Implementation of ISO 27001 in Saudi Arabia – obstacles, motivations, outcomes, and lessons learned

Protecting information assets is very vital to the core survival of an organization. With the increase in cyberattacks and viruses worldwide, it has become essential for organizations to adopt innovative and rigorous procedures to keep these vital assets out of the reach of exploiters. Although complying with an international information security standard such as ISO 27001 has been on the rise worldwide, with over 7000 registered certificates, few companies in Saudi Arabia are ISO 27001 certified. In this paper, we explore the motives, obstacles, challenges, and outcomes for a Saudi organization during their implementation of ISO 27001, with the goal of shedding some light on the reason behind the low adoption of the ISO 27001 certification standard in the region of study. While customer satisfaction and good partner relationships are essential for an organization’s survival, strikingly, none of the organizations interviewed indicated that their goals included meeting consumer requirements or a partner’s mandates

Secure Chaotic Map Based Block Cryptosystem with Application to Camera Sensor Networks

Recently, Wang et al. presented an efficient logistic map based block encryption system. The encryption system employs feedback ciphertext to achieve plaintext dependence of sub-keys. Unfortunately, we discovered that their scheme is unable to withstand key stream attack. To improve its security, this paper proposes a novel chaotic map based block cryptosystem. At the same time, a secure architecture for camera sensor network is constructed. The network comprises a set of inexpensive camera sensors to capture the images, a sink node equipped with sufficient computation and storage capabilities and a data processing server. The transmission security between the sink node and the server is gained by utilizing the improved cipher. Both theoretical analysis and simulation results indicate that the improved algorithm can overcome the flaws and maintain all the merits of the original cryptosystem. In addition, computational costs and efficiency of the proposed scheme are encouraging for the practical implementation in the real environment as well as camera sensor network

Trusted-based scalable access control model for broadcast XML documents.

XML language is becoming a de facto standard for representing and transmitting data on the web so controlling access to XML documents is an important issue. Several XML access control approaches have been proposed to control the access of the published XML documents but these approaches still cannot scale well wim increased system and management workload because they specify and enforce their access control policies in centralized servers. We have proposed a distributed XML access control model for that improves the scalability by distributing the system and management workloads into several servers and different administrator, respectively. In this paper, the scalability of the proposed model is evaluated using a quantitative approach that shows that the proposed model is cost-effectively scalable with an increase in system and management workloads

Event correlation, extra information and merged policies approaches for integrating intrusion detection and access control systems.

Computer security aims to provide data with three security services namely confidentiality, integrity and availability to protect the data from unauthorized access (or use), unauthorized modification and denial of access, respectively. Access control and intrusion detection systems are used in isolation while the range of their accuracy can be increased if they are integrated. This survey investigates the connection between the intrusion detection and access control systems and then it reviews the existing approaches for integrating them. We determined which intrusion detection types and detection methods are more appropriate to be integrated with access control systems and in which manner

Broadcast Authentication for Wireless Sensor Networks Using Nested Hashing and the Chinese Remainder Theorem

Secure broadcasting is an essential feature for critical operations in wireless sensor network (WSNs). However, due to the limited resources of sensor networks, verifying the authenticity for broadcasted messages is a very difficult issue. μTESLA is a broadcast authentication protocol, which uses network-wide loose time synchronization with one-way hashed keys to provide the authenticity verification. However, it suffers from several flaws considering the delay tolerance, and the chain length restriction. In this paper, we propose a protocol which provides broadcast authentication for wireless sensor networks. This protocol uses a nested hash chain of two different hash functions and the Chinese Remainder Theorem (CRT). The two different nested hash functions are employed for the seed updating and the key generation. Each sensor node is challenged independently with a common broadcasting message using the CRT. Our algorithm provides forward and non-restricted key generation, and in addition, no time synchronization is required. Furthermore, receivers can instantly authenticate packets in real time. Moreover, the comprehensive analysis shows that this scheme is efficient and practical, and can achieve better performance than the μTESLA system

Authenticated Key Agreement with Rekeying for Secured Body Sensor Networks

Many medical systems are currently equipped with a large number of tiny, non-invasive sensors, located on, or close to, the patient’s body for health monitoring purposes. These groupings of sensors constitute a body sensor network (BSN). Key management is a fundamental service for medical BSN security. It provides and manages the cryptographic keys to enable essential security features such as confidentiality, integrity and authentication. Achieving key agreement in BSNs is a difficult task. Many key agreement schemes lack sensor addition, revocation, and rekeying properties, which are very important. Our proposed protocol circumvents these shortcomings by providing node rekeying properties, as well as node addition and revocation. It proposes a key distribution protocol based on public key cryptography—the RSA (Rivest, Shamir and Adleman) algorithm, and the DHECC (Diffie-Hellman Elliptic Curve Cryptography) algorithm. The proposed protocol does not trust individual sensors, and partially trusts the base station (hospital). Instead of loading full pair-wise keys into each node, after installation our protocol establishes pair-wise keys between nodes according to a specific routing algorithm. In this case, each node doesn’t have to share a key with all of its neighbors, only those involved in the routing path; this plays a key role in increasing the resiliency against node capture attacks and the network storage efficiency. Finally we evaluate our algorithm from the BSN security viewpoint and evaluate its performance in comparison with other proposals

Fingerprint verification based on statistical analysis

In this paper, we have statistically analyzed biometricfingerprint images for personal identification. A sub-image of 129 x 129 was extracted from the original image and transformed into a co-occurrence matrix. Four different type of relative position distances were used to generate the matrices. The results have been analyzed by the Program for Rate Estimation and Statistical Summaries (PRESS). The efficiency of the proposed method has been demonstrated by the experimental results and that the further the distances of the relative position the lower the error equal rate

Block-Based Motion Estimation Analysis for Lip Reading User Authentication Systems

This paper proposes a lip reading technique for speech recognition by using motion estimation analysis. The method described in this paper represents a sub-system of the Silent Pass project. Silent Pass is a lip reading password entry system for security applications. It presents a user authentication system based on password lip reading. Motion estimation is done for lip movement image sequences representing speech. In this methodology, the motion estimation is computed without extracting the speaker's lip contours and location. This leads to obtaining robust visual features for lip movements representing utterances. Our methodology comprises of two phases, a training phase and a recognition phase. In both phases an n × n video frame of the image sequence for an utterance (can be an alphanumeric character, word or a sentence in more complicated analysis) is divided into m × m blocks. Our method calculates and fits eight curves for each frame. Each curve represents motion estimation of this frame in a specific direction. These eight curves are representing set of features of a specific frame and are extracted in an unsupervised manner. The feature set consists of the integral values of the motion estimation. These features are expected to be extremely effective in the training phase. The feature sets are used to characterize specific utterances with no additional acoustic feature set. A corpus of utterances and their motion estimation features are built in the training phase. The recognition phase is accomplished by extracting the feature set, from the new image sequence of lip movement of an utterance, and compare it to the corpus using the mean square error metric for recognition