885,921 research outputs found
A New Fuzzy MCDM Framework to Evaluate E-Government Security Strategy
Ensuring security of e-government applications and infrastructures is crucial
to maintain trust among stakeholders to store, process and exchange information
over the e-government systems. Due to dynamic and continuous threats on
e-government information security, policy makers need to perform evaluation on
existing information security strategy as to deliver trusted e-government
services. This paper presents an information security evaluation framework
based on new fuzzy multi criteria decision making (MCDM) to help policy makers
conduct comprehensive assessment of e-government security strategy.Comment: IEEE 4th International Conference on Application of Information and
Communication Technologies AICT201
Frictionless Authentication Systems: Emerging Trends, Research Challenges and Opportunities
Authentication and authorization are critical security layers to protect a
wide range of online systems, services and content. However, the increased
prevalence of wearable and mobile devices, the expectations of a frictionless
experience and the diverse user environments will challenge the way users are
authenticated. Consumers demand secure and privacy-aware access from any
device, whenever and wherever they are, without any obstacles. This paper
reviews emerging trends and challenges with frictionless authentication systems
and identifies opportunities for further research related to the enrollment of
users, the usability of authentication schemes, as well as security and privacy
trade-offs of mobile and wearable continuous authentication systems.Comment: published at the 11th International Conference on Emerging Security
Information, Systems and Technologies (SECURWARE 2017
An n-sided polygonal model to calculate the impact of cyber security events
This paper presents a model to represent graphically the impact of cyber
events (e.g., attacks, countermeasures) in a polygonal systems of n-sides. The
approach considers information about all entities composing an information
system (e.g., users, IP addresses, communication protocols, physical and
logical resources, etc.). Every axis is composed of entities that contribute to
the execution of the security event. Each entity has an associated weighting
factor that measures its contribution using a multi-criteria methodology named
CARVER. The graphical representation of cyber events is depicted as straight
lines (one dimension) or polygons (two or more dimensions). Geometrical
operations are used to compute the size (i.e, length, perimeter, surface area)
and thus the impact of each event. As a result, it is possible to identify and
compare the magnitude of cyber events. A case study with multiple security
events is presented as an illustration on how the model is built and computed.Comment: 16 pages, 5 figures, 2 tables, 11th International Conference on Risks
and Security of Internet and Systems, (CRiSIS 2016), Roscoff, France,
September 201
- âŠ