Component Of Information Security Research Articles

INTRUSION DETECTION SYSTEMS: A REVIEW

Given the exponential growth of Internet and increased availability of bandwidth, Intrusion Detection has become the critical component of Information Security and the importance of secure networks has tremendously increased. Though the concept of Intrusion Detection was introduced by James Anderson J. P. in the year 1980, it has gained lots of importance in the recent years because of the recent attacks on the IT infrastructure. The main objective of this study is to examine the existing literature on various approaches for Intrusion Detection in particular Anomaly Detection, to examine their conceptual foundations, to taxonomize the Intrusion Detection System (IDS) and to develop a morphological framework for IDS for easy understanding. In this study a detailed survey of IDS from the initial days, the development of IDS, architectures, components are presented.

Вплив гасел на поведінку людини як засіб маніпулювання свідомістю

This article studies the new methods of impact on human consciousness and those that occurred in the history of Ukraine in the period from 1917 to 1920. Those methods were applied to manipulate the behavior of individuals in order to achieve the manipulators’ objectives. The issue is becoming more and more relevant in terms of developed information societies and is an essential component of information security. The mentioned analysis allows to study the situation in this field in depth, to learn about the consequences of certain social phenomena that allows to develop the measures to prevent mass manipulation. The relevance of the research is that communication is an important tool for achieving a certain goal in the information sphere, primarily because of their strong influence on public consciousness and, consequently, the effective and expansive formation of certain models of behavior of a huge number of individuals. Human consciousness becomes the object of manipulating by both internal political forces of different directions and external information influences, which is quite relevant during the period of information wars. The objective of the study is to reveal the influence of slogans on the behavior of wider population at the beginning of the last century (during 1917-1920 of the twentieth century), when seemingly incredible and phantasmagoric Bolshevik slogans drastically influenced the fate of millions of Ukrainians and determined the future of Ukraine for many years to come. That is when the expansive formation and dissemination of ideas without proper reflection led to irreversible and tragic historical consequences.In the proposed work, the effect of slogans on the behavior of people is examined through the prism of influence of printed periodicals, the most widespread in the early twentieth century, and the most effective in terms of providing information to the widest range of readers of the media.

Evaluation of Recognition-Based Graphical Password Schemes in Terms of Usability and Security Attributes

<p>User Authentication is a critical component in information security. Several widely used mechanisms for security to protect services from illegal access include alphanumerical usernames passwords. However, there are several drawbacks attached in this method. For instance, the users themselves usually those passwords that are easy to guess. As difficult passwords are difficult to recall. A new alternative is the graphic-based password and there has been a growing trend in the use of such a password. The human psychology study reveals that humans find it easier to remember pictures as opposed to words. There are two main aspects to the graphical password scheme, namely security and usability. This study comprises of a comprehensive research in the current Recognition-Based graphical password schemes. The common usability attributes and possible attacks on the Recognition-Based graphical password are reviewed, identified and examined in detail. There are several previous surveys on the graphical passwords. The latest research review and summarize graphical password systems concisely and at the same time, analyze usability features for every design. However it was found that there is not a single method that has the most resounding usability attributes. Therefore, this research suggests a set of usability attributes that can be applied into a single Recognition-Based graphical password system. In addition, this study examines and compares success rates on login, login time and memorability of existing systems which are the usability measures most often reported in user studies of graphical passwords. Lastly, a comparison table is revealed to put forth the limitations and strengths of each approach in terms of security and usability.</p>

A Survey of Commonly Used Cryptographic Algorithms in Information Security

Progression in computing powers and parallelism technology are creating obstruction for credible security especially in electronic information transactions under cryptosystems. An enormous set of cryptographic schemes persist in which each has its own affirmative and feeble characteristics. Some schemes carry the use of long bits key and some support the use of small key. Practical cryptosystems are either symmetric or asymmetric in nature. With the fast progression of digital data exchange in electronic way, information security is becoming much more important in data storage and transmission. Network Security is the most vital component in information security because it is responsible for securing all information passed through networked computers. Cryptography is the one of the main categories of computer security that converts information from its normal form into an unreadable form by using Encryption and Decryption Techniques. This survey compares trendy encryption techniques for convinced selection of both key and cryptographic scheme.

Methodology of complex security for the person and social groups against the negative information-psychological influence

Information and psychological security is an important component of information security, which determines the security of citizens and society from harmful information and psychological influences. The latest events in our country and around the world affected by the fact that the provision of information and psychological security of person and social group defined among the main factors countering external threats. The paper proposes a methodology for comprehensive security for human and social groups as the subjects of information security from negative information-psychological impact. It applies to an individual subject, to social groups (structured and unstructured), to the subjects, which are adapted to the organized social environment, and to the single and multi-level social networks.

Exploring biometric technology adoption in a developing country context using the modified UTAUT

Biometric technology BT is a component of information security and person identification. Individual acceptance and adoption of BT is fundamental to successful implementation of BT by organisations. There has been a fairly moderate but improving pace of adoption of technology in developing countries. This study investigates factors affecting users' intention to use BT in a developing country based on the modified version of the unified theory of acceptance and use of technology UTAUT. Results show that simpler biometric methods e.g., fingerprinting have higher level of utilisation than more complex ones e.g., DNA. The intention to adopt biometrics is influenced by perceived ease of use, security, resource facilitating conditions, self-efficacy, and compatibility. Technology facilitating condition and awareness were found to exert some level of impact, while perceived usefulness, awareness, peer influence and complexity did not show any statistical influence on the intention to adopt BT.

Exploring biometric technology adoption in a developing country context using the modified UTAUT

Biometric technology (BT) is a component of information security and person identification. Individual acceptance and adoption of BT is fundamental to successful implementation of BT by organisations. There has been a fairly moderate but improving pace of adoption of technology in developing countries. This study investigates factors affecting users' intention to use BT in a developing country based on the modified version of the unified theory of acceptance and use of technology (UTAUT). Results show that simpler biometric methods (e.g., fingerprinting) have higher level of utilisation than more complex ones (e.g., DNA). The intention to adopt biometrics is influenced by perceived ease of use, security, resource facilitating conditions, self-efficacy, and compatibility. Technology facilitating condition and awareness were found to exert some level of impact, while perceived usefulness, awareness, peer influence and complexity did not show any statistical influence on the intention to adopt BT.

Modern information structures as components of information security

The article considers the modern information structures as components of information security. The structural organization of information security management system must be adequate to the general system of public administration – must be multilevel and territorially distributed with coordinated action of its components.

Secure Barcode Authentication using Genetic Algorithm

Genetic Algorithm (GA) is an invaluable tool for solving optimization problems due to its robustness. It does not break even in the presence of a reasonable noise or even if the inputs are changed slightly. GA offers significant benefits over other optimization techniques in searching a large state space or n-dimensional surface. In todays information age information transfer and sharing has increased exponentially. With the popularization of Internet and exponential increase in e-commerce transactions security has become an inevitable and an integral part of any e-commerce application. Data integrity, confidentiality, authenticity, nonrepudiation have gained tremendous importance and have become important components of information security. In this paper we have made an attempt to exploit the randomness involved in crossover and mutation processes of GA for generating a barcode for authentication process. The number of crossover points and number of mutation points is fixed and cannot be altered by the user. In the current work we have employed a single crossover point and two mutation points. We have used Code-39 and Code-128 encoding techniques for generating a barcode. The barcode data comprises of 12 randomly generated decimal digits. Each decimal digit is represented using 4 bits. Hence the length of the barcode data is 36 bits. The randomly generated data is transformed into encoded form by applying crossover, mutation and XOR operations before generating a bar code. The randomness together with encoding makes the password robust and hard to track. Finally, the algorithm is implemented in Java and applied for authentication of employee data in a hypothetical organization. The methodology is general and can be applied to any task where authentication is required.

Information Security Management in Isfahan University of Medical Sciences′Academic Hospitals in 2014

Introduction: Health care organizations, particularly hospitals should follow a special strategy and implement their security system based on it in order to protect their data. Information security will be provided through performing a series of appropriate controls. ISO/IEC 27002 standard provides guidelines and general principles for starting, running, monitoring and improving information security management. This article aimed to determine the extent of compliance with information security management requirements in academic hospitals of Isfahan University of Medical Sciences. Materials and Methods: This applied study was a cross-sectional research which was performed in 2014. The research population included academic hospitals of Isfahan. The data collection tool was ISO/IEC 27002 standard checklist. The extent of compliance with information security management was examined in six hospital wards, including informatics, admission and discharge, income, laboratory, radiology, and pharmacy. Data was analyzed using SPSS. Results: Mean score of compliance with information security management requirements was estimated 68.1% in Isfahan academic hospitals. The highest level of requirements was related to security policies (76.7%) and requirements of acquisition, development, and maintenance of information systems (76.1%). However, the lowest level was associated with security of human resources (56.7%). Conclusions: Despite the efforts in hospital information system (HIS), hospitals still need more awareness toward principles of information security and management. In addition to investments on technical strategies, more attention is needed concerning non-technical and human factors such as the promotion of employees' knowledge of information security components in order to maintain information security.

Analysis of Cryptographic Algorithms for Network Security

Cryptography plays a major role in securing data. It is used to ensure that the contents of a message are confidentially transmitted and would not be altered. Network security is most vital component in information security as it refers to all hardware and software function, characteristics, features, operational procedures, accountability, access control, and administrative and management policy. Cryptography is central to IT security challenges, since it underpins privacy, confidentiality and identity, which together provide the fundamentals for trusted e-commerce and secure communication. There is a broad range of cryptographic algorithms that are used for securing networks and presently continuous researches on the new cryptographic algorithms are going on for evolving more advanced techniques for secures communication.

The social component of information security

The article is devoted to the social aspects of information security that are examined in the context of countering the destructive information influence to the consciousness of people in information society. It is shown the differences between information security and security of the information.

Frameworks and components of information security(<Special feature>Information security)

Frameworks and components of information security(<Special feature>Information security)

Development of a New Cryptographic Construct Using Palmprint-Based Fuzzy Vault

The combination of cryptology and biometrics has emerged as promising component of information security. Despite the current popularity of palmprint biometric, there has not been any attempt to investigate its usage for the fuzzy vault. This paper therefore investigates the possible usage of palmprint in fuzzy vault to develop a user friendly and reliable crypto system. We suggest the use of both symmetric and asymmetric approach for the encryption. The ciphertext of any document is generated by symmetric cryptosystem; the symmetric key is then encrypted by asymmetric approach. Further, Reed and Solomon codes are used on the generated asymmetric key to provide some error tolerance while decryption. The experimental results from the proposed approach on the palmprint images suggest its possible usage in an automated palmprint-based key generation system.

An Information Security Governance Framework

ABSTRACT Information security culture develops in an organization due to certain actions taken by the organization. Management implements information security components, such as policies and technical security measures with which employees interact and that they include in their working procedures. Employees develop certain perceptions and exhibit behavior, such as the reporting of security incidents or sharing of passwords, which could either contribute or be a threat to the securing of information assets. To inculcate an acceptable level of information security culture, the organization must govern information security effectively by implementing all the required information security components. This article evaluates four approaches towards information security governance frameworks in order to arrive at a complete list of information security components. The information security components are used to compile a new comprehensive Information Security Governance framework. The proposed governance framework can be used by organizations to ensure they are governing information security from a holistic perspective, thereby minimising risk and cultivating an acceptable level of information security culture.

An animated learning tool for Kerberos authentication architecture

Using animated visualization tools has been an important teaching approach in computer science education. Kerberos authentication architecture, an important component in information security and co...

The role of external and internal influences on information systems security – a neo-institutional perspective

This research is an attempt to better understand how external and internal organizational influences shape organizational actions for improving information systems security. A case study of a multi-national company is presented and then analyzed from the perspective of neo-institutional theory. The analysis indicates that coercive, normative, and mimetic isomorphic processes were evident, although it was difficult to distinguish normative from mimetic influences. Two internal forces related to work practices were identified representing resistance to initiatives to improve security: the institutionalization of work mobility and the institutionalization of efficiency outcomes expected with the adoption of company initiatives, especially those involving information technology. The interweaving of top–down and bottom–up influences resulted in an effort to reinforce, and perhaps reinstitutionalize the systems component of information security. The success of this effort appeared to hinge on top management championing information system security initiatives and propagating an awareness of the importance of information security among employees at all levels of the company. The case shows that while regulatory forces, such as the Sarbanes-Oxley Act, are powerful drivers for change, other institutional influences play significant roles in shaping the synthesis of organizational change.