The Application of AHP Model to Guide Decision Makers: A Case Study of E-banking Security

Changes in technology have resulted in new ways for bankers to deliver their services to costumers. Electronic banking systems in various forms are the evidence of such advancement. However, information security threats also evolving along this trend. This paper proposes the application of Analytic Hierarchy Process (AHP) methodology to guide decision makers in banking industries to deal with information security policy. The model is structured according aspects of information security policy in conjunction with information security elements. We found that cultural aspect is valued on the top priority among other security aspects, while confidentiality is considered as the most important factor in terms of information security elements.Comment: 5 page

The Effect of Using WLANs on Data Breaches: The Examination of the Moderating Role of Meaningful-Use Attestation

Organizations have increasingly deployed wireless local area networks (WLANs) due to the benefits they can have such as mobility and flexibility. Unfortunately, the usage of wireless networks has raised many security concerns due to its capability of mobility. For instance, wireless networks are susceptible to many attacks such as eavesdropping, traffic analysis, data tampering and denial of service (DoS). Our study aims to identify a variable that moderates the effect of the usage of wireless local area networks (WLANs) on the occurrence of data breaches. Therefore, we propose a model that provides a basis for identifying the impact of meaningful-use attestation on the relationship between WLANs and the occurrence of healthcare data breaches. Our contribution is to extend existing research on security mechanisms of WLANs by empirically investigating the impact of meaningful-use attestation on the reduction of data breaches (hacking or malware) when using WLANs

IEEE 802.11 Wireless LAN Security Performance Using Multiple Clients

IEEE 802.11 Wireless Networks have gained popularity, providing users mobility and flexibility in accessing information. Existing solutions for wireless LAN networks have been exposed to security vulnerabilities. Previous study has evaluated the security performance of IEEE 802.11 wireless networks using single server-client architecture. This research investigated the effect of multiple security mechanisms on the performance of multi-client congested and un-congested networks. The effect of different TCP and UDP packet sizes on performance of secure networks was also studied. The results showed that WEP encryption significantly degrades the performance of congested wireless networks. Network performance degradation increased as the number of clients was increased under all security mechanisms

Secure Data Communication via Lingual Transformation

This paper proposes a new form of data communication that is similar to slang in human language. Using the context of the conversation instead of an encryption key, nodes in a network develop a unique alternative language to disguise the real meaning of the communication between them. Implementation of such a system, and its potential benefits and challenges are discussed

Wireless Local Area Network Security : An Investigation Into Security Tool Usage In Wireless Networks

Many organisations and individuals installing wireless local area networks (WLANs), which are based on the IEEE 802.11 b standard, have little understanding of the security issues that surround this technology. This study was initiated to determine how WLAN security issues affect organisations in Perth, Western Australia. The scope of the study was restricted to 802.llb WLANs operating in infrastructure mode, where all traffic is transmitted by wireless access points (APs). This study was conducted in two phases. The general aims of the first phase were to determine the number of detectable WLANs in the Perth Central Business District (CBD) and subsequently, the percentage of them that have enabled Wired Equivalent Privacy (WEP). Additionally, phase 1 was able to show how many WLANs were still using the manufacturer\u27s default settings and how the network devices may be grouped according to manufacturer. The general aims of the second phase were to find out if the IT managers of various Perth organisations were aware of the security issues related to WLANs and to find out the degree to which the security tools and processes have been implemented. These aims were also achieved and in addition, anecdotal information was collected and analysed. The results of this study indicate that in the Perth CBD, the majority of those persons responsible for the implementation and management of wireless networks are aware of the problems and have taken steps to secure their networks

Wireless security for secure facilities

This thesis presents methods for securing a facility that has wireless connectivity. The goal of this research is to develop a solution to securing a facility that utilizes wireless communications. The research will introduce methods to track and locate the position of attackers. This research also introduces the idea of using a Honeynet system for added security. This research uses what is called Defense-In-Depth. Defense-in-depth is when multiple layers of security are used. The first of the layers is the Zone of Interference. This Zone is an area where jammer transmitters and directive antennas are set up to take advantage of the near-far-effect. The idea is to use the near-far-effect to give a stronger signal on the perimeter of the secure area, to mask any signals escaping from the secure area. This Zone uses directive Yagi antenna arrays to direct the radiation. There are multiple jamming methods that are utilized within this Zone. The next layer of security is the Honeynet Zone. The idea is to make an attacker believe that they are seeing real network traffic. This is done at the Honeynet Zone once a device has been determined to be unfriendly. Decoy mobile devices are first placed within the Honeynet Zone. Spoofed traffic is then created between the Honeynet base stations and the decoy mobile devices zone; using adaptive antennas incorporated within the design to face the signals away from the inside secure area. The third defense is position location and tracking. The idea is to have constant tracking of all devices in the area. There are several methods available to locate and track a device that is giving off an RF signal. This thesis looks at combining all these methods into an integrated, and more robust, facility security system

Factors Impacting Key Management Effectiveness in Secured Wireless Networks

The use of a Public Key Infrastructure (PKI) offers a cryptographic solution that can overcome many, but not all, of the MANET security problems. One of the most critical aspects of a PKI system is how well it implements Key Management. Key Management deals with key generation, key storage, key distribution, key updating, key revocation, and certificate service in accordance with security policies over the lifecycle of the cryptography. The approach supported by traditional PKI works well in fixed wired networks, but it may not appropriate for MANET due to the lack of fixed infrastructure to support the PKI. This research seeks to identify best practices in securing networks which may be applied to new network architectures

VR-Banway: implementação de um agregador local de dados de sensores em computadores de placa única e redes de malha

Mestrado em Engenharia de Computadores e TelemáticaInternet of Things (IoT) is a generic category of ICT architectures that includes the use of sensor-based, communication-enabled systems. A common architectural element in IoT is the sensors gateway that collects data from nearby sensors and relays them to higher-order remote services. The VR2Market project, in which this work is integrated, uses two implementations of the gateway, based on Android smartphones and RPI boards. With the new proposed IoT-inspired computing module, it is possible to migrate gateways to a smaller, more efficient hardware, while retaining the high-level programming abstraction. In this work, we propose and implement a new version of the gateway, named VR-Banway, using the Intel Edison compute module, taking into consideration the integration with additional service layers in VR2Market system, especially with respect to the required Ad hoc networks support. VR-Banway proved to be a solution capable of replacing the existing gateway component in the VR2Market system. The new approach uses a smaller module, reduces power consumption and is more portable. VR-Banway has been used in the context of firefighters monitoring, but is ready to be deployed in other domains.A Internet of Things (IoT) é uma categoria genérica das arquiteturas de TIC que inclui o uso de sistemas baseados em sensores e comunicações. Um elemento comum das arquiteturas IoT é o agregador que recolhe dados de sensores nas proximidades e reencaminha-os para serviços remotos de mais alto nível. O projeto VR2Market, no qual este trabalho está integrado, usa duas implementações do agregador de dados, implementados em Android e RPI. Com o novo módulo proposto, inspirado na IoT, é possível migrar os agregadores de dados para dispositivos mais pequenos e mais eficientes mantendo a abstração de programação de alto nível. Neste trabalho, propomos e implementamos uma nova versão do agregador de dados, chamado VR-Banway, usando o módulo computacional Intel Edison, tendo em consideração a integração de novas camadas de serviços no VR2Market, especialmente no que diz respeito ao suporte de redes Ad hoc. VR-Banway provou ser uma solução capaz de substituir o componente de agregador de dados existente no sistema VR2Market. A nova abordagem usa um módulo mais pequeno, reduz o consumo de energia e é mais portátil. VR-Banway foi usado no contexto de monitorização de bombeiros, mas está preparado para ser implementado noutros domínios