98 research outputs found
Time cost evaluation of trust based access control for XML databases
XML databases are widely used in many different areas. They are multi user systems and can store a huge amount of data. Sensitive and important data need to be protected and stored securely. We have developed a dynamic trust based access control for XML databases to improve the security level and prevent malicious transactions from both internal and external users. Our system tracks user history of errors and bad transactions and updates the access privileges depending on trust values. In this paper, we evaluate the use of trust based access control by measuring the real time cost. The experimental work is performed to test the access time with and without trust based access control and suggests that the approach, though costly is not prohibitively time consuming
Developing a secured social networking site using informa on security awareness techniques
Background: Ever since social network sites (SNS) became a global phenomenon in almost every industry, security has become a major concern to many SNS stakeholders. Several security techniques have been invented towards addressing SNS security, but information security awareness (ISA) remains a critical point. Whilst very few users have used social circles and applications because of a lack of users’ awareness, the majority have found it dif cult to determine the basis of categorising friends in a meaningful way for privacy and security policies settings. This has con rmed that technical control is just part of the security solutions and not necessarily a total solution. Changing human behaviour on SNSs is essential; hence the need for a privately enhanced ISA SNS.
Objective: This article presented sOcialistOnline – a newly developed SNS, duly secured and platform independent with various ISA techniques fully implemented.
Method: Following a detailed literature review of the related works, the SNS was developed on the basis of Object Oriented Programming (OOP) approach, using PhP as the coding language with the MySQL database engine at the back end.
Result: This study addressed the SNS requirements of privacy, security and services, and attributed them as the basis of architectural design for sOcialistOnline. SNS users are more aware of potential risk and the possible consequences of unsecured behaviours.
Conclusion: ISA is focussed on the users who are often the greatest security risk on SNSs, regardless of technical securities implemented. Therefore SNSs are required to incorporate effective ISA into their platform and ensure users are motivated to embrace it
A strategic framework for e-government security: the case in Nigeria
A thesis submitted to the University of Bedfordshire in partial fulfilment of the requirements for the degree of Doctor of PhilosophyCountries across the globe are striving towards full-scale implementation of e-government. One of the issues arising with the efforts to this realization is the assurance of secure transactions while upholding high privacy standards. In order to engage citizens in the process, there must be transparency and confidence that the e-government systems they are using are reliable and will deliver the services with integrity, confidentiality and accountability. Different systems require different levels of security according to the services they provide to their users.
This research presents an investigation into reasons why e-government security frameworks developed by researchers with the claim that it is one-size-fits-all issue may not hold true, particularly in the case of Nigeria, based on certain identified realities. The claim of a generalized framework appears very challenging because there seem to be much diversity across different governments. Countries differ in one or more of the following characteristics: political systems, legal systems, economic situation, available technological infrastructure, Internet and PC penetration, availability of skills and human resources, literacy levels, computer literacy levels, level of poverty, leadership, and ethnic diversities in terms of norms, languages, and expertise. Security measures implemented in e-government projects in some developed countries, beginning with more established e-government systems around the world, were evaluated and a strategic framework for e-government security proposed which considers both technical and non-technical factors that involve people, processes and technologies. The framework is proposed to advance the rapid adoption of practices that will guarantee e-government security. It seeks to provide a flexible, repeatable and cost-effective approach to implementing e-government security. This research examines the issues of enclosure in the implementation of e-government from the perspective of security and ultimately survivability
Educational Technology and Related Education Conferences for June to December 2011
This potpourri of educational technology conferences includes gems such as “Saving Your Organisation from Boring eLearning” and “Lessons and Insights from Ten eLearning Masters”. And, if you wish, you can “Be an Open Learning Hero”. You will also find that the number of mobile learning conferences (and conferences that have a mobile learning component) have increased significantly. Countries such as China, Indonesia, Japan, and Thailand have shown a keen interest in mobile learning.
It would be impossible for you to be present at all the conferences that you would like to attend. But, you could go to the conference website/url during and after the conference. Many conference organizers post abstracts, full papers, and/or videos of conference presentations. Thus, you can visit the conference virtually and may encounter information and contacts that would be useful in your work.
The list below covers selected events focused primarily on the use of technology in educational settings and on teaching, learning, and educational administration. Only listings until December 2011 are complete as dates, locations, or URLs are not available for a number of events held after December 2011. But, take a look at the conference organizers who planned ahead in 2012.
A Word 2003 format is used to enable people who do not have access to Word 2007 or higher version and those with limited or high-cost Internet access to find a conference that is congruent with their interests or obtain conference proceedings. (If you are seeking a more interactive listing, refer to online conference sites.) Consider using the “Find” tool under Microsoft Word’s “Edit” tab or similar tab in OpenOffice to locate the name of a particular conference, association, city, or country. If you enter the country “Australia” or “Singapore” in the “Find” tool, all conferences that occur in Australia or Singapore will be highlighted. Or, enter the word “research”. Then, “cut and paste” a list of suitable events for yourself and your colleagues.
Please note that events, dates, titles, and locations may change; thus, CHECK the specific conference website. Note also that some events will be cancelled at a later date. All Internet addresses were verified at the time of publication. No liability is assumed for any errors that may have been introduced inadvertently during the assembly of this conference list. If possible, do not remove the contact information when you re-distribute the list as that is how I receive updates and corrections. If you mount the list on the web, please note its source
Privacy, Security and Trust Issues Arising from Outsourcing PII Data Collection in Developing Nations A case of Nigeria e-government services
Abstract Outsourcing of IT functions is increasingly used in many organizations in sub
Recommended from our members
Managing near field communication (NFC) payment applications through cloud computing
This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.The Near Field Communication (NFC) technology is a short-range radio communication channel which enables users to exchange data between devices. NFC provides a contactless technology for data transmission between smart phones, Personal Computers (PCs), Personal Digital Assistants (PDAs) and such devices. It enables the mobile phone to act as identification and a credit card for customers. However, the NFC chip can act as a reader as well as a card, and also be used to design symmetric protocols. Having several parties involved in NFC ecosystem and not having a common standard affects the security of this technology where all the parties are claiming to have access to client’s information (e.g. bank account details).
The dynamic relationships of the parties in an NFC transaction process make them partners in a way that sometimes they share their access permissions on the applications that are running in the service environment. These parties can only access their part of involvement as they are not fully aware of each other’s rights and access permissions. The lack of knowledge between involved parties makes the management and ownership of the NFC ecosystem very puzzling. To solve this issue, a security module that is called Secure Element (SE) is designed to be the base of the security for NFC. However, there are still some security issues with SE personalization, management, ownership and architecture that can be exploitable by attackers and delay the adaption of NFC payment technology. Reorganizing and describing what is required for the success of this technology have motivated us to extend the current NFC ecosystem models to accelerate the development of this business area. One of the technologies that can be used to ensure secure NFC transactions is cloud computing which offers wide range advantages compared to the use of SE as a single entity in an NFC enabled mobile phone. We believe cloud computing can solve many issues in regards to NFC application management. Therefore, in the first contribution of part of this thesis we propose a new payment model called “NFC Cloud Wallet". This model demonstrates a reliable structure of an NFC ecosystem which satisfies the requirements of an NFC payment during the development process in a systematic, manageable, and effective way
- …