Availability Of Computer Systems Research Articles

Securing Operating Systems (OS): A Comprehensive Approach to Security with Best Practices and Techniques

Abstract Operating system (OS) security is paramount in ensuring the integrity, confidentiality, and availability of computer systems and data. This research manuscript presents a comprehensive investigation into the multifaceted domain of OS security, aiming to enhance understanding, identify challenges, and propose effective solutions. The research methodology integrates diverse approaches, including an extensive exploration for available knowledge process mechanics, empirical data collection, case studies investigations, experimental analysis, comparative studies, qualitative analysis, synthesis, and interpretation. Through various experimental perspectives, theoretical foundations, historical developments, and current trends in OS security are also explored. Empirical data collection involves gathering insights from publicly available reports, security advisories, case studies, and expert interviews to capture real-world perspectives and experiences. Case studies illustrate practical implications of security strategies, while experimental analysis evaluates the efficacy of security measures in controlled environments. Comparative studies and qualitative analysis provide insights into strengths, limitations, and emerging trends in OS security. The synthesis and interpretation of the findings offer actionable insights for improving OS security practices, policy recommendations, and providing towards future research directions. This research contributes to advancing knowledge in OS security and informs the development of effective strategies to safeguard computer systems against evolving threats and vulnerabilities.

CYBER SECURITY AND PERSONAL RIGHTS UNDER THE LEGISLATION OF UKRAINE

The aim of the article is to study the issue of achieving a balance between information protection in the cybersecurity system and freedom of expression in accordance with the position of the UN and the case law of the European Court of Human Rights. Research methods include the analysis of legislation on cybersecurity, generalization of legal information and cybersecurity practices. As a result, it was found out that in Ukraine the basic legal act on cyber security is the Law “On the basic principles of cyber security of Ukraine”. The preamble of this Law defines the legal and organizational basis for protection of vital interests of citizens, society and state, national interests of Ukraine in cyberspace, main goals, directions and principles of state policy in cybersecurity, authorities of state bodies, enterprises, institutions, organizations, individuals and citizens in this field, the basic principles of coordination of their activities to ensure cybersecurity. Ukraine has ratified the Council of Europe Convention on Cybercrime of 23 November 2001. The Convention states that the fight against cybercrime is dictated, in particular, by the need to protect legitimate interests in the use and development of information technology. In particular, the Convention identifies the following types of cybercrime: offenses against the confidentiality, integrity and availability of computer data and systems; computer-related offenses; offenses related to child pornography; offenses related to copyright and related rights infringement. Finally, legal regulation of cybersecurity in Ukraine is based on the requirements of striking a balance between information protection and freedom of expression, the position of the UN and the case law of the European Court of Human Rights.

International legal regulation of transnational cybercrime in cyberspace

The article considers the international legal regulation of combating cybercrime, which is considered as a transnational phenomenon. In the group of transnational crimes, along with drug trafficking, terrorist acts, money laundering, illegal import of migrants, human trafficking, firearms trafficking, counterfeiting, etc., cybercrimes play an important role in terms of public harm, unprecedented and rapid growth. The mechanisms and directions of the fight against cybercrime developed by international criminal law are studied, among which the international legal regulation is of fundamental importance, and difficulties in defining the concepts of "cybercrime" and "computer crimes" are noted. The classification of types of cybercrimes is given and their most characteristic features are revealed.
 The author analyzes the international normative documents that form the legal basis for regulating relations in the field of international cybercrime, among which the most prominent are conventions, including the UN Convention against Transnational Organized Crime of November 15, 2000, the Council of Europe Convention on Cybercrime of November 23, 2001 and Additional Protocol to it of January 28, 2003. The obligations of states to criminalize cybercrime in national legislation are analyzed, the types of illegal actions related to cybercrime are considered, in particular the main four groups of crimes classified in the 2001 Cybercrime Convention by Gender object and on specific grounds of the object of encroachment: 1) crimes against confidentiality, integrity and availability of computer data and systems; 2) offenses related to the use of computer tools; 3) offenses related to the content of data; 4) offenses related to infringement of copyright and compatible rights, as well as additional types of liability and sanctions (attempt, complicity). The Protocol to the 2003 Cybercrime Convention expands this range of crimes and contains obligations to criminalize the following acts: distribution of racist and xenophobic material through computer systems. The limitation of the 2001 Convention on Cybercrime, adopted by the Council of Europe, and the need to adopt a universal instrument that would significantly increase the fight against cybercrime are noted.

Implementation of an Electronic Medication Management System in a large tertiary hospital: a case of qualitative inquiry

BackgroundHospitals across Australia are implementing Clinical Information Systems, e.g. Electronic Medication Management Systems (EMMS) at a rapid pace to moderate health services. The benefits of the EMMS depend on the acceptance of the system by the clinicians. The study hospital used a unique patient-centric implementation strategy that was based on the guiding principle of “one patient, one chart” to avoid a patient being on a hybrid medication chart. This paper aims to study the factors facilitating or hindering the adoption of the EMMS as viewed by clinicians and the implementation team.MethodsFour focus groups (FG), one each for (1) doctors, (2) nurses, (3) pharmacists, and (4) implementation team, were conducted. A guide for the FG was based on the Unified Theory of Acceptance and Use of Technology (UTAUT).ResultsA total of 23 unique subthemes were identified and were grouped into five main themes (1) implementation strategy, (2) organisational outcome of EMMS, (3) individual impact of EMMS, (4) IT product, and (5) organisational culture. Clinicians reported improvement in their workflow efficiency post-EMMS implementation. They also reported some challenges in using the EMMS that centered around the area of infrastructure, technical and design issues. Additionally, the implementation team highlighted two crucial factors influencing the success of EMMS implementation, namely: (1) the patient-centric implementation strategy, and (2) the organisation readiness.ConclusionOverall, this study outlines the implementation process of the EMMS in a large healthcare facility from the clinicians’ and the implementation team’s perspectives using UTAUT model. The result suggests that clinicians’ acceptance of the EMMS was highly influenced by the unique implementation strategy (namely, patient-centric approach and clinical leadership in the implementation team). Whereas the level of adoption of EMMS by clinicians was determined by their level of perceived and realised benefits. On the other hand, a number of barriers to the adoption of EMMS were discovered, namely, general training instead of customised training based on local needs, technical and design issues and lack of availability of computer systems. It is suggested that promptly resolving these issues can improve the adoption of the EMMS.

Moving Beyond Criminal Law Responses to Cybersecurity Governance in Africa

Measures to address the security challenges of the information society have given rise to the concept of cybersecurity governance. One major aspect of cybersecurity governance is the establishment of legal measures to criminalize and deter malicious acts that affect the integrity, confidentiality, availability and security of digital data and computer systems. Accordingly, several States and intergovernmental organizations across the world have established legal frameworks to promote cybersecurity governance. This is also the case in Africa. The African Union has adopted a Convention on Cyber Security and Personal Data Protection, while other African regional intergovernmental organizations such as the Economic Community of West African States, the Common Market for Eastern and Southern Africa and the Southern African Development Community have established legal and policy frameworks for cybersecurity governance. In addition, many African States have developed legal and policy frameworks to promote cybersecurity, while some others in the process of developing such frameworks. However, most of Africa’s responses to cybersecurity governance have been focused on the establishment of criminal law measures. Yet while the establishment of criminal law measures is regarded as a critical component of cybersecurity governance, the isolated existence of such measures may not produce desirable outcomes in terms of minimizing cybersecurity vulnerabilities in Africa’s information society. This paper seeks to make a case for the development of other critical components of cybersecurity governance, including technical and organizational measures and user education. It suggests that ‘stand-alone’ criminal law measures will not be able to reduce the rising trends of cyber-criminality in Africa, and that the timely development of other critical components of cybersecurity governance is imperative especially due to the peculiar challenge of weak law enforcement capacities and justice delivery systems in many African States.

Moving Beyond Criminal Law Responses to Cybersecurity Governance in Africa

Measures to address the security challenges of the information society have given rise to the concept of cybersecurity governance. One major aspect of cybersecurity governance is the establishment of legal measures to criminalize and deter malicious acts that affect the integrity, confidentiality, availability and security of digital data and computer systems. Accordingly, several States and intergovernmental organizations across the world have established legal frameworks to promote cybersecurity governance. This is also the case in Africa. The African Union has adopted a Convention on Cyber Security and Personal Data Protection, while other African regional intergovernmental organizations such as the Economic Community of West African States, the Common Market for Eastern and Southern Africa and the Southern African Development Community have established legal and policy frameworks for cybersecurity governance. In addition, many African States have developed legal and policy frameworks to promote cybersecurity, while some others in the process of developing such frameworks. However, most of Africa’s responses to cybersecurity governance have been focused on the establishment of criminal law measures. Yet while the establishment of criminal law measures is regarded as a critical component of cybersecurity governance, the isolated existence of such measures may not produce desirable outcomes in terms of minimizing cybersecurity vulnerabilities in Africa’s information society. This paper seeks to make a case for the development of other critical components of cybersecurity governance, including technical and organizational measures and user education. It suggests that ‘stand-alone’ criminal law measures will not be able to reduce the rising trends of cyber-criminality in Africa, and that the timely development of other critical components of cybersecurity governance is imperative especially due to the peculiar challenge of weak law enforcement capacities and justice delivery systems in many African States.

A Programmed Algorithm for Resource Scheduling in Construction.(Dept.C)

If the critical path determined completion time of the construction project is constrained by the lack of resources, which are needed to carry out some of the activities, then the analysis required for scheduling the activities is much more involved. There are two major categories of procedures for solving this problem. The first involves the use of some heuristic rules in determining priorities among activities competing for available resources. The second involves some form of mathematical programming to produce the optimal schedule. Heuristic scheduling rules. computer programmed to give good feasible schedules have been the basis for all practical systems to date. In the same time, the optimal solution of the problem has not been paid enough attention in the construction management literature. The increasing availability of more powerful computer systems should see more emphasis on the development of procedures to give the optimal solution for large complex projects which occur in construction practice. In this paper a Computer program is developed for implementing an implicit enumeration algorithm to give the optimal solution of the problem for construction projects. The algorithm has been chosen to satisfy large projects and its efficiency has been established by specifying a lower bound on the length of the schedule and by sorting project activities and resources in a way such that the computation time is greatly reduced. Experience in applying the algorithm to an actual project is reported.

The Effective Role of Hospital Information System in Medicine and Healthcare

In the present day world of development it has become inevitable to supplement the growing population with adequate and proper health facilities and services. Though the hospitals are growing in size quality of service always remains a question mark for them due to the ever incrementing need for medical facilities. Integrating any service with technology always remains as the answer to these varying problems by these public utility services. Hospital information systems are one such variant of integrated technology that aids the hospitals in their everyday issues confronted with them. The multiple varieties of health-care facilities has demanded the creation of Health information technologies (HIT) to give solution for the troubles before they have identified; the increasing expenses and demand for the health- care facilities expecting a lot from the society. Via leveraging HIT with an integration of health center functions and approaches, health Hospital information services (HIS) are frequently followed among most fitness-care centers to fulfill administrative requisites. To fulfill the strategic aim of HIT, it targeted to improve the personal care facilities and cost reduction as a primary factor. The main aim of this paper is understand the basic concept of HIS and its implication on the hospital management. The study attempts to meet its objectives by preparing a questionnaire with regard to the hospital management and receive their opinion on the same for further analysis. Hospital information system (HIS) has the capacity in lowering healthcare expenditure and in enhancing fitness outcomes. The purpose of this paper is to explore the role of HIS in healthcare in and its different regulatory and organizational settings. This paper targeted to examine the impact of clinic statistics structures in improving health care in hospital. Primary data figures became accumulated through distributing questionnaire to patients, doctors and the staff treating them. At the end of the study it was felt that the integration of technology with any public utility service would benefit the public at large and also give prompt output when needed. Since the technology is a comparatively new one it needs a bit of awareness among the general public to access it also knowledge is required on part of the doctors also to use it in a better and easy manner. One of the most significant elements in health center is to access the computer systems which emphasis the availability of computer and computer systems to facilitate direct and instantaneous information access at the point of care. The process of HIS has increased the time spent in hospital which results in the development of overall performance and responsiveness phases.

Intrusion detection system based on GA‐fuzzy classifier for detecting malicious attacks

SummaryUsage of computer resources, being a very important part in day to day life, it is to be noticed that the security threats have also increased. Hence, Intrusion Detection System (IDS) is used for detection and prevention of computer resources from security threats generated by malicious attackers. Existing techniques like encryption mechanism, authentication mechanism, and access control do not support for analyzing large volume of data and it is efficient only in the case of limited number of attacks. Attackers attack the computer resources based on the weakness of the security level in the Information system and they can violate the rules and regulation of computer system (Confidentiality, Integrity, and Availability) easily. Handling threats on computer resources still remains a challenging issue. Distributed Denial of Service attacks (DDoS) is an important attack that sends more than one number of requests to the destination server from multiple compromised systems that makes the Information system unable to process the request thereby resulting in non‐response to the attacker as well as normal end user, which results in large number of false alarms and less detection accuracy rates. We propose a new model called hybrid‐based intrusion detection system (GA‐Fuzzy) for handling large volume NSL‐KDD Dataset for detecting attacks effectively and for reducing misclassification alarm rate. Here, Genetic algorithm (GA) is used for creating new pattern (new features, records) for training the Fuzzy classifier effectively. We use Principle Component Analysis (PCA) as a feature selection method that eliminates irrelevant and redundant data from the NSL‐KDD dataset that improves the efficiency and to attain 99.96% detection accuracy and 0.04% false alarm rate.

Legally Cognizable Manipulation

Swaths of personal and nonpersonal information collected online about Internet users are increasingly being used in sophisticated ways for online political manipulation. This represents a new trend in the exploitation of data, where instead of pursuing direct financial gain based on the face value of the data, actors engage in data analytics using advanced artificial intelligence technologies that allow them to more easily access individuals’ cognition and future behavior. Although in recent years the concept of online manipulation has received some academic and policy attention, the desirable relationship between cybersecurity law and online manipulation is not yet fully explored. In other words, regulators and courts have yet to realize the importance of linking cybersecurity law to individual autonomy, privacy, and democracy. This Article provides an account of the desirable relationship between cybersecurity law and other values, such as autonomy, privacy, and democracy, by looking at the phenomenon of online manipulation achieved through psychographic profiling. It argues that the volume, efficacy, and sophistication of present online manipulation techniques pose a considerable and immediate danger to autonomy, privacy, and democracy. Internet actors, political entities, and foreign adversaries carefully study the personality traits and vulnerabilities of Internet users and, increasingly, target each such user with an individually tailored stream of information or misinformation with the intent of exploiting the weaknesses of these individuals. This Article makes a broader argument about cybersecurity law and its narrow focus on identity theft and financial fraud. Primarily, this Article looks at data-breach notification law, a subset of cybersecurity law, as reflective of that limited scope. It argues that data-breach notification law could provide a much-needed backdrop for the challenges presented by online manipulation, while alleviating the sense of lawlessness engulfing current misuses of personal and nonpersonal data. At the heart of this Article is an inquiry into the expansion of dated notions of cybersecurity law. Presently, cybersecurity law’s narrow approach seeks to remedy materialized harms such as identity theft or fraud. This approach contravenes the purpose of cybersecurity law—to create legal norms protecting the confidentiality, integrity, and availability of computer systems and networks. If cybersecurity law seeks to protect individuals from the externalities of certain cyber risks, it needs to recognize emerging threats targeting computer systems and networks, and subsequently, individual autonomy, privacy, and democracy.

Attacks on the confidentiality, integrity and availability of data and computer systems in the criminal case law of the Czech Republic

Uncovering attacks on data and computer systems and those responsible for them is one of the contemporary problems that the authorities involved in criminal proceedings have to deal with. Where this sort of cybercrime is concerned we can expect not only high levels of latency but also a low clear-up rate for crimes on file. This paper demonstrates this using the example of the Czech Republic, by providing an analysis of all cases of this type of cybercrime dealt with by courts between 2008 and 2016. It focuses in particular on proceedings concerned with illegal access and data and system interference. The cybercrimes that are brought to court in the Czech Republic is not representative of the cybercrime committed in the Czech Republic either in terms of its type or its extent. The cases dealt with by the courts are primarily connected with personal relationships and the Internet. The most frequent type of case thus concerns the misuse of passwords for accessing social networking sites or e-mail inboxes. We were also surprised to find that the courts had begun to apply facts relevant to cybercrime cases in cases involving the manual manipulation of gambling machines. The Czech Republic has evidently not yet found a way of demonstrating criminals’ guilt in more complex cybercrime cases.

ПРАВОВІ МЕХАНІЗМИ УПРАВЛІННЯ КРИТИЧНОЮ ІНФОРМАЦІЙНОЮ ІНФРАСТРУКТУРОЮ УКРАЇНИ

ПРАВОВІ МЕХАНІЗМИ УПРАВЛІННЯ КРИТИЧНОЮ ІНФОРМАЦІЙНОЮ ІНФРАСТРУКТУРОЮ УКРАЇНИ

Divide and Conquer (DC) BLAST: fast and easy BLAST execution within HPC environments

Bioinformatics is currently faced with very large-scale data sets that lead to computational jobs, especially sequence similarity searches, that can take absurdly long times to run. For example, the National Center for Biotechnology Information (NCBI) Basic Local Alignment Search Tool (BLAST and BLAST+) suite, which is by far the most widely used tool for rapid similarity searching among nucleic acid or amino acid sequences, is highly central processing unit (CPU) intensive. While the BLAST suite of programs perform searches very rapidly, they have the potential to be accelerated. In recent years, distributed computing environments have become more widely accessible and used due to the increasing availability of high-performance computing (HPC) systems. Therefore, simple solutions for data parallelization are needed to expedite BLAST and other sequence analysis tools. However, existing software for parallel sequence similarity searches often requires extensive computational experience and skill on the part of the user. In order to accelerate BLAST and other sequence analysis tools, Divide and Conquer BLAST (DCBLAST) was developed to perform NCBI BLAST searches within a cluster, grid, or HPC environment by using a query sequence distribution approach. Scaling from one (1) to 256 CPU cores resulted in significant improvements in processing speed. Thus, DCBLAST dramatically accelerates the execution of BLAST searches using a simple, accessible, robust, and parallel approach. DCBLAST works across multiple nodes automatically and it overcomes the speed limitation of single-node BLAST programs. DCBLAST can be used on any HPC system, can take advantage of hundreds of nodes, and has no output limitations. This freely available tool simplifies distributed computation pipelines to facilitate the rapid discovery of sequence similarities between very large data sets.

Challenges of Internet Access and Usage Among Undergraduate Students of Ibrahim Badamasi Babangida University, Nigeria

The internet has evolved into an indispensable tool in virtually all aspects of human activities. The educational system has experienced rapid transformation since the development of internet. Research, documentation, and teaching have been simplified as a result of ICT revolution. In order to keep pace with global developments, most Nigerian universities have integrated the use of ICT in the conduct of academic activities. However, most of these internet facilities are not producing the desired result to help the students in their academic work. Hence, this study explores to find out the challenges undergraduates students of Ibrahim Badamasi Babangida University Lapai, faced in accessing internet services. The study is anchored on the uses and gratification theory which argues that media audience derived pleasure in using a particular media to satisfy their immediate need. The research adopted survey method as its research design and the questionnaire to elicit information from the respondents. The study was guided by four research questions. Findings indicated that even though respondents have relative access to the internet, they are often constrain by frequent power outages, network failure, lack of availability of computer systems and lack of ICT knowledge. The study among other things recommends that the university management should upgrade the internet facilities within the school premises.

Simulation of unprotected LOFA in MTR reactors using a mix CFD and one-d computation tool

CFD is expected to feature more frequently in reactor thermal hydraulics. The reason for the increased use of multidimensional CFD methods is not only the increased availability of capable computer systems but also the ongoing drive to improve and reduce uncertainty in our predictions of important phenomena. In this work, a CFD model coupled with the reactor point kinetics equations is developed using the CFD code, Fluent to simulate loss of flow accident (LOFA) without SCRAM in a typical material testing reactor (MTR). The CFD model is used to simulate the core behavior during transient up to the onset of nucleate boiling (ONB) point. PARET code is used not only to validate the CFD model but also to complete simulation during the sub-cooled boiling regime. The focus is on establishing a new CFD approach in the reactor safety analysis and determining the two-phase flow stability boundaries as function of initial reactor conditions. Both ONB and onset of flow instability (OFI) is predicted. Besides a useful chart is provided, which describes the stability region in terms of initial reactor power, core inlet temperature, and power peaking factor.

Distributed System and Multimaster Replication Model on Reliability Optimation Database

Over the last two decades, significant advances have been made in the development of techniques for evaluating the performance, availability, and reliability of computer and communication systems in integration [11]. The reliability of the network is an important parameter in network [4]. Reliability is the performance, availability and security is a factors most important in a network . A distributed system is a system architecture in which computers can communicate and share resources [8]. This research applies a distributed system with load balancing and multimaster replication techniques in database. The results of this study found that the design of a system built to keep the data for connections between servers is in good condition and occurs down on one of the database server. DOI: http://dx.doi.org/10.11591/telkomnika.v13i3.7114

Distributed web service repository

The increasing availability and popularity of computer systems has resulted in a demand for new language- and platform-independent ways of data exchange. This demand has, in turn, led to significant growth in the importance of systems based on Web services. Alongside the growing number of systems accessible via Web services came the need for specialized data repositories that could oer eective means of searching the available services. The development of mobile systems and wireless data transmission technologies has allowed us to use dis- tributed devices and computer systems on a greater scale. The accelerating growth of distributed systems might be a good reason to consider the develop- ment of distributed Web service repositories with built-in mechanisms for data migration and synchronization.

Search of computers for discovery of electronic evidence

In order to address the specific nature of criminal activities committed using computer networks and systems, the efforts of states to adapt or complement the existing criminal law with purposeful provisions is understandable. To create an appropriate legal framework for supressing cybercrime, except the rules of substantive criminal law predict certain behavior as criminal offenses against the confidentiality, integrity and availability of computer data, computer systems and networks, it is essential that the provisions of the criminal procedure law contain adequate powers of competent authorities for detecting sources of illegal activities, or the collection of data on the committed criminal offense and offender, which can be used as evidence in criminal proceedings, taking into account the specificities of cyber crime and the environment within which the illegal activity is undertaken. Accordingly, the provisions of the criminal procedural law should be designed to be able to overcome certain challenges in discovering and proving high technology crime, and the provisions governing search of computer for discovery of electronic evidence is of special importance.

AVAILABILITY VERSUS PERFORMANCE

We discuss analytic procedures for evaluating the availability of parallel computer systems comprised of P processors with N tasks subject to failures and repairs. In addition, we argue, via analytic and numeric examples, that not incorporating the task-stream into the model is an inadequate approach for evaluating system performance.

SafeStack: Automatically Patching Stack-Based Buffer Overflow Vulnerabilities

Buffer overflow attacks still pose a significant threat to the security and availability of today's computer systems. Although there are a number of solutions proposed to provide adequate protection against buffer overflow attacks, most of existing solutions terminate the vulnerable program when the buffer overflow occurs, effectively rendering the program unavailable. The impact on availability is a serious problem on service-oriented platforms. This paper presents SafeStack, a system that can automatically diagnose and patch stack-based buffer overflow vulnerabilities. The key technique of our solution is to virtualize memory accesses and move the vulnerable buffer into protected memory regions, which provides a fundamental and effective protection against recurrence of the same attack without stopping normal system execution. We developed a prototype on a Linux system, and conducted extensive experiments to evaluate the effectiveness and performance of the system using a range of applications. Our experimental results showed that SafeStack can quickly generate runtime patches to successfully handle the attack's recurrence. Furthermore, SafeStack only incurs acceptable overhead for the patched applications.