Convergence of Physical and Logical Security: A Pre-implementation Checklist

Physical and logical security within an organization have traditionally been implemented and administered as separate standalone entities. A growing number of companies are integrating these two systems to provide greater security along with lower cost and time requirements for administration. The following paper provides an overview of security convergence, including standards and initiatives driving this movement. A pre-implementation checklist is then provided as a template for those who wish to prepare themselves for a convergence project

Australian carbon biosequestration and bioenergy policy co-evolution: mechanisms, mitigation and convergence

The intricacies of international land-use change and forestry policy reflect the temporal, technical and political difficulty of integrating biological systems and climate change mitigation. The plethora of co-existing policies with varied technical rules, accreditation requirements, accounting methods, market registries, etc., disguise the unequal efficacies of each mechanism. This work explores the co-evolution and convergence of Australian voluntary and mandatory climate-related policies at the biosequestration-bioenergy interface. Currently, there are temporal differences between the fast-evolving and precise climate-change mechanisms, and the long-term 'permanence' sought from land use changes encouraged by biosequestration instruments. Policy convergence that favours the most efficient, appropriate and scientifically substantiated policy mechanisms is required. These policies must recognise the fundamental biological foundation of biosequestration, bioenergy, biomaterial industrial development and other areas such as food security and environmental concerns. Policy mechanisms that provide administrative simplicity, project longevity and market certainty are necessary for rural and regional Australians to cost-effectively harness the considerable climate change mitigation potential of biological systems

A consensus based network intrusion detection system

Network intrusion detection is the process of identifying malicious behaviors that target a network and its resources. Current systems implementing intrusion detection processes observe traffic at several data collecting points in the network but analysis is often centralized or partly centralized. These systems are not scalable and suffer from the single point of failure, i.e. attackers only need to target the central node to compromise the whole system. This paper proposes an anomaly-based fully distributed network intrusion detection system where analysis is run at each data collecting point using a naive Bayes classifier. Probability values computed by each classifier are shared among nodes using an iterative average consensus protocol. The final analysis is performed redundantly and in parallel at the level of each data collecting point, thus avoiding the single point of failure issue. We run simulations focusing on DDoS attacks with several network configurations, comparing the accuracy of our fully distributed system with a hierarchical one. We also analyze communication costs and convergence speed during consensus phases.Comment: Presented at THE 5TH INTERNATIONAL CONFERENCE ON IT CONVERGENCE AND SECURITY 2015 IN KUALA LUMPUR, MALAYSI

The convergence of IT and OT in critical infrastructure

Automation and control systems, such as SCADA (Supervisory Control and Data Acquisition), DCS (Distributed Control Systems) and are often referred to as Operational Technology (OT). These systems are used to monitor and control critical infrastructures such as power, pipelines, water distribution, sewage systems and production control,). Traditionally, these OT systems have had a degree of physical separation from Information Technology (IT) infrastructures. With changing technologies and a drive towards data-driven and remote operations the two technology environments are starting to converge. With this convergence, what was a relatively standalone secure and isolated environment is now connected and accessible via the Internet/cloud. With this interconnection comes the cyber security challenges that are typically associated with only with IT infrastructures. OT data that is then accessible from these environments could include critical information such as pressures, temperatures, proximity levels, control signals and other sensor signals. Due to the aforementioned convergence, OT data and associated control mechanisms are now significantly vulnerable to cyber-attacks. This paper provides an understanding of cyber security in an operational technology context (rather than traditional IT environments) and discusses the underlying causes, vulnerabilities, and the risks that are created by convergence and interconnection. We report on evidence of convergence between IT and OT, and use Hofstede’s model of organisational culture to explain the different attitudes and value drivers in IT and OT

Using Deception to Enhance Security: A Taxonomy, Model, and Novel Uses

As the convergence between our physical and digital worlds continue at a rapid pace, securing our digital information is vital to our prosperity. Most current typical computer systems are unwittingly helpful to attackers through their predictable responses. In everyday security, deception plays a prominent role in our lives and digital security is no different. The use of deception has been a cornerstone technique in many successful computer breaches. Phishing, social engineering, and drive-by-downloads are some prime examples. The work in this dissertation is structured to enhance the security of computer systems by using means of deception and deceit

Problems of functioning and reformation of pension system of Ukraine

The article deals with topical issues of the pension system of Ukraine and the development ofpublic policy on pensions. Problems of transition to insurance principles and its convergence with the systems of social security of developed countries have been characterized in the article

Quantitative information flow, with a view

We put forward a general model intended for assessment of system security against passive eavesdroppers, both quantitatively ( how much information is leaked) and qualitatively ( what properties are leaked). To this purpose, we extend information hiding systems ( ihs ), a model where the secret-observable relation is represented as a noisy channel, with views : basically, partitions of the state-space. Given a view W and n independent observations of the system, one is interested in the probability that a Bayesian adversary wrongly predicts the class of W the underlying secret belongs to. We offer results that allow one to easily characterise the behaviour of this error probability as a function of the number of observations, in terms of the channel matrices defining the ihs and the view W . In particular, we provide expressions for the limit value as n → ∞, show by tight bounds that convergence is exponential, and also characterise the rate of convergence to predefined error thresholds. We then show a few instances of statistical attacks that can be assessed by a direct application of our model: attacks against modular exponentiation that exploit timing leaks, against anonymity in mix-nets and against privacy in sparse datasets