Journal articles on the topic 'Security-aware application'
To see the other types of publications on this topic, follow the link: Security-aware application.
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Security-aware application.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Iyer, Ravishankar, Zbigniew Kalbarczyk, Karthik Pattabiraman, William Healey, Wen-mei Hwu, Peter Klemperer, and Reza Farivar. "Toward Application-Aware Security and Reliability." IEEE Security and Privacy Magazine 5, no. 1 (January 2007): 57–62. http://dx.doi.org/10.1109/msp.2007.23.
Full text
2
Lozano-Rizk, Jose E., Jose E. Gonzalez-Trejo, Raul Rivera-Rodriguez, Andrei Tchernykh, Salvador Villarreal-Reyes, and Alejandro Galaviz-Mosqueda. "Application-Aware Flow Forwarding Service for SDN-Based Data Centers." Electronics 11, no. 23 (November 24, 2022): 3882. http://dx.doi.org/10.3390/electronics11233882.
Full textAbstract:
Security and Quality of Service (QoS) in communication networks are critical factors supporting end-to-end dataflows in data centers. On the other hand, it is essential to provide mechanisms that enable different treatments for applications requiring sensitive data transfer. Both applications’ requirements can vary according to their particular needs. To achieve their goals, it is necessary to provide services so that each application can request both the quality of service and security services dynamically and on demand. This article presents QoSS, an API web service to provide both Quality of Service and Security for applications through software-defined networks. We developed a prototype to conduct a case study to provide QoS and security. QoSS finds the optimal end-to-end path according to four optimization rules: bandwidth-aware, delay-aware, security-aware, and application requirements (considering the bandwidth, delay, packet loss, jitter, and security level of network nodes). Simulation results showed that our proposal improved end-to-end application data transfer by an average of 45%. Besides, it supports the dynamic end-to-end path configuration according to the application requirements. QoSS also logs each application’s data transfer events to enable further analysis.
3
Dirin, Amir, Teemu H. Laine, and Ari Alamäki. "Managing Emotional Requirements in a Context-Aware Mobile Application for Tourists." International Journal of Interactive Mobile Technologies (iJIM) 12, no. 2 (March 29, 2018): 177. http://dx.doi.org/10.3991/ijim.v12i2.7933.
Full textAbstract:
<p class="Abstract">The objective of this study was to unveil the importance of emotions and feelings in developing mobile-based tourism applications. We gathered and analyzed emotional requirements to develop a mobile context-aware application for tourists. Emotional requirements are non-functional requirements affecting users’ emotional experiences around using applications, which are important for sustainable application usage. Many tourism applications exist, but were designed without considering emotional requirements or related UX factors and emotions. We developed a proof-of-concept prototype service-based context-aware tourism application (SCATA), and users participated in the design and evaluation processes. Emotional requirements are key to sustainable usage, especially regarding security. This paper details the application design and evaluation processes, emotional requirements analysis in each design phase, and the emotional effects of content accessibility in the application’s offline mode in unknown environments. The results show that trust, security, adjustability, and reliability are important factors to users, especially in unknown environments.</p>
4
Rosendo, Miguel, and Jorge Granjal. "Energy-Aware Security Adaptation for Low-Power IoT Applications." Network 2, no. 1 (January 14, 2022): 36–52. http://dx.doi.org/10.3390/network2010003.
Full textAbstract:
The constant evolution in communication infrastructures will enable new Internet of Things (IoT) applications, particularly in areas that, up to today, have been mostly enabled by closed or proprietary technologies. Such applications will be enabled by a myriad of wireless communication technologies designed for all types of IoT devices, among which are the Long-Range Wide-Area Network (LoRaWAN) or other Low-power and Wide-Area Networks (LPWAN) communication technologies. This applies to many critical environments, such as industrial control and healthcare, where wireless communications are yet to be broadly adopted. Two fundamental requirements to effectively support upcoming critical IoT applications are those of energy management and security. We may note that those are, in fact, contradictory goals. On the one hand, many IoT devices depend on the usage of batteries while, on the other hand, adequate security mechanisms need to be in place to protect devices and communications from threats against their stability and security. With thismotivation in mind, we propose a solution to address the management, in tandem, of security and energy in LoRaWAN IoT communication environments. We propose and evaluate an architecture in the context of which adaptation logic is used to manage security and energy dynamically, with the goal of guaranteeing appropriate security, while promoting the lifetime of constrained sensing devices. The proposed solution was implemented and experimentally evaluated and was observed to successfully manage security and energy. Security and energy are managed in line with the requirements of the application at hand, the characteristics of the constrained sensing devices employed and the detection, as well as the threat, of particular types of attacks.
5
Arudkar, Archna, and Vimla Jethani. "RBAC+: Protecting Web Databases With Access Control Mechanism." INTERNATIONAL JOURNAL OF MANAGEMENT & INFORMATION TECHNOLOGY 2, no. 1 (November 27, 2012): 24–30. http://dx.doi.org/10.24297/ijmit.v2i1.1407.
Full textAbstract:
With the wide adoption of Internet, security of web database is a key issue. In web-based applications, due to the use of n-tier architecture, the database server has no knowledge of the web application user and hence all authorization decisions are based upon execution of specific web application. Application server has full access privileges to delegate to the end user based upon the user requirement. The identity of the end user is hidden , subsequently database server fails to assign proper authorizations to the end user. Hence, current approaches to access control on databases do not fit for web databases because they are mostly based on individual user identities. To fill this security gap, the definition of application aware access control system is needed. In this paper, RBAC+ Model, an extension of NIST RBAC provides a application aware access control system to prevent attacks with the notion of application, application profile and sub-application session.
6
Doriguzzi-Corin, Roberto, Sandra Scott-Hayward, Domenico Siracusa, Marco Savi, and Elio Salvadori. "Dynamic and Application-Aware Provisioning of Chained Virtual Security Network Functions." IEEE Transactions on Network and Service Management 17, no. 1 (March 2020): 294–307. http://dx.doi.org/10.1109/tnsm.2019.2941128.
Full text
7
Khan, M. Fahim Ferdous, and Ken Sakamura. "The Context-Security Nexus in Ubiquitous Computing." International Journal of Adaptive, Resilient and Autonomic Systems 5, no. 3 (July 2014): 61–81. http://dx.doi.org/10.4018/ijaras.2014070104.
Full textAbstract:
Context-awareness is a quintessential feature of ubiquitous computing. Contextual information not only facilitates improved applications, but can also become significant security parameters – which in turn can potentially ensure service delivery not to anyone anytime anywhere, but to the right person at the right time and place. Specially, in determining access control to resources, contextual information can play an important role. Access control models, as studied in traditional computing security, however, have no notion of context-awareness; and the recent works in the nascent field of context-aware access control predominantly focus on spatio-temporal contexts, disregarding a host of other pertinent contexts. In this paper, with a view to exploring the relationship of access control and context-awareness in ubiquitous computing, the authors propose a comprehensive context-aware access control model for ubiquitous healthcare services. They explain the design, implementation and evaluation of the proposed model in detail. They chose healthcare as a representative application domain because healthcare systems pose an array of non-trivial context-sensitive access control requirements, many of which are directly or indirectly applicable to other context-aware ubiquitous computing applications.
8
Huang, Binbin, Yuanyuan Xiang, Dongjin Yu, Jiaojiao Wang, Zhongjin Li, and Shangguang Wang. "Reinforcement Learning for Security-Aware Workflow Application Scheduling in Mobile Edge Computing." Security and Communication Networks 2021 (May 25, 2021): 1–13. http://dx.doi.org/10.1155/2021/5532410.
Full textAbstract:
Mobile edge computing as a novel computing paradigm brings remote cloud resource to the edge servers nearby mobile users. Within one-hop communication range of mobile users, a number of edge servers equipped with enormous computation and storage resources are deployed. Mobile users can offload their partial or all computation tasks of a workflow application to the edge servers, thereby significantly reducing the completion time of the workflow application. However, due to the open nature of mobile edge computing environment, these tasks, offloaded to the edge servers, are susceptible to be intentionally overheard or tampered by malicious attackers. In addition, the edge computing environment is dynamical and time-variant, which results in the fact that the existing quasistatic workflow application scheduling scheme cannot be applied to the workflow scheduling problem in dynamical mobile edge computing with malicious attacks. To address these two problems, this paper formulates the workflow scheduling problem with risk probability constraint in the dynamic edge computing environment with malicious attacks to be a Markov Decision Process (MDP). To solve this problem, this paper designs a reinforcement learning-based security-aware workflow scheduling (SAWS) scheme. To demonstrate the effectiveness of our proposed SAWS scheme, this paper compares SAWS with MSAWS, AWM, Greedy, and HEFT baseline algorithms in terms of different performance parameters including risk probability, security service, and risk coefficient. The extensive experiments results show that, compared with the four baseline algorithms in workflows of different scales, the SAWS strategy can achieve better execution efficiency while satisfying the risk probability constraints.
9
Asuncion, Vernon, Khaled M. khan, Abdelkarim Erradi, and Saleh Alhazbi. "Reasoning About Policies in Security-Aware Service Discovery Using Answer Set Programming." International Journal of Cooperative Information Systems 25, no. 01 (March 2016): 1650003. http://dx.doi.org/10.1142/s0218843016500039.
Full textAbstract:
In order to enable a secure interaction between dynamically discovered software services and the client’s application in a cooperative information system such as service oriented system, one of the pre-requisites is the reconciliation of service-specific security policies of all stakeholders. Existing service discovery research does not address the issue of enormous search space in finding security-aware services based on preferred security policy alternatives of the client of software services. In this paper, we propose an answer set programming (ASP) approach, drawn from the field of artificial intelligence (AI), to explore a viable solution of finding security-aware services for the client. We argue that the ASP approach can significantly reduce the search space and achieve great performance gains. We use ASP to: (i) specify security policies including expressing service-specific security preference weighting and importance scoring in quantifiable terms; and (ii) reason about the compliance between the security policies of the client and the software service.
10
Singh, Shubham, Pranju Mishra, Samruddhi Kshirsagar, Shubham Bharadia, and Narendra Joshi. "SQL Injection and Areas of Security Concern." International Journal of Computer Science and Mobile Computing 10, no. 5 (May 30, 2021): 60–66. http://dx.doi.org/10.47760/ijcsmc.2021.v10i05.006.
Full textAbstract:
Cyber-crimes are growing rapidly and to prevent these crimes one should share all the knowledge he/she has to make people aware of these attacks. In the field of Application Security there is a very well-known vulnerability ―SQL INJECTION‖. In this paper, we have focused on what are the type of SQL Injection attacks and where it can be found in any application.
11
Thete, Prof Sharda, Siddheshwar Midgule, Nikesh Konde, and Suraj Kale. "Malware Detection Using Machine Learning and Deep Learning." International Journal for Research in Applied Science and Engineering Technology 10, no. 11 (November 30, 2022): 1942–45. http://dx.doi.org/10.22214/ijraset.2022.47682.
Full textAbstract:
Abstract: Android application security is based on permission-based mechanisms that restrict third-party Android applications' access to critical resources on an Android device. The user must accept a set of permissions required by the application before proceeding with the installation. This process is intended to inform users about the risks of installing and using applications on their devices. However, most of the time, even with a well-understood permission system, users are not fully aware of endangered threats, relying on application stores or the popularity of applications and relying on developers to You are accepting the install without trying to analyze your intent.
12
Zawoad, Shams, Marjan Mernik, and Ragib Hasan. "Towards building a forensics aware language for secure logging." Computer Science and Information Systems 11, no. 4 (2014): 1291–314. http://dx.doi.org/10.2298/csis131201051z.
Full textAbstract:
Trustworthy system logs and application logs are crucial for digital forensics. Researchers have proposed different security mechanisms to ensure the integrity and confidentiality of logs. However, applying current secure logging schemes on heterogeneous formats of logs is tedious. Here, we propose Forensics Aware Language (FAL), a domain-specific language (DSL) through which we can apply a secure logging mechanism on any format of logs. Using FAL, we can define log structure, which represents the format of logs and ensures the security properties of a chosen secure logging scheme. This log structure can later be used by FAL to serve two purposes: it can be used to store system logs securely and it will help application developers for secure application logging by generating the required source code.
13
Yang, Yuli, Xinguang Peng, and Xiaohong Wan. "Security-aware data replica selection strategy for Bag-of-Tasks application in cloud computing." Journal of High Speed Networks 21, no. 4 (November 25, 2015): 299–311. http://dx.doi.org/10.3233/jhs-150527.
Full text
14
Prabowo, Maraghi Agil, Ucuk Darusalam, and Sari Ningsih. "Perancangan Keamanan Server Linux Dengan Metode Hardening Pada Layer 1 dan Layer 7." JURNAL MEDIA INFORMATIKA BUDIDARMA 4, no. 3 (July 20, 2020): 591. http://dx.doi.org/10.30865/mib.v4i3.2157.
Full textAbstract:
Many person or institutions are still not aware of security on a server, not only rely on IDS and IPS applications and some firewall applications that we can easily find through internet networks. Special security handling is required on servers that are not related to third-party applications. The security design can be implemented through kernel configuration and tweaks that can be done by relying on the default application of an operating system. These applications are very common and can be found in almost all types of Linux server distributions. And there are still many people who do not maximize the security provided by the BIOS (Basic Input Output System) so that the operating system that has been installed and the data stored therein can be easily accessed by parties who are not responsible. Than as a preventive measure so that the data stored can not be accessed haphazardly by people who are not responsible, provided encryption and the sharing of system files that will be installed on the server. In the security steps for account access, the password that is created will be expired and the user cannot use the old password that he has used before
15
Chen, Aiguo, Guoming Lu, Hanwen Xing, Yuan Xie, and Shunwei Yuan. "Dynamic and semantic-aware access-control model for privacy preservation in multiple data center environments." International Journal of Distributed Sensor Networks 16, no. 5 (May 2020): 155014772092177. http://dx.doi.org/10.1177/1550147720921778.
Full textAbstract:
With the rapid development of intelligent perception and other data acquisition technologies in the Internet of things, large-scale scientific workflows have been widely used in geographically distributed multiple data centers to realize high performance in business model construction and computational processing. However, insider threats pose very significant privacy and security risks to systems. Traditional access-control models can no longer satisfy the reasonable authorization of resources in these new cross-domain environments. Therefore, a dynamic and semantic-aware access-control model is proposed for privacy preservation in multiple data center environments, which implements a semantic dynamic authorization strategy based on an anomaly assessment of users’ behavior sequences. The experimental results demonstrate that this dynamic and semantic-aware access-control model is highly dynamic and flexible and can improve the security of the application system.
16
Vakilinia, Shahin, Mohammadhossein Alvandi, Mohammadreza Khalili Shoja, and Iman Vakilinia. "Cross-Layered Secure and QoS Aware Design of VOIP over Wireless Ad-Hoc Networks." International Journal of Business Data Communications and Networking 9, no. 4 (October 2013): 23–45. http://dx.doi.org/10.4018/ijbdcn.2013100102.
Full textAbstract:
In this paper, Cross-layer design has been used to provide quality of service (QoS) and security at the same time for VOIP over the wireless ad-hoc network. In this paper the authors extend their previous work (i.e. Multi-path Multi-Channel Protocol Design for Secure QoS-Aware VOIP in Wireless Ad-Hoc Networks) by adding transport and application layers considerations. The goal of this paper is to support QoS and security of VOIP simultaneously. Simulation results shows that the proposed cross-layered protocol stack design significantly improve QoS parameters of the VOIP calls under the jamming or Denial-of-service attacks.
17
Mbuguah, Samwel Mungai, and Tobias Okumu Otibine. "A Survey of Awareness of Social Engineering Attacks to Information Security Management Systems: The Case of Kibabii University Kenya." International Journal of Computer Applications Technology and Research 11, no. 06 (June 2022): 187–92. http://dx.doi.org/10.7753/ijcatr1106.1003.
Full textAbstract:
Computer based systems are socio-technical systems in nature. The security of the system depends both on technical aspect and also social aspect. The social aspect refers to people in contact with system commonly referred to as wetware. To attack the system you may consider to target the technical or wetware. Social engineering is based on exploiting human traits that make human susceptible to these attacks. The aim of this paper was establish how aware the staff of Kibabii University were of these attributes and how these attributes could be used by social engineers to penetrate the Information Security Management systems at the institution. A survey research was adopted with a questionnaire being developed using Google application, and was administered online to all staff members of Kibabii University. A descriptive analysis was carried out on feedback. The finding was that to a large extent the sampled staff are aware of these traits but there is need for awareness training to enhance the information security management system of Kibabii University
18
Rosli, Athirah, Abidah Mat Taib, Wan Nor Ashiqin Wan Ali, and Ros Syamsul Hamid. "Application of Grounded Theory in Determining Required Elements for IPv6 Risk Assessment Equation." MATEC Web of Conferences 150 (2018): 06005. http://dx.doi.org/10.1051/matecconf/201815006005.
Full textAbstract:
The deployment of Internet Protocol version 6 (IPv6) has raised security concerns among the network administrators. Thus, in strengthening the network security, administrator requires an appropriate method to assess the possible risks that occur in their networks. Aware of the needs to calculate risk in IPv6 network, it is essential to an organization to have an equation that is flexible and consider the requirements of the network. However, the existing risk assessment equations do not consider the requirement of the network. Therefore, this paper presents the adaptation of grounded theory to search for elements that are needed to develop IPv6 risk assessment (IRA6) equation. The attack scenarios’ experiments; UDP Flooding, TCP Flooding and Multicast attacks were carried out in different network environment to show how the IPv6 risk assessment equation being used. The result shows that the IRA6 equation is more flexible to be used regardless the network sizes and easier to calculate the risk value compared to the existing risk assessment equations. Hence, network administrators can have a proper decision making and strategic planning for a robust network security.
19
Azhari, Firman. "Quick detection of NFC vulnerability." Information Management & Computer Security 22, no. 2 (June 3, 2014): 134–40. http://dx.doi.org/10.1108/imcs-09-2013-0067.
Full textAbstract:
Purpose – The purpose of this research is to explain particular implementation weaknesses of near field communication (NFC) systems done by several institutions which apply for critical purposes and provide practical solutions. Design/methodology/approach – This research is done by literature studies of previous findings in NFC security, observations of some existing implemented systems and experimentations to provide practical solutions. Findings – Unintentional lack of security protection of the NFC cards and tags by some card issuers make them a vulnerable target. The outcomes of this research are proposed solutions on methods to quickly detect vulnerability in NFC tags using an Android-based mobile application. Another solution involves the assembly of a detection device using the portable, low power and powerful Raspberry Pi to analyze the NFC tags or cards and NFC reader vulnerabilities. Research limitations/implications – This research is conducted in Indonesia; therefore, the results and solutions may lack generalizability. However, the findings may occur in other countries which newly apply NFC technology. Practical implications – System implementer should become more aware about the security issue of old NFC tags like MIFARE Classic. Price should be considered after tag security. People also need to be aware of identity or money theft using NFC-enabled smartphones, as many identity cards and electronic money are now relying on NFC technology. Social implications – People also need to be aware of identity or money theft using NFC-enabled smartphones, as many identity cards and electronic money are now relying on NFC technology. Originality/value – This research fulfills an identified need to evaluate the security aspect of a system that uses NFC as one of the main technologies. The results and solutions also provides cheap, easy and practical tools to analyze NFC security.
20
Tang, Jia. "RFID Technology and Structure of Internet of Things." Applied Mechanics and Materials 427-429 (September 2013): 2818–21. http://dx.doi.org/10.4028/www.scientific.net/amm.427-429.2818.
Full textAbstract:
The IOT( Internet of things) has been widespread concerned in recent years. In order to gain a better understanding of the IOT technology, the development of the IOT applications and one of the key technologies RFID technologies was given a detailed introduction. For the IOT operation principle and working mechanism can be more easily understood and grasped, it combined with EPC global standards, establishing a structural model of IOT, and giving the aware-layer, network-layer, and application-layer works in this model. To further promote the application of this IOT structure model, highlighting the problems to be solved, and emphasizing awareness node optimize allocation problem, information security issues and data processing problem, etc. The final conclusion points out some suggestions on the development of IOT.
21
Wang, Ziheng, Heng Chen, and Weiguo Wu. "Client-Aware Negotiation for Secure and Efficient Data Transmission." Energies 13, no. 21 (November 4, 2020): 5777. http://dx.doi.org/10.3390/en13215777.
Full textAbstract:
In Wireless Sensor Networks (WSNs), server clusters, and other systems requiring secure transmission, the overhead of data encryption and transmission is often not negligible. Unfortunately, a conflict exists between security and efficiency in processing data. Therefore, this paper proposes a strategy to overcome this conflict, called Client-Aware Negotiation for Secure and Efficient Data Transmission (CAN-SEAT). This strategy allows a client with different security transmission requirements to use the appropriate data security transmission without modifying the client. Two methods are designed for different clients. The first method is based on two-way authentication and renegotiation. After handshakes, the appropriate data security transmission scheme is selected according to the client requirements. Another method is based on redirection, which can be applied when the client does not support two-way authentication or renegotiation. For the characteristics of different architecture, this paper classifies and discusses symmetric key algorithms, asymmetric key algorithms, and hardware encryption instructions. In four application scenarios, the CAN-SEAT strategy is tested. Compared with the general transmission strategy, when only software encryption is used, the data processing and transmission cost can be reduced by 89.41% in the best case and by 15.40% in the worst case. When supporting hardware encryption, the cost can be reduced by 85.30% and 24.63%, respectively. A good effect was produced on the experimental platforms XiLinx, FT-2000+, and Intel processors. To the best of our knowledge, for Client-Aware Negotiation (CAN), this is the first method to be successfully deployed on a general system. CAN-SEAT can be easily combined with other energy-efficient strategies.
22
Haider, Shahab, Ziaul Haq Abbas, Ghulam Abbas, Muhammad Waqas, Shanshan Tu, and Wei Zhao. "A Novel Cross-Layer V2V Architecture for Direction-Aware Cooperative Collision Avoidance." Electronics 9, no. 7 (July 8, 2020): 1112. http://dx.doi.org/10.3390/electronics9071112.
Full textAbstract:
The death toll due to highway crashes is increasing at an alarming rate across the globe. Vehicular Ad Hoc Networks (VANETs) have emerged as a promising solution to prevent crashes by enabling collision avoidance applications. However, a robust and stable collision avoidance application is a cross-layer problem that must address a number of key challenges across all layers of a VANET communication architecture. This paper presents and evaluates a novel VANET protocol suite, named Direction-Aware Vehicular Collision Avoidance (DVCA), which covers application, security services, network, and link layers. DVCA is a vehicle-to-vehicle communication architecture that provides enhanced collision probability computation and adaptive preventive measures for cooperative collision avoidance on bi-directional highways. Moreover, DVCA enables secure, in-time, and reliable dissemination of warning messages, which provides adequate time for vehicles to prevent collisions. Simulation and analytical results demonstrate reasonable reduction in collisions by DVCA, as compared with eminent VANET communication architectures.
23
Haoxiang, Dr Wang, and Dr. S. Smys. "Secure and Optimized Cloud-Based Cyber-Physical Systems with Memory-Aware Scheduling Scheme." Journal of Trends in Computer Science and Smart Technology 2, no. 3 (July 23, 2020): 141–47. http://dx.doi.org/10.36548/jtcsst.2020.3.003.
Full textAbstract:
Computer based algorithms are used for monitoring and controlling a computers where human, physical, digital and analog interaction occurs. This scheme termed as cyber-physical systems (CPS) is being deployed in a wide array of applications due to its easy deployment feature and connectivity. CPS based on cloud computing technology offers wider application range with enormous amount of storage and computing resources. However, despite the wide application and deployment of CPS in combining the key technologies like big data analytics, cloud computing and IoT, its energy consumption is large. Optimization of this energy is a major field of research and is of due importance. For this purpose, in cloud environment, virtual machines (VMs) are used for hosting the applications and the resources are managed thereby optimizing the energy consumption. The security issues and the quality of service (QoS) requirements of the system is also met by optimizing the system design. The scheduling issue of the system is addressed by implementation of efficient memory-aware scheduling strategy and algorithms. The proposed technique is tested for performance and the results of simulation is presented.
24
Ordoñez-Quintero, Cristian-Camilo, Hugo-Armando Ordoñez-Eraso, and Jose-Armando Ordoñez-Córdoba. "Information Management Security Vulnerabilities in Smartphones Used by University Students: A Case Study in the Southwest of Colombia." Revista Facultad de Ingeniería 31, no. 59 (March 14, 2022): e13957. http://dx.doi.org/10.19053/01211129.v31.n59.2022.13957.
Full textAbstract:
Currently, students who use smartphones are affected by theft and information leakage, to address this problem, this research aims to identify security vulnerabilities in these devices. In addition, an application to prevent phishing and information leakage was implemented. Effectiveness and performance tests were carried out to identify vulnerabilities and to alert users about them. The threats identified in Android smartphones used by university students in the southwest of Colombia were based on various techniques (phishing, DNS poisoning, identity theft, Man in the middle, foot-printing, spyware). To reach this result, we defined the problem, then we made a literature review, after that we defined the study population, methods, and instruments; finally, we collected the information and analyzed the results. An application was launched to show the security vulnerabilities of malicious software installation, which extracts information from student’s devices and makes the security of our mobile phones a priority nowadays; and to achieve greater security on Android smartphones. However, it is essential to be aware of the importance of self-care.
25
Kathole, Atul B., Jayashree Katti, Dharmesh Dhabliya, Vivek Deshpande, Anand Singh Rajawat, S. B. Goyal, Maria Simona Raboaca, Traian Candin Mihaltan, Chaman Verma, and George Suciu. "Energy-Aware UAV Based on Blockchain Model Using IoE Application in 6G Network-Driven Cybertwin." Energies 15, no. 21 (November 7, 2022): 8304. http://dx.doi.org/10.3390/en15218304.
Full textAbstract:
Several advanced features exist in fifth-generation (5G) correspondence than in fourth-generation (4G) correspondence. Centric cloud-computing architecture achieves resource sharing and effectively handles big data explosion. For data security problems, researchers had developed many methods to protect data against cyber-attacks. Only a few solutions are based on blockchain (BC), but are affected by expensive storage costs, network latency, confidence, and capacity. Things are represented in digital form in the virtual cyberspace which is the major responsibility of the communication model based on cybertwin. A novel cybertwin-based UAV 6G network architecture is proposed with new concepts such as cloud operators and cybertwin in UAV. Here, IoE applications have to be energy aware and provide scalability with less latency. A novel Compute first networking (CFN) framework named secure blockchain-based UAV communication (BC-UAV) is designed which offers network services such as computing, caching, and communication resources. The focus of the blockchain was to improve the security in the cloud using hashing technique. Edge clouds support core clouds to quickly respond to user requests.
26
Kumbhar, Ajay, Madhav Godale, Payal Jagtap, Amruta Misal, and Mr Abhijeet Cholke. "Instant and Secure Messaging Platform Based on Blockchain." International Journal for Research in Applied Science and Engineering Technology 10, no. 12 (December 31, 2022): 1515–18. http://dx.doi.org/10.22214/ijraset.2022.48222.
Full textAbstract:
Abstract: In recent years, texting and messaging have become more prevalent than face-to-face communication, and users are becoming increasingly aware of data privacy issues associated with them. Therefore, a secure and simple way to connect is crucial for individuals and organizations with different identities and goals. The most popular organization messaging applicationsare moving towards end-to-end encryption (E2EE) as a means of ensuring the privacy and security of their users. As a result of theimplementation of the messaging distributed application, several benefits will be brought to society and the way information or different services are handled. The main objective is to develop the chatting platform to increase the privacy of messages. Consequently, both organizations and individuals express deep concern regarding the security of data and privacy when using instant messaging applications. This research seeks to enhance the security channels in chat platforms by using a new technology such as blockchain. Blockchain is a technology that operates on a decentralised basis. By overcoming the disadvantages oftraditional messaging applications, we can ensure official data’s confidentiality, integrity and availability, as well as advancedauditing capabilities.
27
Ozturk, Metin, Mona Jaber, and Muhammad A. Imran. "Energy-Aware Smart Connectivity for IoT Networks: Enabling Smart Ports." Wireless Communications and Mobile Computing 2018 (June 28, 2018): 1–11. http://dx.doi.org/10.1155/2018/5379326.
Full textAbstract:
The Internet of Things (IoT) is spreading much faster than the speed at which the supporting technology is maturing. Today, there are tens of wireless technologies competing for IoT and a myriad of IoT devices with disparate capabilities and constraints. Moreover, each of many verticals employing IoT networks dictates distinctive and differential network qualities. In this work, we present a context-aware framework that jointly optimises the connectivity and computational speed of the IoT network to deliver the qualities required by each vertical. Based on a smart port application, we identify energy efficiency, security, and response time as essential quality features and consider a wireless realisation of IoT connectivity using short range and long-range technologies. We propose a reinforcement learning technique and demonstrate significant reduction in energy consumption while meeting the quality requirements of all related applications.
28
Xiao, Shiyu, Yuhang Ye, Nadia Kanwal, Thomas Newe, and Brian Lee. "SoK: Context and Risk Aware Access Control for Zero Trust Systems." Security and Communication Networks 2022 (June 30, 2022): 1–20. http://dx.doi.org/10.1155/2022/7026779.
Full textAbstract:
Evolving computing technologies such as cloud, edge computing, and the Internet of Things (IoT) are creating a more complex, dispersed, and dynamic enterprise operational environment. New security enterprise architectures such as those based on the concept of Zero Trust (ZT) are emerging to meet the challenges posed by these changes. ZT systems treat internal and external networks as untrusted and subject both to the same security checking and control to prevent data breaches and limit internal lateral movement. Context awareness is a notion from the field of ubiquitous computing that is used to capture and react to the situation of an entity, based on the dynamics of a particular application or system context. The idea has been incorporated into several access control models. However, the overlap between context-aware access control and zero-trust security has not been fully explored. In this SoK, we conduct a systematic examination of ZT, context awareness, and risk-based access control to explore the critical elements of each and to identify areas of overlap and synergy to enhance the operation and deployment of ZT systems.
29
Nagarjuna Reddy, Tella, and K. Annapurani Panaiyappan. "Intrusion Detection on Software Defined Networking." International Journal of Engineering & Technology 7, no. 3.12 (July 20, 2018): 330. http://dx.doi.org/10.14419/ijet.v7i3.12.16052.
Full textAbstract:
Software Defined Networking and programmability on network have established themselves as current trends in IT by bringing autonomous operation with dynamic flow to network. Networks must be programmable, and it must be aware of the application in order to operate autonomously. Networks need to evolve to catch up with the current trends without losing their current status and operation, reliability, robustness, or security, and without distorting current investments. SDN is a transpiring network architecture where network control plane is distinguished from data plane and by that the network is directly programmable. This control, was initially bound in every network devices, enabled in the network to be abstracted for applications and services. Security is a major challenge for organizational and campus networks. The future of Internet depends on virtualization which is to provide numerous networks hosted the same physical hardware. This proposal takes a great advantage of the programmability provided by SDN to utilize Intrusion Detection System.
30
Liu, Muhua, and Ping Zhang. "An Adaptively Secure Functional Encryption for Randomized Functions." Computer Journal 63, no. 8 (August 2020): 1247–58. http://dx.doi.org/10.1093/comjnl/bxz154.
Full textAbstract:
Abstract Functional encryption (FE) can provide a fine-grained access control on the encrypted message. Therefore, it has been applied widely in security business. The previous works about functional encryptions most focused on the deterministic functions. The randomized algorithm has wide application, such as securely encryption algorithms against chosen ciphertext attack, privacy-aware auditing. Based on this, FE for randomized functions was proposed. The existing constructions are provided in a weaker selective security model, where the adversary is forced to output the challenge message before the start of experiment. This security is not enough in some scenes. In this work, we present a novel construction for FE, which supports the randomized functionalities. We use the technology of key encapsulated mechanism to achieve adaptive security under the simulated environment, where the adversary is allowed to adaptively choose the challenge message at any point in time. Our construction is built based on indistinguishability obfuscation, non-interactive witness indistinguishable proofs and perfectly binding commitment scheme.
31
Shahid, Arsalan, Thien-An Ngoc Nguyen, and M.-Tahar Kechadi. "Big Data Warehouse for Healthcare-Sensitive Data Applications." Sensors 21, no. 7 (March 28, 2021): 2353. http://dx.doi.org/10.3390/s21072353.
Full textAbstract:
Obesity is a major public health problem worldwide, and the prevalence of childhood obesity is of particular concern. Effective interventions for preventing and treating childhood obesity aim to change behaviour and exposure at the individual, community, and societal levels. However, monitoring and evaluating such changes is very challenging. The EU Horizon 2020 project “Big Data against Childhood Obesity (BigO)” aims at gathering large-scale data from a large number of children using different sensor technologies to create comprehensive obesity prevalence models for data-driven predictions about specific policies on a community. It further provides real-time monitoring of the population responses, supported by meaningful real-time data analysis and visualisations. Since BigO involves monitoring and storing of personal data related to the behaviours of a potentially vulnerable population, the data representation, security, and access control are crucial. In this paper, we briefly present the BigO system architecture and focus on the necessary components of the system that deals with data access control, storage, anonymisation, and the corresponding interfaces with the rest of the system. We propose a three-layered data warehouse architecture: The back-end layer consists of a database management system for data collection, de-identification, and anonymisation of the original datasets. The role-based permissions and secured views are implemented in the access control layer. Lastly, the controller layer regulates the data access protocols for any data access and data analysis. We further present the data representation methods and the storage models considering the privacy and security mechanisms. The data privacy and security plans are devised based on the types of collected personal, the types of users, data storage, data transmission, and data analysis. We discuss in detail the challenges of privacy protection in this large distributed data-driven application and implement novel privacy-aware data analysis protocols to ensure that the proposed models guarantee the privacy and security of datasets. Finally, we present the BigO system architecture and its implementation that integrates privacy-aware protocols.
32
Mashat, Arwa, and Aliaa M. Alabdali. "QoS-Aware Smart Phone-Based User Tracking Application to Prevent Outbreak of COVID-19 in Saudi Arabia." Computational Intelligence and Neuroscience 2022 (April 11, 2022): 1–12. http://dx.doi.org/10.1155/2022/2273910.
Full textAbstract:
Diverse variants of COVID-19 are repeatedly making everyday living unstable. In reality, the conclusive retort of this highly contagious virus still is in incognito mode. The health experts’ primary guideline on the possible prevention of this disease outbreak, including a list of restrictions and confinements, is insufficient in case of any public congregation. As a result, the demand for precise and upgraded real-time COVID-19 tracking and prevention-based applications increases. However, most of the existing android-based applications face a lack of data security and reliability that cannot satisfy the additional quality of service (QoS) requirements. This paper proposes an easy-to-operate android-based multifunctional application to track individuals’ health situations, allow uploading scanning report by the authorized organization like universities, mosques, school, and hospitals and helps the users to maintain guidelines via manageable steps. This article offers a three-layered QoS aware service-oriented task scheduling model upon multitasking android-based frontend focusing the cognitive-based AI applications in healthcare with a continual learning paradigm. Designed model is competent to optimize heterogeneous service scheduling and can minimize data delivery time, as well as the resource cost.
33
Thompson, Aderonke F., Oghenerukevwe E. Oyinloye, Matthew T. David, and Boniface K. Alese. "A Secured System for Internet Enabled Host Devices." Network and Communication Technologies 5, no. 1 (February 6, 2020): 26. http://dx.doi.org/10.5539/nct.v5n1p26.
Full textAbstract:
In the world of wireless communication, heterogeneous network topologies such as Wi-Fi and Long-Term Evolution (LTE) the topologies authentication service delivery forms a major challenge with access control; which is sought to be addressed. In this paper, we propose a security model by adapting Capability-based Context Aware Access Control (CCAAC) model for internet-enabled devices for defense against hacking or unauthorized access. The steps applied during the programming of this web application was followed through using the Elliptic-Curve Diffie–Hellman (ECCDH) algorithm so that the initiation of a random prime number between a range, the encryption and exchange of the devices public keys to the decryption are interpreted the right way to the machine making use of it. The results established a security model that has a good chance of being effective against present cyber-attacks other security loopholes.
34
Fan, Long, He Huang, and Wei Kang. "Design and Implementation of Role and Group Based Access Control with Context in Document Access Control System." Applied Mechanics and Materials 427-429 (September 2013): 2795–99. http://dx.doi.org/10.4028/www.scientific.net/amm.427-429.2795.
Full textAbstract:
In traditional role-based access control (Role Based Access Control, RBAC), proposed the role and user-groups based on access control with context-aware (Role and Group Based Access Control with Context, RGBACC) model. RGBACC can do unified functional management to users, and can dynamically change the user's permission by the information from application environment in the context of access and security-related .This article RGBACC model applied to the actual document access control system, and the system design and implementation of a detailed description.
35
Jara, Antonio J., David Fernandez, Pablo Lopez, Miguel A. Zamora, and Antonio F. Skarmeta. "Lightweight MIPv6 with IPSec Support." Mobile Information Systems 10, no. 1 (2014): 37–77. http://dx.doi.org/10.1155/2014/563274.
Full textAbstract:
Mobility management is a desired feature for the emerging Internet of Things (IoT). Mobility aware solutions increase the connectivity and enhance adaptability to changes of the location and infrastructure. IoT is enabling a new generation of dynamic ecosystems in environments such as smart cities and hospitals. Dynamic ecosystems require ubiquitous access to Internet, seamless handover, flexible roaming policies, and an interoperable mobility protocol with existing Internet infrastructure. These features are challenges for IoT devices, which are usually constrained devices with low memory, processing, communication and energy capabilities. This work presents an analysis of the requirements and desirable features for the mobility support in the IoT, and proposes an efficient solution for constrained environments based on Mobile IPv6 and IPSec. Compatibility with IPv6-existing protocols has been considered a major requirement in order to offer scalable and inter-domain solutions that were not limited to specific application domains in order to enable a new generation of application and services over Internet-enabled dynamic ecosystems, and security support based on IPSec has been also considered, since dynamic ecosystems present several challenges in terms of security and privacy. This work has, on the one hand, analysed suitability of Mobile IPv6 and IPSec for constrained devices, and on the other hand, analysed, designed, developed and evaluated a lightweight version of Mobile IPv6 and IPSec. The proposed solution of lightweight Mobile IPv6 with IPSec is aware of the requirements of the IoT and presents the best solution for dynamic ecosystems in terms of efficiency and security adapted to IoT-devices capabilities. This presents concerns in terms of higher overhead and memory requirements. But, it is proofed and concluded that even when higher memory is required and major overhead is presented, the integration of Mobile IPv6 and IPSec for constrained devices is feasible.
36
Qin, Qin, Yong-qiang He, and Li-ming Nie. "Cooperative Cloud Service Aware Mobile Internet Coverage Connectivity Guarantee Protocol Based on Sensor Opportunistic Coverage Mechanism." Journal of Electrical and Computer Engineering 2015 (2015): 1–8. http://dx.doi.org/10.1155/2015/128691.
Full textAbstract:
In order to improve the Internet coverage ratio and provide connectivity guarantee, based on sensor opportunistic coverage mechanism and cooperative cloud service, we proposed the coverage connectivity guarantee protocol for mobile Internet. In this scheme, based on the opportunistic covering rules, the network coverage algorithm of high reliability and real-time security was achieved by using the opportunity of sensor nodes and the Internet mobile node. Then, the cloud service business support platform is created based on the Internet application service management capabilities and wireless sensor network communication service capabilities, which is the architecture of the cloud support layer. The cooperative cloud service aware model was proposed. Finally, we proposed the mobile Internet coverage connectivity guarantee protocol. The results of experiments demonstrate that the proposed algorithm has excellent performance, in terms of the security of the Internet and the stability, as well as coverage connectivity ability.
37
Moura, Pedro, Paulo Fazendeiro, Pedro R. M. Inácio, Pedro Vieira-Marques, and Ana Ferreira. "Assessing Access Control Risk for mHealth: A Delphi Study to Categorize Security of Health Data and Provide Risk Assessment for Mobile Apps." Journal of Healthcare Engineering 2020 (January 17, 2020): 1–14. http://dx.doi.org/10.1155/2020/5601068.
Full textAbstract:
Background. Smartphones can tackle healthcare stakeholders’ diverse needs. Nonetheless, the risk of data disclosure/breach can be higher when using such devices, due to the lack of adequate security and the fact that a medical record has a significant higher financial value when compared with other records. Means to assess those risks are required for every mHealth application interaction, dependent and independent of its goals/content. Objective. To present a risk assessment feature integration into the SoTRAACE (Socio-Technical Risk-Adaptable Access Control) model, as well as the operationalization of the related mobile health decision policies. Methods. Since there is still a lack of a definition for health data security categorization, a Delphi study with security experts was performed for this purpose, to reflect the knowledge of security experts and to be closer to real-life situations and their associated risks. Results. The Delphi study allowed a consensus to be reached on eleven risk factors of information security related to mobile applications that can easily be adapted into the described SoTRAACE prototype. Within those risk factors, the most significant five, as assessed by the experts, and in descending order of risk level, are as follows: (1) security in the communication (e.g., used security protocols), (2) behavioural differences (e.g., different or outlier patterns of behaviour detected for a user), (3) type of wireless connection and respective encryption, (4) resource sensitivity, and (5) device threat level (e.g., known vulnerabilities associated to a device or its operating system). Conclusions. Building adaptable, risk-aware resilient access control models into the most generalized technology used nowadays (e.g., smartphones) is crucial to fulfil both the goals of users as well as security and privacy requirements for healthcare data.
38
He, Yuanhang, Daochao Huang, Lei Chen, Yi Ni, and Xiangjie Ma. "A Survey on Zero Trust Architecture: Challenges and Future Trends." Wireless Communications and Mobile Computing 2022 (June 15, 2022): 1–13. http://dx.doi.org/10.1155/2022/6476274.
Full textAbstract:
The traditional perimeter-based network protection model cannot adapt to the development of current technology. Zero trust is a new type of network security model, which is based on the concept of never trust and always verify. Whether the access subject is in the internal network or the external network, it needs to be authenticated to access resources. The zero trust model has received extensive attention in research and practice because it can meet the new network security requirements. However, the application of zero trust is still in its infancy, and enterprises, organizations, and individuals are not fully aware of the advantages and disadvantages of zero trust, which greatly hinders the application of zero trust. This paper introduces the existing zero trust architecture and analyzes the core technologies including identity authentication, access control, and trust assessment, which are mainly relied on in the zero trust architecture. The main solutions under each technology are compared and analyzed to summarize the advantages and disadvantages, as well as the current challenges and future research trends. Our goal is to provide support for the research and application of future zero trust architectures.
39
Bhardwaj, Akashdeep, and Sam Goundar. "Unique Taxonomy for Evaluating Fog Computing Services." International Journal of E-Business Research 14, no. 4 (October 2018): 78–90. http://dx.doi.org/10.4018/ijebr.2018100105.
Full textAbstract:
Cloud computing has slowly but surely become the foremost service provider for information technology applications and platform delivery. However, Cloud issues continue to exist, like cyberattacks, slow last mile latency, and clouds lack client-centric and location-aware applications to process real time data for efficient and customized application delivery. As an alternative, Fog Computing has the potential to resolve these issues by extending the Cloud service provider's reach to the edge of the Cloud network model, right up to the Cloud service consumer. This enables a whole new state of applications and services which increases the security, enhances the cloud experience and keeps the data close to the user. This research article presents a review on the academic literature research work on Fog Computing, introduces a novel taxonomy to classify cloud products based on Fog computing elements and then determine the best fit Fog Computing product to choose for the Cloud service consumer.
40
M., Duraipandian, and Vinothkanna R. "MACHINE LEARNING BASED AUTOMATIC PERMISSION GRANTING AND MALWARE IDENTIFICATION." December 2019 01, no. 02 (December 23, 2019): 96–107. http://dx.doi.org/10.36548/jitdw.2019.2.005.
Full textAbstract:
The mobile device have gained an imperative predominance in the daily routine of our lives, by keeping us connected to the real world seamlessly. Most of the mobile devices are built on android whose security mechanism is totally permission based controlling the applications from accessing the core details of the devices and the users. Even after understanding the permission system often the mobile user are ignorant about the common threat, due to the applications popularity and proceed with the installation process not aware of the targets of the application developer. The aim of the paper is to devise malware detection with the automatic permission granting employing the machine learning techniques. The different machine learning methods are engaged in the malware detection and analyzed. The results are observed to note down the approaches that aids better in enhancing the user awareness and reducing the malware threats, by detecting the malwares of the applications.
41
Lohitha, N. Sai, and M. Pounambal. "A Novel Hybrid Spotted Hyena-Swarm Optimization (HS-FFO) Framework for Effective Feature Selection in IOT Based Cloud Security Data." International Journal on Recent and Innovation Trends in Computing and Communication 10, no. 1s (December 14, 2022): 290–302. http://dx.doi.org/10.17762/ijritcc.v10i1s.5851.
Full textAbstract:
Internet of Things (IoT) has gained its major insight in terms of its deployment and applications. Since IoT exhibits more heterogeneous characteristics in transmitting the real time application data, these data are vulnerable to many security threats. To safeguard the data, machine and deep learning based security systems has been proposed. But this system suffers the computational burden that impedes threat detection capability. Hence the feature selection plays an important role in designing the complexity aware IoT systems to defend the security attacks in the system. This paper propose the novel ensemble of spotted hyena with firefly algorithm to choose the best features and minimise the redundant data features that can boost the detection system's computational effectiveness. Firstly, an effective firefly optimized feature correlation method is developed. Then, in order to enhance the exploration and search path, operators of fireflies are combined with Spotted Hyena to assist the swarms in leaving the regionally best solutions. The experimentation has been carried out using the different IoT cloud security datasets such as NSL-KDD-99 , UNSW and CIDCC -001 datasets and contrasted with ten cutting-edge feature extraction techniques, like PSO (particle swarm optimization), BAT, Firefly, ACO(Ant Colony Optimization), Improved PSO, CAT, RAT, Spotted Hyena, SHO and BOC(Bee-Colony Optimization) algorithms. Results demonstrates the proposed hybrid model has achieved the better feature selection mechanism with less convergence time and aids better for intelligent threat detection system with the high performance of detection.
42
B D, Deebak, Fadi Al-Turjman, and Leonardo Mostarda. "A Hash-Based RFID Authentication Mechanism for Context-Aware Management in IoT-Based Multimedia Systems." Sensors 19, no. 18 (September 4, 2019): 3821. http://dx.doi.org/10.3390/s19183821.
Full textAbstract:
With the technological advances in the areas of Machine-To-Machine (M2M) and Device-To-Device (D2D) communication, various smart computing devices now integrate a set of multimedia sensors such as accelerometers, barometers, cameras, fingerprint sensors, gestures, iris scanners, etc., to infer the environmental status. These devices are generally identified using radio-frequency identification (RFID) to transfer the collected data to other local or remote objects over a geographical location. To enable automatic data collection and transition, a valid RFID embedded object is highly recommended. It is used to authorize the devices at various communication phases. In smart application devices, RFID-based authentication is enabled to provide short-range operation. On the other hand, it does not require the communication device to be in line-of-sight to gain server access like bar-code systems. However, in existing authentication schemes, an adversary may capture private user data to create a forgery problem. Also, another issue is the high computation cost. Thus, several studies have addressed the usage of context-aware authentication schemes for multimedia device management systems. The security objective is to determine the user authenticity in order to withhold the eavesdropping and tracing. Lately, RFID has played a significant for the context-aware sensor management systems (CASMS) as it can reduce the complexity of the sensor systems, it can be available in access control, sensor monitoring, real time inventory and security-aware management systems. Lately, this technology has opened up its wings for CASMS, where the challenging issues are tag-anonymity, mutual authentication and untraceability. Thus, this paper proposes a secure hash-based RFID mechanism for CASMS. This proposed protocol is based on the hash operation with the synchronized secret session-key to withstand any attacks, such as desynchronization, replay and man-in-the-middle. Importantly, the security and performance analysis proves that the proposed hash-based protocol achieves better security and performance efficiencies than other related schemes. From the simulation results, it is observed that the proposed scheme is secure, robust and less expensive while achieving better communication metrics such as packet delivery ratio, end-to-end delay and throughput rate.
43
Li, Wei, Yuan Jiang, Xiaoliang Zhang, Fangfang Dang, Feng Gao, Haomin Wang, and Qi Fan. "Reliability Assurance Dynamic SSC Placement Using Reinforcement Learning." Information 13, no. 2 (January 21, 2022): 53. http://dx.doi.org/10.3390/info13020053.
Full textAbstract:
Software-defined networking (SDN) and network function virtualization (NFV) make a network programmable, resulting in a more flexible and agile network. An important and promising application for these two technologies is network security, where they can dynamically chain virtual security functions (VSFs), such as firewalls, intrusion detection systems, and intrusion prevention systems, and thus inspect, monitor, or filter traffic flows in cloud data center networks. In view of the strict delay constraints of security services and the high failure probability of VSFs, we propose the use of a security service chain (SSC) orchestration algorithm that is latency aware with reliability assurance (LARA). This algorithm includes an SSC orchestration module and VSF backup module. We first use a reinforcement learning (RL) based Q-learning algorithm to achieve efficient SSC orchestration and try to reduce the end-to-end delay of services. Then, we measure the importance of the physical nodes carrying the VSF instance and backup VSF according to the node importance of VSF. Extensive simulation results indicate that the LARA algorithm is more effective in reducing delay and ensuring reliability compared with other algorithms.
44
Deng, Libing, Guoqi Xie, Hong Liu, Yunbo Han, Renfa Li, and Keqin Li. "A Survey of Real-Time Ethernet Modeling and Design Methodologies: From AVB to TSN." ACM Computing Surveys 55, no. 2 (March 31, 2023): 1–36. http://dx.doi.org/10.1145/3487330.
Full textAbstract:
With the development of real-time critical systems, the ever-increasing communication data traffic puts forward high-bandwidth and low-delay requirements for communication networks. Therefore, various real-time Ethernet protocols have been proposed, but these protocols are not compatible with each other. The IEEE 802.1 Working Group developed standardized protocols named Audio Video Bridging (AVB) in 2005, and renamed it Time-Sensitive Networking (TSN) later. TSN not only adds new features but also retains the original functions of AVB. Proposing real-time Ethernet modeling and design methodologies is the key to meeting high-bandwidth and low-delay communication requirements. This article surveys the modeling from AVB to TSN, mainly including: (1) AVB and TSN modeling; (2) end-to-end delay modeling; (3) real-time scheduling modeling; (4) reliability modeling; and (5) security modeling. Based on these models, this article surveys the recent advances in real-time Ethernet design methodologies from AVB to TSN: (1) end-to-end delay analysis from AVB to TSN; (2) real-time scheduling from AVB to TSN; (3) reliability-aware design for TSN; and (4) security-aware design for TSN. Among the above four points, the last two points are only for TSN, because AVB lacks reliability and security mechanisms. This article further takes the automotive use case as an example to discuss the application of TSN in automobiles. Finally, this article discusses the future trends of TSN. By surveying the recent advances and future trends, we hope to provide references for researchers interested in real-time Ethernet modeling and design methodologies for AVB and TSN.
45
Boutekkouk, Fateh. "Application of a Fuzzy MCDM Method to Select the Best Operating System for an Efficient Security-Aware Design of Embedded Systems." International Journal of Applied Evolutionary Computation 12, no. 3 (July 2021): 1–20. http://dx.doi.org/10.4018/ijaec.2021070101.
Full textAbstract:
In this work, the authors present their solution to select the best operating system for an efficient security-aware design of embedded systems. This problem is formulated as a MCDM problem and solved using a hybrid approach combining fuzzy AHP and fuzzy VIKOR. This combination enables the authors to take profit of both methods. From AHP, they exploited the hierarchy and the pairwise comparison between criteria that leads to finding the importance (weight) of each criteria more consistently. On the other hand, from the VIKOR method, they leverage its power to compromise between conflictual criteria. Since they are dealing with unprecise and subjective advises, they opt for the fuzzy versions of the AHP and VIKOR methods dealing with triangular fuzzy numbers. They used fuzzy AHP to calculate weights of criteria which are served later as inputs for the fuzzy VIKOR method. The outcome of this work is to assist embedded designers to select the most appropriate embedded OS for efficient design of secure embedded systems.
46
Kamarudin, Nur Khairani, Nur Syafiqa Bismi, Nurul Hidayah Ahmad Zukri, Mohd Faris Mohd Fuzi, and Rashidah Ramle. "Network Security Performance Analysis of Mobile Voice Over Ip Application (mVoIP): Kakao Talk, WhatsApp, Telegram and Facebook Messenger." Journal of Computing Research and Innovation 5, no. 2 (October 12, 2020): 21–27. http://dx.doi.org/10.24191/jcrinn.v5i2.136.
Full textAbstract:
VoIP application usage has increased from time to time and makes our daily life more convenient. VoIP application has features to make a phone call, send a text message and share the file through the apps for free. However, most of the users did not seem aware of VoIP security features such as authentication ability, password encryption ability, or voice or audio and text communication encryption ability. It is essential to ensure the VoIP used is secure from password decrypter and eavesdrops the user conversation. Thus, the first objective of this research was to study and investigate VoIP application consist of Kakao Talk, Telegram, Facebook Messenger and WhatsApp for both Android and web application. The second objective was to evaluate the four VoIP application identified based on authentication requirement, password encryption, voice or audio encryption communication, and text encryption communication. There were two mobile phones used. One acts as a client and a personal computer act as an attacker. Wireshark and packet capture were run in personal computer and mobile phone to monitoring and scanning the network traffic while both devices connected in the same WLAN. The experiment implements MITM, interception, and sniffing attacks. This research project has identified Facebook Messenger and WhatsApp web application do not provide secure password ability.
47
Chaganti, Rajasekhar, Vijayakumar Varadarajan, Venkata Subbarao Gorantla, Thippa Reddy Gadekallu, and Vinayakumar Ravi. "Blockchain-Based Cloud-Enabled Security Monitoring Using Internet of Things in Smart Agriculture." Future Internet 14, no. 9 (August 24, 2022): 250. http://dx.doi.org/10.3390/fi14090250.
Full textAbstract:
The Internet of Things (IoT) has rapidly progressed in recent years and immensely influenced many industries in how they operate. Consequently, IoT technology has improved productivity in many sectors, and smart farming has also hugely benefited from the IoT. Smart farming enables precision agriculture, high crop yield, and the efficient utilization of natural resources to sustain for a longer time. Smart farming includes sensing capabilities, communication technologies to transmit the collected data from the sensors, and data analytics to extract meaningful information from the collected data. These modules will enable farmers to make intelligent decisions and gain profits. However, incorporating new technologies includes inheriting security and privacy consequences if they are not implemented in a secure manner, and smart farming is not an exception. Therefore, security monitoring is an essential component to be implemented for smart farming. In this paper, we propose a cloud-enabled smart-farm security monitoring framework to monitor device status and sensor anomalies effectively and mitigate security attacks using behavioral patterns. Additionally, a blockchain-based smart-contract application was implemented to securely store security-anomaly information and proactively mitigate similar attacks targeting other farms in the community. We implemented the security-monitoring-framework prototype for smart farms using Arduino Sensor Kit, ESP32, AWS cloud, and the smart contract on the Ethereum Rinkeby Test Network and evaluated network latency to monitor and respond to security events. The performance evaluation of the proposed framework showed that our solution could detect security anomalies within real-time processing time and update the other farm nodes to be aware of the situation.
48
Murry, Jeanette. "Job Applications Using the Internet." Australian Journal of Career Development 6, no. 3 (October 1997): 22–24. http://dx.doi.org/10.1177/103841629700600308.
Full textAbstract:
Many Australian-based companies are currently providing company information on-line. Now some companies are introducing the option of on-line job applications. The Internet will also play a key role in the delivery of employment services when the Department of Education, Training and Youth Affairs launches new labour market reforms in 1998. What is the difference between a keyword, an online, an HTML and a scannable résumé? What about security issues? This article examines what careers professionals need to know in order to advise their clients about this type of job application. Using the Internet for job applications speeds up the process of applying for a job. Job seekers can obtain an application form, company information, fill out the form and submit it in a much shorter period of time than using other communication methods. The production of stunning looking resumes is no advantage for e-mail, scannable or on-line applications. With these types of resume, uniform presentation is essential and the content of the resume is the primary feature, with keywords of paramount importance. Conversely, for HTML resumes presentation is crucial and those who can turn their resume into an interesting multimedia presentation will have an advantage over other applicants. Jandt and Nemnich (1995) and Riley (1996) are resources that careers professionals may find useful. The main requirement for careers professionals is to develop a good knowledge of the jargon, which will enable advisers to provide helpful assistance to their clients. Understanding how the various kinds of resumes differ from each other is also necessary to giving sound advice. Finally, clients need to be made aware of the security and privacy issues that may arise when making electronic job applications.
49
Novianto, Fanny. "EVALUATION OF E-GOVERNMENT INFORMATION SECURITY USING THE DEFENSE IN DEPTH MODEL." Cyber Security dan Forensik Digital 3, no. 1 (July 23, 2020): 14–19. http://dx.doi.org/10.14421/csecurity.2020.3.1.1962.
Full textAbstract:
The rapid progress of Information and Communication Technology (ICT) makes it easier for people to communicate and get information. Information of strategic value needs to be safeguarded and stakeholders must be aware of all potential vulnerabilities in information and communication system transactions. There are several aspects that must be met in building information security in e-government. The first aspect that must be met is confidentially and privacy. The Ministry of Law and Human Rights of the Republic of Indonesia is currently implementing e-government in internal business processes and public services. One of them is the use of the Correctional Database System (SDP). Data and information in SDP are confidential because one of them contains data and information on criminal offenders in Indonesia. With the use of information technology and the more information presented by the government as part of public services the greater the vulnerability to the security and confidentiality of the information system itself. The research method used is a qualitative method with a case study approach with the application of the defense in depth model to analyze information security involving several layers of security to keep information safe. Descriptive analysis results explain that the design and development of SDPs pay attention to the basic principles of information security, namely confidentiality, integrity and availability of data. But there are vulnerabilities in information security loopholes that are very likely to occur at the layer of host defense, network defense, and physical defense.
50
Kayes, A. S. M., Rudri Kalaria, Iqbal H. Sarker, Md Saiful Islam, Paul A. Watters, Alex Ng, Mohammad Hammoudeh, Shahriar Badsha, and Indika Kumara. "A Survey of Context-Aware Access Control Mechanisms for Cloud and Fog Networks: Taxonomy and Open Research Issues." Sensors 20, no. 9 (April 27, 2020): 2464. http://dx.doi.org/10.3390/s20092464.
Full textAbstract:
Over the last few decades, the proliferation of the Internet of Things (IoT) has produced an overwhelming flow of data and services, which has shifted the access control paradigm from a fixed desktop environment to dynamic cloud environments. Fog computing is associated with a new access control paradigm to reduce the overhead costs by moving the execution of application logic from the centre of the cloud data sources to the periphery of the IoT-oriented sensor networks. Indeed, accessing information and data resources from a variety of IoT sources has been plagued with inherent problems such as data heterogeneity, privacy, security and computational overheads. This paper presents an extensive survey of security, privacy and access control research, while highlighting several specific concerns in a wide range of contextual conditions (e.g., spatial, temporal and environmental contexts) which are gaining a lot of momentum in the area of industrial sensor and cloud networks. We present different taxonomies, such as contextual conditions and authorization models, based on the key issues in this area and discuss the existing context-sensitive access control approaches to tackle the aforementioned issues. With the aim of reducing administrative and computational overheads in the IoT sensor networks, we propose a new generation of Fog-Based Context-Aware Access Control (FB-CAAC) framework, combining the benefits of the cloud, IoT and context-aware computing; and ensuring proper access control and security at the edge of the end-devices. Our goal is not only to control context-sensitive access to data resources in the cloud, but also to move the execution of an application logic from the cloud-level to an intermediary-level where necessary, through adding computational nodes at the edge of the IoT sensor network. A discussion of some open research issues pertaining to context-sensitive access control to data resources is provided, including several real-world case studies. We conclude the paper with an in-depth analysis of the research challenges that have not been adequately addressed in the literature and highlight directions for future work that has not been well aligned with currently available research.