• Title/Summary/Keyword: Security mechanisms

Search Result 401, Processing Time 0.023 seconds

State Management Mechanisms for the Exchange of Information Regarding Cyberattacks, Cyber Incidents and Information Security Incidents

  • Kryshtanovych, Myroslav;Britchenko, Igor;Losonczi, Peter;Baranovska, Tetiana;Lukashevska, Ulyana
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.4
    • /
    • pp.33-38
    • /
    • 2022
  • The main purpose of the study is to determine the key aspects of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents. The methodology includes a set of theoretical methods. Modern government, on the one hand, must take into account the emergence of such a new weapon as cyber, which can break various information systems, can be used in hybrid wars, influence political events, pose a threat to the national security of any state. As a result of the study, key elements of the mechanisms of state management of the exchange of information about cyberattacks, cyber incidents, and information security incidents were identified.

Construction of Security MIB for EDI System

  • Park Tae-Kyou
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.8 no.1
    • /
    • pp.23-37
    • /
    • 1998
  • This paper considers the design and management of security MIB for EDI system. EDI system has to establish various securety wervices and mechanisms to protect against security threats. Hence, the EDIsystem requires appropriate security management to monitor and control the security obhects for its security services and mechanisms. In this paper, I identify security objects for management of secueity services defined in the EDIsystem, and propose the design of a security MIB and describe the use of SNMPnetwork management protocol in its management.

Android Operating System: Security Features, Vulnerabilities, and Protection Mechanisms

  • AlJeraisy, Lulwa Abdulmajeed;Alsultan, Arwa
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.11
    • /
    • pp.367-372
    • /
    • 2022
  • In the age of smartphones, users accomplish their daily tasks using their smartphones due to the significant growth in smartphone technology. Due to these tremendous expansions, attackers are highly motivated to penetrate numerous mobile marketplaces with their developed malicious apps. Android has the biggest proportion of the overall market share when compared to other platforms including Windows, iOS, and Blackberry. This research will discuss the Android security features, vulnerabilities and threats, in addition to some existing protection mechanisms.

An Economic Analysis of Alternative Mechanisms for Optimal IT Security Provision within a Firm (기업 내 최적 정보기술보안 제공을 위한 대체 메커니즘에 대한 경제적 분석)

  • Yu, Seunghee
    • Asia-Pacific Journal of Business Venturing and Entrepreneurship
    • /
    • v.8 no.2
    • /
    • pp.107-117
    • /
    • 2013
  • The main objective of this study lies at examining economic features of IT security investment and comparing alternative mechanisms to achieve optimal provision of IT security resources within a firm. There exists a paucity of economic analysis that provide useful guidelines for making critical decisions regarding the optimal level of provision of IT security and how to share the costs among different users within a firm. As a preliminary study, this study first argues that IT security resources share some unique characteristics of pure public goods, namely nonrivalry of consumption and nonexcludability of benefit. IT security provision problem also suffers from information asymmetry problem with regard to the valuation of an individual user for IT security goods. Then, through an analytical framework, it is shown that the efficient provision condition at the overall firm level is not necessarily satisfied by individual utility maximizing behavior. That is, an individual provision results in a suboptimal solution, especially an underprovision of the IT security good. This problem is mainly due to the nonexcludability property of pure public goods, and is also known as a free-riding problem. The fundamental problem of collective decision-making is to design mechanisms that both induce the revelation of the true information and choose an 'optimal' level of the IT security good within this framework of information asymmetry. This study examines and compares three alternative demand-revealing mechanisms within the IT security resource provision context, namely the Clarke-Groves mechanism, the expected utility maximizing mechanism and the Groves-Ledyard mechanism. The main features of each mechanism are discussed along with its strengths, weaknesses, and different applicability in practice. Finally, the limitations of the study and future research are discussed.

  • PDF

Access Control for Secure Access Path (안전한 접근 경로를 보장하기 위한 접근 제어)

  • Kim, Hyun-Bae
    • Journal of The Korean Association of Information Education
    • /
    • v.1 no.2
    • /
    • pp.57-66
    • /
    • 1997
  • The primary purpose of security mechanisms in a computer systems is to control the access to information. There are two types of access control mechanisms to be used typically. One is discretionary access control(DAC) and another is mandatory access control(MAC). In this study an access control mechanism is introduced for secure access path in security system. The security policy of this access control is that no disclosure of information and no unauthorized modification of information. To make this access control correspond to security policy, we introduce three properties; read, write and create.

  • PDF

Analyses of Vulnerability and Security Mechanisms in Wireless Sensor Networks (무선센서네트워크에서의 취약성 및 보안 메카니즘의 분석)

  • Kim, Jung-Tae
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2009.05a
    • /
    • pp.805-808
    • /
    • 2009
  • Security has become a major concern for many real world applications for wireless sensor networks (WSN). In this domain, many security solutions have been proposed. Usually, all these approaches are based on wellknown cryptographic algorithms. At the same time, performance studies have shown that the applicability of sensor networks strongly depends on effective routing decisions or energy aware wireless communication. In this paper, we analyses vulnerability and security mechanisms in wireless sensor networks.

  • PDF

IP camera security: "Security Eyes"

  • Alshamrani, Sultan S
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.2
    • /
    • pp.75-80
    • /
    • 2022
  • With the rapid growth of Internet of Things (IoT) applications and devices, there are still defects in safety and privacy. Current researches indicate that there are weak security mechanisms to protect these devices. Humans use the Internet of Things to control and connect their devices with the Internet. Using the Internet of things has been increased over time. Therefore, capture of sensitive user data has increased intentionally or not [1]. The IP Camera is a type of (IOT) devices. Therefore, in this paper we aim to create a "Security Eyes" application that protects IP Cameras from security attacks according to certain security mechanisms (increasing the strength of encryption and filling the usual security holes in IP cameras … etc) and alerts the user when the live broadcast is interrupted or an error occurs.

A Study on Improving the Security Vulnerabilities of Modbus-Based SCADA Control Systems (Modbus 기반 SCADA 제어 시스템의 보안 취약성 향상에 관한 연구)

  • Cagalaban, Giovanni A.;Kim, Seok-Soo;Ha, Kyung-Jae
    • Proceedings of the KAIS Fall Conference
    • /
    • 2009.05a
    • /
    • pp.421-424
    • /
    • 2009
  • SCADA control systems and protocols are developed based on reliability, availability, and speed but with no or little attention paid to security. Specifically in Modbus protocol, there are inherent security vulnerabilities in their design. The lack of common security mechanisms in the protocol such as authentication, confidentiality and integrity must be addressed. In this paper, security vulnerabilities of Modbus-based SCADA controls systems will be studied. An in-depth analysis of the message frame formats being sent between master and slave will be discussed to expose the security vulnerabilities. This will enable SCADA users to find ways to fix the security flaws of the protocol and design mitigation strategies to reduce the impact of the possible attacks. Security mechanisms are recommended to further enhance the security of SCADA control systems.

  • PDF

Light-weight Defense Mechanisms for application layer DDoS Attacks in the Web Services (웹서비스 대상 경량화 된 응용계층 DDoS 공격 대응 메커니즘)

  • Lee, Tai-Jin;Im, Chae-Su;Im, Chae-Tae;Jung, Hyun-Chul
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.20 no.5
    • /
    • pp.99-110
    • /
    • 2010
  • Recently, network based DDoS attacks have been changed into application layer DDoS attacks which are targeted at the web services. Specially, an attacker makes zombie PCs generate small traffic and its traffic pattern has been similar to the normal user's pattern. So, existing HTTP PPS based Threshold cannot defend the DDoS attacks effectively. In this paper, we displayed all the GET Flooding attack types and propose three DDoS attack defense mechanisms which are simple and very powerful. Proposed mechanisms can defend all the existing GET Flooding DDoS attacks and be deployed in the real environment immediately with little resource consumption.

Healthcare Security based on Blockchain

  • Almalki, Taghreed;Alzahrani, Shahad;Alhakami, Wajdi
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.8
    • /
    • pp.149-160
    • /
    • 2021
  • One of the most important inventions and developments in the digital world today is the healthcare system based on blockchain technology. Healthcare is an important field that requires the application of security mechanisms due to the sensitivity of patient data. The association of blockchain with healthcare contributed to achieving better security mechanisms than the traditional approach. The new approach operates in a decentralized system, which in turn, improves security in the healthcare environment. Consequently, blockchain technology has emerged as one of the most crucial solutions to security violations and challenges in the healthcare industry. This paper provides a comprehensive review of several experts' recent protection and detection approaches in this domain. It is also imperative to note that the paper focuses only on the recent techniques that have been published during 2017-2020. The sophisticated procedures have been investigated and discussed in terms of similarities and differences to highlight the significance of the protection needed to secure the healthcare environment.