42,328 research outputs found
A vulnerability-driven cyber security maturity model for measuring national critical infrastructure protection preparedness
Critical infrastructures are vital assets for the public safety, economic welfare and national security of countries. Cyber systems are used extensively to monitor and control critical infrastructures. A number of infrastructures are connected to the Internet via corporate networks. Cyber security is, therefore, an important item of the national security agenda of a country. The intense interest in cyber security has initiated research focusing on national cyber security maturity assessments. However, little, if any, research is dedicated to maturity assessments of national critical infrastructure protection efforts. Instead, the vast majority of studies merely examine diverse national-level security best practices ranging from cyber crime response to privacy protection.
This paper proposes a maturity model for measuring the readiness levels of national critical infrastructure protection efforts. The development of the model involves two steps. The first step analyzes data pertaining to national cyber security projects using grounded theory to extract the root causes of the susceptibility of critical infrastructures to cyber threats. The second step determines the maturity criteria by introducing the root causes to subject-matter experts polled in a Delphi survey. The resulting survey-based maturity model is applied to assess the critical infrastructure protection efforts in Turkey. The results are realistic and intuitively appealing, demonstrating that the maturity model is useful for evaluating the national critical infrastructure protection preparedness of developing countries such as Turkey
State of the Art in Privacy Preserving Data Mining
Privacy is one of the most important properties an information system must satisfy. A relatively new trend shows that classical
access control techniques are not sufficient to guarantee privacy when Data Mining techniques are used. Such a trend, especially in the context of public databases, or in the context of sensible information related to critical infrastructures, represents, nowadays a not negligible thread. Privacy Preserving Data Mining (PPDM) algorithms have been recently introduced with the aim of modifying the database in such a way to prevent the discovery of sensible information. This is a very complex task and there exist in the scientific literature some different approaches to the problem. In this work we present a "Survey" of the current PPDM methodologies which seem promising for the future.JRC.G.6-Sensors, radar technologies and cybersecurit
Ethics and privacy issues of critical infrastructure protection – risks and possible solutions through standardization
Dieser Beitrag ist mit Zustimmung des Rechteinhabers aufgrund einer (DFG geförderten) Allianz- bzw. Nationallizenz frei zugänglich.This publication is with permission of the rights owner freely accessible due to an Alliance licence and a national licence (funded by the DFG, German Research Foundation) respectively.Recent studies propose a paradigm shift in standardization strategies and research and the use of ethical aspects as an additional factor to explain standardization success. This article goes one step further. It focuses on specific ethical and privacy standards and introduces privacy as a new dimension of the interplay between standards nd innovation in the fields of civil security and the protection of critical infrastructures. Based on a survey, it represents mainly German and European perspectives. The article finishes by giving recommendations for new privacy standards which may help to raise acceptance for several new security solutions
Convergence of Blockchain and Edge Computing for Secure and Scalable IIoT Critical Infrastructures in Industry 4.0
This is the author accepted manuscript. The final version is available from IEEE via the DOI in this recordCritical infrastructure systems are vital to underpin
the functioning of a society and economy. Due to ever-increasing
number of Internet-connected Internet-of-Things (IoTs) / Industrial IoT (IIoT), and high volume of data generated and collected,
security and scalability are becoming burning concerns for
critical infrastructures in industry 4.0. The blockchain technology
is essentially a distributed and secure ledger that records all
the transactions into a hierarchically expanding chain of blocks.
Edge computing brings the cloud capabilities closer to the
computation tasks. The convergence of blockchain and edge
computing paradigms can overcome the existing security and
scalability issues. In this paper, we first introduce the IoT/IIoT
critical infrastructure in industry 4.0, and then we briefly present
the blockchain and edge computing paradigms. After that, we
show how the convergence of these two paradigms can enable
secure and scalable critical infrastructures. Then, we provide a
survey on state-of-the-art for security and privacy, and scalability
of IoT/IIoT critical infrastructures. A list of potential research
challenges and open issues in this area is also provided, which
can be used as useful resources to guide future research.Engineering and Physical Sciences Research Council (EPSRC
Security Evaluation of Cyber-Physical Systems in Society- Critical Internet of Things
In this paper, we present evaluation of security
awareness of developers and users of cyber-physical systems. Our
study includes interviews, workshops, surveys and one practical
evaluation. We conducted 15 interviews and conducted survey with
55 respondents coming primarily from industry. Furthermore, we
performed practical evaluation of current state of practice for a
society-critical application, a commercial vehicle, and reconfirmed
our findings discussing an attack vector for an off-line societycritical
facility. More work is necessary to increase usage of security
strategies, available methods, processes and standards. The security
information, currently often insufficient, should be provided in the
user manuals of products and services to protect system users. We
confirmed it lately when we conducted an additional survey of
users, with users feeling as left out in their quest for own security
and privacy. Finally, hardware-related security questions begin to
come up on the agenda, with a general increase of interest and
awareness of hardware contribution to the overall cyber-physical
security. At the end of this paper we discuss possible
countermeasures for dealing with threats in infrastructures,
highlighting the role of authorities in this quest
Citizens and Institutions as Information Prosumers. The Case Study of Italian Municipalities on Twitter
The aim of this paper is to address changes in public communication following the advent of Internet social networking tools and the emerging web 2.0 technologies which are providing new ways of sharing information and knowledge. In particular public administrations are called upon to reinvent the governance of public affairs and to update the means for interacting with their communities. The paper develops an analysis of the distribution, diffusion and performance of the official profiles on Twitter adopted by the Italian municipalities (comuni) up to November 2013. It aims to identify the patterns of spatial distribution and the drivers of the diffusion of Twitter profiles; the performance of the profiles through an aggregated index, called the Twitter performance index (Twiperindex), which evaluates the profiles' activity with reference to the gravitational areas of the municipalities in order to enable comparisons of the activity of municipalities with different demographic sizes and functional roles. The results show that only a small portion of innovative municipalities have adopted Twitter to enhance e-participation and e-governance and that the drivers of the diffusion seem to be related either to past experiences and existing conditions (i.e. civic networks, digital infrastructures) developed over time or to strong local community awareness. The better performances are achieved mainly by small and medium-sized municipalities. Of course, the phenomenon is very new and fluid, therefore this analysis should be considered as a first step in ongoing research which aims to grasp the dynamics of these new means of public communication
- …