Information & Security: An International Journal最新文献

{"title":"IMPLEMENTATION OF THE \"KINEROS\" MODEL FOR ESTIMATION OF THE FLOOD PRONE TERRITORIES IN THE MALKI ISKAR RIVER BASIN","authors":"Mariyana Nikolova, S. Nedkov, V. Nikolov, I. Zuzdrov, M. Genev, T. Kotsev, R. Vatseva, J. Krumova","doi":"10.11610/ISIJ.2408","DOIUrl":"https://doi.org/10.11610/ISIJ.2408","url":null,"abstract":"This article presents main results from the implementation of the KINEROS model to the Malki Iskar river basin above the town of Etropole. KINEROS is a mathematical model based on fundamental physical laws aimed at simulating the spatial distribution of water balance elements for a given meteoro- logical event. A detailed study of the set of physical geographical flood risk factors (relief, climate, waters, soils, LC/LU) has been performed. The analysis has been carried out on the basis of specific methods for estimation of the role of each factor. The results show the importance and practicality of implementation of the GIS, RS and flood risk modeling in generally unpredictable dangerous situations, which are typical for small mountain catchments. The application of the KINEROS model for simulation of events depending on the changes in the landscape conditions may in- crease significantly the effect of flood risk management in mountainous munici- palities.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131133630","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"'FOCUS': Foresight Security Scenarios to Plan for Research to Support the 'EU 2035' as a Comprehensive Security Provider","authors":"Alexander Siedschlag","doi":"10.11610/ISIJ.2901","DOIUrl":"https://doi.org/10.11610/ISIJ.2901","url":null,"abstract":"This special issue of Information & Security presents selected results from the EU security research project FOCUS (“Foresight Security Scenarios – Mapping Research to a Comprehensive Approach to Exogenous EU Roles”). This project aims to define the most plausible threat scenarios that affect the “borderline” between the EU’s external and internal dimensions to security – and to derive guidance for the Union’s future possible security roles and decisions to plan research in support of those roles. Scenario foresight in the FOCUS project was done on the level of critical and creative – yet methodologically guided – forward thinking at strategic level in order to increase the EU’s ability to cope with relevant alternative futures from the near future until 2035. A first group of articles discusses methods and techniques in scenario-based foresight as integrated and applied within FOCUS. A second group of articles presents selected empirical results from FOCUS scenario foresight on threats, risk management needs, and future EU roles as a comprehensive security provider. A third group of articles introduces research planning implications from selected FOCUS security scenarios. A final set of articles addresses the way ahead: How FOCUS methods and results could be useful beyond the immediate mission and scope of the project to guide policy development and industry strategies.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"22 9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131191882","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Hybrid Warfare Similation-based Learning: Challenges and Opportunities","authors":"B. Vassileva, M. Zwilling","doi":"10.11610/ISIJ.3919","DOIUrl":"https://doi.org/10.11610/ISIJ.3919","url":null,"abstract":"","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128866006","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Cost-Effective Approach to Securing Systems through Partial Decentralization","authors":"N. Savchenko, V. Tsyganok, O. Andriichuk","doi":"10.11610/isij.4707","DOIUrl":"https://doi.org/10.11610/isij.4707","url":null,"abstract":"A study has been conducted on the methods of secure computation and storage decentralization, based on expert and decision support systems’ needs. It identified the common disadvantages of modern, Distributed Ledger Technologybased (DLT-based) decentralized systems and suggested a solution to it – the universal transaction delegation method. This method eliminates the complexity of a decentralized system from end-users’ point of view, which during the study was identified as the main disadvantage of DLT-based systems. This article provides a brief overview of existing approaches to solve the usage complexity problem, based on data from well-known projects built with Ethereum, the leading DLT-based smart contract platform. As a result of the research, we implemented the universal transaction delegation method which does not depend on the signature standard used in the decentralized program. In addition, we present results of an experimental economic analysis of the solution based on real network tests and data as of 2020. A R T I C L E I N F O : RECEIVED: 08 JUNE 2020 REVISED: 06 SEP 2020 ONLINE: 21 SEP 2020 K E Y W O R D S : distributed ledger technology, decentralized data platforms, delegated transactions, Ethereum, data platforms Creative Commons BY-NC 4.0 N. Savchenko, V. Tsyganok & O. Andriichuk, ISIJ 47, no. 1 (2020): 109-121","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134470285","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Principles of Mitigating and Managing Human System Risks","authors":"D. Procházková","doi":"10.11610/ISIJ.2802","DOIUrl":"https://doi.org/10.11610/ISIJ.2802","url":null,"abstract":"The security situation in a territory continuously evolves and, therefore, a new safety culture is formed that takes into account the actual knowledge and experience with interdependencies among public assets, including experience with extreme social crises. In dealing with disasters, historical development of human activities has included numerous preventive and mitigation measures applied according to legal rules, technical standards, norms and public instructions, response systems and ways of recovery. As a rule, these ensure protection against basic disasters and not to ‘calamities’ or random combinations of phenomena that may cause catastrophes. Problem solving the complex territory safety requires proactive, strategic risk management based on qualified data, methods, knowledge and good practices in their application. This paper summarizes the set of principles that ensures qualified decision-making for risk management, or ‘whole-of-life risk governance,’ directed at provision of human security and sustainable development. It addresses the key domains related to effective risk management.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127248316","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Building Societal Resilience against Hybrid Threats","authors":"Orlin Nikolov","doi":"10.11610/isij.3908","DOIUrl":"https://doi.org/10.11610/isij.3908","url":null,"abstract":"This article addresses the efforts of NATO to improve societal resilience in the fight against hybrid threats. It examines hybrid threats as a military strategy that blends conventional warfare, irregular warfare and cyber warfare. From another point of view, the article sees over establishing a safe and secure environment for protection of civilians, as well as how to improve resilience through civil preparedness and tailored NATO support to national authorities. NATO requires a concept to be developed that operationalizes the NATO Policy with emphasis on its implementation through the planning and conduct of operations, training, education and exercises, lessons learned, as well as defence related capacity building activities. The article tackles the question of using the Centres of Excellence as an education and training network in building resilience in society against threats, including hybrid threats and protection of civilians.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115417449","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Developing South East European Cooperative Crisis Management Capacity","authors":"T. Tagarev","doi":"10.11610/ISIJ.1006","DOIUrl":"https://doi.org/10.11610/ISIJ.1006","url":null,"abstract":"Now, with the launch of the Multinational Peace Force South-East Europe (SEE), the Stability Pact and the encouraging developments in the Federal Republic of Yugoslavia, for the first time in history all SEE countries demonstrated their willingness to cooperate in conflict prevention and crisis management and to take responsibility for security and stability in their own home. However, given cultural diversity, resource constraints, and lack of market experience in some of the countries, the challenge is in their ability to do so.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115455918","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A BTC-Based Watermarking Scheme for Digital Images","authors":"Shu-Fen Tu, Ching-Sheng Hsu","doi":"10.11610/ISIJ.1515","DOIUrl":"https://doi.org/10.11610/ISIJ.1515","url":null,"abstract":"This article presents a novel watermarking scheme for digital images based on Block Truncation Coding (BTC). Unlike other watermarking schemes, the proposed method does not alter the original image during the process of watermark casting. Instead, an ownership share is constructed as a key to reveal the watermark without resorting to the original image. Moreover, it is possible to register multiple watermarks for a single host image in the proposed scheme. During watermark casting, the feature of the host image, which is extracted by means of BTC, is com- bined with the watermark to generate an ownership share. When revealing the wa- termark, the author can address his/her ownership share to extract the watermark. Even though the host image has been attacked, the extracted watermark is still per- ceivable. Altogether, the method has many other applications besides copyright protection. For example, it can be used to cover the transmission of confidential images. The experimental results of this study show the robustness of the novel scheme against several common attacks.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"232 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115592081","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Adopting Machine Learning for Images Transferred with LoRaWAN","authors":"Maksym Brazhenenko, V. Shevchenko, O. Bychkov, Boyan Jekov, P. Petrova, E. Kovatcheva","doi":"10.11610/isij.4712","DOIUrl":"https://doi.org/10.11610/isij.4712","url":null,"abstract":"A R T I C L E I N F O : RECEIVED: 08 JUNE 2020 REVISED: 09 SEP 2020 ONLINE: 22 SEP 2020 K E Y W O R D S : IoT, LoRa, Raspberry PI, security, cloud, machine learning Creative Commons BY-NC 4.0 Adopting Machine Learning for Images Transferred with LoRaWAN 173 Introduction Internet of Things (IoT) denotes the concept of connected smart devices that communicate seamlessly over the Internet. As the market keeps growing, we can classify IoT solution into several major categories. The most common way to denote them is – mission-critical application and massive IoT, based on the technical and commercial requirements they prioritize. Mission-critical solutions are those which require very low latency levels on ultra-reliable networks, often combined with very high throughput. Massive IoT applications, on the other hand, refers to applications which are less latency-sensitive and have lower throughput requirements but require many low-cost, low-energy consumption devices on a network with excellent coverage. The growing popularity of IoT has driven up the demand for massive IoT technologies and the number of smart devices worldwide continues to increase at a dramatic pace. The key requirements for massive IoT are long battery life, good coverage, low cost, and performance flexibility. The technology category that addressing those requirements is low power wide area network (LPWAN) technologies. Nevertheless, modern LPWAN networks being actively analysed 3 within past years still do not have appropriate information security solutions. Probably the first complete analysis of threats and vulnerabilities was published recently. They figured out that LoRa devices have coexisting problems with other LoRa networks and devices. Devices using lower spreading factors can corrupt signals from devices using higher spreading factor in the same network. Furthermore, most LoRaWAN security measures such as the key management and frame counters need to be implemented and taken care of by developers or manufacturers. Therefore, poor implementation also may put end-devices and gateways in danger. A series of articles on key management for LoRa based networks 5,6 was published later advocating for key-management solutions. There was also proposed a way to secure communication for healthcare monitoring system. Another great post describe interference vulnerability. Information security threats should be analysed for many aspects of IoT solutions flow including but not limiting data collection by sensors, data transmission, data transformation, and analysis. All of the described aspects should be considered as sensitive. Threats rate for the given type of system can be classified with the following order for CIA triad (given order of importance from 1 to N) – 1. Integrity, 2. Availability, 3. Confidentiality. This order is driven by the fact, that majority of issues related to confidentiality has human nature, where’s integrity and availability are more technology concerns. In ","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115765456","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Volunteers in Disaster Relief in Zones of Armed Conflict: The Case of Syrian Refugee Camps in Jordan","authors":"Naill M. Momani, M. Alzaghal","doi":"10.11610/ISIJ.4013","DOIUrl":"https://doi.org/10.11610/ISIJ.4013","url":null,"abstract":"Volunteerism plays an essential role in the development of any society. Society’s level of culture and awareness can be rated by measuring the amount and thrust of volunteerism movements. Volunteerism has proven to be essential in emergency management. Individual volunteers and volunteer groups provide a variety of skills and resources that can be used in emergencies. In Jordan, the concept of volunteerism already plays a considerable role in both the economy and in social development. This paper reviews the implementation of current and future trends for volunteerism systems in Syrian refugee camps’ management in Jordan and provides a social analysis of why, or why not, people volunteer in different aspects of society. It suggests a volunteer system for disaster management aiming to enhance mitigation and response capabilities for future disasters.","PeriodicalId":159156,"journal":{"name":"Information & Security: An International Journal","volume":"19 4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115790719","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}