Descriptor: "data security" / Database: OAIster - Searchworks@Jio Institute Digital Library Search Results

Your search keyword '"data security"' showing total 682 results

Start Over Descriptor "data security" Database OAIster

682 results on '"data security"'

1. Edge Computing for Real-Time Data Analytics: Exploring the Use of Edge Computing to Enable Real-Time Data Analytics in IoT Applications

Author: Petrov, Prof. Elena and Petrov, Prof. Elena
Abstract: Edge computing has emerged as a crucial paradigm for enabling real-time data analytics in Internet of Things (IoT) applications. This paper explores the role of edge computing in facilitating real-time data analytics, discussing its advantages, challenges, and key considerations. We review existing literature and case studies to illustrate the effectiveness of edge computing in enhancing the performance and efficiency of data analytics in IoT environments. Additionally, we highlight future research directions and potential applications of edge computing in advancing real-time data analytics capabilities.
Published: 2024

2. The Use of Artificial Intelligence in Human Resources Processes as Part of Sustainable Development: Political and Organizational Aspects

Author: Bieliaieva, Nataliia, Tymoshenko, Maryna, Nalyvaiko, Nataliia, Khmurova, Viktoriia, Sychova, Nina, Bieliaieva, Nataliia, Tymoshenko, Maryna, Nalyvaiko, Nataliia, Khmurova, Viktoriia, and Sychova, Nina
Abstract: The article characterizes and defines the directions of artificial intelligence technology use in modern organizations and discusses those categories that will remain promising in the future. It highlights the main advantages and risks that currently exist with respect to the use of artificial intelligence and its development in Human Resources processes (HR processes). It was concluded that the main areas of use of artificial intelligence technology in modern organizations and categories that will continue to be promising in the future are defined: automation and optimization of processes; generating insights for decision making. It was emphasized that, in order to prevent the emergence of threats to humanity, in the process of developing artificial intelligence, specialists must establish certain restrictions and its developers must prioritize the issue of protection of user data and ensure control of its use., El artículo caracteriza y define las direcciones del uso de la tecnología de inteligencia artificial en las organizaciones modernas y debate aquellas categorías que seguirán siendo prometedoras en el futuro. Se destacan las principales ventajas y riesgos que existen en la actualidad respecto al uso de la inteligencia artificial y su desarrollo en los procesos de Recursos Humanos (Procesos RH). Se concluyó que se definen las principales áreas de uso de la tecnología de inteligencia artificial en las organizaciones modernas y categorías que seguirán siendo promisorias en el futuro: automatización y optimización de procesos; generar insights para la toma de decisiones. Se enfatizó que, para prevenir la aparición de amenazas para la humanidad, en el proceso de desarrollo de la inteligencia artificial, los especialistas deben establecer ciertas restricciones y sus desarrolladores deben priorizar el tema de la protección de los datos de los usuarios y garantizar el control de su uso.
Published: 2024

3. HIPAA: A Demand to Modernize Health Legislation

Author: Sadri, Mehri, Sadri, Mehri, Sadri, Mehri, and Sadri, Mehri
Abstract: In the 21st-century digital age, health data privacy remains a crucial concern. This paper evaluates the effectiveness of the Health Insurance Portability and Accountability Act, known as HIPAA. More specifically, it demonstrates a need for a unified federal framework in the U.S. that aligns with General Data Protection Regulation’s protections to address modern-day cybersecurity threats better. This article argues that in an era of increased globalization, the United States should confront the task of reforming its healthcare data protection law to align with current cybersecurity risks. We begin by examining landmark legislation across American states to reveal inconsistencies between state and federal protective rulings. Later, we uncover the reactive nature of HIPAA, in contrast to GDPR’s proactive and citizen-centric approach. Through evaluating past lawsuits related to patient protection noncompliance, this paper depicts significant differences in the purpose, coverage, and execution of data protection laws between the United States and the European Union. It highlights GDPR’s effectiveness in granting individuals greater control over their data. Furthermore, this article proposes the adoption of newfound systems for standardized risk analysis and enhanced security across healthcare providers. As healthcare becomes more accessible to the American public, the amount of data in this system increases. This nationwide surge in data underscores the critical need to assess whether privacy laws established in the 1990s remain sufficient. Therefore, updates to healthcare legislation are essential to establishing stringent patient protections in response to the significant rise in data breach incidents within the healthcare network. &nbsp
Published: 2024

4. Data Security Risk Assessment and Response Strategy for Large Language Models

Author: Liu, Tingting and Liu, Tingting
Abstract: In the era of artificial intelligence, large language models (LLMs) feature both positives and negatives when it comes to data security. The purpose of this paper is to present detailed recommendations for evaluating and managing the risks of data security connected with LLMs, using contemporary artificial intelligence algorithms and cloud-based information technologies. These are data asset categorization and rating, risk assessment models, and the observation of legal requirements and best practices regarding data safety. Key findings’ main message is the criticality of the systematic approach to establish and assess controls against data leakage and compliance risks. Besides, the paper also stresses the importance of effective comprehensiveness of report analysis as well as the integration of security capabilities that will help strengthen the overall security of an enterprise. Lastly, based on the highlights of the paper, the best practices for enterprises to address the risks associated with data security are outlined to provide practical and effective measures of protection as well as compliance, particularly in today’s fast-evolving technological environment of AI technologies.
Published: 2024

5. Investigating Security Measures in Common Data Environments: Insights from AEC Industry Case Studies

Author: Abegaz, Kaleab and Abegaz, Kaleab
Abstract: Data exchange is a vital aspect of the construction industry, which means there is need for a consistent platform to manage documents that can be relied on. An important digital information management system in the Architectural, Engineering, and Construction (AEC) sector is Building Information Modeling (BIM). However, problems exist regarding secure and compatible systems for data sharing. The study explores why adaptable and tailored security measures are needed to suit project specifications. Through this examination of centralized versus decentralized Common Data Environments (CDEs), it emerges that open BIM systems are impractical when compared to closed ones. The findings highlight the crucial role that standardization and customization play towards efficient, safe and flexible BIM implementations. It also recommends further research for future studies as well as emphasizes transparency in implementing CDE-based security protocols.
Published: 2024

6. Permission-Based Dynamic Access Control Models for Enhanced Data Security : Integrating Contextual Awareness and Role Flexibility for Secure Healthcare Data Management

Author: Almohammad Alsaleh, Sabah and Almohammad Alsaleh, Sabah
Abstract: This thesis explores the integration of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) within a distributed microservices architecture to create a dynamic and context-aware access control system, specifically tailored for healthcare environments. Traditional RBAC systems, while effective for managing permissions through predefined roles, often lack the flexibility to address complex, dynamic scenarios, such as temporary access needs, location-based restrictions, and emergency situations. ABAC offers the granularity needed for these contexts by evaluating a wide range of attributes in real-time. The hybrid RBAC-ABAC model proposed in this study combines the structured role management of RBAC with the dynamic flexibility of ABAC, creating a more robust and adaptable access control mechanism. The prototype implementation demonstrates the system's ability to handle diverse access control scenarios, improving security, scalability, and operational efficiency. This research contributes to the development of more secure and flexible data management systems, with significant implications for enhancing security and operational efficiency in healthcare and similar environments., Denna avhandling utforskar integrationen av rollbaserad åtkomstkontroll (RBAC) och attributbaserad åtkomstkontroll (ABAC) inom en distribuerad mikrotjänstarkitektur för att skapa ett dynamiskt och kontextmedvetet åtkomstkontrollsystem, särskilt anpassat för vårdmiljöer. Traditionella RBAC-system, även om de är effektivaför att hantera behörigheter genom fördefinierade roller, saknar ofta flexibilitetenatt hantera komplexa och dynamiska scenarier, såsom temporära åtkomstbehov, platsbaserade restriktioner och nödsituationer. ABAC erbjuder den nödvändiga granulariteten för dessa sammanhang genom att utvärdera ett brett spektrum av attribut i realtid. Den hybridmodell som föreslås i denna studie kombinerar RBAC strukturerade rollhantering med ABAC dynamiska flexibilitet, vilket skapar en mer robust och anpassningsbar åtkomstkontrollmekanism. Prototypimplementeringen visar systemets förmåga att hantera olika åtkomstkontrollscenarier, vilket förbättrar säkerhet, skalbarhet och operativ effektivitet. Denna forskning bidrar till utvecklingen av mer säkra och flexibla datahanteringssystem, med betydande konsekvenser för att förbättra säkerhet och operativ effektivitet inom vården och liknande miljöer.
Published: 2024

7. Investigating Security Measures in Common Data Environments: Insights from AEC Industry Case Studies

Author: Abegaz, Kaleab and Abegaz, Kaleab
Abstract: Data exchange is a vital aspect of the construction industry, which means there is need for a consistent platform to manage documents that can be relied on. An important digital information management system in the Architectural, Engineering, and Construction (AEC) sector is Building Information Modeling (BIM). However, problems exist regarding secure and compatible systems for data sharing. The study explores why adaptable and tailored security measures are needed to suit project specifications. Through this examination of centralized versus decentralized Common Data Environments (CDEs), it emerges that open BIM systems are impractical when compared to closed ones. The findings highlight the crucial role that standardization and customization play towards efficient, safe and flexible BIM implementations. It also recommends further research for future studies as well as emphasizes transparency in implementing CDE-based security protocols.
Published: 2024

8. Exploring Apple's Marketing Strategies Through the Lens of Maslow's Hierarchy of Needs : A Qualitative Study on Apple's Marketing Strategies and Consumer Needs

Author: Aghabi, Shady, Nouri Qurjanaki, Parinaz, Aghabi, Shady, and Nouri Qurjanaki, Parinaz
Abstract: This study aims to identify Apple’s marketing strategies and their consumers’ fundamental needs, as well as to explore the alignment between them. More specifically, it examines how Apple's marketing strategies target the needs as outlined by Maslow's Hierarchy. By shedding light on the effectiveness oft hese strategies in meeting consumer needs, the study intends to inform future marketing initiatives within the technology industry. By adopting an abductive qualitative research method, semi-structured interviews were conducted with ten Apple users at Linköping University. Findings indicate that Apple effectively meets consumers' self-actualization needs through its emphasis on innovation and lifestyle enhancements. Esteem needs are addressed through anticipation and differentiation, positioning Apple products as status symbols. The seamless integration of Apple's ecosystem strengthens a sense of belonging and loyalty among users. The study also reveals the significant impact of word of mouth marketing in shaping consumer perceptions and driving the adoption of Apple products. Furthermore, the endowment effect, where ownership of Apple products leads to higher valuation and satisfaction, plays a crucial role in enhancing user loyalty and emotional attachment. Additionally, Apple's focus on reliable software and high data security fulfills safety needs by ensuring trust and privacy. A conceptual model developed from the study's findings is added to demonstrate the correlation between Apple's marketing strategies and the hierarchical needs of its consumers. This model highlights the strategic efforts Apple undertakes to elicit a wide range of emotions and fulfill diverse consumer needs. While limitations include a restricted sample size, future research could broaden the demographic scope and integrate quantitative methods to validate qualitative insights, considering factors such as age and socioeconomic background.
Published: 2024

9. Exploring individual privacy concerns in mixed reality use situations : A qualitative study

Author: Ahmed, Hiwa and Ahmed, Hiwa
Abstract: This Master’s thesis explores the nuanced dimensions of privacy concerns in mixed reality (MR) environments. As MR technologies increasingly integrate into daily life, understanding how individuals perceive and navigate privacy within these contexts becomes crucial. This qualitative study employs semi structured interviews to gather insights from users actively engaged with MR, aiming to identify key privacy issues and the impact of social interactions on privacy dynamics. The research reveals that privacy concerns in MR are influenced by a complex interplay of technology features, user interactions, and contextual settings. Participants ex pressed apprehensions about data security, unauthorized information access, and a lack of control over personal data shared within MR environments. The findings highlight the need for enhanced privacy safeguards and transparent data management practices to foster trust and security in MR applications. This study contributes to the growing discourse on privacy in immersive technologies by providing empirical evidence and proposing recommendations for designing privacy aware MR systems. It aims to inform developers and policy- makers in the development of robust privacy frameworks that align with user expectations and legal standards, thereby enhancing user engagement and trust in MR technology.
Published: 2024

10. Databaserat värdeskapande i rörelse : Potentialen i fordonsdata som öppna data

Author: Gustafsson, Adam, Löfvenberg, Lovisa, Gustafsson, Adam, and Löfvenberg, Lovisa
Abstract: Delning av data genom öppna data börjar bli allt mer vanligt i samhället. Samtidigt blir fordon på vägarna mer uppkopplade, tekniskt avancerade och samlar in mer data än tidigare. Öppna data i kombination med uppkopplade fordon i syfte att tillgängliggöra fordonsdata som öppna data har stor potential att bidra med värde till samhället. Denna studie identifierade och konkretiserade fem drivande och fem utmanande faktorer relaterade till potentialen för fordonsdata att utgöra öppna data. Studien applicerar en kvalitativ metod med en induktiv ansats. Sju informanter med varierande erfarenheter inom öppna data intervjuades genom semi-strukturerade intervjuer. Urvalet baserades främst på ett informationsurval. Studiens analys underbyggs av teoriområdena: databaserat värdeskapande, öppna dataekosystem och öppen innovation. Sammanfattningsvis är de drivande faktorerna som identifierats att data har ett högt värde, öppna fordonsdata kan bidra till förbättrade tjänster och infrastruktur, öppna fordonsdata främjar innovation, informationssäkerheten kan stärkas och slutligen att öppna dataekosystem främjar öppna data. De utmanande faktorerna är bristande interoperabilitet, komplicerade dataägarskapsförhållanden, att fordonsdata kan innehålla känsliga data och integritetsproblem, ekonomiska och strategiska hinder och till sist bristande kunskap och medvetenhet om öppna data. För att realisera värdet i fordonsdata som öppna data krävs det att fler aktörer delar öppna fordonsdata och bidrar till ett mer etablerat öppna dataekosystem., Sharing data through open data is becoming increasingly common in society. Simultaneously, vehicles on the roads are becoming more connected, technologically advanced, and collect more data than before. Open data combined with connected vehicles, with the aim of making vehicle data available as open data, has great potential to contribute value to society. This study identified and concretized five driving and five challenging factors related to the potential for vehicle data to serve as open data. The study employs a qualitative method with an inductive approach. Seven interviewees with varying experiences in open data were interviewed through semi-structured interviews. The selection was mainly based on an information-oriented sampling. The study’s analysis is supported by the theoretical areas of data-based value creation, open data ecosystems, and open innovation. In summary, the identified driving factors are that data has high value, open vehicle data can contribute to improved services and infrastructure, open vehicle data promotes innovation, information security can be enhanced, and finally, open data ecosystems facilitate open data. The challenging factors are a lack of interoperability, complicated data ownership relationships, vehicle data potentially containing sensitive data and privacy issues, economic and strategic barriers, and finally, a lack of knowledge and awareness about open data. To realize the value of vehicle data as open data, more actors need to share open vehicle data and contribute to a more established open data ecosystem.
Published: 2024

11. Introducing Generative Artificial Intelligence in Tech Organizations : Developing and Evaluating a Proof of Concept for Data Management powered by a Retrieval Augmented Generation Model in a Large Language Model for Small and Medium-sized Enterprises in Tech

Author: Lithman, Harald, Nilsson, Anders, Lithman, Harald, and Nilsson, Anders
Abstract: In recent years, generative AI has made significant strides, likely leaving an irreversible mark on contemporary society. The launch of OpenAI's ChatGPT 3.5 in 2022 manifested the greatness of the innovative technology, highlighting its performance and accessibility. This has led to a demand for implementation solutions across various industries and companies eager to leverage these new opportunities generative AI brings. This thesis explores the common operational challenges faced by a small-scale Tech Enterprise and, with these challenges identified, examines the opportunities that contemporary generative AI solutions may offer. Furthermore, the thesis investigates what type of generative technology is suitable for adoption and how it can be implemented responsibly and sustainably. The authors approach this topic through 14 interviews involving several AI researchers and the employees and executives of a small-scale Tech Enterprise, which served as a case company, combined with a literature review. The information was processed using multiple inductive thematic analyses to establish a solid foundation for the investigation, which led to the development of a Proof of Concept. The findings and conclusions of the authors emphasize the high relevance of having a clear purpose for the implementation of generative technology. Moreover, the authors predict that a sustainable and responsible implementation can create the conditions necessary for the specified small-scale company to grow. When the authors investigated potential operational challenges at the case company it was made clear that the most significant issue arose from unstructured and partially absent documentation. The conclusion reached by the authors is that a data management system powered by a Retrieval model in a LLM presents a potential path forward for significant value creation, as this solution enables data retrieval functionality from unstructured project data and also mitigates a major inherent is
Published: 2024

12. Permission-Based Dynamic Access Control Models for Enhanced Data Security : Integrating Contextual Awareness and Role Flexibility for Secure Healthcare Data Management

Author: Almohammad Alsaleh, Sabah and Almohammad Alsaleh, Sabah
Abstract: This thesis explores the integration of Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) within a distributed microservices architecture to create a dynamic and context-aware access control system, specifically tailored for healthcare environments. Traditional RBAC systems, while effective for managing permissions through predefined roles, often lack the flexibility to address complex, dynamic scenarios, such as temporary access needs, location-based restrictions, and emergency situations. ABAC offers the granularity needed for these contexts by evaluating a wide range of attributes in real-time. The hybrid RBAC-ABAC model proposed in this study combines the structured role management of RBAC with the dynamic flexibility of ABAC, creating a more robust and adaptable access control mechanism. The prototype implementation demonstrates the system's ability to handle diverse access control scenarios, improving security, scalability, and operational efficiency. This research contributes to the development of more secure and flexible data management systems, with significant implications for enhancing security and operational efficiency in healthcare and similar environments., Denna avhandling utforskar integrationen av rollbaserad åtkomstkontroll (RBAC) och attributbaserad åtkomstkontroll (ABAC) inom en distribuerad mikrotjänstarkitektur för att skapa ett dynamiskt och kontextmedvetet åtkomstkontrollsystem, särskilt anpassat för vårdmiljöer. Traditionella RBAC-system, även om de är effektivaför att hantera behörigheter genom fördefinierade roller, saknar ofta flexibilitetenatt hantera komplexa och dynamiska scenarier, såsom temporära åtkomstbehov, platsbaserade restriktioner och nödsituationer. ABAC erbjuder den nödvändiga granulariteten för dessa sammanhang genom att utvärdera ett brett spektrum av attribut i realtid. Den hybridmodell som föreslås i denna studie kombinerar RBAC strukturerade rollhantering med ABAC dynamiska flexibilitet, vilket skapar en mer robust och anpassningsbar åtkomstkontrollmekanism. Prototypimplementeringen visar systemets förmåga att hantera olika åtkomstkontrollscenarier, vilket förbättrar säkerhet, skalbarhet och operativ effektivitet. Denna forskning bidrar till utvecklingen av mer säkra och flexibla datahanteringssystem, med betydande konsekvenser för att förbättra säkerhet och operativ effektivitet inom vården och liknande miljöer.
Published: 2024

13. Edge Computing for Real-Time Data Analytics: Exploring the Use of Edge Computing to Enable Real-Time Data Analytics in IoT Applications

Author: Petrov, Prof. Elena and Petrov, Prof. Elena
Abstract: Edge computing has emerged as a crucial paradigm for enabling real-time data analytics in Internet of Things (IoT) applications. This paper explores the role of edge computing in facilitating real-time data analytics, discussing its advantages, challenges, and key considerations. We review existing literature and case studies to illustrate the effectiveness of edge computing in enhancing the performance and efficiency of data analytics in IoT environments. Additionally, we highlight future research directions and potential applications of edge computing in advancing real-time data analytics capabilities.
Published: 2024

14. Edge Computing for Real-Time Data Analytics: Exploring the Use of Edge Computing to Enable Real-Time Data Analytics in IoT Applications

Author: Petrov, Prof. Elena and Petrov, Prof. Elena
Abstract: Edge computing has emerged as a crucial paradigm for enabling real-time data analytics in Internet of Things (IoT) applications. This paper explores the role of edge computing in facilitating real-time data analytics, discussing its advantages, challenges, and key considerations. We review existing literature and case studies to illustrate the effectiveness of edge computing in enhancing the performance and efficiency of data analytics in IoT environments. Additionally, we highlight future research directions and potential applications of edge computing in advancing real-time data analytics capabilities.
Published: 2024

15. Databaserat värdeskapande i rörelse : Potentialen i fordonsdata som öppna data

Author: Gustafsson, Adam, Löfvenberg, Lovisa, Gustafsson, Adam, and Löfvenberg, Lovisa
Abstract: Delning av data genom öppna data börjar bli allt mer vanligt i samhället. Samtidigt blir fordon på vägarna mer uppkopplade, tekniskt avancerade och samlar in mer data än tidigare. Öppna data i kombination med uppkopplade fordon i syfte att tillgängliggöra fordonsdata som öppna data har stor potential att bidra med värde till samhället. Denna studie identifierade och konkretiserade fem drivande och fem utmanande faktorer relaterade till potentialen för fordonsdata att utgöra öppna data. Studien applicerar en kvalitativ metod med en induktiv ansats. Sju informanter med varierande erfarenheter inom öppna data intervjuades genom semi-strukturerade intervjuer. Urvalet baserades främst på ett informationsurval. Studiens analys underbyggs av teoriområdena: databaserat värdeskapande, öppna dataekosystem och öppen innovation. Sammanfattningsvis är de drivande faktorerna som identifierats att data har ett högt värde, öppna fordonsdata kan bidra till förbättrade tjänster och infrastruktur, öppna fordonsdata främjar innovation, informationssäkerheten kan stärkas och slutligen att öppna dataekosystem främjar öppna data. De utmanande faktorerna är bristande interoperabilitet, komplicerade dataägarskapsförhållanden, att fordonsdata kan innehålla känsliga data och integritetsproblem, ekonomiska och strategiska hinder och till sist bristande kunskap och medvetenhet om öppna data. För att realisera värdet i fordonsdata som öppna data krävs det att fler aktörer delar öppna fordonsdata och bidrar till ett mer etablerat öppna dataekosystem., Sharing data through open data is becoming increasingly common in society. Simultaneously, vehicles on the roads are becoming more connected, technologically advanced, and collect more data than before. Open data combined with connected vehicles, with the aim of making vehicle data available as open data, has great potential to contribute value to society. This study identified and concretized five driving and five challenging factors related to the potential for vehicle data to serve as open data. The study employs a qualitative method with an inductive approach. Seven interviewees with varying experiences in open data were interviewed through semi-structured interviews. The selection was mainly based on an information-oriented sampling. The study’s analysis is supported by the theoretical areas of data-based value creation, open data ecosystems, and open innovation. In summary, the identified driving factors are that data has high value, open vehicle data can contribute to improved services and infrastructure, open vehicle data promotes innovation, information security can be enhanced, and finally, open data ecosystems facilitate open data. The challenging factors are a lack of interoperability, complicated data ownership relationships, vehicle data potentially containing sensitive data and privacy issues, economic and strategic barriers, and finally, a lack of knowledge and awareness about open data. To realize the value of vehicle data as open data, more actors need to share open vehicle data and contribute to a more established open data ecosystem.
Published: 2024

16. The Use of Artificial Intelligence in Human Resources Processes as Part of Sustainable Development: Political and Organizational Aspects

Author: Bieliaieva, Nataliia, Tymoshenko, Maryna, Nalyvaiko, Nataliia, Khmurova, Viktoriia, Sychova, Nina, Bieliaieva, Nataliia, Tymoshenko, Maryna, Nalyvaiko, Nataliia, Khmurova, Viktoriia, and Sychova, Nina
Abstract: The article characterizes and defines the directions of artificial intelligence technology use in modern organizations and discusses those categories that will remain promising in the future. It highlights the main advantages and risks that currently exist with respect to the use of artificial intelligence and its development in Human Resources processes (HR processes). It was concluded that the main areas of use of artificial intelligence technology in modern organizations and categories that will continue to be promising in the future are defined: automation and optimization of processes; generating insights for decision making. It was emphasized that, in order to prevent the emergence of threats to humanity, in the process of developing artificial intelligence, specialists must establish certain restrictions and its developers must prioritize the issue of protection of user data and ensure control of its use., El artículo caracteriza y define las direcciones del uso de la tecnología de inteligencia artificial en las organizaciones modernas y debate aquellas categorías que seguirán siendo prometedoras en el futuro. Se destacan las principales ventajas y riesgos que existen en la actualidad respecto al uso de la inteligencia artificial y su desarrollo en los procesos de Recursos Humanos (Procesos RH). Se concluyó que se definen las principales áreas de uso de la tecnología de inteligencia artificial en las organizaciones modernas y categorías que seguirán siendo promisorias en el futuro: automatización y optimización de procesos; generar insights para la toma de decisiones. Se enfatizó que, para prevenir la aparición de amenazas para la humanidad, en el proceso de desarrollo de la inteligencia artificial, los especialistas deben establecer ciertas restricciones y sus desarrolladores deben priorizar el tema de la protección de los datos de los usuarios y garantizar el control de su uso.
Published: 2024

17. Introducing Generative Artificial Intelligence in Tech Organizations : Developing and Evaluating a Proof of Concept for Data Management powered by a Retrieval Augmented Generation Model in a Large Language Model for Small and Medium-sized Enterprises in Tech

Author: Lithman, Harald, Nilsson, Anders, Lithman, Harald, and Nilsson, Anders
Abstract: In recent years, generative AI has made significant strides, likely leaving an irreversible mark on contemporary society. The launch of OpenAI's ChatGPT 3.5 in 2022 manifested the greatness of the innovative technology, highlighting its performance and accessibility. This has led to a demand for implementation solutions across various industries and companies eager to leverage these new opportunities generative AI brings. This thesis explores the common operational challenges faced by a small-scale Tech Enterprise and, with these challenges identified, examines the opportunities that contemporary generative AI solutions may offer. Furthermore, the thesis investigates what type of generative technology is suitable for adoption and how it can be implemented responsibly and sustainably. The authors approach this topic through 14 interviews involving several AI researchers and the employees and executives of a small-scale Tech Enterprise, which served as a case company, combined with a literature review. The information was processed using multiple inductive thematic analyses to establish a solid foundation for the investigation, which led to the development of a Proof of Concept. The findings and conclusions of the authors emphasize the high relevance of having a clear purpose for the implementation of generative technology. Moreover, the authors predict that a sustainable and responsible implementation can create the conditions necessary for the specified small-scale company to grow. When the authors investigated potential operational challenges at the case company it was made clear that the most significant issue arose from unstructured and partially absent documentation. The conclusion reached by the authors is that a data management system powered by a Retrieval model in a LLM presents a potential path forward for significant value creation, as this solution enables data retrieval functionality from unstructured project data and also mitigates a major inherent is
Published: 2024

18. The Use of Artificial Intelligence in Human Resources Processes as Part of Sustainable Development: Political and Organizational Aspects

Author: Bieliaieva, Nataliia, Tymoshenko, Maryna, Nalyvaiko, Nataliia, Khmurova, Viktoriia, Sychova, Nina, Bieliaieva, Nataliia, Tymoshenko, Maryna, Nalyvaiko, Nataliia, Khmurova, Viktoriia, and Sychova, Nina
Abstract: The article characterizes and defines the directions of artificial intelligence technology use in modern organizations and discusses those categories that will remain promising in the future. It highlights the main advantages and risks that currently exist with respect to the use of artificial intelligence and its development in Human Resources processes (HR processes). It was concluded that the main areas of use of artificial intelligence technology in modern organizations and categories that will continue to be promising in the future are defined: automation and optimization of processes; generating insights for decision making. It was emphasized that, in order to prevent the emergence of threats to humanity, in the process of developing artificial intelligence, specialists must establish certain restrictions and its developers must prioritize the issue of protection of user data and ensure control of its use., El artículo caracteriza y define las direcciones del uso de la tecnología de inteligencia artificial en las organizaciones modernas y debate aquellas categorías que seguirán siendo prometedoras en el futuro. Se destacan las principales ventajas y riesgos que existen en la actualidad respecto al uso de la inteligencia artificial y su desarrollo en los procesos de Recursos Humanos (Procesos RH). Se concluyó que se definen las principales áreas de uso de la tecnología de inteligencia artificial en las organizaciones modernas y categorías que seguirán siendo promisorias en el futuro: automatización y optimización de procesos; generar insights para la toma de decisiones. Se enfatizó que, para prevenir la aparición de amenazas para la humanidad, en el proceso de desarrollo de la inteligencia artificial, los especialistas deben establecer ciertas restricciones y sus desarrolladores deben priorizar el tema de la protección de los datos de los usuarios y garantizar el control de su uso.
Published: 2024

19. Digitalkompetenzen von Grundschulkindern: Unfassbar und vermessen?!

Author: Theurer, Caroline, Jocham, Tina, Pohlmann-Rother, Sanna, Theurer, Caroline, Jocham, Tina, and Pohlmann-Rother, Sanna
Abstract: Im Beitrag werden Ergebnisse zweier Vorstudien berichtet, die sich auf Daten zu den Bereichen Datenschutz und Sicherheit sowie Bewertung von Inhalten im Internet an Stichproben von Dritt- und Viertklässler:innen stützen. Die Erhebungen sind eingebettet in das Projekt Digit.El, in dem schrittweise Facetten von Digitalkompetenzen im Grundschulalter erhoben werden und das Ziel verfolgt wird, reliable, valide und dennoch ökonomisch einsetzbare Instrumente zur Erfassung der jeweiligen Kompetenzfacetten für Kinder im Grundschulalter bereitzustellen, damit einerseits Diagnostik und andererseits – darauf aufbauend – auch gezielte Förderung in dem Bereich stattfinden kann. Zur Konzeptionalisierung der theoretischen Konstrukte sowie der zu entwickelnden Messinstrumente wird sich u. a. am Digital Competence Framework for Citizens (DigComp 2.2) orientiert. Die Datenerhebungen der Vorstudien fanden über leitfadengestütze Interviews sowie quantitative Testungen statt. Die Ergebnisse beider Teilstudien zeigen, dass Kinder im dritten und vierten Schuljahr über Kenntnisse und teilweise auch Kompetenzen in den anvisierten Bereichen verfügen. Allerdings offenbaren die Ergebnisse auch Leerstellen und einen Nachholbedarf, der u. a. im Hinblick auf die Notwendigkeit einer Förderung digitalbezogener Kompetenzen im Grundschulbereich diskutiert wird., The article reports on the results of two preliminary studies that collected data on the areas of data protection and security as well as evaluation of content on the internet from samples of third and fourth graders. The studies are framed by the project Digit.El, which aims to gradually assess facets of digital competencies in elementary school age and to provide reliable, valid and yet economically applicable instruments for assessing the respective competence facets for elementary school children. Doing so, strengthens not only diagnostic options in that field, but also helps to offer tailored support measures, subsequently. For the conceptualization of the theoretical constructs and the tests to be developed, amongst others, the Digital Competence Framework for Citizens (DigComp 2.2) is used as a blueprint. The data collection for the preliminary studies took place via structured interviews and quantitative testing. The results of the pilot-studies show that children in third and fourth grades have knowledge and partly also competencies in the envisaged areas. However, the results also reveal blanks and a need to catch up on those. The results are discussed in the light of the strong need to promote digital competencies as early as in primary schools.
Published: 2024

20. Data governance for smart cities in China: the case of Shenzhen

Author: Xie, Siqi, Luo, Ning, Yarime, Masaru, Xie, Siqi, Luo, Ning, and Yarime, Masaru
Abstract: Establishing an appropriate system for governing various data is a critical challenge in developing smart cities. In China, with its distinctive institutional characteristics, it is not yet well investigated what kinds of data governance mechanisms are introduced, how data are collected, shared, and used, and how potential risks concerning data security and privacy are addressed. This paper conducts an exploratory study of the case of smart city development in Shenzhen and examines critical opportunities and challenges in data governance. A centralized approach led by the government has been emphasized in data governance, with its focus evolving from addressing the fragmentation of government data to fostering the integration of various kinds of data in society. Open data platforms have been developed through close cooperation between government and technology enterprises. Regulations have been introduced to protect data security and privacy and facilitate the exchange and use of data for innovation. On the other hand, stakeholders are not sufficiently incentivized to provide accurate information. The value of data is not appropriately recognized or measured, discouraging the sharing of data to facilitate the use of data. Citizens are not well-informed about what kinds of data are collected and how these data are used. Institutional mechanisms have not yet been established to ensure that the data collected from citizens are properly handled by the public authorities. It is crucial to encourage citizens’ engagement in data governance to fully implement the people-centered approach to smart city development. © 2023 The Author(s). Published by Informa UK Limited, trading as Taylor & Francis Group.
Published: 2024

21. Fintech Analysis of Personal Finance App Usage among Millennials

Author: Tika Handayani, Rifky Lana Rahardian, Eva Yuniarti Utami, Apriani Riyanti, Ahmad Rizani, Tika Handayani, Rifky Lana Rahardian, Eva Yuniarti Utami, Apriani Riyanti, and Ahmad Rizani
Abstract: This study aims to analyse the influence of Fintech on the use of personal finance applications in the millennial generation. The research method used in this study is the survey method. The survey was conducted using a questionnaire distributed to millennial respondents who use personal finance applications. The data collected through the survey will be analysed quantitatively to identify usage trends, feature preferences, and the impact of personal finance apps on individual financial behaviour. The results show that millennials have a high adoption rate of personal finance apps. They tend to use these apps to track expenses, organise budgets, and conduct financial transactions. In-app personalisation features are highly valued by millennials, as it allows them to tailor the experience according to individual needs and preferences. However, data security and privacy remain key concerns in the use of personal finance apps. Personal finance apps have great potential in helping millennials manage their finances more effectively. However, serious attention should be paid to data security and user privacy. Therefore, it is recommended that personal finance app providers continue to improve their security systems and privacy practices. In addition, it is also necessary to educate users on the importance of protecting their personal information when using personal finance apps.
Published: 2024

22. Fintech Analysis of Personal Finance App Usage among Millennials

Author: Tika Handayani, Rifky Lana Rahardian, Eva Yuniarti Utami, Apriani Riyanti, Ahmad Rizani, Tika Handayani, Rifky Lana Rahardian, Eva Yuniarti Utami, Apriani Riyanti, and Ahmad Rizani
Abstract: This study aims to analyse the influence of Fintech on the use of personal finance applications in the millennial generation. The research method used in this study is the survey method. The survey was conducted using a questionnaire distributed to millennial respondents who use personal finance applications. The data collected through the survey will be analysed quantitatively to identify usage trends, feature preferences, and the impact of personal finance apps on individual financial behaviour. The results show that millennials have a high adoption rate of personal finance apps. They tend to use these apps to track expenses, organise budgets, and conduct financial transactions. In-app personalisation features are highly valued by millennials, as it allows them to tailor the experience according to individual needs and preferences. However, data security and privacy remain key concerns in the use of personal finance apps. Personal finance apps have great potential in helping millennials manage their finances more effectively. However, serious attention should be paid to data security and user privacy. Therefore, it is recommended that personal finance app providers continue to improve their security systems and privacy practices. In addition, it is also necessary to educate users on the importance of protecting their personal information when using personal finance apps.
Published: 2024

23. Analysis and Utilization of the Base64 Algorithm for Image Encryption and Decryption Security in Web-Based Images

Author: Baso, Fadhlirrahman and Baso, Fadhlirrahman
Abstract: Data is often the target of irresponsible people for misuse. The theft is done is to benefit from the person who has the data. In addition to theft of work files, theft is also carried out on image files. The purpose of this file theft is to find out what the image contains. Someone has a private image that cannot be known by others. Misuse of image files will be fatal for the owner of the image. Cryptographic techniques are needed in securing images and one of the methods used to secure these images is using the base64 algorithm. The Caesar Cipher algorithm can help users secure the image file. The Base64 algorithm can be used to change the ASCII 256 format to Base64 so that it is easy to send or store on a storage medium. By applying the Base64 algorithm to image files, the security and confidentiality of these files will protect data from irresponsible people.
Published: 2023

24. Analysis and Utilization of the Base64 Algorithm for Image Encryption and Decryption Security in Web-Based Images

Author: Baso, Fadhlirrahman and Baso, Fadhlirrahman
Abstract: Data is often the target of irresponsible people for misuse. The theft is done is to benefit from the person who has the data. In addition to theft of work files, theft is also carried out on image files. The purpose of this file theft is to find out what the image contains. Someone has a private image that cannot be known by others. Misuse of image files will be fatal for the owner of the image. Cryptographic techniques are needed in securing images and one of the methods used to secure these images is using the base64 algorithm. The Caesar Cipher algorithm can help users secure the image file. The Base64 algorithm can be used to change the ASCII 256 format to Base64 so that it is easy to send or store on a storage medium. By applying the Base64 algorithm to image files, the security and confidentiality of these files will protect data from irresponsible people.
Published: 2023

25. Implementing SAP on Cloud: Leveraging Security and Privacy Technologies for Seamless Data Integration and Protection

Author: Makka, Arpan Khoresh Amit and Makka, Arpan Khoresh Amit
Abstract: The migration of enterprise resource planning (ERP) systems, such as SAP, to cloud-based infrastructure constitutes a complex and multifaceted undertaking that necessitates a comprehensive and strategic approach to harmonize technological innovation, organizational adaptability, and robust security measures. This research delves into the intricate landscape of SAP cloud implementation, with a particular emphasis on the pivotal role of security and privacy technologies in safeguarding sensitive data and ensuring uninterrupted operations. By meticulously scrutinizing cloud deployment strategies, data migration processes, and security protocols, this study aims to provide a robust framework for organizations embarking on this transformative journey. The investigation encompasses a detailed examination of the diverse cloud deployment models, including public, private, and hybrid clouds, evaluating their suitability based on a comprehensive assessment of organizational context, risk tolerance, and compliance mandates. Moreover, the research meticulously explores the complexities of data migration, emphasizing the criticality of robust data cleansing, transformation, validation, and migration processes to preserve data accuracy, consistency, and integrity within the cloud ecosystem. With a steadfast commitment to mitigating cyber threats and safeguarding sensitive information, the study examines a comprehensive array of security technologies and best practices, encompassing encryption, access control, identity and access management (IAM), threat detection and response mechanisms, and data loss prevention (DLP). By providing a holistic understanding of the challenges and opportunities associated with SAP cloud implementations, this research contributes to the development of effective strategies for organizations seeking to leverage the benefits of cloud computing while maintaining the highest levels of security and privacy. The study also considers the potential impact of
Published: 2023

26. Implementing SAP on Cloud: Leveraging Security and Privacy Technologies for Seamless Data Integration and Protection

Author: Makka, Arpan Khoresh Amit and Makka, Arpan Khoresh Amit
Abstract: The migration of enterprise resource planning (ERP) systems, such as SAP, to cloud-based infrastructure constitutes a complex and multifaceted undertaking that necessitates a comprehensive and strategic approach to harmonize technological innovation, organizational adaptability, and robust security measures. This research delves into the intricate landscape of SAP cloud implementation, with a particular emphasis on the pivotal role of security and privacy technologies in safeguarding sensitive data and ensuring uninterrupted operations. By meticulously scrutinizing cloud deployment strategies, data migration processes, and security protocols, this study aims to provide a robust framework for organizations embarking on this transformative journey. The investigation encompasses a detailed examination of the diverse cloud deployment models, including public, private, and hybrid clouds, evaluating their suitability based on a comprehensive assessment of organizational context, risk tolerance, and compliance mandates. Moreover, the research meticulously explores the complexities of data migration, emphasizing the criticality of robust data cleansing, transformation, validation, and migration processes to preserve data accuracy, consistency, and integrity within the cloud ecosystem. With a steadfast commitment to mitigating cyber threats and safeguarding sensitive information, the study examines a comprehensive array of security technologies and best practices, encompassing encryption, access control, identity and access management (IAM), threat detection and response mechanisms, and data loss prevention (DLP). By providing a holistic understanding of the challenges and opportunities associated with SAP cloud implementations, this research contributes to the development of effective strategies for organizations seeking to leverage the benefits of cloud computing while maintaining the highest levels of security and privacy. The study also considers the potential impact of
Published: 2023

27. Privacy-Preserving Federated Learning model for healthcare data

Author: Ferens, Ken (Electrical and Computer Engineering), Wang, Shaowei (Computer Science), Mohammed, Noman, Islam, Tanzir Ul, Ferens, Ken (Electrical and Computer Engineering), Wang, Shaowei (Computer Science), Mohammed, Noman, and Islam, Tanzir Ul
Abstract: Federated Learning (FL) is a method for training machine learning algorithms on decentralized data where sharing raw data is not feasible due to privacy regulations. An instance of such data is Electronic Health Records (EHRs), which contain confidential patient information. In FL, the sensitive data is not shared, rather local models are trained and the model parameters are then aggregated on a central server. However, this method presents privacy challenges, necessitating the implementation of privacy protection strategies, such as data anonymization, before sharing the model parameters. Balancing the trade-off between privacy and utility is a crucial aspect of FL research, as integrating privacy algorithms can have an impact on the utility. The objective of this thesis is to improve the performance of FL while maintaining privacy, through techniques like data generalization, feature selection for dimension reduction, and minimizing noise in the anonymization process. This research also investigates separating data based on features instead of records and evaluates the performance of the proposed model using real healthcare data, with the aim of developing a predictive model for healthcare applications.
Published: 2023

28. OODOOLL : Exploring the Potential of Data Physicalisations to Increase Awareness and Control of Personal Data Privacy

Author: Skavron, Sarah and Skavron, Sarah
Abstract: Through online activities, we produce a large amount of personal data traces every day. Many people acknowledge the significance of protecting personal data online but they might not act accordingly. This thesis project seeks to make these often hidden traces visible and thus understandable through a data physicalisation. This is to increase awareness and knowledge as well as spark reflection on how and if certain data should be protected. Six design activities with a focus on the active involvement of participants were conducted to create the concept of “OODOOLL”, a reversed voodoo doll that has the purpose of protecting users from any potential harm in relation to online activity and sparking reflection around the topic of data privacy. While some of the potentials of a data physicalisation, such as initiating conversations or increased levels of self-reflection, could be realised, there were several limitations to the concept, i.e. technical limitations or breaking down the complexity of aggregated data use. Especially in terms of the increased use of digital devices and the rise of emerging technologies, it is important for general users but also for interaction designers to be aware and have an understanding of data collection, data use and data protection.
Published: 2023

29. Evaluating the Ownership of Personal data in the Cloud by Optimizing the IT Architecture : Applying a reference architecture to make the ownership of personal data more clear within an organization

Author: Myrsell, Tilda, Hulteberg, Sofie, Myrsell, Tilda, and Hulteberg, Sofie
Abstract: Cloud computing is an area that many companies use in order to stay in line with technological development. To keep these systems productive and easily managed, a reference architecture can be used as a framework and also as a manual on how to structure an organization to suit its specific needs and goals. The reference architecture can make it easier to divide responsibility as well as working tasks within an organization. One company facing the challenges that comes with cloud based systems is Vattenfall, one of the biggest energy companies in Europe. An organization like Vattenfall handles a great load of customer data which is to be controlled and protected in every way. In order to keep on making sure that these systems are efficient and secure, a reference architecture could be a helpful tool. With the purpose of investigating how a section within Vattenfall’s IT department can use a reference architecture to determine the ownership of customers’ personal data more easily, an interview study was conducted. The interviews focused on evaluation of how employees’ reason when handling customers’ personal data within cloud environments. The reference architecture found most suitable for handling personal data was the international standard ISO/IEC 17789. It describes multiple work roles within cloud computing which can make the process of handling sensitive information clearer and easier. The data collected from the interviews was later applied to this reference architecture in order to see how it can be used in order to more easily divide responsibility. The study could in the end present several recommendations as to how the department should divide responsibilities and raise awareness regarding the topic amongst employees in order to increase data security. Finally, the expected value created from implementing these recommendations and applying the reference architecture to the organization is expected to be high. The thesis concluded that the chosen ref
Published: 2023

30. Securing Data in a Cloud Environment: Access Control, Encryption, and Immutability

Author: Al Khateeb, Ahmad, Summaq, Abdulrazzaq, Al Khateeb, Ahmad, and Summaq, Abdulrazzaq
Abstract: The amount of data and the development of new technologies used by all society-critical organizations are increasing dramatically. In parallel, data breaches, cyber-attacks, and their devastating consequences are also on the rise, as well as the number of individuals and organizations that are potential targets for such attacks. This places higher demands on security in terms of protecting data against cyber-attacks and controlling access to data that authenticated users want to access. The paper focuses on studying concepts of secure data practices in a GitLab-based cloud environment. The objective is to give answers to questions such as how to ensure the guarantee of secure data and protect it from unauthorized access and changes. The work behind this thesis includes exploring techniques for access control, data encryption, and data immutability. The study is followed by an implementation project that includes fetching code from GitLab verifying user identity and access control, managing data access, and displaying the results. The results of the thesis demonstrate the effectiveness of the implemented security measures in protecting data and controlling access., Mängden av data och utvecklingen av banbrytande teknologier som idag används av alla samhällsbärande organisationer ökar drastiskt. I samma takt ökar dataintrång, cyberattacker och dess förödande konsekvenser samt antalet personer och organisationer som utgör potentiella offer för sådana typer av attacker. Detta ställer högre krav på säkerheten när det gäller att skydda data mot cyberattacker, men även att kontrollera åtkomsten till data som autentiserade användare vill komma åt. Rapporten fokuserar på att studera hur data säkras i GitLab-baserade molnsystem. Syftet med detta arbete är att ge svar på frågeställningar som till exempel att lova säker åtkomst och skydd för data från obehörig åtkomst och ändringar. Arbetet bakom detta projekt inkluderade undersökning av tekniker som används inom accesskontroll, datakryptering och data-omutlighet. Studien resulterade i en implementation som möjliggör att hämta signerade ändringar (Commits) från GitLab, verifiera användaridentiteten och åtkomstbehörighet, hantera dataåtkomst samt presentera resultaten. Resultaten av detta examensarbete demonstrerar effektiviteten av den implementerade säkerhetsteknikerna i att skydda data och kontrollera access.
Published: 2023

31. A Survey on Cyber Security Threats and its Impact on Society

Author: Victoire, T. Amalraj, Vasuki, M., Karunamurthy, A., Soundarya, D., Sarumathi, S., Victoire, T. Amalraj, Vasuki, M., Karunamurthy, A., Soundarya, D., and Sarumathi, S.
Abstract: Cyber security is essential to society as protecting information, computer networks, databases, and software programs has become one of the biggest challenges in the current day situation. The Internet plays a vital role in day-to-day people’s life and users expect their data to be much more secure. Cyber Security threats are clarified to make the data secure. The Cyber Security threats affect society in many ways by stealing our personal information in our everyday lives and overcome those threats by securing the data from the internet. This paper concentrates on the survey of different threats to analyze and improve data security and enhance confidentiality.
Published: 2023

32. Skydd och incidentrespons inom IT-säkerhet : En studie kring utvecklingen av ransomware

Author: Ericson, Christoffer, Derek, Nick, Ericson, Christoffer, and Derek, Nick
Abstract: Cybersäkerhet är ett konstant växande hot mot organisationer, genom det ständigt ökade digitaliserade samhället, dock finns tecken på att medvetenheten hos organisationer ökar vad gäller cyberattacker och cybersäkerhet. Cyberattacker kan skapa konsekvenser som kan förhindra organisationens verksamhet. Detta lägger grunden till arbetet, att se hur försvarsförmågan har utvecklats. I värsta fall medför en cyberattack konsekvenser som kan äventyra en organisations överlevnadsförmåga. I och med det nya hotet ransomware, där hotaktören krypterar offrets filer och sedan kräver en lösensumma, har konsekvenserna kraftigt kommit att bli mer fatala. Metoderna för ransomware utvecklas av hotaktörerna vilket kan bidra till mer än bara ekonomiska konsekvenser för organisationen. Mot ransomware gäller i stort samma skyddsåtgärder som mot alla former av cyberattacker, däremot finns en del särskilt viktiga aspekter som belyses i detta arbete, till exempel implementering av backups, adekvat dataskydd samt god Patch Management (d.v.s. protokoll för att åtgärda sårbarheter i programvara). I arbetet sammanställs en branschkonsensus för hur organisationer skall arbeta gentemot cyberattacker, specifikt ransomwareattacker. Detta har gjorts genom en litteratur- och kvalitativ intervjustudie, som sedan har analyserats och diskuterats. Intervjustudien har genomförts hos organisationer som bedöms lämpliga för detta då de dagligen arbetar med cybersäkerhet. En av rekommendationerna är att ha en bra backuprutin, där man skapar, distribuerar och testar dessa. Genom arbetet belyses även hur god patch management bör implementeras. Slutligen presenteras även en ny metod, Ransomware 3.0 där hotaktörer stjäl en organisations IT-miljö för att sedan radera denna lokalt hos organisationen och sedan säljer tillbaka denna, som används av hotaktörerna, som hittills varit okänd, där vidare forskning bör vidtas., Cybersecurity is a constantly growing threat against organisations due to the increasingly digitalisation of society, although there are signs that the consciousness at organisations has increased regarding cyberattacks and cybersecurity. Cyberattacks can create consequences that can restrain an organisations operations. This creates the foundation for this study, to see how the defence capabilities has developed. A cyberattack can, in the worst case scenario, threaten an organisations ability to survive. In regards to the new threat, ransomware, where the threat actor encrypts the victim’s files and demands a ransom, the consequences can be fatal. The new methods associated with ransomware, where the threat actor also exfiltrates the victim’s files, strongly impact the organisations ability to operate. This could lead to economic consequences, as well as damages towards stakeholder relations. Most protective measures applies towards ransomware, however there are some especially important aspects that are presented in this paper, such as implementation of backups, sufficient data protection as well as good Patch Management (protocol to patch vulnerabilities in software). In this paper, an industry consensus on how organisations should work against cyberattacks, especially ransomware, is compiled. This was performed through a litterature and a qualitative interview study. Both studies has been analysed and discussed.The interview study has been accomplished by interviewing appropriate organisations that work with cyber security daily. One of the recommendations is to have a good backup protocol, which implies creating, distributing and testing these backups. This paper also presents how a good patch management should be implemented. Finally, this paper presents a new method, Ransomware 3.0 where the threat actor steals an organisations IT environment, and then destroys the local copy at the organisation to then sell it back, that is used by the threat actors, that is
Published: 2023

33. Skydd och incidentrespons inom IT-säkerhet : En studie kring utvecklingen av ransomware

Author: Ericson, Christoffer, Derek, Nick, Ericson, Christoffer, and Derek, Nick
Abstract: Cybersäkerhet är ett konstant växande hot mot organisationer, genom det ständigt ökade digitaliserade samhället, dock finns tecken på att medvetenheten hos organisationer ökar vad gäller cyberattacker och cybersäkerhet. Cyberattacker kan skapa konsekvenser som kan förhindra organisationens verksamhet. Detta lägger grunden till arbetet, att se hur försvarsförmågan har utvecklats. I värsta fall medför en cyberattack konsekvenser som kan äventyra en organisations överlevnadsförmåga. I och med det nya hotet ransomware, där hotaktören krypterar offrets filer och sedan kräver en lösensumma, har konsekvenserna kraftigt kommit att bli mer fatala. Metoderna för ransomware utvecklas av hotaktörerna vilket kan bidra till mer än bara ekonomiska konsekvenser för organisationen. Mot ransomware gäller i stort samma skyddsåtgärder som mot alla former av cyberattacker, däremot finns en del särskilt viktiga aspekter som belyses i detta arbete, till exempel implementering av backups, adekvat dataskydd samt god Patch Management (d.v.s. protokoll för att åtgärda sårbarheter i programvara). I arbetet sammanställs en branschkonsensus för hur organisationer skall arbeta gentemot cyberattacker, specifikt ransomwareattacker. Detta har gjorts genom en litteratur- och kvalitativ intervjustudie, som sedan har analyserats och diskuterats. Intervjustudien har genomförts hos organisationer som bedöms lämpliga för detta då de dagligen arbetar med cybersäkerhet. En av rekommendationerna är att ha en bra backuprutin, där man skapar, distribuerar och testar dessa. Genom arbetet belyses även hur god patch management bör implementeras. Slutligen presenteras även en ny metod, Ransomware 3.0 där hotaktörer stjäl en organisations IT-miljö för att sedan radera denna lokalt hos organisationen och sedan säljer tillbaka denna, som används av hotaktörerna, som hittills varit okänd, där vidare forskning bör vidtas., Cybersecurity is a constantly growing threat against organisations due to the increasingly digitalisation of society, although there are signs that the consciousness at organisations has increased regarding cyberattacks and cybersecurity. Cyberattacks can create consequences that can restrain an organisations operations. This creates the foundation for this study, to see how the defence capabilities has developed. A cyberattack can, in the worst case scenario, threaten an organisations ability to survive. In regards to the new threat, ransomware, where the threat actor encrypts the victim’s files and demands a ransom, the consequences can be fatal. The new methods associated with ransomware, where the threat actor also exfiltrates the victim’s files, strongly impact the organisations ability to operate. This could lead to economic consequences, as well as damages towards stakeholder relations. Most protective measures applies towards ransomware, however there are some especially important aspects that are presented in this paper, such as implementation of backups, sufficient data protection as well as good Patch Management (protocol to patch vulnerabilities in software). In this paper, an industry consensus on how organisations should work against cyberattacks, especially ransomware, is compiled. This was performed through a litterature and a qualitative interview study. Both studies has been analysed and discussed.The interview study has been accomplished by interviewing appropriate organisations that work with cyber security daily. One of the recommendations is to have a good backup protocol, which implies creating, distributing and testing these backups. This paper also presents how a good patch management should be implemented. Finally, this paper presents a new method, Ransomware 3.0 where the threat actor steals an organisations IT environment, and then destroys the local copy at the organisation to then sell it back, that is used by the threat actors, that is
Published: 2023

34. In-Depth Analysis of Encryption Techniques for the Protection of Mobile Health Care Applications

Author: Nanumura, Umal Anuraga and Nanumura, Umal Anuraga
Abstract: Mobile healthcare applications, also known as mHealth apps, play an essential part in handling private patient information in today's healthcare system. In this article, the vital role that encryption plays in the process of data protection is investigated. We take a look at a variety of encryption techniques, such as symmetric and asymmetric encryption, homomorphic encryption, and end-to-end encryption, and evaluate the benefits and drawbacks of each. Several crucial factors, including secure key management and compliance with healthcare legislation, are dissected in this article. Case studies provide an illustration of the impact that data breaches have in the real world as well as successful encryption solutions in mHealth. This study examines existing difficulties and new trends in data security, providing stakeholders in the healthcare industry important insights and suggestions as a result.
Published: 2023

35. Methodology for Acquisition and Handling of Private Data

Author: Hassan, Zaid Ul and Hassan, Zaid Ul
Abstract: The acquisition and management of private data have become pressing concerns in today's digital environment, given the growing complexity of regulatory frameworks and the constant risk of data breaches. This research introduces a thorough methodology tailored to help organizations handle private data responsibly and effectively. The methodology addresses critical aspects, including data privacy governance, regulatory compliance, secure data collection, robust data management, and proactive measures for responding to data breaches. Essential elements of this methodology involve setting up a data privacy governance structure that encompasses policies, procedures, and a dedicated team for data protection. It places a strong emphasis on creating an inventory of data and categorizing it, ensuring that data collection is legal and restricted to specific, legitimate purposes. The methodology advocates minimizing data collection to only essential information and utilizing secure methods for data acquisition, including encryption, access controls, and secure data transfer procedures. This research provides a comprehensive methodology for acquiring and managing private data, protecting the rights of data subjects, and ensuring compliance with regulations. Its objective is to guide organizations through the evolving landscape of data privacy and security, ultimately encouraging a culture of responsibility and trust concerning data in the digital age.
Published: 2023

36. KONSEP AUPB UNTUK KEAMANAN DATA DALAM STANDARDISASI DAN SISTEM GEOCODING ALAMAT PERKOTAAN DAN PERDESAAN INDONESIA

Author: Widowati, Dyah Ayu, Sutanta, Heri, Diyono, Diyono, Atunggal, Dedi, Laksono, Dany, Sumaryono, Sumaryono, Mustofa, Fakhruddin, Widowati, Dyah Ayu, Sutanta, Heri, Diyono, Diyono, Atunggal, Dedi, Laksono, Dany, Sumaryono, Sumaryono, and Mustofa, Fakhruddin
Abstract: This article aims to formulate the embodiment of the AUPB concept in the standardization and geocoding system of Indonesian urban and rural addresses. Furthermore, it analyses the synchronization of data security principles in standardization and geocoding systems for urban and rural addresses in Indonesia. Conceptually, the process of address standardization and geocoding in the context of AUPB is closely related to the orderly administration of government, accountability of government agencies and/or officials, and implementation of statutory provisions. Overall, the element of AUPB that plays the most role in the standardization process and the address geocoding system is the principle of legal certainty. The principle of openness is attached to data security, and both are synchronized in implementing standardization and geocoding systems for urban and rural addresses in Indonesia. Even though all columns in the address database are stored in Elasticsearch, only specific columns can be accessed by general users through the Geocoding System website. Hence, the addresses presented are general data and do not contain personal data., Standardisasi dan geocoding alamat akan memberi solusi atas permasalahan alamat yang selama ini dihadapi di Indonesia. Tujuan dari artikel ini adalah untuk membahas terkait: Pertama, Identifikasi AUPB dalam standardisasi dan sistem geocoding alamat perkotaan dan perdesaan Indonesia. Kedua, sinkronisasi asas keterbukaan dalam AUPB dengan keamanan data dalam Sistem Geocoding Alamat Wilayah Perkotaan dan Perdesaan Indonesia. Hasil dari penelitian ini adalah: Pertama, secara keseluruhan unsur AUPB yang paling berperan dalam proses standardisasi, penyusunan basisdata dan sistem geocoding alamat adalah asas kepastian hukum. Kedua, keamanan data dalam standarisasi dan sistem geocoding alamat perkotaan dan perdesaan di Indonesia telah sinkron dengan prinsip keterbukaan karena data yang ada di dalam sistem geocoding alamat adalah data umum sehingga kerahasiaan data masih terjaga. Hal ini dikarenakan meskipun seluruh kolom pada basisdata alamat tersimpan pada Elasticsearch, tetapi hanya kolom tertentu saja yang dapat diakses melalui website Sistem Geocoding, sehingga tidak mengandung data personal. Kata kunci: AUPB, standardisasi, geocoding, alamat, keamanan data
Published: 2023

37. Teknologian hyödyntämiseen liittyvä yksityisyydensuoja, tietoturva ja -suoja ikääntyneiden kotipalveluissa:kyselytutkimus johtajille

Author: Kuha, S. (Suvi), Xiong, E. (Essi), Hammarén, M. (Mira), Ylisirniö, M. (Minna), Haverinen, J. (Jari), Suominen, J. (Jarno), Leikas, J. (Jaana), Kanste, O. (Outi), Kuha, S. (Suvi), Xiong, E. (Essi), Hammarén, M. (Mira), Ylisirniö, M. (Minna), Haverinen, J. (Jari), Suominen, J. (Jarno), Leikas, J. (Jaana), and Kanste, O. (Outi)
Abstract: Tiivistelmä Tutkimuksen tarkoituksena on kuvata johtajien näkemyksiä teknologian hyödyntämiseen liittyvästä yksityisyydensuojasta, tietoturvasta ja -suojasta, niihin liittyvistä haasteista ja ratkaisuista sekä teknologisten ratkaisujen hankkimatta jättämiseen liittyvistä tekijöistä ikääntyneiden kotipalveluissa. Tutkimus on poikkileikkausasetelmassa tehty survey-tutkimus. Aineisto kerättiin syksyllä 2022 sähköisellä kyselyllä iäkkäiden kotipalvelujen johtajilta (n=68) viidestä sosiaali- ja terveydenhuollon kuntayhtymästä ja viidestätoista kunnasta tai kaupungista eri puolilta Suomea. Kyselylomake sisälsi neljä strukturoitua ja kaksi avointa kysymystä. Aineisto analysoitiin kuvailevilla tilastomenetelmillä ja induktiivisen sisällön analyysin periaatteilla. Tulosten mukaan teknologisten ratkaisujen käyttöönotossa huomioidaan Digi-HTA-arviointien asioita tietoturvasta ja -suojasta pääasiallisesti hyvin, mutta tässä tunnistettiin myös kehitettävää. Johtajien arvioiden mukaan teknologian hankintaprosesseissa huomioidaan tietosuojaan liittyvät tekijät hyvin, ja prosesseihin on luotu tietoturvaan liittyvät kriteerit. Teknologisten ratkaisujen hankkimatta jättämiseen arvioitiin vaikuttavan erityisesti se, että ratkaisut eivät vastanneet asiakkaiden tarpeisiin tai niiden ei nähty tehostavan toimintaa. Johtajien näkemykset teknologian hyödyntämiseen liittyvän yksityisyydensuojan ja tietoturvan ja -suojan haasteista liittyivät toimintaympäristöön, digitaalisiin ratkaisuihin, toimintatapoihin ja osaamiseen sekä organisaation käytäntöihin haasteiden ehkäisyssä. Näiden haasteiden ratkaisuiksi nähtiin viestintä ja vuorovaikutus, yksityisyydensuojaa, tietoturvaa ja -suojaa koskevien prosessien määrittäminen sekä toimintatapojen muuttaminen ja osaamisen kehittäminen. Yksityisyydensuojaan, tietoturvaan ja -suojaan liittyvien tekijöiden huomioiminen toteutuu ikääntyneiden kotipalveluissa pääasiallisesti hyvin, mutta toisaalta niihin liittyvät haasteet koetaan moninaisiksi. Tutkimukses, The purpose of this study was to describe managers’ perceptions of privacy protection, data security and protection in technology utilization, related challenges, and solutions, and factors related not acquiring technological solutions in home care services for the older people. This cross-sectional survey study was conducted by electronic survey in Autumn 2022. The data was collected from the managers of home care services (n=68) from five public social and healthcare joint municipal authorities and fifteen municipalities or cities located in different parts of Finland. The questionnaire included four structured and two open questions. The data was analyzed using descriptive statistical methods and the principles of inductive content analysis. According to results, the issues raised by the Digi-HTA evaluations regarding data security and protection are mainly adequately considered when implementing technological solutions, but areas for development were also identified. According to managers’ evaluations, factors related to data protection are adequately considered in the technology acquisition processes, and criteria related to data security have been created for the processes. Not acquiring technological solutions was estimated to be especially influenced by the fact that the solutions did not meet the clients’ needs or were not seen to make operations more efficient. The managers’ perceptions of the challenges of privacy protection and data security and protection in technology utilization, were related to the operating environment, digital solutions, procedures, competence, and the organization’ practices in the prevention of challenges. The solutions to these challenges were seen as communication and interaction, defining processes of privacy protection, data security and protection, changing procedures, and developing competence. Taking account of factors related to privacy protection, data security and protection is mainly adequately implemented in
Published: 2023

38. Role of Analytics in Supply Chain Management Industry in Lithuania: Big Data Analytics & AI

Author: Mohammad Kuraishi, Zikri and Mohammad Kuraishi, Zikri
Abstract: Supply chain managers face a variety of obstacles when preparing for the future, as change is bound to happen. The increase in the importance of "big data" and also the use of "analytics" to analyze this data are two significant changes in the past few years. The analysis of big data is extremely important because it has the potential to yield significant value, and it is essential for companies to make use of the wide range of information sources by carrying out a comprehensive and accurate examination. Goal: The purpose of this article is to showcase the constantly changing nature of supply chain management practices, predict the future impact of big data and analytics in SCM, emphasize the potential benefits of these trends, and offer guidance to leaders in the field of SCM. Approach/technique/procedure: It is emphasized how crucial it is to derive value from the vast quantity of data accessible in the field of supply chain management. Definition of "big data" and analytics, with explanation of how they affect SCM applications. Outcomes: Instances demonstrate how the supply chain management domain can be influenced by these recent trends and advancements. These examples have effectively adopted, utilized, and put into practice analytics that rely on large volumes of data. The existence of big data is undeniable, and utilizing analytics to derive valuable insights from this information has the power to create a significant influence. In summary, it can be stated that... It is important for supply chain managers to closely monitor these 2 trends because effectively incorporating "big data" analytics are able to keep them updated on advancements and alterations, ultimately enhancing their competitiveness.
Published: 2023

39. KONSEP AUPB UNTUK KEAMANAN DATA DALAM STANDARDISASI DAN SISTEM GEOCODING ALAMAT PERKOTAAN DAN PERDESAAN INDONESIA

Author: Widowati, Dyah Ayu, Sutanta, Heri, Diyono, Diyono, Atunggal, Dedi, Laksono, Dany, Sumaryono, Sumaryono, Mustofa, Fakhruddin, Widowati, Dyah Ayu, Sutanta, Heri, Diyono, Diyono, Atunggal, Dedi, Laksono, Dany, Sumaryono, Sumaryono, and Mustofa, Fakhruddin
Abstract: This article aims to formulate the embodiment of the AUPB concept in the standardization and geocoding system of Indonesian urban and rural addresses. Furthermore, it analyses the synchronization of data security principles in standardization and geocoding systems for urban and rural addresses in Indonesia. Conceptually, the process of address standardization and geocoding in the context of AUPB is closely related to the orderly administration of government, accountability of government agencies and/or officials, and implementation of statutory provisions. Overall, the element of AUPB that plays the most role in the standardization process and the address geocoding system is the principle of legal certainty. The principle of openness is attached to data security, and both are synchronized in implementing standardization and geocoding systems for urban and rural addresses in Indonesia. Even though all columns in the address database are stored in Elasticsearch, only specific columns can be accessed by general users through the Geocoding System website. Hence, the addresses presented are general data and do not contain personal data., Standardisasi dan geocoding alamat akan memberi solusi atas permasalahan alamat yang selama ini dihadapi di Indonesia. Tujuan dari artikel ini adalah untuk membahas terkait: Pertama, Identifikasi AUPB dalam standardisasi dan sistem geocoding alamat perkotaan dan perdesaan Indonesia. Kedua, sinkronisasi asas keterbukaan dalam AUPB dengan keamanan data dalam Sistem Geocoding Alamat Wilayah Perkotaan dan Perdesaan Indonesia. Hasil dari penelitian ini adalah: Pertama, secara keseluruhan unsur AUPB yang paling berperan dalam proses standardisasi, penyusunan basisdata dan sistem geocoding alamat adalah asas kepastian hukum. Kedua, keamanan data dalam standarisasi dan sistem geocoding alamat perkotaan dan perdesaan di Indonesia telah sinkron dengan prinsip keterbukaan karena data yang ada di dalam sistem geocoding alamat adalah data umum sehingga kerahasiaan data masih terjaga. Hal ini dikarenakan meskipun seluruh kolom pada basisdata alamat tersimpan pada Elasticsearch, tetapi hanya kolom tertentu saja yang dapat diakses melalui website Sistem Geocoding, sehingga tidak mengandung data personal. Kata kunci: AUPB, standardisasi, geocoding, alamat, keamanan data
Published: 2023

40. Cloud IT Security Audit Strategies

Author: Pilamunga, Jonathan and Pilamunga, Jonathan
Abstract: This article provides a review of Cloud Computing, an Internet-based computing system that utilizes remote data centers to manage information and applications. Cloud Computing offers users access to configurable computing resources such as networks, servers, storage, applications, and services, in a ubiquitous and on-demand manner. Five essential characteristics of Cloud Computing are outlined, including self-service on-demand, broad network access, resource pooling, rapid elasticity, and measured service. Additionally, three types of clouds are discussed: public cloud, private cloud, and hybrid cloud, highlighting their features, benefits, and applications. IT auditing is emphasized as a crucial tool for assessing and ensuring the security and protection of data in Cloud Computing, Este artículo presenta una revisión sobre auditoria de seguridad en Cloud Computing, un sistema informático basado en Internet y centros de datos remotos que permite gestionar servicios de información y aplicaciones. El Cloud Computing ofrece a los usuarios acceso a recursos informáticos configurables, como redes, servidores, almacenamiento, aplicaciones y servicios, de manera ubicua y bajo demanda. Se destacan cinco características esenciales del Cloud Computing, que incluyen el autoservicio bajo demanda, el amplio acceso a la red, el conjunto de recursos, la rápida elasticidad y el servicio medido. Además, se analizan tres tipos de nubes: la nube pública, la nube privada y la nube híbrida, resaltando sus características, beneficios y aplicaciones. La auditoría informática se destaca como una herramienta fundamental para evaluar y garantizar la seguridad y protección de los datos en el Cloud Computing.
Published: 2023

41. Role of Analytics in Supply Chain Management Industry in Lithuania: Big Data Analytics & AI

Author: Mohammad Kuraishi, Zikri and Mohammad Kuraishi, Zikri
Abstract: Supply chain managers face a variety of obstacles when preparing for the future, as change is bound to happen. The increase in the importance of "big data" and also the use of "analytics" to analyze this data are two significant changes in the past few years. The analysis of big data is extremely important because it has the potential to yield significant value, and it is essential for companies to make use of the wide range of information sources by carrying out a comprehensive and accurate examination. Goal: The purpose of this article is to showcase the constantly changing nature of supply chain management practices, predict the future impact of big data and analytics in SCM, emphasize the potential benefits of these trends, and offer guidance to leaders in the field of SCM. Approach/technique/procedure: It is emphasized how crucial it is to derive value from the vast quantity of data accessible in the field of supply chain management. Definition of "big data" and analytics, with explanation of how they affect SCM applications. Outcomes: Instances demonstrate how the supply chain management domain can be influenced by these recent trends and advancements. These examples have effectively adopted, utilized, and put into practice analytics that rely on large volumes of data. The existence of big data is undeniable, and utilizing analytics to derive valuable insights from this information has the power to create a significant influence. In summary, it can be stated that... It is important for supply chain managers to closely monitor these 2 trends because effectively incorporating "big data" analytics are able to keep them updated on advancements and alterations, ultimately enhancing their competitiveness.
Published: 2023

42. Attribute-based Approaches for Secure Data Sharing in the Industry

Author: Chiquito, Alex and Chiquito, Alex
Abstract: In the Industry 4.0 era, secure and efficient data sharing is vital for innovation and operational enhancement. Industry 4.0 envisions a highly connected ecosystem where machines, devices, and stakeholders collaborate in real time to optimize processes, enhance productivity, and create new value propositions. However, this surge in data-driven collaboration brings forth a critical challenge, ensuring the secure and controlled sharing of sensitive information. As organizations embrace the potential of Industry 4.0, the need for robust mechanisms to achieve key data security properties of data integrity, confidentiality, and availability, while enabling efficient data exchange becomes paramount. However, while the promise of Industry 4.0 presents promising opportunities, it also introduces a set of challenges intrinsic to data security solutions. These solutions, while promising in providing fine-grained data security, introduce complexities such as administrative overhead and substantial management efforts for the users. Striking a balance between robust security and operational ease is critical for enabling seamless data exchange within the evolving landscape of Industry 4.0. This thesis explores the realm of Attribute-based approaches to achieve the desired secure data sharing, pivotal in the digitized Industry 4.0 environment. An overarching objective is to achieve compatibility of these data-securing mechanisms with the Industry 4.0 paradigms through the usage of attribute-based approaches. This includes the exploration of the existing solutions within the state-of-the-art and its analysis in the context of usability and practicality for industrial adoption. Access control entails the establishment of policies and mechanisms to regulate who can access specific resources or information, under what conditions, and to what extent. The study will delve into various access control models and their applicability, with a particular emphasis on Attribute-Based Access C
Published: 2023

43. Analysis and Utilization of the Base64 Algorithm for Image Encryption and Decryption Security in Web-Based Images

Author: Baso, Fadhlirrahman and Baso, Fadhlirrahman
Abstract: Data is often the target of irresponsible people for misuse. The theft is done is to benefit from the person who has the data. In addition to theft of work files, theft is also carried out on image files. The purpose of this file theft is to find out what the image contains. Someone has a private image that cannot be known by others. Misuse of image files will be fatal for the owner of the image. Cryptographic techniques are needed in securing images and one of the methods used to secure these images is using the base64 algorithm. The Caesar Cipher algorithm can help users secure the image file. The Base64 algorithm can be used to change the ASCII 256 format to Base64 so that it is easy to send or store on a storage medium. By applying the Base64 algorithm to image files, the security and confidentiality of these files will protect data from irresponsible people.
Published: 2023

44. Analysis and Utilization of the Base64 Algorithm for Image Encryption and Decryption Security in Web-Based Images

Author: Baso, Fadhlirrahman and Baso, Fadhlirrahman
Abstract: Data is often the target of irresponsible people for misuse. The theft is done is to benefit from the person who has the data. In addition to theft of work files, theft is also carried out on image files. The purpose of this file theft is to find out what the image contains. Someone has a private image that cannot be known by others. Misuse of image files will be fatal for the owner of the image. Cryptographic techniques are needed in securing images and one of the methods used to secure these images is using the base64 algorithm. The Caesar Cipher algorithm can help users secure the image file. The Base64 algorithm can be used to change the ASCII 256 format to Base64 so that it is easy to send or store on a storage medium. By applying the Base64 algorithm to image files, the security and confidentiality of these files will protect data from irresponsible people.
Published: 2023

45. The internet of toys: Working towards best practice in digital governance and the recognition of children’s rights in mediated contexts

Author: Stocco, Francesca A. and Stocco, Francesca A.
Abstract: The Internet of Toys (IoToys) is a catch-all concept. Defined as “where toys not only relate one-on-one to children but are wirelessly connected to other toys and/or database data” (Holloway & Green, 2016, p. 506), children’s connected toys have been known to foster educational, social and interaction benefits. The benefits of IoToys are counterbalanced, however, with potential data privacy and security issues of children’s connected toys that have been raised by commentators and parents. These critiques have been widely circulated in the public sphere. In the lead up to the Christmas period (2018–2019) the candidate helped conduct a content analysis of media, policy and commercial discourses (n=~300+). Discussions around data privacy and security led to the identification of three children’s connected toys for particular attention in this thesis. These were: My Friend Cayla, a cloud-based interactive toy doll which has been withdrawn from the market; Parker Bear, an Augmented reality toy; and Fitbit Ace 2, a children’s fitness tracker. A step-by-step walkthrough following recommendations by Light et al., (2018), was applied to parents’ perspective of registering an account for their child in order to inspect the transparency of account creation for accessing toys’ companion apps. The vagueness protocols of Reidenberg et al., (2016) and Bhatia (2019) were amalgamated with the rhetorical language perspective of Pollach (2007), to inform a Constant Comparative Analysis (CCA) audit of the toys’ Terms of Service (ToS) documents, especially privacy policies. This CCA audit adopts an overarching linguistics perspective to explore the potential use of vague and ambiguous terms which companies could choose to address if they wished to adopt best practice in communicating privacy provisions. A case study methodology incorporates the CCA audit to explore IoToys companies’ compliance with the Children’s Online Privacy Protection Act (COPPA, US) and General Data Protection Act
Published: 2023

46. Implementasi Sistem Keamanan File Menggunakan Algoritma AES untuk Mengamankan File Pribadi: Implementasi Sistem Keamanan File Menggunakan Algoritma AES untuk Mengamankan File Pribadi

Author: Saripa, Saripa and Saripa, Saripa
Abstract: In this growing digital age, data security is becoming increasingly important as more and more information is stored in digital files which are vulnerable to attacks and unauthorized access. To protect the privacy and confidentiality of personal information, an effective and reliable file security system is required. One effective way is to use cryptographic algorithms such as Advanced Encryption Standard (AES) which have been widely used in various applications that require a high level of security. Implementation of a file security system using the AES algorithm can be an effective and reliable solution for securing personal document files from attacks and unauthorized access and maintaining the privacy and confidentiality of personal information. This study uses the method of Literature Study, Design & Analysis, Implementation, and Testing to analyze and implement the AES algorithm using the PHP programming language and MySQL database. The results showed that the AES algorithm can guarantee the security of the six types of files tested, namely images, Word documents, PDF, Excel and PowerPoint. The AES algorithm can be an effective choice for securing document and image data safely and reliably., Pada zaman digital yang semakin berkembang ini, keamanan data menjadi semakin penting karena semakin banyak informasi yang disimpan dalam file digital yang rentan terhadap serangan dan akses yang tidak sah. Untuk melindungi privasi dan kerahasiaan informasi pribadi, diperlukan sistem keamanan file yang efektif dan terpercaya. Salah satu cara yang efektif adalah dengan menggunakan algoritma kriptografi seperti Advanced Encryption Standard (AES) yang telah digunakan secara luas dalam berbagai aplikasi yang membutuhkan tingkat keamanan yang tinggi. Implementasi sistem keamanan file menggunakan algoritma AES dapat menjadi solusi yang efektif dan terpercaya untuk mengamankan dokumen file pribadi dari serangan dan akses yang tidak sah serta menjaga privasi dan kerahasiaan informasi pribadi. Penelitian ini menggunakan metode Studi Literatur, Perancangan & Analisa, Implementasi, dan Pengujian untuk menganalisis dan mengimplementasikan algoritma AES dengan menggunakan bahasa pemrograman PHP dan database MySQL. Hasil penelitian menunjukkan bahwa algoritma AES dapat menjamin keamanan enam jenis file yang diuji, yaitu gambar, dokumen Word, PDF, Excel, dan PowerPoint. Algoritma AES dapat menjadi pilihan yang efektif untuk mengamankan data dokumen dan gambar secara aman dan andal.
Published: 2023

47. Implementasi Sistem Keamanan File Menggunakan Algoritma AES untuk Mengamankan File Pribadi: Implementasi Sistem Keamanan File Menggunakan Algoritma AES untuk Mengamankan File Pribadi

Author: Saripa, Saripa and Saripa, Saripa
Abstract: In this growing digital age, data security is becoming increasingly important as more and more information is stored in digital files which are vulnerable to attacks and unauthorized access. To protect the privacy and confidentiality of personal information, an effective and reliable file security system is required. One effective way is to use cryptographic algorithms such as Advanced Encryption Standard (AES) which have been widely used in various applications that require a high level of security. Implementation of a file security system using the AES algorithm can be an effective and reliable solution for securing personal document files from attacks and unauthorized access and maintaining the privacy and confidentiality of personal information. This study uses the method of Literature Study, Design & Analysis, Implementation, and Testing to analyze and implement the AES algorithm using the PHP programming language and MySQL database. The results showed that the AES algorithm can guarantee the security of the six types of files tested, namely images, Word documents, PDF, Excel and PowerPoint. The AES algorithm can be an effective choice for securing document and image data safely and reliably., Pada zaman digital yang semakin berkembang ini, keamanan data menjadi semakin penting karena semakin banyak informasi yang disimpan dalam file digital yang rentan terhadap serangan dan akses yang tidak sah. Untuk melindungi privasi dan kerahasiaan informasi pribadi, diperlukan sistem keamanan file yang efektif dan terpercaya. Salah satu cara yang efektif adalah dengan menggunakan algoritma kriptografi seperti Advanced Encryption Standard (AES) yang telah digunakan secara luas dalam berbagai aplikasi yang membutuhkan tingkat keamanan yang tinggi. Implementasi sistem keamanan file menggunakan algoritma AES dapat menjadi solusi yang efektif dan terpercaya untuk mengamankan dokumen file pribadi dari serangan dan akses yang tidak sah serta menjaga privasi dan kerahasiaan informasi pribadi. Penelitian ini menggunakan metode Studi Literatur, Perancangan & Analisa, Implementasi, dan Pengujian untuk menganalisis dan mengimplementasikan algoritma AES dengan menggunakan bahasa pemrograman PHP dan database MySQL. Hasil penelitian menunjukkan bahwa algoritma AES dapat menjamin keamanan enam jenis file yang diuji, yaitu gambar, dokumen Word, PDF, Excel, dan PowerPoint. Algoritma AES dapat menjadi pilihan yang efektif untuk mengamankan data dokumen dan gambar secara aman dan andal.
Published: 2023

48. Evaluating the Ownership of Personal data in the Cloud by Optimizing the IT Architecture : Applying a reference architecture to make the ownership of personal data more clear within an organization

Author: Myrsell, Tilda, Hulteberg, Sofie, Myrsell, Tilda, and Hulteberg, Sofie
Abstract: Cloud computing is an area that many companies use in order to stay in line with technological development. To keep these systems productive and easily managed, a reference architecture can be used as a framework and also as a manual on how to structure an organization to suit its specific needs and goals. The reference architecture can make it easier to divide responsibility as well as working tasks within an organization. One company facing the challenges that comes with cloud based systems is Vattenfall, one of the biggest energy companies in Europe. An organization like Vattenfall handles a great load of customer data which is to be controlled and protected in every way. In order to keep on making sure that these systems are efficient and secure, a reference architecture could be a helpful tool. With the purpose of investigating how a section within Vattenfall’s IT department can use a reference architecture to determine the ownership of customers’ personal data more easily, an interview study was conducted. The interviews focused on evaluation of how employees’ reason when handling customers’ personal data within cloud environments. The reference architecture found most suitable for handling personal data was the international standard ISO/IEC 17789. It describes multiple work roles within cloud computing which can make the process of handling sensitive information clearer and easier. The data collected from the interviews was later applied to this reference architecture in order to see how it can be used in order to more easily divide responsibility. The study could in the end present several recommendations as to how the department should divide responsibilities and raise awareness regarding the topic amongst employees in order to increase data security. Finally, the expected value created from implementing these recommendations and applying the reference architecture to the organization is expected to be high. The thesis concluded that the chosen ref
Published: 2023

49. OODOOLL : Exploring the Potential of Data Physicalisations to Increase Awareness and Control of Personal Data Privacy

Author: Skavron, Sarah and Skavron, Sarah
Abstract: Through online activities, we produce a large amount of personal data traces every day. Many people acknowledge the significance of protecting personal data online but they might not act accordingly. This thesis project seeks to make these often hidden traces visible and thus understandable through a data physicalisation. This is to increase awareness and knowledge as well as spark reflection on how and if certain data should be protected. Six design activities with a focus on the active involvement of participants were conducted to create the concept of “OODOOLL”, a reversed voodoo doll that has the purpose of protecting users from any potential harm in relation to online activity and sparking reflection around the topic of data privacy. While some of the potentials of a data physicalisation, such as initiating conversations or increased levels of self-reflection, could be realised, there were several limitations to the concept, i.e. technical limitations or breaking down the complexity of aggregated data use. Especially in terms of the increased use of digital devices and the rise of emerging technologies, it is important for general users but also for interaction designers to be aware and have an understanding of data collection, data use and data protection.
Published: 2023

50. Securing Data in a Cloud Environment: Access Control, Encryption, and Immutability

Author: Al Khateeb, Ahmad, Summaq, Abdulrazzaq, Al Khateeb, Ahmad, and Summaq, Abdulrazzaq
Abstract: The amount of data and the development of new technologies used by all society-critical organizations are increasing dramatically. In parallel, data breaches, cyber-attacks, and their devastating consequences are also on the rise, as well as the number of individuals and organizations that are potential targets for such attacks. This places higher demands on security in terms of protecting data against cyber-attacks and controlling access to data that authenticated users want to access. The paper focuses on studying concepts of secure data practices in a GitLab-based cloud environment. The objective is to give answers to questions such as how to ensure the guarantee of secure data and protect it from unauthorized access and changes. The work behind this thesis includes exploring techniques for access control, data encryption, and data immutability. The study is followed by an implementation project that includes fetching code from GitLab verifying user identity and access control, managing data access, and displaying the results. The results of the thesis demonstrate the effectiveness of the implemented security measures in protecting data and controlling access., Mängden av data och utvecklingen av banbrytande teknologier som idag används av alla samhällsbärande organisationer ökar drastiskt. I samma takt ökar dataintrång, cyberattacker och dess förödande konsekvenser samt antalet personer och organisationer som utgör potentiella offer för sådana typer av attacker. Detta ställer högre krav på säkerheten när det gäller att skydda data mot cyberattacker, men även att kontrollera åtkomsten till data som autentiserade användare vill komma åt. Rapporten fokuserar på att studera hur data säkras i GitLab-baserade molnsystem. Syftet med detta arbete är att ge svar på frågeställningar som till exempel att lova säker åtkomst och skydd för data från obehörig åtkomst och ändringar. Arbetet bakom detta projekt inkluderade undersökning av tekniker som används inom accesskontroll, datakryptering och data-omutlighet. Studien resulterade i en implementation som möjliggör att hämta signerade ändringar (Commits) från GitLab, verifiera användaridentiteten och åtkomstbehörighet, hantera dataåtkomst samt presentera resultaten. Resultaten av detta examensarbete demonstrerar effektiviteten av den implementerade säkerhetsteknikerna i att skydda data och kontrollera access.
Published: 2023

Catalog

Books, media, physical & digital resources

See catalog results

Searchworks

Select search scope, currently: Articles Catalog books, media & more in Jio Institute collections Articles journal articles & other e-resources

Search

Search Constraints

Refine your results

Search Limiters

Publication Year Range

Publication Type

Journal

Database

Publisher

682 results on '"data security"'

Search Results

Catalog

Select search scope, currently: Articles

Catalog

books, media & more in Jio Institute collections

Articles

journal articles & other e-resources