Relevant bibliographies by topics / Security control framework / Journal articles
To see the other types of publications on this topic, follow the link: Security control framework.

Journal articles on the topic 'Security control framework'

Author: Grafiati
Published: 29 June 2021
Last updated: 1 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Security control framework.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Wang, Yu Fei, Tao Zhang, Yuan Yuan Ma, and Bo Zhang. "An Information Security Assessments Framework for Power Control Systems." Advanced Materials Research 805-806 (September 2013): 980–84. http://dx.doi.org/10.4028/www.scientific.net/amr.805-806.980.

Full text
Abstract:
Information and cyber security of Industrial Control Systems (ICS) faces severe challenges and has gained considerable importance. Information security assessment is an essential component of information security assurance infrastructure mechanisms. First, a hierarchical model of smart grid was abstracted. Based on the proposed model and the information security risks and information security protection demands of power control systems, an information security assessments framework for power control systems was proposed in dimensions of system layers and life cycle to guide the security assessment contents of power control systems. Finally, a test bed function design for power control system security assessment was proposed. The power control system security test bed may include four parts, such as power control system security assessment management platform, power control system simulation environment, security assessment tools, and security policy. The proposed security assessment framework and test bed functional design can be used to guide the electric power utilities in their power control system information security efforts.
APA, Harvard, Vancouver, ISO, and other styles
2

Al Ketbi, Maitha, Khaled Shuaib, Ezedin Barka, and Marton Gergely. "Establishing a Security Control Framework for Blockchain Technology." Interdisciplinary Journal of Information, Knowledge, and Management 16 (2021): 307–30. http://dx.doi.org/10.28945/4837.

Full text
Abstract:
Aim/Purpose: The aim of this paper is to propose a new information security controls framework for blockchain technology, which is currently absent from the National and International Information Security Standards. Background: Blockchain technology is a secure and relatively new technology of distributed digital ledgers, which is based on inter-linked blocks of transactions, providing great benefits such as decentralization, transparency, immutability, and automation. There is a rapid growth in the adoption of blockchain technology in different solutions and applications and within different industries throughout the world, such as finance, supply chain, digital identity, energy, healthcare, real estate, and the government sector. Methodology: Risk assessment and treatments were performed on five blockchain use cases to determine their associated risks with respect to security controls. Contribution: The significance of the proposed security controls is manifested in complementing the frameworks that were already established by the International and National Information Security Standards in order to keep pace with the emerging blockchain technology and prevent/reduce its associated information security risks. Findings: The analysis results showed that the proposed security controls herein can mitigate relevant information security risks in blockchain-based solutions and applications and, consequently, protect information and assets from unauthorized disclosure, modification, and destruction. Recommendations for Practitioners: The performed risk assessment on the blockchain use cases herein demonstrates that blockchain can involve security risks that require the establishment of certain measures in order to avoid them. As such, practitioners should not blindly assume that through the use of blockchain all security threats are mitigated. Recommendation for Researchers: The results from our study show that some security risks not covered by existing Standards can be mitigated and reduced when applying our proposed security controls. In addition, researchers should further justify the need for such additional controls and encourage the standardization bodies to incorporate them in their future editions. Impact on Society: Similar to any other emerging technology, blockchain has several drawbacks that, in turn, could have negative impacts on society (e.g., individuals, entities and/or countries). This is mainly due to the lack of a solid national and international standards for managing and mitigating risks associated with such technology. Future Research: The majority of the blockchain use cases in this study are publicly published papers. Therefore, one limitation of this study is the lack of technical details about these respective solutions, resulting in the inability to perform a comprehensive risk identification properly. Hence, this area will be expanded upon in our future work. In addition, covering other standardization bodies in the area of distributed ledger in blockchain technology would also prove fruitful, along with respective future design of relevant security architectures.
APA, Harvard, Vancouver, ISO, and other styles
3

Lu, Bo, Ruohan Cao, Luyao Tian, Hao Wang, and Yueming Lu. "FMNISCF: Fine-Grained Multi-Domain Network Interconnection Security Control Framework." Applied Sciences 10, no. 1 (January 6, 2020): 409. http://dx.doi.org/10.3390/app10010409.

Full text
Abstract:
The integrated air-ground multi-domain network provides users with a set of shared infrastructures. Security policies can be defined flexibly in the context of multi-domain network semantics. The packet filter module in the security gateway can run efficiently, which is an urgent requirement in this network environment. The framework combined with multi-domain network semantics implements the transformation into rules. It replaces the traditional manual method of configuring rules. The framework supports the whole life cycle management of rules from generation state and distribution state to execution state. In the aspect of security, the map security and semantic security are analyzed and optimized, respectively. Finally, through a series of experiments, compared with iptables/DPDK-IPFW/BSD-IPFW/BSD-pfsense, the high efficiency of the scheme is verified.
APA, Harvard, Vancouver, ISO, and other styles
4

Jamieson, Rodger, and Graham Low. "Local Area Network Operations: A Security, Control and Audit Perspective." Journal of Information Technology 5, no. 2 (June 1990): 63–72. http://dx.doi.org/10.1177/026839629000500202.

Full text
Abstract:
This paper provides a framework for the review of security and control within a local area network environment. Network operations are subdivided into several functional areas or components for further review. Each component or area is briefly explained and the security risks, issues and concerns highlighted. Controls and security measures are proposed as guidelines to counter these threats. An approach to the audit of each major area of network operations is proposed. This suggested framework provides guidance to information system security officers, auditors, communications and network administrators, consultants and information systems management for the review of local area network security during network operations.
APA, Harvard, Vancouver, ISO, and other styles
5

CHEN, TSUNG-YI. "A MULTIPLE-LAYER KNOWLEDGE MANAGEMENT SYSTEM FRAMEWORK CONSIDERING USER KNOWLEDGE PRIVILEGES." International Journal of Software Engineering and Knowledge Engineering 19, no. 03 (May 2009): 361–87. http://dx.doi.org/10.1142/s0218194009004192.

Full text
Abstract:
Success in a knowledge economy requires effectively using existing knowledge to create new knowledge. Security for knowledge sharing in enterprises is critical for protecting intellectual assets. This study develops the functional framework of a knowledge management system (KMS) with knowledge access control for effectively and securely sharing knowledge within an enterprise or across teams. The functional framework of the proposed KMS includes the following nine layers: user interface layer, knowledge access control and security layer, knowledge representation layer, knowledge process layer, conceptual knowledge layer, knowledge index layer, transport layer, middleware layer and physical knowledge layer. A method of conceptual knowledge representation in the knowledge representation layer is then proposed. Finally, an ontology-based knowledge access control model based on role-based access control (RBAC) model and the conceptual knowledge representation method is proposed for managing user knowledge privileges in a knowledge sharing enterprise. The proposed method can enhance (1) precision in describing knowledge and knowledge relationships, (2) ensure security of knowledge access and sharing within an enterprise and (3) accurately and rapidly identify user knowledge access privileges.
APA, Harvard, Vancouver, ISO, and other styles
6

Binghui, ZHENG, WANG Lijing, LI Hong, and LI Xiaobao. "Technical framework for ecological security control in lakes and reservoirs." Journal of Lake Sciences 26, no. 2 (2014): 169–76. http://dx.doi.org/10.18307/2014.0201.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

EL Yamany, Hany F., Miriam A. M. Capretz, and David S. Allison. "Intelligent security and access control framework for service-oriented architecture." Information and Software Technology 52, no. 2 (February 2010): 220–36. http://dx.doi.org/10.1016/j.infsof.2009.10.005.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Naoui, Sarra, Mohamed Elhoucine Elhdhili, and Leila Azouz Saidane. "Novel Enhanced LoRaWAN Framework for Smart Home Remote Control Security." Wireless Personal Communications 110, no. 4 (November 16, 2019): 2109–30. http://dx.doi.org/10.1007/s11277-019-06832-x.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Pavlich-Mariscal, Jaime A., Steven A. Demurjian, and Laurent D. Michel. "A framework for security assurance of access control enforcement code." Computers & Security 29, no. 7 (October 2010): 770–84. http://dx.doi.org/10.1016/j.cose.2010.03.004.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Hu, An Ming. "The Application Research of Lightweight J2EE Security Framework." Advanced Materials Research 989-994 (July 2014): 4342–45. http://dx.doi.org/10.4028/www.scientific.net/amr.989-994.4342.

Full text
Abstract:
Lightweight J2EE framework to actually use efficiency, has been widely used in all kinds of information system development,However ,Spring is open source framework, its security and access control has been problem of concern,How to construct safe and effective Web applications, is the development process of the important link must be thinking。Based on the Spring frame structure technology on the basis of summing up the access authorization control methods and strategies, highlights the Spring framework in the development process of the advantage technology.
APA, Harvard, Vancouver, ISO, and other styles
11

Lima, António, Luis Rosa, Tiago Cruz, and Paulo Simões. "A Security Monitoring Framework for Mobile Devices." Electronics 9, no. 8 (July 25, 2020): 1197. http://dx.doi.org/10.3390/electronics9081197.

Full text
Abstract:
Quite often, organizations are confronted with the burden of managing mobile device assets, requiring control over installed applications, security, usage profiles or customization options. From this perspective, the emergence of the Bring Your Own Device (BYOD) trend has aggravated the situation, making it difficult to achieve an adequate balance between corporate regulations, freedom of usage and device heterogeneity. Moreover, device and information protection on mobile ecosystems are quite different from securing other device assets such as laptops or desktops, due to their specific characteristics and limitations—quite often, the resource overhead associated with specific security mechanisms is more important for mobile devices than conventional computing platforms, as the former frequently have comparatively less computing capabilities and more strict power management policies. This paper presents an intrusion and anomaly detection framework specifically designed for managed mobile device ecosystems, that is able to integrate into mobile device and management frameworks for complementing conventional intrusion detection systems. In addition to presenting the reference architecture for the proposed framework, several implementation aspects are also analyzed, based on the lessons learned from developing a proof-of-concept prototype that was used for validation purposes.
APA, Harvard, Vancouver, ISO, and other styles
12

Nicho, Mathew, Hussein Fakhry, and Charles Haiber. "An Integrated Security Governance Framework for Effective PCI DSS Implementation." International Journal of Information Security and Privacy 5, no. 3 (July 2011): 50–67. http://dx.doi.org/10.4018/jisp.2011070104.

Full text
Abstract:
This paper analyses relevant IT governance and security frameworks/standards used in IT assurance and security to propose an integrated framework for ensuring effective PCI DSS implementation. Merchants dealing with credit cards have to comply with the Payment Card Industry Data Security Standards (PCI DSS) or face penalties for non-compliance. With more transactions based on credit cards, merchants are finding it costly and increasingly difficult to implement and interpret the PCI standard. One of the top reasons cited for merchants to fail PCI audit, and a leading factor in data theft, is the failure to adequately protect stored cardholder data. Although implementation of the PCI DSS is not a guarantee for perfect protection, effective implementation of the PCI standards can be ensured through the divergence of the PCI standard into wider information security governance to provide a comprehensive overview of information security based not only on security but also security audit and control. The contribution of this paper is the development of an integrated comprehensive security governance framework for ‘information security’ (rather than data protection) incorporating Control Objectives for Information and related Technology (COBIT), Information Technology Infrastructure Library (ITIL) and ISO 27002.
APA, Harvard, Vancouver, ISO, and other styles
13

H. Ali, Mohammed, and Nisreen K. Ali. "IoT based security system and intelligent home automation multi monitoring and control systems." IAES International Journal of Robotics and Automation (IJRA) 8, no. 3 (September 1, 2019): 205. http://dx.doi.org/10.11591/ijra.v8i3.pp205-210.

Full text
Abstract:
<p>This paper presents the execution of savvy Smart Home with frameworks and propelled advances. A Home Automation System uses the technology of IoT for the screening and controlling of the electrical and electronic appliances at home from any remote area by essentially utilizing <br /> a Smartphone. The key control framework utilizes a remote Bluetooth system and a remote IoT strategy that gives remote access to the advanced cells. The framework configuration does not expel the current electrical switches yet it gives a more secure control over it with the low voltage utilization method. This framework is intended to control electrical gadgets all through the house easily by introducing it, usability, savvy plan and actualize. There has been rising interest for a secure framework that must be tried, true and fast in reaction to the ventures and organization. Arduino makes the circuit and programming technology to design and operate wireless water monitoring system. The Water level in the tank is displayed on the Smartphone by the Water level app.</p>
APA, Harvard, Vancouver, ISO, and other styles
14

Patel, Subhash Chandra, Sumit Jaiswal, Ravi Shankar Singh, and Jyoti Chauhan. "Access Control Framework Using Multi-Factor Authentication in Cloud Computing." International Journal of Green Computing 9, no. 2 (July 2018): 1–15. http://dx.doi.org/10.4018/ijgc.2018070101.

Full text
Abstract:
The most challenging issues in cloud computing are access control and data security because users of the cloud outsource sensitive data and information to cloud provider servers, which are not within the same trusted domain as the data owner. Within cloud computing, various services and resources need protection from unauthorized use as a part of the security. Authentication is a key technology for information security. In recent years, a lot of research has been carried out throughout the world and several schemes have been proposed to improve authentication in the cloud. Remote authentication is the commonly used method to determine the identity of the remote client. In this article, the authors have proposed a systematic method for authenticating clients, namely by using a password, biometrics, and out-of-band-based access control mechanisms that are suitable for access control. The proposed system involves user ID/password, biometrics characteristics, and a mobile phone as a software token for one-time password generation.
APA, Harvard, Vancouver, ISO, and other styles
15

Wang, Chun Lei, Qing Miao, Lan Fang, and Yi Qi Dai. "A Novel Framework for Industrial Control System Malicious Code Analysis." Advanced Materials Research 765-767 (September 2013): 1936–42. http://dx.doi.org/10.4028/www.scientific.net/amr.765-767.1936.

Full text
Abstract:
industrial Control System (ICS) performs the tasks of supervisory control and data acquisition of critical infrastructures. With the widely application of computer and network techniques, ICS suffers serious security threats, and malicious codes are one of the most serious security problems. However, there is absent of analysis methods specific for ICS malicious code behaviors in current times. In this paper, a framework for ICS malicious code analysis is presented. Firstly, the ICS attack graph model is established based upon the hierarchical structure of industrial control system and the suffered security threats, which formalizes the attack process of ICS malicious code. Secondly, the runtime information of ICS malicious code is detected and collected for analyzing and assessing the attack behaviors and the resulted impacts. Finally, the ICS simulation environment for malicious code analysis is constructed based upon the framework and the experimental analysis of ICS malicious code is performed which preliminary validates the effectiveness of the proposed framework.
APA, Harvard, Vancouver, ISO, and other styles
16

Tung, Shu Chu, Wu Jeng Li, and Shih Miao Huang. "Home Security Service and Condition Control." Applied Mechanics and Materials 479-480 (December 2013): 661–64. http://dx.doi.org/10.4028/www.scientific.net/amm.479-480.661.

Full text
Abstract:
This research creates home security service with social interaction based on a web-based multiple stations supervisory control framework. An Arduino controller is used as a thin-controller to control a home security system. Most control laws are computed in server-side, driving commands are transferred to local controllers for execution. A supervisory control server kept in a company can serve numerous Arduino controllers to provide home security service. The Arduino controller can sense door switch, motion detection, smoke detection, gas detection, CO detection, and an emergency button, and can drive door lock, two relays. Besides, RFID is used to help personnel in/out management and alert enable/disable. The controller reads inputs, uploads input/output data to the supervisory server, executes commands from the server, and drives output continuously. Once a controller is connected to the supervisory server, it can be monitored and controlled remotely. Condition control is proposed for the framework to help program control laws for Arduino controllers. In condition control, conditions are set. When some condition is met, certain actions are taken. There are three types of conditions; time condition, input/output condition, and location condition. And there are three kinds of actions; SMS notification, email notification, and output drive. Conditions, actions and their connections are set by system users in a browser with the help of the supervisory control information management system. The control laws set in the condition control are executed in server-side. User of the home security system can open the read/write rights of his input/output points to other users. With appropriate control law, a motion detection signal of one user can activate the alarm of another user. Therefore, the home security service is not just a security for users home, but a security for a social group.
APA, Harvard, Vancouver, ISO, and other styles
17

Yu, Zhi Wei. "A Business Process-Based Risk Evaluation Framework." Advanced Materials Research 230-232 (May 2011): 1024–28. http://dx.doi.org/10.4028/www.scientific.net/amr.230-232.1024.

Full text
Abstract:
To present the essence of information system risk evaluation and improve the effect of evaluation, the paper puts forward a business process-based information system risk evaluation after analyzing the current risk evaluation methods. The framework begins with the description of business process in perspective of information security and then analyzes and assesses the business activities. The risk-control evaluation of business activities is brought forward and the optional security control measures are comprehensively evaluated so as to ensure security of business activities. The framework focuses on business process activities so that information system assets, their vulnerabilities and threats are associated and evaluation of isolated and meaningless assets is avoided.
APA, Harvard, Vancouver, ISO, and other styles
18

Aruljothi, A., N. Prabhu, and N. M. Mallika. "Network Security Based on Component for Information Network." Asian Journal of Computer Science and Technology 8, S1 (February 5, 2019): 15–17. http://dx.doi.org/10.51983/ajcst-2019.8.s1.1986.

Full text
Abstract:
It is a difficult building to ensure the security of data arrange, so it is important to consider out a new security control design and model in the viewpoint of foundational control. As indicated by the attributes and security requests of data net, another security control viewpoint and its engineering dependent on parts is proposed, the security control framework is made-up, and insights regarding the structure of control system, its different kinds, and capacities and spread methods of security control parts are presented, at that point the highlights of the control framework are outlined at last.
APA, Harvard, Vancouver, ISO, and other styles
19

Pretorius, Barend, and Brett van Niekerk. "Cyber-Security for ICS/SCADA." International Journal of Cyber Warfare and Terrorism 6, no. 3 (July 2016): 1–16. http://dx.doi.org/10.4018/ijcwt.2016070101.

Full text
Abstract:
Industrial control systems (ICS) or supervisory, control, and data acquisition (SCADA) systems drive many key components of the national infrastructure. It makes these control systems targets for cyber-attacks by terrorists and nation-states who wish to damage their target economically and socially, and cyber-criminals who blackmail the companies operating the infrastructure. Despite the high risk of leaving these systems exposed, providing adequate cyber-security is often challenging. The Stuxnet worm illustrated how vulnerable control systems potentially are when it bypassed a number of security mechanisms to cause physical damage to an Iranian nuclear facility. The article focuses on ICS/SCADA in South Africa discussing the unique challenges and legislation relate to securing control system in the South Africa. A governance and security framework for overcoming these challenges are proposed.
APA, Harvard, Vancouver, ISO, and other styles
20

Kriaa, Siwar, Marc Bouissou, and Youssef Laarouchi. "A new safety and security risk analysis framework for industrial control systems." Proceedings of the Institution of Mechanical Engineers, Part O: Journal of Risk and Reliability 233, no. 2 (April 19, 2018): 151–74. http://dx.doi.org/10.1177/1748006x18765885.

Full text
Abstract:
The migration of modern industrial control systems toward information and communication technologies exposes them to cyber-attacks that can alter the way they function, thereby causing adverse consequences on the system and its environment. It has consequently become crucial to consider security risks in traditional safety risk analyses for industrial systems controlled by modern industrial control system. We propose in this article a new framework for safety and security joint risk analysis for industrial control systems. S-cube (for supervisory control and data acquisition safety and security joint modeling) is a new model-based approach that enables, thanks to a knowledge base, formal modeling of the physical and functional architecture of cyber-physical systems and automatic generation of a qualitative and quantitative analysis encompassing safety risks (accidental) and security risks (malicious). We first give the principle and rationale of S-cube and then we illustrate its inputs and outputs on a case study.
APA, Harvard, Vancouver, ISO, and other styles
21

Marrapu, Satvika, Satyanarayana Sanakkayala, Arun kumar Vempalli, and Sai Krishna Jayavarapu. "Smart home based security system for door access control using smart phone." International Journal of Engineering & Technology 7, no. 1.8 (March 3, 2018): 249. http://dx.doi.org/10.14419/ijet.v7i1.9247.

Full text
Abstract:
The system is regarding the remotely overseen Door availability and voice alarming with the help of Smart Phone. It captures the guest picture at the Door as Email caution. Use of Smart home security control framework became essential in our day to day life. This paper describes the outline of an advanced home security framework. In this method the door availability has been controlled based on guest character by considering the human movement location and remotely checking innovation. This paper describes the remote control framework execution and organization and allows the validated individuals in to a home as it were. This Security Framework can be implemented by using switch/calling bell and a Camera module. The camera module captures the pictures of the guest separately and ideally to make the home security framework alive on demand. In this method we used an Electromagnetic entryway bolt module which created the entryway availability. This proposed framework deploys a controller interface framework and LPC 2148. If a guest press calling bell at the door then the web Camera module is interfaced with switch to capture pictures and send these pictures as Email caution with the help of TCP/IP protocol. Now, we can control this home security system by seeing camera module video stream with the help of Smart cell Phone. Like this, the proposed home security framework allows us for sending an order as a reply of voice ready whenever the gatecrasher recognized using smart phone. By using android stage and improved JavaScript, the Clients can see the guest on the screen and able to control the entryway by locking or unlocking the door. This software can be used in a wide range of application where the physical nearness can't be possible forever i. e in territories. The entire control framework is implemented with LPC 2148 now a days usage of smart lock system is increasing day by day in wide range of applications. This efficient effort less low power calling bell based home lock system is essential for security purpose in every home and offices. So many nations are worked on home based locking frame work to implement advanced technologies in it. Most of smart houses and business offices are associated with a chip for security purpose. Though numerous advancements take place, the clients face troubles i. e interface problems in utilizing this smart lock system. To avoid such type of issues i proposed microcontroller. This advanced home security system is useful for real time home environment.
APA, Harvard, Vancouver, ISO, and other styles
22

Khalid, Tauqeer, Abdul Nasir Khan, Mazhar Ali, Adil Adeel, Atta ur Rehman Khan, and Junaid Shuja. "A fog-based security framework for intelligent traffic light control system." Multimedia Tools and Applications 78, no. 17 (December 14, 2018): 24595–615. http://dx.doi.org/10.1007/s11042-018-7008-z.

Full text
APA, Harvard, Vancouver, ISO, and other styles
23

Ani, Uchenna P. Daniel, Hongmei (Mary) He, and Ashutosh Tiwari. "A framework for Operational Security Metrics Development for industrial control environment." Journal of Cyber Security Technology 2, no. 3-4 (October 2, 2018): 201–37. http://dx.doi.org/10.1080/23742917.2018.1554986.

Full text
APA, Harvard, Vancouver, ISO, and other styles
24

Zhang, Hongbin, Junshe Wang, Jiang Chang, and Ning Cao. "An access control framework for multi-level security in cloud environments." International Journal of Innovative Computing and Applications 9, no. 3 (2018): 134. http://dx.doi.org/10.1504/ijica.2018.093731.

Full text
APA, Harvard, Vancouver, ISO, and other styles
25

Chang, Jiang, Hongbin Zhang, Ning Cao, and Junshe Wang. "An access control framework for multi-level security in cloud environments." International Journal of Innovative Computing and Applications 9, no. 3 (2018): 134. http://dx.doi.org/10.1504/ijica.2018.10014853.

Full text
APA, Harvard, Vancouver, ISO, and other styles
26

Safdar, G. A., M. O', and N. A. Neill. "A novel common control channel security framework for cognitive radio networks." International Journal of Autonomous and Adaptive Communications Systems 5, no. 2 (2012): 125. http://dx.doi.org/10.1504/ijaacs.2012.046281.

Full text
APA, Harvard, Vancouver, ISO, and other styles
27

Kim, Hyoungju, and Junho Choi. "Intelligent Access Control Design for Security Context Awareness in Smart Grid." Sustainability 13, no. 8 (April 7, 2021): 4124. http://dx.doi.org/10.3390/su13084124.

Full text
Abstract:
Recently, damages such as internal system intrusion, network and device vulnerability attacks, malicious code infection, and information leakage due to security attacks are increasing within the smart grid environment. Detailed and dynamic access control must be implemented to enable the power system in the smart grid environment to respond to such attacks. Dynamic and partial delegation must be available, and permission role restrictions must be considered for dynamic access control when delegating a role because of changes in power resource manager authority. In this paper, we propose an intelligent access control framework that can recognize security context by analyzing security vulnerabilities for security management of power systems. The intelligent access control framework is designed as a framework that enables collaboration within the smart grid environment, and a system administrator is designed to transmit access control policy information required between the power service principal and the agent. In addition, an experiment is conducted for the control inference of security context ontology-based access, attack detection inference of the security context awareness service, and the attack response of the intelligent integrated access control system. Experimental results show that the precision of security context ontology-based access control inference is 70%, and the attack response rate of integrated access control is 72.8%.
APA, Harvard, Vancouver, ISO, and other styles
28

Wang, Yufei, Tengbiao Zhang, and Qian Ye. "Situation awareness framework for industrial control system based on cyber kill chain." MATEC Web of Conferences 336 (2021): 02013. http://dx.doi.org/10.1051/matecconf/202133602013.

Full text
Abstract:
Information and cyber security of Industrial Control Systems (ICS) has gained considerable importance. Situation Awareness (SA) is an exciting mechanism to achieve the perception, comprehension and projection of the ICS information security status. Based on the Purdue Enterprise Reference Architecture (PERA), a situation awareness framework for ICS is presented considering the ICS cyber kill chain. The proposed framework consists of IT SA Centre, OT SA Centre, and Comprehensive SA Centre. Comprehensive SA Centre is responsible for creating and maintaining an integrated and high level of security visibility into the whole environments. The introduced framework can be used to guide the development of the situation awareness infrastructure in organization with industrial control systems.
APA, Harvard, Vancouver, ISO, and other styles
29

Tung, Shu Chu, Wu Jeng Li, and Shih Miao Huang. "A Web-Based Android Supervisory Control System." Applied Mechanics and Materials 284-287 (January 2013): 3211–15. http://dx.doi.org/10.4028/www.scientific.net/amm.284-287.3211.

Full text
Abstract:
This paper designs a web-based Android supervisory control system. Android controller is used as a local controller to fit into a supervisory control framework. The framework includes a central server, a SMS device attached to the server, multiple local controllers, a remote control program and a ladder logic computer-aided design program. The Android controller contains an Android mobile phone, a Wi-Fi wireless access point, a switch hut (or NAT) and multiple data acquisition modules. The Android mobile phone enters TCP/IP LAN through the Wi-Fi access point. The data acquisition modules with TCP/IP interface are plugged into the LAN, and read/written by the Android mobile phone with Modbus TCP. The Android controller communicates with supervisory server with a specific m2m protocol which is based on http protocol. Once an Android controller is connected to the supervisory control framework, it can be monitored and controlled remotely with any browser. A web-based home security system is constructed to demonstrate the usage of the web-based Android supervisory control system. The control laws for the home security system are partially implemented with ladder logics designed with a computer-aided program in the framework. With a supervisory server serving multiple Android controllers, Cloud home security service is formed.
APA, Harvard, Vancouver, ISO, and other styles
30

Cha, Sungyong, Seungsoo Baek, Sooyoung Kang, and Seungjoo Kim. "Security Evaluation Framework for Military IoT Devices." Security and Communication Networks 2018 (July 3, 2018): 1–12. http://dx.doi.org/10.1155/2018/6135845.

Full text
Abstract:
IoT is gaining importance in our lives and in the military too. With the application of IoT paradigm in the military and the weapon system’s connectivity to the network, this facilitates the commanders to make real-time decisions. However, cybersecurity threats to weapon systems intensify along with the growing of IoT’s benefits. Coping with these cybersecurity threats nowadays, we require the implementation of “security by design” concept during weapon system development throughout the system lifecycle, but not traditional security solutions. Since only developed countries are capable of developing systems on their own, they adopt “security by design” when developing new weapon systems; another approach to acquire weapon systems is through import if a country cannot develop the whole weapon system. However, few studies have been done on the security evaluation framework that could be used upon purchase and integration of the developed weapon system. In this paper, we proposed a novel security evaluation framework that could be used to integrate IoT devices and components into the weapon system and a method to address cybersecurity requirements using international standard security control.
APA, Harvard, Vancouver, ISO, and other styles
31

Arsuaga, Irene, Nerea Toledo, Igor Lopez, and Marina Aguado. "A Framework for Vulnerability Detection in European Train Control Railway Communications." Security and Communication Networks 2018 (2018): 1–9. http://dx.doi.org/10.1155/2018/5634181.

Full text
Abstract:
Railway systems have evolved considerably in the last years with the adoption of new communication technologies. Aiming to achieve a single European railway network, the European Rail Traffic Management System (ERTMS) emerged in Europe to substitute multiple and noninteroperable national railway communication systems. This system and its security strategies were designed in late 1990s. Recent works have identified vulnerabilities related to integrity, authenticity, availability, and confidentiality. In the context of defining effective countermeasures to mitigate potential vulnerabilities, these vulnerabilities have to be analysed. In this article we introduce a framework that attempts to challenge ERTMS security by evaluating the exploitability of these vulnerabilities.
APA, Harvard, Vancouver, ISO, and other styles
32

So, Idris Gautama, N. J. Setiadi, B. Papak, and Rudy Aryanto. "Action Design of Information Systems Security Governance for Bank Using COBIT 4.1 and Control Standard of ISO 27001." Advanced Materials Research 905 (April 2014): 663–68. http://dx.doi.org/10.4028/www.scientific.net/amr.905.663.

Full text
Abstract:
The aim of the study is to design remediation information systems security governance at Bank. This study provided proposed solutions to solve the existing gaps between the current condition and the expected information systems of the bank's security governance. A case study of a commercial bank is used in this study. There are 7 process frameworks of COBIT 4.1 used to measure the maturity level of information systems security governance. Of these processes, appropriate controls within the framework of COBIT 4.1 and ISO27001 are undertaken. As a result, the security of governance information systems is increasing. In conclusion, there is a need of reliable information systems security governance to achieve the intended business goals.
APA, Harvard, Vancouver, ISO, and other styles
33

Lin, Canchu, Anand S. Kunnathur, and Long Li. "The Cultural Foundation of Information Security Behavior." Journal of Database Management 31, no. 2 (April 2020): 21–41. http://dx.doi.org/10.4018/jdm.2020040102.

Full text
Abstract:
Past behavior research overwhelmingly focused on information security policy compliance and under explored the role of organizational context in shaping information security behaviors. To address this research gap, this study integrated two threads of literature: organizational culture, and information security behavior control, and proposed a framework that integrates mid-range theories used in empirical research, connects them to organizational culture, and predicts its role in information security behavior control. Consistent with the cultural-fit perspective, this framework shows that information security policy compliance fits hierarchical culture and the approach of promoting positive, proactive, and emerging information security behaviors fits participative culture. Contributions and practical implications of this framework, together with future research directions, are discussed.
APA, Harvard, Vancouver, ISO, and other styles
34

Ren, Junyu, Li Wang, Shaofan Zhang, Yanchun Cai, and Jinfu Chen. "Online Critical Unit Detection and Power System Security Control: An Instance-Level Feature Importance Analysis Approach." Applied Sciences 11, no. 12 (June 12, 2021): 5460. http://dx.doi.org/10.3390/app11125460.

Full text
Abstract:
Rapid and accurate detection of critical units is crucial for the security control of power systems, ensuring reliable and continuous operation. Inspired by the advantages of data-driven techniques, this paper proposes an integrated deep learning framework of dynamic security assessment, critical unit detection, and security control. In the proposed framework, a black-box deep learning model is utilized to evaluate the dynamic security of power systems. Then, the predictions of the model for specific operating conditions are interpreted by instance-level feature importance analysis. Furthermore, the critical units are detected by reasonable local interpretation, and the security control scheme is extracted with a sequential adjustment strategy according to the results of interpretation. The numerical simulations on the CEPRI36 benchmark system and the IEEE 118-bus system verified that our proposed framework is fast and accurate for specific operating conditions and, thereby, is a viable approach for online security control of power systems.
APA, Harvard, Vancouver, ISO, and other styles
35

ABBASS, Wissam, Zineb BAKRAOUY, Amine BAINA, and Mostafa BELLAFKIH. "Intelligent Risk Management framework." IAES International Journal of Artificial Intelligence (IJ-AI) 8, no. 3 (December 1, 2019): 278. http://dx.doi.org/10.11591/ijai.v8.i3.pp278-285.

Full text
Abstract:
The Internet of Things(IoT) is rapidly increasing and enhancing today’s world by introducing a large set of interconnected devices. Several beneficial services are produced by these devices as for area monitoring and process control. However, IoT security is still a major problem. In fact, IoT’ security beggings largely whith an effective Risk Management process. However, the essense of this process is to acquire a risk inventory cibling the IoT devices. Nevertheless, it is quite difficult to obtaining this latter which significantly adds complication issues to the Risk Management.Without the ability of holisticly identify the IoT critical devices, inaccurate Risk Management is achieved which leads unfortunately to novel risk exposures. Traditional Risk-based approaches fails drastically at apprending IoT’ potential attacks. The dynamic structure, the heteregouns nature of devices, the various security objectives and infrastructure pervasiveness are key factors impacting the overall perfomance. Thus, a holistic Risk Management witihin the IoT is indispensable. Accordingly, we propose an intelligent Risk Management framework using Mobile Agents in order to deliver preventive and responsive assessment.
APA, Harvard, Vancouver, ISO, and other styles
36

Zhang, Ke Jun, Biao Liu, Rong Bin Ju, and Rong Qian. "Putting a Terminal Network Access Control System into Practice." Applied Mechanics and Materials 556-562 (May 2014): 5756–60. http://dx.doi.org/10.4028/www.scientific.net/amm.556-562.5756.

Full text
Abstract:
The paper presents the concept and the main idea of network access control and uses the open source software (FreeRADIUS) as a basic framework. It brings in an terminal security status assessment ideas. At the same time, it designs and implements including authentication, configuration and implementation of security strategy and the security state of terminal evaluation as one of the terminal network access control system.
APA, Harvard, Vancouver, ISO, and other styles
37

Barni, Mauro, Franco Bartolini, and Teddy Furon. "A general framework for robust watermarking security." Signal Processing 83, no. 10 (October 2003): 2069–84. http://dx.doi.org/10.1016/s0165-1684(03)00168-3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
38

Ilchenko, O. V., and M. Varava. "LEGAL FRAMEWORK FOR SECURITY OF ROAD TRANSPORT: INTERNATIONAL EXPERIENCE." Legal horizons, no. 19 (2019): 138–43. http://dx.doi.org/10.21272/legalhorizons.2019.i19.p138.

Full text
Abstract:
The article analyzes the introduction of the European experience for ensuring road safety on the highways of Ukraine. The conclusion is made on the feasibility of introducing such an experience in Ukraine. The basic directions, which should promote the creation of a safe, reliable, stable, stable, and regulated system of road safety in modern living conditions are determined. Analysis of the best European practices for the introduction of modern automated road traffic control systems based on the achievements of European colleagues will significantly improve the situation in the field of road safety. The introduction of innovative management technologies, including road traffic, will provide the necessary sustainable development of the economy and society as a whole. Prevention as the main and priority direction of positive European experience such as clarification in mass media, distribution of information brochures, promotion of law-abiding drivers, and conducting of explanatory work with youth will allow reducing the number of offenses on the roads of Ukraine. Because safe roads, this is primarily the conscious, but safe behavior of every participant in the traffic, regardless of age, sex or property status. Already the first work on the part of state authorities is the approval of the government program “Strategy for Enhancing the Level of Road Safety in Ukraine until 2020″, which was approved by the Cabinet of Ministers of Ukraine Resolution No. 481-r of June 14, 2017. The return of the Tricam radar from October 16, 2018, to fix violations of the high-speed regime will improve the control over compliance with traffic rules, which will result from increased security and a reduction in the number of administrative offenses on the roads of Ukraine. The most effective measure aimed at ensuring road safety is the creation of a Safe City project in cities of Ukraine, which is to introduce video surveillance systems to enhance the safety of road users, control the operation of public utilities, and manage city traffic. Already in some cities, electronic surveillance systems are in place that recognizes the driver’s face and vehicle numbers. Cooperation with operational units of the Ministry of Internal Affairs, Security Service, and Ministry of Emergencies has been established. Keywords: safety, road traffic, transport, traffic accident, European experience, speed recorders, automated control systems, analytical and legal support.
APA, Harvard, Vancouver, ISO, and other styles
39

Sirisha, Mamilla, and Neelam Syamala. "RFID Based Security for Exam Paper Leakage System." International Journal of Engineering & Technology 7, no. 4.36 (December 9, 2018): 841. http://dx.doi.org/10.14419/ijet.v7i4.36.24542.

Full text
Abstract:
The examination may be the heart of the education framework. The principal reason for the examination will be to select the proficient applicants for several positions. Every year we get the news regarding postponed/canceled exam because of paper leakages. So we need come up with manageable and compact result and decided to design and execute an “examination paper leakage security framework “that will be a much-protected framework depend on “ARM processor”. Together with “the GSM modem, keypad, electromagnetic lock, and RFID module “would be utilized in this framework. First, the university will send the exam paper to the college in “an electronic sealed box”that is termed as “Electronic Control Box”. The “Electronic Control Box “will be an embedded framework, which might have been proposed utilizing “ARM processor” that has inbuilt RTC to display “the Electronic Control Box”. Whether anybody tries to open that box previous and afterward the time duration of the RFID swipe, the framework communicates to the university powers by sending “and SMS (Short Message Service)” through the GSM, which several malfunctioning has taken place with “the Electronic Control Box". For instance, whether the secret key doesn’t match then the client who has access to get the message on his telephone. If we enter the invalid secret ID then the ringer will be ON. Therefore we might effectively recognize that the question papers have been leaked.This paper defines the electronic security for the leakage of question paper that will be an exceptionally protected framework. The examination will be the heart of “the education framework”. We have recommended an electronic framework to identify and avoid the leakage of exam papers. In this proposed system, the exam papers that are in “the electronically locked box” will be sent to the examination centers. The box will be unlocked after a predefined time, date and only by a certified client. Essentially the exam papers will be existing in the sub-boxes. Secret ID secures these boxes; the exam manager will send an SMS with the password to open the specific sub-boxes. The electromagnetic lock is used to unlock the box, when the time, date, and password match. In this framework, we are utilizing a ringer for any unapproved interference.
APA, Harvard, Vancouver, ISO, and other styles
40

Suroso, Jarot S. "Implementation of COSO ERM as Security Control Framework in Cloud Service Provider." Journal of Advanced Management Science 5, no. 4 (2017): 322–26. http://dx.doi.org/10.18178/joams.5.4.322-326.

Full text
APA, Harvard, Vancouver, ISO, and other styles
41

Kim, Iksu, and Jongmyung Choi. "Security Framework for Improving the Performance of the Malicious Process Control System." Journal of Korean Society for Internet Information 14, no. 2 (April 30, 2013): 61–71. http://dx.doi.org/10.7472/jksii.2013.14.2.61.

Full text
APA, Harvard, Vancouver, ISO, and other styles
42

Lemaire, Laurens, Jan Vossaert, Joachim Jansen, and Vincent Naessens. "A logic-based framework for the security analysis of Industrial Control Systems." Automatic Control and Computer Sciences 51, no. 2 (March 2017): 114–23. http://dx.doi.org/10.3103/s0146411617020055.

Full text
APA, Harvard, Vancouver, ISO, and other styles
43

Kirilina, T. Yu, E. N. Gorbaneva, and A. V. Poznyakevich. "Legal and regulatory framework of Information security of automated process control systems." Informacionno-technologicheskij vestnik, no. 2 (July 30, 2018): 75–85. http://dx.doi.org/10.21499/2409-1650-2018-2-75-85.

Full text
Abstract:
Nowadays protection of automated process control systems in the Russian Federation is one of the most important problems in the field of information security. Number of cyberthreats is increasing dramatically that has critical value for an ecological, social and macroeconomic component of the state.
APA, Harvard, Vancouver, ISO, and other styles
44

Yang, Lili, and S. H. Yang. "A framework of security and safety checking for internet-based control systems." International Journal of Information and Computer Security 1, no. 1/2 (2007): 185. http://dx.doi.org/10.1504/ijics.2007.012249.

Full text
APA, Harvard, Vancouver, ISO, and other styles
45

Peinado Gomez, German, Jordi Mongay Batalla, Yoan Miche, Silke Holtmanns, Constandinos X. Mavromoustakis, George Mastorakis, and Noman Haider. "Security policies definition and enforcement utilizing policy control function framework in 5G." Computer Communications 172 (April 2021): 226–37. http://dx.doi.org/10.1016/j.comcom.2021.03.024.

Full text
APA, Harvard, Vancouver, ISO, and other styles
46

Hassan, Ahmed, and Waleed Bahgat. "A Framework for Translating a High Level Security Policy into Low Level Security Mechanisms." Journal of Electrical Engineering 61, no. 1 (January 1, 2010): 20–28. http://dx.doi.org/10.2478/v10187-010-0003-x.

Full text
Abstract:
A Framework for Translating a High Level Security Policy into Low Level Security MechanismsSecurity policies have different components; firewall, active directory, and IDS are some examples of these components. Enforcement of network security policies to low level security mechanisms faces some essential difficulties. Consistency, verification, and maintenance are the major ones of these difficulties. One approach to overcome these difficulties is to automate the process of translation of high level security policy into low level security mechanisms. This paper introduces a framework of an automation process that translates a high level security policy into low level security mechanisms. The framework is described in terms of three phases; in the first phase all network assets are categorized according to their roles in the network security and relations between them are identified to constitute the network security model. This proposed model is based on organization based access control (OrBAC). However, the proposed model extend the OrBAC model to include not only access control policy but also some other administrative security policies like auditing policy. Besides, the proposed model enables matching of each rule of the high level security policy with the corresponding ones of the low level security policy. Through the second phase of the proposed framework, the high level security policy is mapped into the network security model. The second phase could be considered as a translation of the high level security policy into an intermediate model level. Finally, the intermediate model level is translated automatically into low level security mechanism. The paper illustrates the applicability of proposed approach through an application example.
APA, Harvard, Vancouver, ISO, and other styles
47

Kuka, Elda. "AN ANALYTICAL STUDY OF INFORMATION SECURITY MANAGEMENT IN THE PUBLIC SECTOR OF ALBANIA." CBU International Conference Proceedings 6 (September 25, 2018): 277–81. http://dx.doi.org/10.12955/cbup.v6.1169.

Full text
Abstract:
Public sector organizations are in the early stages of adopting information security management in Albania. Organizations who have adopted these processes have underestimated information security within the governance framework. This study specifically investigates the information security management within public sector organizations. Its objective is to align local organizations with international standards and frameworks in terms of integrating information security management and information technology audits, risks, and control measures. A survey of selected organizations is completed and results are presented in this paper identifying the maturity level of information security management in Albanian organizations.
APA, Harvard, Vancouver, ISO, and other styles
48

Selivanov, S. A., and A. L. Ogarok. "Ensuring cybersecurity of complex information and control systems." Informatization and communication, no. 1 (March 31, 2020): 28–33. http://dx.doi.org/10.34219/2078-8320-2020-11-1-28-33.

Full text
Abstract:
Problems and approaches to ensuring cybersecurity of complex information and control systems are considered. The analysis is carried out and the differences between the theory of information security and the theory of cybersecurity are shown. The results of the analysis of the conceptual apparatus, regulatory framework and methods of the theory of information security and the theory of cybersecurity are presented.
APA, Harvard, Vancouver, ISO, and other styles
49

Kumar, Randhir, and Rakesh Tripathi. "Data Provenance and Access Control Rules for Ownership Transfer Using Blockchain." International Journal of Information Security and Privacy 15, no. 2 (April 2021): 87–112. http://dx.doi.org/10.4018/ijisp.2021040105.

Full text
Abstract:
Provenance provides information about how data came to be in its present state. Recently, many critical applications are working with data provenance and provenance security. However, the main challenges in provenance-based applications are storage representation, provenance security, and centralized approach. In this paper, the authors propose a secure trading framework which is based on the techniques of blockchain that includes various features like decentralization, immutability, and integrity in order to solve the trust crisis in centralized provenance-based system. To overcome the storage representation of data provenance, they propose JavaScript object notation (JSON) structure. To improve the provenance security, they propose the access control language (ACL) rule. To implement the JSON structure and ACL rules, permissioned blockchain based tool “Hyperledger Composer” has been used. They demonstrate that their framework minimizes the execution time when the number of transaction increases in terms of storage representation of data provenance and security.
APA, Harvard, Vancouver, ISO, and other styles
50

Lee, Hyojun, Jiyoung Yoon, Min-Seong Jang, and Kyung-Joon Park. "A Robot Operating System Framework for Secure UAV Communications." Sensors 21, no. 4 (February 15, 2021): 1369. http://dx.doi.org/10.3390/s21041369.

Full text
Abstract:
To perform advanced operations with unmanned aerial vehicles (UAVs), it is crucial that components other than the existing ones such as flight controller, network devices, and ground control station (GCS) are also used. The inevitable addition of hardware and software to accomplish UAV operations may lead to security vulnerabilities through various vectors. Hence, we propose a security framework in this study to improve the security of an unmanned aerial system (UAS). The proposed framework operates in the robot operating system (ROS) and is designed to focus on several perspectives, such as overhead arising from additional security elements and security issues essential for flight missions. The UAS is operated in a nonnative and native ROS environment. The performance of the proposed framework in both environments is verified through experiments.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the bibliographies on the topic 'Security control framework' for other source types:
Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography