163 research outputs found

    Cybersecurity Hygiene in the Era of Internet of Things (IoT): Best Practices and Challenges

    Get PDF
    The rapid growth of the Internet of Things (IoT) has resulted in an increasing number of interconnected devices, creating new opportunities for data collection and automation. However, this expansion also brings with it unique cybersecurity challenges. This research paper aims to investigate the best practices for maintaining cybersecurity hygiene in the IoT environment and explore the challenges that need to be addressed to ensure robust security for these connected devices. This study will delve into the vulnerabilities associated with IoT devices, their impact on overall system security, and the potential solutions that can be implemented to enhance cybersecurity hygiene in the IoT environment

    RBAC Attack Exposure Auditor. Tracking User Risk Exposure per Role-Based Access Control Permissions

    Get PDF
    Access control models and implementation guidelines for determining, provisioning, and de-provisioning user permissions are challenging due to the differing approaches, unique for each organization, the lack of information provided by case studies concerning the organization’s security policies, and no standard means of implementation procedures or best practices. Although there are multiple access control models, one stands out, role-based access control (RBAC). RBAC simplifies maintenance by enabling administrators to group users with similar permissions. This approach to managing user permissions supports the principle of least privilege and separation of duties, which are needed to ensure an organization maintains acceptable user access security requirements. However, if not properly maintained, RBAC produces the problem of role explosion. What happens when security administrations cannot maintain the increasing number of roles and their assigned permissions provisioned to the organization users? This paper attempts to solve this problem by implementing a scalable RBAC system and assigning each permission a risk value score determined by the severity of risk it would expose the organization to if someone had unauthorized access to that permission. Using RBAC’s role and permission design, each user will be assigned a risk value score determined by the summation of their roles’ risk based on permission values. This method allows security administrators to view the users and roles with the highest level of risk, therefore prioritizing the highest risk users and roles when maintaining user roles and permissions

    A Security Analysis of Cyber-Physical Systems Architecture for Healthcare

    Get PDF
    This paper surveys the available system architectures for cyber-physical systems. Several candidate architectures are examined using a series of essential qualities for cyber-physical systems for healthcare. Next, diagrams detailing the expected functionality of infusion pumps in two of the architectures are analyzed. The STRIDE Threat Model is then used to decompose each to determine possible security issues and how they can be addressed. Finally, a comparison of the major security issues in each architecture is presented to help determine which is most adaptable to meet the security needs of cyber-physical systems in healthcare

    Securing Digital Collections: Cyber Security Best Practices for Academic Libraries in Developing Countries

    Get PDF
    In today\u27s digital era, there have been an ever increase in academic libraries embracing digital collections to provide access to a wealth of information to their users. However, the demerit of this digitization brings about the need to ensure the security of these valuable digital collections, especially in developing countries where cyber threats are rampant. This paper aims to address the challenges faced by academic libraries in developing countries with regards to best cybersecurity practices for securing digital collections. The paper also highlights the long-term benefits of prioritizing cyber security in academic libraries. Besides protecting valuable digital collections, robust cyber security practices enhance users trust, promote collaboration among institutions, and support academic research in a secure environment. This paper serves as a valuable resource for academic libraries in developing countries, as it offers guidelines and insights to enhance their cyber security practices. By adopting most of these best practices, libraries can safeguard their digital collections, mitigate cyber threats, and contribute to a secure and thriving academic environment

    ForensiBlock: A Provenance-Driven Blockchain Framework for Data Forensics and Auditability

    Full text link
    Maintaining accurate provenance records is paramount in digital forensics, as they underpin evidence credibility and integrity, addressing essential aspects like accountability and reproducibility. Blockchains have several properties that can address these requirements. Previous systems utilized public blockchains, i.e., treated blockchain as a black box, and benefiting from the immutability property. However, the blockchain was accessible to everyone, giving rise to security concerns and moreover, efficient extraction of provenance faces challenges due to the enormous scale and complexity of digital data. This necessitates a tailored blockchain design for digital forensics. Our solution, Forensiblock has a novel design that automates investigation steps, ensures secure data access, traces data origins, preserves records, and expedites provenance extraction. Forensiblock incorporates Role-Based Access Control with Staged Authorization (RBAC-SA) and a distributed Merkle root for case tracking. These features support authorized resource access with an efficient retrieval of provenance records. Particularly, comparing two methods for extracting provenance records off chain storage retrieval with Merkle root verification and a brute-force search the offchain method is significantly better, especially as the blockchain size and number of cases increase. We also found that our distributed Merkle root creation slightly increases smart contract processing time but significantly improves history access. Overall, we show that Forensiblock offers secure, efficient, and reliable handling of digital forensic dataComment: This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessibl

    New methodology updating theoretical and practical

    Get PDF
    Aviation safety statistics have shown the concerning contribution of the general aviation segment, especially of the commercial licensed pilots in accidents and incidents in general. Likewise, air operators have shown attention to the commercial pilot´s issue due to their operational and safety demands. Based on a methodology for the development of specific instructional materials and a modern and efficient methodology for the development of competency-based activities, the study develops several steps, ranging from the definition of a specific performance problem, work and population analysis, the proposition of curricular and instructional elements to the evaluation aspects, to the achievement of its objectives. Finally, the study enables the creation of a proposal of supplementary instructions associated with technical requirements of aviation schools’ activities, aimed to support the development of their materials and practices for their training courses, based on the competency-based training and assessment methodology – CBTA

    Priority-Based Human Resource Allocation in Business Processes

    Get PDF
    In Business Process Management Systems, human resource management typically covers two steps: resource assignment at design time and resource allocation at run time. Although concepts like rolebased assignment often yield several potential performers for an activity, there is a lack of mechanisms for prioritizing them, e.g., according to their skills or current workload. in this paper, we address this research gap. More specifically, we introduce an approach to define resource preferences grounded on a validated, generic user preference model initially developed for semantic web services. Furthermore, we show an implementation of the approach demonstrating its feasibility. Keywords: preference modeling, preference resolution, priority-based allocation, priority ranking, RAL, resource allocation, SOUP

    Advancing Healthcare Security: A Cutting-Edge Zero-Trust Blockchain Solution for Protecting Electronic Health Records

    Get PDF
    The effective management of electronic health records (EHRs) is vital in healthcare. However, traditional systems often need help handling data inconsistently, providing limited access, and coordinating poorly across facilities. This study aims to tackle these issues using blockchain technology to improve EHR systems' data security, privacy, and interoperability. By thoroughly analyzing blockchain's applications in healthcare, we propose an innovative solution that leverages blockchain's decentralized and immutable nature, combined with advanced encryption techniques such as the Advanced Encryption Standard and Zero Knowledge Proof Protocol, to fortify EHR systems. Our research demonstrates that blockchain can effectively overcome significant EHR challenges, including fragmented data and interoperability problems, by facilitating secure and transparent data exchange, leading to enhanced coordination, care quality, and cost-efficiency across healthcare facilities. This study offers practical guidelines for implementing blockchain technology in healthcare, emphasizing a balanced approach to interoperability, privacy, and security. It represents a significant advancement over traditional EHR systems, boosting security and affording patients greater control over their health records. Doi: 10.28991/HIJ-2023-04-03-012 Full Text: PD

    Codifying Information Assurance Controls for Department of Defense (DoD) Supervisory Control and Data Acquisition (SCADA) Systems (U)

    Get PDF
    Protecting DoD critical infrastructure resources and Supervisory Control and Data Acquisition (SCADA) systems from cyber attacks is becoming an increasingly challenging task. DoD Information Assurance controls provide a sound framework to achieve an appropriate level of confidentiality, integrity, and availability. However, these controls have not been updated since 2003 and currently do not adequately address the security of DoD SCADA systems. This research sampled U.S. Air Force Civil Engineering subject matter experts representing eight Major Commands that manage and operate SCADA systems. They ranked 30 IA controls in three categories, and evaluated eight SCADA specific IA controls for inclusion into the DoD IA control framework. Spearman’s Rho ranking results (ρ = .972414) indicate a high preference for encryption, and system and information integrity as key IA Controls to mitigate cyber risk. Equally interesting was the strong agreement among raters on ranking certification and accreditation dead last as an effective IA control. The respondents strongly favored including four new IA controls of the eight considered
    corecore