The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
A message exchange framework based on information elements as a transport method for key management protocol (KMP) datagrams and guidelines for the use of some existing KMPs with IEEE Std 802.15.4 are defined in the recommended practice. A new KMP is not created in this recommended practice. In support of KMP transmission and reception, a generic multiplexed data service layer that can be used to...
The spring up of cloud storage, such as Hadoop HDFS, Open Stack Swift, brings us more intelligent storage solutions. Nowadays, the most commercial version of cloud storage system puts more emphasis on high-performance and high-availability, very little attention is given to privacy protection. This paper proposes a user influence-based data distribution optimization method, User Rank, which migrate...
Integration of hospital information systems (HIS) is an important area and one the basic requirements of hospitals since it increases quality of care and at the same time reduces costs of creating, upgrading, updating and keeping up with technology and healthcare industry standards and information technology. Cloud computing with features like multitenancy, massive scalability, elasticity, pay as...
Interplanetary Network defines the architecture and protocols necessary to permit inter-operation of the Internet residents or systems on earth/spacecrafts with other remotely located Internet resident/systems on other systems/spacecrafts in transit in the hostile and unpredictable environment of space. Inter-networking in such environment requires new techniques other than traditional communication...
Several security modelling languages (e.g., Misuse case, Secure Tropos) help dealing with security risk management at the system requirements stage. But no design level modelling language has been explored to model security risk. In this paper, we are focusing on SecureUML which is a design level modelling language to represent security risk. More specifically we investigate how SecureUML supports...
At present time the unregistered SIM cards (here unregistered means the SIM cards which are registered with false information provided by dealer) are widely used for committing crimes in the perspective of Bangladesh. Due to the complexity of the present SIM card registration process, the subscribers are reluctant to register themselves. In this paper we propose a cloud based system model which demonstrates...
Presents a collection of slides covering the following topics: railway safety assurance; common safety method; security; railway signalling; cyber attack; and risk assessment.
The E-business under the pattern of cloud computing has much of advantages and prominent features, which will be confronted with a variety of issues about security just like the current E-business. This article introduces the conception and trait about the E-business under the pattern of cloud computing in brief and puts forward the security threats from the perversion of data security, the criterion...
The complexity and frequency of cyber attacks against plant control systems is rising, as is the corporate demand for realtime access to plant control system data. When implemented correctly data diodes claim to provide the means to deliver real-time plant data to the corporate IT network and provide a barrier impervious to network based attacks. EDF Energy is exploring data diode technology and the...
This paper examines the development of good practice for Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition) SCADA security. Good practice and standards are reviewed, along with indications on future developments.
New systems are being developed which are used in safety critical systems but must also satisfy security requirements. To reduce space, weight and power, a Multiple Independent Layered Security (MILS) platform could be used to support many applications. A MILS platform could support safety critical, and non-safety related functions, and manage TopSecret, Secret, and Unclassified data, by providing...
This paper discusses the relationship of hazards and threats in railway-related safety and security standards. It points out similarities but also gaps and proposes improvements. It is shown that, in particular, the approaches to risk analyses and the definition of safety and security differ substantially so that these processes should be treated separately. The general goal should be the separation...
Efforts in improving the overall quality of information and communications technology (ICT) systems have historically tended to cluster into a series of stovepipes, with the two major axes tending to be around Safety and Security. This paper summarises the ongoing UK public-private initiative to produce a consensus framework for trustworthy software which can be applied to all domains.
Researchers involved directly with the security of information-processing systems know that many such systems do not have the levels of integrity and sustainability that are much more prevalent for safety-critical systems. Safety-critical systems, many of which are industrial process control systems, are generally built and tested to much higher standards for handling system failure or aberrant behavior...
Network Finance brings great changes and conveniences to enterprise at network economy age, at the same time, but security issues have been the biggest constraint to their development, so how to build the control system of network financial security is an important issue which is urgently in-depth studied. In this paper, the control system of network financial security is constructed systematically...
Radio frequency identification (RFID) technology is increasingly being incorporated into everyday objects. This case study examines three examples - credit cards, transit cards, and the U.S. e-Passport - given ubiquitous computing power through the addition of RFID. We explored user comprehension of RFID technology generally and these implementations specifically to understand if and how the addition...
The following topics are dealt with: antennas and propagation; localization; sensors; circuits, devices & interrogators; security and privacy; and software.
This paper proposes a methodology and a tool to evaluate the security risk presented when using software components or systems. The risk is estimated based on known vulnerabilities existing on the software components. An automated tool is used to extract and aggregate information on vulnerabilities reported by users and available on public databases (e.g., OSVDB and NVD). This tool generates comprehensive...
The phenomenon of cloud computing has been driven largely these days. Personal Cloud, as the cloud computing for personal usage, has come to the forefront. Compare with traditional operating system, personal cloud shifts individual computing "from being device-centric to information-centric", which create a bridge between operating system-based computing and the more service-oriented approach...
Recently, the leak of domestic core technology of major business in Korea and the subsequent damage, has been increasing every year. Financial losses due to this leak are estimated to be about 220 trillion, which is equivalent to the gross budget of Korea Besides, the majority of the leaks are caused by former and current staff members, cooperated businesses, scientists and investment companies. This...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.