发布求助
文献互助 智能选刊 最新文献

Information Security Journal: A Global Perspective最新文献

筛选
英文 中文
Security of electronic personal health information in a public hospital in South Africa 南非一家公立医院的电子个人健康信息安全
Information Security Journal: A Global Perspective Pub Date : 2021-03-01 DOI: 10.1080/19393555.2021.1893410
K. Chuma, M. Ngoepe
{"title":"Security of electronic personal health information in a public hospital in South Africa","authors":"K. Chuma, M. Ngoepe","doi":"10.1080/19393555.2021.1893410","DOIUrl":"https://doi.org/10.1080/19393555.2021.1893410","url":null,"abstract":"ABSTRACT Digital health technologies have changed the healthcare sector landscape and thus generated new opportunities for collecting, storing and accessing electronic personal health information (ePHI). However, this has also caused ePHI to be exposed to a variety of new security threats, attacks and vulnerabilities. This qualitative study explored the security of ePHI in a public hospital in South Africa. Data were collected through semi-structured interviews with purposively selected network controllers, IT technicians, administrative and records clerks and triangulated through document analysis. Data were coded and analyzed using ATLAS.ti, version 8. The findings showed that the public hospital is witnessing a deluge of cyber threats such as Worms, Trojan horses, and shortcut viruses. This is compounded by technological vulnerabilities such as power and system failure, obsolete computers, and systems. Security measures such as username-password, encryption, firewall, and antivirus and security audit log exist in the hospital to protect ePHI. The study recommends the need to implement an intrusion protection system and constantly update the firewall and antivirus. It is concluded that without proper security protocols, ePHI could be exposed to threats and cyber attacks. The public hospital is urged to use blockchain technology to strengthen the security of ePHI.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"85 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116317684","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
PCC-RPL: An efficient trust-based security extension for RPL PCC-RPL:一个高效的基于信任的RPL安全扩展
Information Security Journal: A Global Perspective Pub Date : 2021-02-12 DOI: 10.1080/19393555.2021.1887413
M. Pishdar, Y. Seifi, M. Nasiri, M. Bag-Mohammadi
{"title":"PCC-RPL: An efficient trust-based security extension for RPL","authors":"M. Pishdar, Y. Seifi, M. Nasiri, M. Bag-Mohammadi","doi":"10.1080/19393555.2021.1887413","DOIUrl":"https://doi.org/10.1080/19393555.2021.1887413","url":null,"abstract":"ABSTRACT RPL is a de facto routing protocol for IoT (Internet of Things). In this paper, an efficient IDS (intrusion detection system) is proposed to solve a major security vulnerability of RPL, which is called fabricated parent change. We show that many well-known attacks and security breaches are carried out via this vulnerability. The proposed method, which is called PCC-RPL (Parental Change Control RPL), prevents unsolicited parent changes by utilizing the trust concept. In PCC-RPL, all parents monitor their children behavior continuously. When a malicious activity is detected by the parent, it decreases the child's trust level and informs the root by sending a suspicion message. Our simulation results indicate that PCC-RPL can detect almost all common RPL attacks with an acceptable accuracy compared to a well-known method. Low control overhead, low energy consumption, short attack detection delay, and high precision are the main features of the proposed scheme.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-02-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114685253","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Challenges and opportunities in biometric security: A survey 生物识别安全的挑战与机遇:调查
Information Security Journal: A Global Perspective Pub Date : 2021-01-14 DOI: 10.1080/19393555.2021.1873464
Shefali Arora, M. Bhatia
{"title":"Challenges and opportunities in biometric security: A survey","authors":"Shefali Arora, M. Bhatia","doi":"10.1080/19393555.2021.1873464","DOIUrl":"https://doi.org/10.1080/19393555.2021.1873464","url":null,"abstract":"ABSTRACT Biometric systems identify individuals based on unique traits such as the face, fingerprints, iris etc. The main objective of the study is to understand the role of deep learning in the process of authentication as well as its application in the enhancement of security of biometric systems. We highlight the studies using deep learning approaches to authenticate enrolled users under ideal and non-ideal environmental conditions. We summarize these approaches and explore the challenges that continue to restrict the full potential of biometric systems. The foremost are: building robust algorithms for authentication, ensuring the security of enrolled templates and protecting systems against spoofing attacks. In this paper, we review the performance achieved by various studies in overcoming the aforesaid challenges, along with the potential improvements and future directions in this domain.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-01-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123727693","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
New method for improving add round key in the advanced encryption standard algorithm 改进高级加密标准算法中添加圆密钥的新方法
Information Security Journal: A Global Perspective Pub Date : 2021-01-05 DOI: 10.1080/19393555.2020.1859654
S. M. Kareem, A. M. Rahma
{"title":"New method for improving add round key in the advanced encryption standard algorithm","authors":"S. M. Kareem, A. M. Rahma","doi":"10.1080/19393555.2020.1859654","DOIUrl":"https://doi.org/10.1080/19393555.2020.1859654","url":null,"abstract":"ABSTRACT This paper proposes a new modification to the AES in order to ensure a high-level security. This is accomplished by replacing the binary Exclusive OR (XOR) operation in each add-round-key stage of the AES with a new (#) operation. The (#) operation requires an additional and randomly generated control key to determine the state table (among 256 optional state tables) needed to apply the (#) operation. The 256 states tables are formed based on the addition operation in the Galois Field GF (28) to increase the randomness of the algorithm. The modified AES algorithm has been evaluated based on several security metrics. In our proposed algorithm, an attacker needs, at minimum, up to (2431)10 probabilities of keys to decrypt an encrypted message; thus, the proposed AES algorithm increases the complexity of the original AES against the differential cryptanalysis. Moreover, compared to the original AES, applying the (#) operation in our modified algorithm also improves the performance in other security metrics, such as NIST and histogram. Consequently, this replacement by using two keys in both the encryption and decryption process adds a new level of “protection and a greater degree of robustness against breaking methods.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"115 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-01-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133065003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Creating a sense of digital privacy in the private sector 在私营部门建立数字隐私意识
Information Security Journal: A Global Perspective Pub Date : 2021-01-02 DOI: 10.1080/19393555.2020.1797948
Richard Charles Hornberger
{"title":"Creating a sense of digital privacy in the private sector","authors":"Richard Charles Hornberger","doi":"10.1080/19393555.2020.1797948","DOIUrl":"https://doi.org/10.1080/19393555.2020.1797948","url":null,"abstract":"ABSTRACT The research question explores factors that create a feeling of privacy violation and discusses steps organizations can take to improve the perception of digital privacy for employees answering, “What intrusion, interference, and information access factors can be implemented by organizations to create a sense of digital privacy for employees in for-profit organizations?” Moor’s Theory of Privacy guides the research examining three components of normative privacy in a digital age: intrusion protection, interference protection, and information access protection. The method of inquiry is a systematic review of twenty-one articles containing published in peer-reviewed academic journals over the last five years. Intrusion protection recommendations include monitoring and compliance with existing legislation, exhibition of transparency on policies and procedures, creating or revisiting existing organizational policies, and providing or enhancing training practices. Interference protection recommendations include gaining consent on policies, and encouraging systems that allow self-control of privacy. Information access protection recommendations involve weighing benefits and costs of security controls, limiting excessive data collection, anonymizing or obfuscating data collection, deleting data when use is complete, creating sanctions for information security misbehavior, and reviewing mobile device management environments. This discovered framework can decrease levels of stress, improve task performance, and decrease bad behavior will improving levels of job satisfaction and organizational commitment.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130832413","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Enhancing the blockchain voting process in IoT using a novel blockchain Weighted Majority Consensus Algorithm (WMCA) 使用新的区块链加权多数共识算法(WMCA)增强物联网中的区块链投票过程
Information Security Journal: A Global Perspective Pub Date : 2021-01-01 DOI: 10.1080/19393555.2020.1869356
Manal Mohamed Alhejazi, R. Mohammad
{"title":"Enhancing the blockchain voting process in IoT using a novel blockchain Weighted Majority Consensus Algorithm (WMCA)","authors":"Manal Mohamed Alhejazi, R. Mohammad","doi":"10.1080/19393555.2020.1869356","DOIUrl":"https://doi.org/10.1080/19393555.2020.1869356","url":null,"abstract":"ABSTRACT Internet of Things (IoT) is expected to improve our lifestyle in a noticeable way. However, although the IoT holds a lot of chances, it contains a lot of serious risks. This leads to a focus on developing security techniques that can increase the security level of IoT. Blockchain is considered as an innovative technique for securing IoT and sharing data in a secure and tamperproof way. The blockchain is a peer-to-peer connection system that performs transactions securely by using consensus algorithms with no need for a trusted third party. Blockchain proved its applicability in securing IoT networks, and the research in this area is still enticing researchers to delve deeper and deeper. Decentralized voting is considered the fundamental principle that blockchain relies on for making the appropriate decision that would offer a proper security level for IoT. In this research a novel decentralized blockchain Weighted Majority Consensus Algorithm is proposed. The algorithm is inspired by the well-known weighted majority voting algorithm in the ensemble data mining learning approach. A java implementation of WMCA has been created for testing several scenarios with the aim of confirming the applicability of the proposed WMCA and the results were very promising.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122594086","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
A modified LSB image steganography method using filtering algorithm and stream of password 一种采用滤波算法和密码流的改进LSB图像隐写方法
Information Security Journal: A Global Perspective Pub Date : 2020-11-29 DOI: 10.1080/19393555.2020.1854902
Md. Rashedul Islam, T. R. Tanni, S. Parvin, M. J. Sultana, Ayasha Siddiqa
{"title":"A modified LSB image steganography method using filtering algorithm and stream of password","authors":"Md. Rashedul Islam, T. R. Tanni, S. Parvin, M. J. Sultana, Ayasha Siddiqa","doi":"10.1080/19393555.2020.1854902","DOIUrl":"https://doi.org/10.1080/19393555.2020.1854902","url":null,"abstract":"ABSTRACT Data is one of the most significant assets nowadays and needs to address correctly in the growing risk of cybersecurity. Additionally, every year, data is stolen and modified from the internet when transmitting. Therefore, to improve security while transmission, there are two techniques available called cryptography and steganography. In cryptography, the information is encrypted to ciphertexts using a private key, but the message’s existence is visible to others, no matter how unbreakable they are. On the other hand, steganography hides the secret data in an ordinary non-secret file to avoid visual detection. This paper proposed a new data hiding method using LSB image steganography, where confidential information uses only the selected image pixel. For that, image pixel information is used to filter the complete image to decide the candidate pixel, and a user-defined password is used to secure the LSB steganography. For better security, before applying steganography, the AES method encrypts the secret message. In the experiment, MSE and PSNR value are measured to assess the quality of the resultant stego image. The stego image provides higher PSNR and less MSE value as compared to other studied methods, which illustrate the flexibility of the proposed method.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122377283","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Facial blemishes detection and encryption with secure force algorithm into HCC2D code for biometric-passport 面部瑕疵检测及安全力算法加密成HCC2D条码,用于生物识别护照
Information Security Journal: A Global Perspective Pub Date : 2020-11-19 DOI: 10.1080/19393555.2020.1846823
Z. Choudhury, M. Rabbani
{"title":"Facial blemishes detection and encryption with secure force algorithm into HCC2D code for biometric-passport","authors":"Z. Choudhury, M. Rabbani","doi":"10.1080/19393555.2020.1846823","DOIUrl":"https://doi.org/10.1080/19393555.2020.1846823","url":null,"abstract":"ABSTRACT A biometric passport includes demographic information and biometric details. It contains some applications that are currently and probable concerning national security such as frontier protection, illegal immigration, criminals, terrorists, and fake passport. Over the fifteen years, most of the countries have adopted biometric-passports based on International Civil Aviation Organization (ICAO) and Machine Readable Travel Documents (MRTD) standardization. However, the Radio Frequency Identification (RFID) system contains a threat scenario that exists in privacy violation issues such as identity theft, data leakage threats, host listing, and tracking. To overcome these issues, this paper proposed a face recognition based on facial blemishes detection and encrypted into the High Capacity Color 2-Dimensional (HCC2D) code for biometric passport security. This includes facial blemishes features detection to generate the template and encrypted by applying the Secure Force (SF) algorithm to secure biometric information. Facial blemishes are detected by applying the Active Appearance Model (AAM) using Principle Component Analysis (PCA) and Canny edge detector with Speeded Up Robust Features (SURF) detection algorithm. The proposed technique attained a 93.06% accuracy level for the dataset Indian Institute of Technology Kanpur (IITK). This technique will enhance biometric passport security to protect the biometric information from an intruder.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134598958","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A security-attribute-based access control along with user revocation for shared data in multi-owner cloud system 多所有者云系统中共享数据的基于安全属性的访问控制和用户撤销
Information Security Journal: A Global Perspective Pub Date : 2020-11-05 DOI: 10.1080/19393555.2020.1842568
S. Raj, B. Kumar, G. Venkatesan
{"title":"A security-attribute-based access control along with user revocation for shared data in multi-owner cloud system","authors":"S. Raj, B. Kumar, G. Venkatesan","doi":"10.1080/19393555.2020.1842568","DOIUrl":"https://doi.org/10.1080/19393555.2020.1842568","url":null,"abstract":"ABSTRACT Cloud storage is a cloud implementation that facilitates agencies to set up in-house information storage installations. Cloud storage actually creates security problems. When the information is communicated by groups; both cloud-specific and standard insider threats are visible. A key research problem is the secure sharing among group members, which confronts the internal threats of legitimate and malevolent users. In this paper, in this paper, an effective structured data sharing mechanism for user revocation in the multi-owner cloud system is proposed. The proposed method is based on the following five entities: data owner, cloud storage, central authority, and cryptographic server, and data users. The data owner will submit to cryptographic servers’ data, user list and parameters capable of generating an Access Control List (ACL). A trusted third party is a cryptographic server that provides the symmetric key that triggers the encrypted data. The cryptographic server then divides the key into three sections for each user within the group. Quantitative findings indicate the sustainability of the mechanism proposed in contrast with conventional schemes.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"53 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130765495","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
The Security Enhancement of Symmetric Key Crypto Mechanism based on Double Stage Secret Model 基于双阶段秘密模型的对称密钥加密机制安全性增强
Information Security Journal: A Global Perspective Pub Date : 2020-11-03 DOI: 10.1080/19393555.2020.1842945
Sreeparna Chakrabarti, G. S. Babu
{"title":"The Security Enhancement of Symmetric Key Crypto Mechanism based on Double Stage Secret Model","authors":"Sreeparna Chakrabarti, G. S. Babu","doi":"10.1080/19393555.2020.1842945","DOIUrl":"https://doi.org/10.1080/19393555.2020.1842945","url":null,"abstract":"ABSTRACT All smart services in cloud computing platforms have a data-sharing process to execute the task. Moreover, several crypto techniques were implemented to provide efficient and secure data transmission channel. However, it has been suffered with a number of issues because of several harmful attacks and unauthenticated key retrieval. Thus in the wireless medium, transferring the data amid two users are challengeable task. To overcome this issue, a novel Double-Stage Secret (DSS) cryptosystem is proposed to prevent the attacks in the communication channel, here the encryption and decryption function is processed based on some specific condition. If the DSS condition is satisfied then the client or user is requested to decrypt the message. To validate the secure and success rate of the proposed model, an efficient novel back sniff is developed and launched in the data transmission channel and its secure range is evaluated. In addition, the simulation of this research is done by Java, running on net beans IDE 8.2 in windows 10 platform and the results illustrated that the proposed model has attained high performance by gaining a high secure rate and less processing time of encryption and decryption than the existing algorithms.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122868114","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信