A framework of secure KMS with RBAC implementation

Knowledge Management System (KMS) is a tool to support knowledge management (KM) and nowadays it has been a priority to the organizations as to protect the organization intellectual assets. The evolution of internet has brought KMS becomes more powerful while it can serve users in collaborative system. However, though the excitement of expanding KMS capabilities, security issue is critical due to the access and sharing knowledge which from distributed locations. Mostly the issues are regard to the restriction of the access permission to knowledge. Therefore, there is a need to construct a security model towards secure KMS, for managing access restriction in order to avoid unauthorized access as well as to protect knowledge throughout KM activities. Thus, this paper review the characteristics of collaborative KMS in order to ensure that Role Based Access Control (RBAC) is competent to perform as a security model for KMS and at the same time maintain the advantages of such collaborative system. Consequently, the model of Role Based Access Control- Knowledge Management System (RBAC-KMS) has been formulated which concerning three elements; RBAC, KMS and Information Security (IS). Moreover, the quality dimension model also has been constructed which can be the metrics for quality measurement of RBAC-KMS

DCDIDP: A distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments

With the growing popularity of cloud computing, the exploitation of possible vulnerabilities grows at the same pace; the distributed nature of the cloud makes it an attractive target for potential intruders. Despite security issues delaying its adoption, cloud computing has already become an unstoppable force; thus, security mechanisms to ensure its secure adoption are an immediate need. Here, we focus on intrusion detection and prevention systems (IDPSs) to defend against the intruders. In this paper, we propose a Distributed, Collaborative, and Data-driven Intrusion Detection and Prevention system (DCDIDP). Its goal is to make use of the resources in the cloud and provide a holistic IDPS for all cloud service providers which collaborate with other peers in a distributed manner at different architectural levels to respond to attacks. We present the DCDIDP framework, whose infrastructure level is composed of three logical layers: network, host, and global as well as platform and software levels. Then, we review its components and discuss some existing approaches to be used for the modules in our proposed framework. Furthermore, we discuss developing a comprehensive trust management framework to support the establishment and evolution of trust among different cloud service providers. © 2011 ICST

Critical success factors for e-tendering implementation in construction collaborative environments : people and process issues

The construction industry is increasingly engulfed by globalisation where clients, business partners and customers are found in virtually every corner of the world. Communicating, reaching and supporting them are no longer optional but are imperative for continued business growth and success. A key component of enterprise communication reach is collaborative environments (for the construction industry) which allows customers, suppliers, partners and other project team members secure access to project information, products or services they need at any given moment. Implementation of the stated critical success factors of the project is essential to ensure optimal performance and benefits from the system to all parties involved. This paper presents critical success factors for the implementation of e-tendering in collaborative environments with particular considerations given to the people issues and process factors

Security in online learning assessment towards an effective trustworthiness approach to support e-learning teams

(c) 2014 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.This paper proposes a trustworthiness model for the design of secure learning assessment in on-line collaborative learning groups. Although computer supported collaborative learning has been widely adopted in many educational institutions over the last decade, there exist still drawbacks which limit their potential in collaborative learning activities. Among these limitations, we investigate information security requirements in on-line assessment, (e-assessment), which can be developed in collaborative learning contexts. Despite information security enhancements have been developed in recent years, to the best of our knowledge, integrated and holistic security models have not been completely carried out yet. Even when security advanced methodologies and technologies are deployed in Learning Management Systems, too many types of vulnerabilities still remain opened and unsolved. Therefore, new models such as trustworthiness approaches can overcome these lacks and support e-assessment requirements for e-Learning. To this end, a trustworthiness model is designed in order to conduct the guidelines of a holistic security model for on-line collaborative learning through effective trustworthiness approaches. In addition, since users' trustworthiness analysis involves large amounts of ill-structured data, a parallel processing paradigm is proposed to build relevant information modeling trustworthiness levels for e-Learning.Peer ReviewedPostprint (author's final draft

Identifying diferent scenarios for group access control in distributed environments

Open Access Documen

Critical Management Issues for Implementing RFID in Supply Chain Management

The benefits of radio frequency identification (RFID) technology in the supply chain are fairly compelling. It has the potential to revolutionise the efficiency, accuracy and security of the supply chain with significant impact on overall profitability. A number of companies are actively involved in testing and adopting this technology. It is estimated that the market for RFID products and services will increase significantly in the next few years. Despite this trend, there are major impediments to RFID adoption in supply chain. While RFID systems have been around for several decades, the technology for supply chain management is still emerging. We describe many of the challenges, setbacks and barriers facing RFID implementations in supply chains, discuss the critical issues for management and offer some suggestions. In the process, we take an in-depth look at cost, technology, standards, privacy and security and business process reengineering related issues surrounding RFID technology in supply chains

Hypermedia support for argumentation-based rationale: 15 years on from gIBIS and QOC

Having developed, used and evaluated some of the early IBIS-based approaches to design rationale (DR) such as gIBIS and QOC in the late 1980s/mid-1990s, we describe the subsequent evolution of the argumentation-based paradigm through software support, and perspectives drawn from modeling and meeting facilitation. Particular attention is given to the challenge of negotiating the overheads of capturing this form of rationale. Our approach has maintained a strong emphasis on keeping the representational scheme as simple as possible to enable real time meeting mediation and capture, attending explicitly to the skills required to use the approach well, particularly for the sort of participatory, multi-stakeholder requirements analysis demanded by many design problems. However, we can then specialize the notation and the way in which the tool is used in the service of specific methodologies, supported by a customizable hypermedia environment, and interoperable with other software tools. After presenting this approach, called Compendium, we present examples to illustrate the capabilities for support security argumentation in requirements engineering, template driven modeling for document generation, and IBIS-based indexing of and navigation around video records of meetings

A National Veterans Strategy: The Economic, Social and Security Imperative

This publication details the foundational logic supporting a call to action, related to a broad-based effort to articulate and institutionalize a National Veterans Strategy. We argue that coordinated, "whole-of-government" action toward this end is essential to meet the nation's most important economic, social, and security obligations. Furthermore, we contend that the second Obama administration, working in close collaboration with executive agencies, Congress, and the private sector, is well-positioned to act on what we perceive to be a historic opportunity -- capitalizing on both the foundations of veteran-focused policy and progress enacted over the past decade and the overwhelming public support for returning veterans and military families -- to craft and institutionalize a National Veterans Strategy.Our purpose is to provide a researched and logically-developed case for action that is grounded in this nation's social and cultural traditions and attuned to the practical realities of our contemporary economic and political climate