发布求助
文献互助 智能选刊 最新文献

ARIS2 - Advanced Research on Information Systems Security最新文献

筛选
英文 中文
Cyber Threats to Healthcare Technology Services 医疗保健技术服务面临的网络威胁
ARIS2 - Advanced Research on Information Systems Security Pub Date : 2024-04-15 DOI: 10.56394/aris2.v4i1.38
Rodrigo Sousa
{"title":"Cyber Threats to Healthcare Technology Services","authors":"Rodrigo Sousa","doi":"10.56394/aris2.v4i1.38","DOIUrl":"https://doi.org/10.56394/aris2.v4i1.38","url":null,"abstract":"Information Technology has become a key component of many sectors in today's world, and healthcare is a prime example. However the increase in IT, particularly among healthcare businesses which are now identified as a major target area, has increased sensitivity to cyber threats. There is a variety of vital data stored in such facilities, including private and possibly financial information about patients. An analysis of the risks and threats to these institutions is presented in this paper. The study is based on the results of a survey involving several healthcare professionals from various healthcare establishments in Portugal. It aims to draw attention to the current state of healthcare cybersecurity and evaluate its possible risks, as well as how best to mitigate them. This in depth analysis, aiming at contributing significantly to the conversation on the cybersecurity of healthcare and eventually improving patient data security and integrity against increasing cyber threats, would be a major step forward.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"24 s1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140699901","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Exploring the dynamics between artificial intelligence and cybersecurity in Healthcare 探索医疗保健领域人工智能与网络安全之间的动态关系
ARIS2 - Advanced Research on Information Systems Security Pub Date : 2024-04-15 DOI: 10.56394/aris2.v4i1.44
António Tavares, Pedro Sousa, Rita Proença
{"title":"Exploring the dynamics between artificial intelligence and cybersecurity in Healthcare","authors":"António Tavares, Pedro Sousa, Rita Proença","doi":"10.56394/aris2.v4i1.44","DOIUrl":"https://doi.org/10.56394/aris2.v4i1.44","url":null,"abstract":"Technology changed the world over the past decades, reinventing the way we work, communicate, and live. In the healthcare sector, it has contributed to driving innovations in the diagnosis process, treatment, data management, and information access. However, this transformation has been accompanied by an increasing dependence on digital systems and connectivity. Nowadays, concepts such as artificial intelligence and cybersecurity are widely recognized, but organizations just became aware of the benefits and risks involved. In fact, the nature of their relationship it is still under discussion. \u0000The central objective of this study is to explore the dynamics of this relationship in healthcare, taken as a sector undergoing constant technological evolution. We propose a dual approach, encompassing both strategic and operational perspectives, which can support the management of this complex interaction, balancing security and innovation.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"45 44","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140701923","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Database Decomposition to satisfy the Least Privilege Principle in Healthcare 满足医疗保健领域最小特权原则的数据库分解
ARIS2 - Advanced Research on Information Systems Security Pub Date : 2024-04-15 DOI: 10.56394/aris2.v4i1.43
Vincenzo Sammartino, Fabrizio Baiardi
{"title":"Database Decomposition to satisfy the Least Privilege Principle in Healthcare","authors":"Vincenzo Sammartino, Fabrizio Baiardi","doi":"10.56394/aris2.v4i1.43","DOIUrl":"https://doi.org/10.56394/aris2.v4i1.43","url":null,"abstract":"The Multilevel Database Decomposition Framework is a cybersecurity strategy to enhance system robustness and minimize the impact of data breaches with a focus on healthcare systems. With respect to more conventional normalization methods, the framework prioritizes robustness against cyber threats over mere data redundancy reduction. The key strategy of the framework is the decomposition of a database into smaller databases to restrict user access and mitigate the impact of successful intrusions by satisfying the least privilege principle in a more complete way. For this purpose, each database the decomposition produces is uniquely associated with a set of users and the decomposition ensures that each user can access all and only the data his/her operations need. This limits the potential impact of threat agents impersonating users to the information a compromised user can access. \u0000To prevent the propagation of an intrusion across the databases it produces, the framework can apply alternative allocation strategies by distributing the databases to distinct virtual or physical entities according to the security requirement of the original application. This flexibility in allocation management ultimately reinforces defenses against evolving cyber threats and it is the main advantage of the deposition. \u0000As a counterpart of better robustness, some tables will be replicated across the databases the decomposition returns and updates of these tables should be properly replicated to prevent inconsistencies among copies of the same table in distinct databases. The paper includes a performance analysis to evaluate the overheads associated with the alternative allocations. This offers insights into the framework implementation and adaptability to distinct security needs and to evaluate the framework effectiveness for healthcare data systems.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"77 5","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140702744","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Ethical and legal aspects of cybersecurity in health 卫生领域网络安全的道德和法律问题
ARIS2 - Advanced Research on Information Systems Security Pub Date : 2024-04-15 DOI: 10.56394/aris2.v4i1.45
Ana Galvão, C. Vaz, Marco Pinheiro, Clarisse Pais
{"title":"Ethical and legal aspects of cybersecurity in health","authors":"Ana Galvão, C. Vaz, Marco Pinheiro, Clarisse Pais","doi":"10.56394/aris2.v4i1.45","DOIUrl":"https://doi.org/10.56394/aris2.v4i1.45","url":null,"abstract":"Background: With the emergence of eHealth and mHealth, the use of mental health apps has increased significantly as an accessible and convenient approach as an adjunct to promoting well-being and mental health. There are several apps available that can assist with mental health monitoring and management, each with specific features to meet different needs. The intersection of mental health and cyber technology presents a number of critical legal and ethical issues. As mental health monitoring apps and devices become more integrated into clinical practice, cybersecurity takes on paramount importance. Objective: To address the ethical and legal aspects of health cybersecurity related to applications in mental health monitoring and management. Methods: We carried out a thematic synthesis of the best scientific evidence. Results: These tools have the potential to significantly improve access to and quality of care for users with mental health conditions, but they also raise substantial concerns about privacy and informed consent.  Cybersecurity in mental health is not only a matter of technology, but also of human rights. The protection of sensitive mental health information is critical, and legal and ethical measures to safeguard this information must be implemented in a robust and transparent manner. Conclusion: the use of information technologies and mobile devices is now part of the clinical reality and its future perspectives. It is important to mention that while these apps can be helpful for self-care and mental well-being management, they are not a substitute for the advice and support of a qualified mental health professional (psychologist or psychiatrist). As we move into the digital age, it is imperative that mental health monitoring and management apps are developed and used responsibly, ensuring the safety, dignity, and well-being of users.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"278 11","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140704153","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Improving Social Engineering Resilience In Enterprises 提高企业的社会工程复原力
ARIS2 - Advanced Research on Information Systems Security Pub Date : 2023-08-30 DOI: 10.56394/aris2.v3i1.30
Ricardo Ribeiro, N. Mateus-Coelho, Henrique Mamede
{"title":"Improving Social Engineering Resilience In Enterprises","authors":"Ricardo Ribeiro, N. Mateus-Coelho, Henrique Mamede","doi":"10.56394/aris2.v3i1.30","DOIUrl":"https://doi.org/10.56394/aris2.v3i1.30","url":null,"abstract":"Social Engineering (SE) is a significant problem for enterprises. Cybercriminals continue developing new and sophisticated methods to trick individuals into disclosing confidential information or granting unauthorized access to infrastructure systems. These attacks remain a significant threat to enterprise systems despite significant investments in technical architecture and security measures. User awareness training and other behavioral interventions are critical for improving SE resilience. However, their effectiveness still needs to be determined, as personality traits may turn some individuals more susceptible to SE attacks. This paper aims to provide a comprehensive assessment of the state of knowledge in this field, identifying best practices for improving SE resilience in organizations and supporting the development of new research studies to address this issue. Its goal is to help enterprises of any size develop a framework to reduce the risk of successful SE attacks and create a culture of security awareness.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"45 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139348141","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Enterprise Transformation Projects 企业转型项目
ARIS2 - Advanced Research on Information Systems Security Pub Date : 2023-08-30 DOI: 10.56394/aris2.v3i1.31
A. Trad
{"title":"Enterprise Transformation Projects","authors":"A. Trad","doi":"10.56394/aris2.v3i1.31","DOIUrl":"https://doi.org/10.56394/aris2.v3i1.31","url":null,"abstract":"This article presents the ETP-HSC and a corresponding enterprise transformation framework, where the focus is on the application of Enterprise Architecture (EA) to support Security (EA4S) and it is the central topic. The EA4S is a Polymathic-holistic approach, which adopts a clear EA as the main ETP constraint for the implementation of a secured Information and Communications System’s (ICS). EA and all other ICS related architecture disciplines, are inspired from the term Architecture that comes from civil engineering, and in this domain, secured building objects are achieved by implementing robust building and urbanistic architectures, like the famous case of Hausmann’s Architecture and Urbanistic plan for the (re)Architecture of Paris in France, in which its primary objective was to assert Paris’ security. Therefore, the author considers that EAS’ first step is to build an enterprise security concept. But for enterprises that have been archaically built and do not have the needed resources to implement a Haussmannian security concept, therefore an iterative ETP-HSC implementation process can transform the enterprise’s security. ETP-HSC’s feasibility and integrity can be supported by an integrated Applied Holistic Mathematical Model (AHMM) for EAS (AHMM4EAS), and the author’s various research works on the applications of holistic security concepts, ETPs, Artificial Intelligence (AI), Cloud Services (CS), and AHMM. The ETP-SRC is based on a multi-disciplinary proprietary-mixed research method.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"5 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139347981","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Cybersecurity Threats for a Web Development Web开发的网络安全威胁
ARIS2 - Advanced Research on Information Systems Security Pub Date : 2022-12-30 DOI: 10.56394/aris2.v2i2.27
João Cunha
{"title":"Cybersecurity Threats for a Web Development","authors":"João Cunha","doi":"10.56394/aris2.v2i2.27","DOIUrl":"https://doi.org/10.56394/aris2.v2i2.27","url":null,"abstract":"With the increasing digitization of the world, web development has become an essential part of businesses and organizations worldwide. However, with the rapid development of technology, cyber threats and attacks have become a major concern for web developers. This article looks at some of the most common cybersecurity threats that web developers should be aware of, and the importance of taking preventative measures to secure web applications. By understanding these cyber threats and taking proactive steps to protect against them, web developers can ensure the security of their users data and maintain the integrity of their web applications.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"228 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130636352","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Web 3.0 and Cybersecurity – Short Paper Web 3.0与网络安全-短文
ARIS2 - Advanced Research on Information Systems Security Pub Date : 2022-12-30 DOI: 10.56394/aris2.v2i2.21
Sónia Silva
{"title":"Web 3.0 and Cybersecurity – Short Paper","authors":"Sónia Silva","doi":"10.56394/aris2.v2i2.21","DOIUrl":"https://doi.org/10.56394/aris2.v2i2.21","url":null,"abstract":"The Web 3.0 ecosystem is growing exponentially, which also adds to the cybersecurity concerns it imposes. There is a continuous shift in the Internet architecture, from a read/write model to a newer model known as Web 3.0. Global companies are exploring web 3.0 opportunities in their business processes. Along with opportunities, Web 3.0 poses several cybersecurity risks to organizations that need to detect and mitigate efficiently. Data breaches, computer attacks, and social engineering defined the cybersecurity risk landscape of Web 2.0. This work aims to identify solutions to the problem between the evolution of web 3.0 and companies to evolve their infrastructures promptly to ensure the privacy and security of their data.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130803681","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Case study to identify vulnerabilities in applications developed for the Android 案例研究,识别为Android开发的应用程序中的漏洞
ARIS2 - Advanced Research on Information Systems Security Pub Date : 2022-12-30 DOI: 10.56394/aris2.v2i2.22
Tatiani De Andrade
{"title":"Case study to identify vulnerabilities in applications developed for the Android","authors":"Tatiani De Andrade","doi":"10.56394/aris2.v2i2.22","DOIUrl":"https://doi.org/10.56394/aris2.v2i2.22","url":null,"abstract":"The growing use of mobile devices has caused many developers to focus more on design and user experience, but with this neglected security issues, whether due to lack of knowledge in this field or lack of delivery time, thus exposing thousands of users to information leaks among other malicious actions. In this sense, this work aims to expose the main vulnerabilities that impact the security of a mobile application, going through analyzes in mobile applications, with the intention of alerting developers about the flaws that are usually present in the applications due to bad coding practices and to reflect on how to make your apps more secure.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"88 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132131685","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Can machine learning be used to detect malware? 机器学习可以用来检测恶意软件吗?
ARIS2 - Advanced Research on Information Systems Security Pub Date : 2022-12-30 DOI: 10.56394/aris2.v2i2.19
A. Lima
{"title":"Can machine learning be used to detect malware?","authors":"A. Lima","doi":"10.56394/aris2.v2i2.19","DOIUrl":"https://doi.org/10.56394/aris2.v2i2.19","url":null,"abstract":"Nowadays everyone has one or even more than one smartphone or tablet. The existing applications with the most diverse purposes allow us to perform a series of tasks such as using home banking or checking the email, using only our smartphone/tablet. Android OS being one of the most used in this type of equipment becomes an appealing target for viruses, malware and others. At a time when technology is evolving faster and faster, both in terms of hardware and software, Artificial Intelligence has more and more weight in technological evolution, being used in the most diverse purposes. This review aims to demonstrate how Machine Learning can assist in identifying vulnerabilities in Android OS.","PeriodicalId":438607,"journal":{"name":"ARIS2 - Advanced Research on Information Systems Security","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121276680","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信