Network Coding versus Replication Based Resilient Techniques to Mitigate Insider Attacks for Smart Metering

International audienceThe main focus of this paper is the resilience of communication protocols for data gathering in distributed, large scale, and dense networks. In our previous work, we have proposed the resilient methods based on random behavior and data replications to improve route diversification, thus to take advantage of redundant network structure. Following these previous methods, we propose in this paper a new resilient method based on network coding techniques to improve resilience in Wireless Sensor Networks (WSNs) for smart metering applications. More precisely, using our resilience metric based on a performance surface, we compare several variants of a well-known gradient based routing protocol with the previous methods (random routing and packet replications) and the new proposed methods (two network coding techniques). The proposed methods outperformed the previous methods in terms of data delivery success even in the presence of high attack intensity

Technical Strategies Database Managers use to Protect Systems from Security Breaches

Healthcare organizations generate massive amounts of data through their databases that may be vulnerable to data breaches due to extensive user privileges, unpatched databases, standardized query language injections, weak passwords/usernames, and system weaknesses. The purpose of this qualitative multiple case study was to explore technical strategies database managers in Southeast/North Texas used to protect database systems from data breaches. The target population consisted of database managers from 2 healthcare organizations in this region. The integrated system theory of information security management was the conceptual framework. The data collection process included semistructured interviews with 9 database managers, including a review of 14 organizational documents. Data were put into NVivo 12 software for thematic coding. Coding from interviews and member checking was triangulated with corporate documents to produce 5 significant themes and 1 subtheme: focus on verifying the identity of users, develop and enforce security policies, implement efficient encryption, monitor threats posed by insiders, focus on safeguards against external threats, and a subtheme derived from vulnerabilities caused by weak passwords. The findings from the study showed that the implementation of security strategies improved organizations\u27 abilities to protect data from security incidents. Thus, the results may be applied to create social change, decreasing the theft of confidential data, and providing knowledge as a resource to accelerate the adoption of technical approaches to protect database systems rom security incidents