic impacts and great technological potential by demanding high-tech products and services. Unpublished information was collected from several public agencies (Ministries, Public Security, and Government Transparency Portal). With this, we estimate the security and defense sector in Brazilian input-output matrix and identify the sectoral profile of the defense investment projects. This innovative methodology can be applied to evaluate other public policies.
42
Simonova, Vera Alekseevna, Konstantin Sergeevich Zadornov, Valery Alexandrovich Senkov, and Natalia Mikhailovna Kvach. "QUALITATIVE ASSESSMENT OF COSTS AND INVESTMENTS IN INFORMATION SECURITY PROJECTS OF LIGHT INDUSTRY ENTERPRISES." Industrial Economics 2, no. 2 (2021): 47–52. http://dx.doi.org/10.47576/2712-7559_2021_2_2_47.
Full text
43
Slaymaker, M. A., E. Politou, D. J. Power, S. Lloyd, and A. C. Simpson. "Security Aspects of Grid-based Digital Mammography." Methods of Information in Medicine 44, no. 02 (2005): 207–10. http://dx.doi.org/10.1055/s-0038-1633948.
Full textAbstract:
Summary Objectives: The principal aim of the eDiaMoND project is to develop a prototype Grid infrastructure to support the needs of the breast care community. The prototype system is but one major deliverable of the project; the other is a blueprint document that describes how a system such as eDiaMoND might be deployed throughout the United Kingdom to support the NHS Breast Screening Programme. A key consideration of both the prototype and the blueprint is security. In this paper we address some of the generic security issues faced by projects such as eDiaMoND. We also indicate how these problems are being overcome within our project. Methods: In order to fully understand the security issues faced by the project a review of current initiatives within the NHS was performed. The work of the NHS Information Authority was found to be particularly significant. Also reviewed was BS7799, the British Standard for the deployment of security systems and processes. Finally, modelling of the proposed prototype was performed using methods proposed by the e-Science Security Task Force, in particular the method proposed by Flechais and Sasse. Results and Conclusions: It is felt that the issues of security surrounding the eDiaMoND project are sufficiently generic that the eHealth community can consider and criticise the work described. It is hoped that this will enable the eHealth community to move forwards with a common agenda.
44
Sommer, Florian, Jürgen Dürrwang, and Reiner Kriesten. "Survey and Classification of Automotive Security Attacks." Information 10, no. 4 (April 19, 2019): 148. http://dx.doi.org/10.3390/info10040148.
Full textAbstract:
Due to current development trends in the automotive industry towards stronger connected and autonomous driving, the attack surface of vehicles is growing which increases the risk of security attacks. This has been confirmed by several research projects in which vehicles were attacked in order to trigger various functions. In some cases these functions were critical to operational safety. To make automotive systems more secure, concepts must be developed that take existing attacks into account. Several taxonomies were proposed to analyze and classify security attacks. However, in this paper we show that the existing taxonomies were not designed for application in the automotive development process and therefore do not provide enough degree of detail for supporting development phases such as threat analysis or security testing. In order to be able to use the information that security attacks can provide for the development of security concepts and for testing automotive systems, we propose a comprehensive taxonomy with degrees of detail which addresses these tasks. In particular, our proposed taxonomy is designed in such a wa, that each step in the vehicle development process can leverage it.
45
RA, Archana, Ravindra S Hegadi, and Manjunath T N. "Big Data Security Architecture using Split and Merge Method." Indonesian Journal of Electrical Engineering and Computer Science 11, no. 1 (July 1, 2018): 268. http://dx.doi.org/10.11591/ijeecs.v11.i1.pp268-274.
Full textAbstract:
<p>Due to rapid growth of unstructured data in contemporary information world, there is an essence of big data infrastructure for many applications spread across domains, due to the different source information type and huge volume, data ingestion and data retrieval is important activity during this process data security is a vital to protect user data, in connection with this, authors proposed a big data security architecture using split and merge security method in big data environment using hadoop.This work will help Data security professionals and organizations implementing big data projects.</p>
46
Wang, Xinran. "Exploring Chinese College Students' Awareness of Information Security in the COVID-19 Era." European Journal of Education 5, no. 2 (October 1, 2022): 19–33. http://dx.doi.org/10.2478/ejed-2022-0002.
Full textAbstract:
Abstract The focus of this research was to look into the information security awareness of Chinese university students during the COVID-19 pandemic and make recommendations based on the survey's findings and research literature. The quantitative method is applied in this study. 111 Chinese college students were randomly sampled and requested to answer a Likert information security awareness questionnaire. The descriptive analysis of the data in this study is also done with SPSS. The findings revealed that the vast majority of college students know the significance of information security awareness and have basic information security awareness, based on the data collected. However, some students have not participated in relevant training courses, and many college students do not pay enough attention to personal information security, resulting in poor performance in areas such as files and passwords. As a result, effective solutions such as information security training projects are required to address the current deficiencies. The findings of this study have implications for university administrators and policymakers in terms of how to raise students' awareness of the security of their online learning information. The study should use mixed methods and large sample sizes in the future to provide more detailed and comprehensive survey data, and more credible evidence of college students' information security awareness.
47
Fenz, Stefan, Stefanie Plieschnegger, and Heidi Hobel. "Mapping information security standard ISO 27002 to an ontological structure." Information & Computer Security 24, no. 5 (November 14, 2016): 452–73. http://dx.doi.org/10.1108/ics-07-2015-0030.
Full textAbstract:
Purpose The purpose of this paper is to increase the degree of automation within information security compliance projects by introducing a formal representation of the ISO 27002 standard. As information is becoming more valuable and the current businesses face frequent attacks on their infrastructure, enterprises need support at protecting their information-based assets. Design/methodology/approach Information security standards and guidelines provide baseline knowledge for protecting corporate assets. However, the efforts to check whether the implemented measures of an organization adhere to the proposed standards and guidelines are still significantly high. Findings This paper shows how the process of compliance checking can be supported by using machine-readable ISO 27002 control descriptions in combination with a formal representation of the organization’s assets. Originality/value The authors created a formal representation of the ISO 27002 standard and showed how a security ontology can be used to increase the efficiency of the compliance checking process.
48
Reva, Ivan L., Igor A. Ognev, Alexandr A. Yakimenko, and Olga K. Alsova. "Technologies and methods for creating systems of secure information exchange." Digital technology security, no. 3 (September 29, 2022): 81–97. http://dx.doi.org/10.17212/2782-2230-2022-3-81-97.
Full textAbstract:
This article presents a description of existing technologies and methods for creating secure information exchange systems. To date, secure information exchange systems are built in accordance with two technologies – VPN technology and cryptographic protocols SSL and TSL, as well as in accordance with combinations of these technologies. The necessity of creating network security systems is considered. The rapid development of network technologies leads to an equally rapid increase in information security risks for companies in both the public and private sectors. The requirements of the legislation of the Russian Federation in the field of ensuring the security of networks are presented. The principles of network security design are described. The analysis of existing projects and implementations of network security was carried out. A description of the existing and methods for constructing secure information exchange systems is given. The technologies for building secure information exchange systems based on VPN technology, as well as the algorithms for building VPN connections – PPTP, IPSec, L2TP, SSTP, OpenVPN, GOST VPN are considered. The most common technical and software information security tools that use VPN to build a secure information exchange are described – the products of the companies InfoTeKS, Security Code, S-Terra. The technology of constructing secure information exchange systems based on SSL and TLS cryptographic protocols is considered. This article identifies the most common problems in building secure information exchange systems – the presence of a large number of manufacturers of information security tools with their own ecosystem, as well as high labor, financial and time costs for ensuring the information exchange of systems of different levels of security, the security of which built on solutions from different vendors.
49
Lu, Baocheng, Xuegang Zhao, Zhenkun Guo, and Wentao Cui. "Research on the "Government-led, Project-driven, Platform-Supported" Military-civilian Collaborative Education System and Mechanism." BCP Education & Psychology 5 (August 30, 2022): 134–38. http://dx.doi.org/10.54691/bcpep.v5i.1586.
Full textAbstract:
Aiming at the outstanding problems of scattered projects, scattered systems, and incomplete mechanisms in the process of military-civilian integration and collaborative education, taking military-civilian collaborative education as the research object, the security system is designed from the macro, meso and micro levels, and the financial guarantee, project Operation, information management and other mechanisms to ensure the long-term and high-quality operation of military-civilian integration and collaborative education.
50
Muluh, Gregory Nguh, Jude Ndzifon Kimengsi, and Ngwa Kester Azibo. "Challenges and Prospects of Sustaining Donor-Funded Projects in Rural Cameroon." Sustainability 11, no. 24 (December 7, 2019): 6990. http://dx.doi.org/10.3390/su11246990.
Full textAbstract:
For more than five decades, developing countries (including Cameroon) have been primary beneficiaries of donor-funded projects targeting many sectors, including agriculture and rural development. Cameroon’s rural landscape witnessed a series of project interventions which emphasized sustainability. Although research efforts have been directed towards understanding the planning, implementation and impacts of donor-funded projects, not enough scientific information exists on the determinants, challenges and prospects of sustaining donor-funded projects in rural communities in Cameroon. For this study, the Investment Fund for Communal and Agricultural Micro-projects (FIMAC I) scheme, was used to diagnose the determinants, challenges and prospects for sustaining development projects in the North West Region (NWR) of Cameroon. A representative sample of 150 beneficiaries drawn from 20 farming groups in the NWR was conducted, to generate data which was complemented by interviews. The binary logistic regression results reveal the following: Although there is a significant change in the level of incomes for the FIMAC I project beneficiaries, its sustainability (mirrored through continuity) is dependent upon a myriad of socio-economic factors including family size, length of stay in the community, gender, education and the status of the beneficiary. Furthermore, the less transparent loan application process and the lack of collateral security were the main challenges faced by project beneficiaries. We argue that the introduction of soft loans with minimal demands for collateral security could increase beneficiary participation in projects, while beneficiary groups should further diversify their sources of capital and productive activities. The study does not only contribute to existing theoretical constructs on sustainable rural development, but also makes a succinct request for future studies to unbundle the conditions, under which donor-funded projects are rendered sustainable in rural contexts.