Compliance with Saudi NCA-ECC based on ISO/IEC 27001

Organizations are required to implement an information security management system (ISMS) for making a central cybersecurity framework, reducing costs, treating risks, and so on. Several ISMS standards have been issued and implemented locally and internationally. In Saudi Arabia, the most widely implemented international ISMS is ISO/IEC 27001. Currently, the Saudi National Cybersecurity Authority (NCA) issued a local framework called Essential Cybersecurity Controls (NCA-ECC). Therefore, many ISO/IEC 27001 certified organizations in Saudi Arabia are trying to convert from ISO/IEC 27001 to NCA-ECC or comply with both frameworks. Nevertheless, cybersecurity experts need to know which cybersecurity controls are already implemented, based on the ISO/IEC 27001, and which are not. This paper first measures the extent to which certified ISO/IEC 27001 Saudi organizations comply with the NCA-ECC. Second, it presents a framework for complying with the required unimplemented or partially implemented NCA-ECC controls. The framework can also help organization to be in compliance with both frameworks, if required. Three ISO/IEC 27001-certified Saudi public universities are selected as samples. The data is collected by interviewing the cybersecurity officers in the selected universities. This research shows that certified ISO/IEC 27001 organizations are approximately 64% in compliance with the NCA-ECC. The presented framework can help any ISO/IEC 27001 certified Saudi organization convert from ISO/IEC 27001 to NCA-ECC in a quick and cost-effective manner by considering only NCA-ECC nonconformities

Push-based XML access control policy languages: a review

Several access control policy languages have been proposed for specifying access control policies for push-based XML access control systems. This paper investigates the scalability of the current XML-based policy languages. It starts by introducing the well-known general access control models with more focus on their scalability. Then, the XML-based policy languages are presented followed by evaluating their management and system scalability. This paper founds that there is a need for using decentralized trusted management concept for addressing the scalability issue in XML access control. Also, using IBE will help in providing several access control features as temporal and delegable access

A distributed push-based XML access control model for better scalability

XML access control is a non-trivial topic as XML language becomes a standard for data representation and transmission on the Web. Existing access control approaches to the published XML documents are not likely to scale well since they specify and enforce their access control policies in centralized servers. This paper proposed a distributed model for providing a scalable access control to the published XML documents. The proposed model is cost-effectively distributed for meeting the increased workload along with avoiding the possible bottlenecks. As a result, the proposed model effectively scales with the increased system and management workloads

Trusted-based scalable access control model for broadcast XML documents.

XML language is becoming a de facto standard for representing and transmitting data on the web so controlling access to XML documents is an important issue. Several XML access control approaches have been proposed to control the access of the published XML documents but these approaches still cannot scale well wim increased system and management workload because they specify and enforce their access control policies in centralized servers. We have proposed a distributed XML access control model for that improves the scalability by distributing the system and management workloads into several servers and different administrator, respectively. In this paper, the scalability of the proposed model is evaluated using a quantitative approach that shows that the proposed model is cost-effectively scalable with an increase in system and management workloads

User concerns regarding information sharing on social networking sites:The user’s perspective in the context of national culture

Information sharing via social networking systems (SNS) is a common practice among academics, as well as others, that brings substantial benefits. At the same time, privacy concerns are widespread among SNS users, which may tend to inhibit their maximising the benefit from using the systems. This paper investigates the proposition that SNS user attitudes and behaviour are affected by privacy concerns, and that the effects are subject to significant cultural factors. A broad assessment of the literature provides the context for the study. Working in the context of Saudi Arabia, we apply a mixed-methods approach beginning with in-depth interviews, exposing in detail a range of views and concerns about privacy and SNS use, also allowing us to identify three key factors that bear on SNS usage and users’ concerns. Analysis of these factors in the light of the “theory of reasoned action” derives a structural model predicting several hypotheses relating the factors and users’ attitudes and behaviour. We assess the model through development of a questionnaire, administered to a large pool of academic participants, that allows us to examine how the model responds in general, and via multigroup partial least squares analyses, differentially to gender and to culturally distinct (Arab vs. non-Arab) constituents of the participant group. Results show good support for the hypotheses and clear gender and culture effects. Picking up issues from the interviews, discussion focuses on users’ views about SNS providers’ privacy policies and their inadequacy regarding culturally specific ethical concerns. We argue that these views may reflect different regulatory environments in combination with other cultural factors

An ordered selective imaging and distributed analysis computer forensics model

The traditional computer forensics procedures and tools collect and analyze the entire user data. This scenario has been proven to be not appropriate any more due to increased size of user data and storage. Accordingly, selective imaging and distributed analysis concepts have been introduced in the literature to reduce the digital evidences collection and analysis costs (time and resources). Current selective imaging approaches image the relevant data according the order of their selection and not according to their physical offsets order inside the targeted storage. Furthermore, integrating the selective imaging and distributed analysis has not been considered yet. This study proposed a computer forensics investigation process that provides an efficient imaging and scalable analysis. The selected data artifacts are first ordered upon their physical offsets. Then, based on the selected data size and available investigation time, the selected data are imaged into one or more partial forensic image in such a way that the produced images can be analyzed by different investigators and using several machines. An Advanced Forensic File Format 4 (AFF4) is used as a container for the collected relevant data. An experiment study has been used to evaluate the performance of the selected imaging process. The result shows that, even if ordering the selected digital evidences has a small performance negative impact but it has a positive effect on the performance of the selective imaging process itself. A qualitative study has been also used to evaluate the system and management scalability of the distributed analysis

Temporal, delegable and cheap update access control to published XML documents.

Providing access control for published XML documents on the Web is an important topic. It involves the use of cryptographic techniques, addressing different requirements and, as a result, facing several challenges. Existing solutions still have some weaknesses such as system update cost, number of required secret encryption/decryption keys, size of encrypted document and supporting temporal and delegable access. This study propose a push--based access control policy enforcement mechanism for addressing these issues using a Dynamic Key Management Table (DKMT) and based on Identity Based Encryption (IBE). The proposed mechanism addresses the existing challenges and provides a more acceptable solution

Event correlation, extra information and merged policies approaches for integrating intrusion detection and access control systems.

Computer security aims to provide data with three security services namely confidentiality, integrity and availability to protect the data from unauthorized access (or use), unauthorized modification and denial of access, respectively. Access control and intrusion detection systems are used in isolation while the range of their accuracy can be increased if they are integrated. This survey investigates the connection between the intrusion detection and access control systems and then it reviews the existing approaches for integrating them. We determined which intrusion detection types and detection methods are more appropriate to be integrated with access control systems and in which manner

Privacy-preserving computer forensics framework

Computer forensics and privacy preservation are conflicting fields in computer security. Computer forensics tools essentially image and analyze all the data found in a targeted investigation. In contrast, privacy preservation techniques are used to protect a data owner private identity, information, and/or activities from any unauthorized access, use,or disclosure. Thus, there is a need to balance these two conflicting fields. In other words,there is a tremendous need to find a lawful and fair computer forensics solution thatr the past decade,the conflict between privacy preservation and computer forensics has been investigated in several studies. However, the solutions proposed by previous researchers are not efficient and lawful as well as they did not provide a sufficient analysis. The objective of this research is to propose a computer forensics framework to preserve the privacy of data owners in an efficient and lawful manner while providing sufficient digital evidence analysis. Computer forensics privacy levels and policies are specified to help improve used for providing an efficient imaging and analysis. The private data are encrypted using an advanced encryption system (AES). Advanced forensic format 4 (AFF4) is used as a container for the imaged relevant data. The framework is implemented to ensure that it is workable and measure its efficiency. A qualitative evaluation method was used to evaluate both the lawfulness of the framework and sufficiency of the analysis by observing these criteria. Moreover, other related work was implemented to compare with the proposed framework. The results obtained show that the proposed framework satisfies all the required features for having a lawful solution, provides efficient imaging and analysis as well as sufficient analysis. It can be concluded that the proposed framework has several advantages compared to the other related works, namely an efficient and lawful method for selective imaging and analysis, and sufficient analysis. It also provides a forensics sound and flexible solution with a distributed analysis