64,739 research outputs found
Towards Security Goals in Summative E-Assessment Security
The general security goals of a computer system are known to include confidentiality, integrity and availability (C-I-A) which prevent critical assets from potential threats. The C-I-A security goals are well researched areas; however they may be insufficient to address all the needs of the summative e-assessment. In this paper, we do not discard the fundamental C-I-A security goals; rather we define security goals which are specific to summative e-assessment security
Towards Security Requirements in Online Summative Assessments
Confidentiality, integrity and availability (C-I-A) are the security requirements fundamental to any computer system. Similarly, the hardware, software and data are important critical assets. These two components of a computer security framework are entwined; such that a compromise in the C-I-A requirements may lead to a compromise of the critical assets. The C-I-A requirements and the critical assets of a computer system are well researched areas; however they may be insufficient to define the needs of a summative e-assessment system. In this paper, we do not discard the existing components; rather we propose security requirements and related components that are specific to summative e-assessment systems
Risks and remedies in e-learning system
One of the most effective applications of Information and Communication
Technology (ICT) is the emergence of E-Learning. Considering the importance and
need of E-Learning, recent years have seen a drastic change of learning
methodologies in Higher Education. Undoubtedly, the three main entities of
E-Learning system can be considered as Student, Teacher & Controlling Authority
and there will be different level, but a good E-Learning system needs total
integrity among all entities in every level. Apart from integrity enforcement,
security enforcement in the whole system is the other crucial way to organize
the it. As internet is the backbone of the entire system which is inherently
insecure, during transaction of message in E-Learning system, hackers attack by
utilising different loopholes of technology. So different security measures are
required to be imposed on the system. In this paper, emphasis is given on
different risks called e-risks and their remedies called e-remedies to build
trust in the minds of all participants of E-Learning system
Recommended from our members
Security-Informed Safety: Supporting Stakeholders with Codes of Practice
Codes of practice provide principles and guidance on how organizations can incorporate security considerations into their safety engineering lifecycle and become more security minded
Advanced Cloud Privacy Threat Modeling
Privacy-preservation for sensitive data has become a challenging issue in
cloud computing. Threat modeling as a part of requirements engineering in
secure software development provides a structured approach for identifying
attacks and proposing countermeasures against the exploitation of
vulnerabilities in a system . This paper describes an extension of Cloud
Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in
relation to processing sensitive data in cloud computing environments. It
describes the modeling methodology that involved applying Method Engineering to
specify characteristics of a cloud privacy threat modeling methodology,
different steps in the proposed methodology and corresponding products. We
believe that the extended methodology facilitates the application of a
privacy-preserving cloud software development approach from requirements
engineering to design
The future of Cybersecurity in Italy: Strategic focus area
This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management
Autonomic computing meets SCADA security
© 2017 IEEE. National assets such as transportation networks, large manufacturing, business and health facilities, power generation, and distribution networks are critical infrastructures. The cyber threats to these infrastructures have increasingly become more sophisticated, extensive and numerous. Cyber security conventional measures have proved useful in the past but increasing sophistication of attacks dictates the need for newer measures. The autonomic computing paradigm mimics the autonomic nervous system and is promising to meet the latest challenges in the cyber threat landscape. This paper provides a brief review of autonomic computing applications for SCADA systems and proposes architecture for cyber security
- …