Your search keyword '"INFORMATION technology security"' showing total 7,285 results

1. Dark Clouds on the Horizon? Effects of Cloud Storage on Security Breaches.

Author

Li, He, Kettinger, William J., and Yoo, Sungjin

Subjects

CLOUD storage security measures, CLOUD storage, INFORMATION technology security, CLOUD computing, SELECTIVITY (Psychology)

Abstract

This research examines how a firm's cloud storage implementation affects different types of security breaches in both the short- and long-term. Building on the attention-based view, we find that cloud storage implementation positively relates to a firm's external breaches and accidental internal breaches in the short-term. However, the positive relationship between cloud storage implementation and external breaches diminishes over time and becomes insignificant long-term. Our results demonstrate a long-term security advantage of cloud storage in reducing accidental internal breaches. We did not find a significant association between cloud storage and malicious internal breaches. Findings highlight the need for firms to direct limited resources to different security risks in the short- and long-term of cloud storage implementation over time. This research contributes to our understanding of cloud storage's security implications and explicitly theorizes the role of attention in firm IT security management. We contribute to the attention-based view by contextualizing the theory to IT security. We highlight temporal dynamics through distinct attentional mechanisms, including selective attention, attentional flexibility, and attentional vigilance. [ABSTRACT FROM AUTHOR]

Published

2024

2. Examining the Differential Effectiveness of Fear Appeals in Information Security Management Using Two-Stage Meta-Analysis.

Author

Lowry, Paul Benjamin, Moody, Gregory D., Parameswaran, Srikanth, and Brown, Nicholas James

Subjects

INFORMATION technology security, PROTECTION motivation theory, SECURITY management, STRUCTURAL equation modeling, META-analysis, PARALLEL processing, RESEARCH personnel

Abstract

Most of the information security management research involving fear appeals is guided by either protection motivation theory or the extended parallel processing model. Over time, extant research has extended these theories, as well as their derivative theories, in a variety of ways, leading to several theoretical and empirical inconsistencies. The large body of fragmented, and sometimes conflicting, research has muddied the broader understanding of what drives protection- and defensive motivation. We provide guidance to the security discourse by offering the first study in the literature to employ two-stage meta-analytic structural equation modeling (TSSEM), which combines covariance-based structural equation modeling and meta-analysis. Information systems (IS) researchers have traditionally used meta-analysis for structural equation modeling for such purposes—an approach that has several serious statistical flaws. Using 341 systematically selected empirical security articles (representing 383 unique studies) and TSSEM, we pool a large series of five datasets to test six models, from which we examine the effects of constructs and paths in the security fear-appeals literature. We compare and test six versions of models inspired by issues in the broader fear-appeals literature. We confirm the importance of both the threat- and coping-appraisal processes; establish the central role of fear and that it has greater importance than threat; show that efficacy is a stronger predictor of protection motivation than is threat; demonstrate that response costs as currently measured are ineffective but that maladaptive rewards have a strong negative effect on protection motivation and a positive effect on defensive motivation; and provide evidence that dual models of danger control and fear control should be used. [ABSTRACT FROM AUTHOR]

Published

2023

3. МІЖНАРОДНО-ПРАВОВИЙ АСПЕКТ ПРОТИДІЇ ДОКСИНГУ В ЦИФРОВУ ЕПОХУ

Author

А. Ю., Ковальчук and Б. В., Чернявська

Subjects

LANGUAGE models, INFORMATION technology security, SOCIAL media, OPEN source intelligence, ARTIFICIAL intelligence

Abstract

The authors explore the issue of safeguarding personal data, particularly its identifying components, in the context of the Internet. Doxing, a criminal act involving the unauthorized collection of information and its public dissemination without the owner's consent, has gained significant traction on social media platforms, where identifying information can be quickly spread and misused against individuals. Large language models (artificial intelligence) are integrated into many software programs designed to protect personal data. However, in light of large-scale data breaches, the authors raise concerns about the liability of entities or individuals who fail to adequately secure such data, especially when cyber incidents are linked to the use of AL The rapid advancement and widespread use of artificial intelligence contribute to these growing concerns. In 2023, the emergence of several language models facilitated both the manipulation and aggregation of data, exacerbating the problem. The authors express serious concerns about ensuring user privacy and information security in a landscape increasingly shaped by open-source intelligence and the further exploitation of such data. In an era where personal data has become a highly valuable commodity, protecting it has become a priority for governments worldwide. In light of this, the authors aim to examine and synthesize international legal approaches to safeguarding the right to privacy and regulating the protection of personal (identifying) information on the Internet. The study relies on general scientific methods of inquiry, including comparative analysis and modelling. The authors conclude that cyberattacks, the theft of personal data, the increasing use of open-source intelligence, the penetration of digital identification technologies into all socio-economic processes, and the proliferation of the Internet of Things pose real threats to individual privacy and the security of identifying information as a critical component of personal data. [ABSTRACT FROM AUTHOR]

Published

2024

4. СУЧАСНІ МОЖЛИВОСТІ ОКРЕМИХ ВИДІВ СУДОВИХ ЕКСПЕРТИЗ У ПРОТИДІЇ ЗЛОЧИНАМ ПРОТИ ІНФОРМАЦІЙНОЇ БЕЗПЕКИ УКРАЇНИ

Author

В. О., Ходанович and В. В., Колонюк

Subjects

INFORMATION technology security, CRIMINAL evidence, CRIMINAL procedure, MILITARY administration, ACT Assessment

Abstract

The article examines the modem capabilities of certain types of forensic examinations in combating crimes that encroach on the information security of Ukraine. Attention is drawn to the need to protect the information structure of the state, which is designed to ensure security and, as a result, stability and stability of the main spheres of life, in particular, state and military administration, economy, science, as well as public consciousness from dangerous destabilizing and destructive informational influences. It is emphasized that the dissemination of destructive materials poses a threat to the national interests of Ukraine, as it can provoke significant social conflicts in the economic, political, religious and other spheres of public life, as well as encroach on the constitutional order, territorial integrity and independence of the state, and the national consciousness of its population. It is noted separately that the text and non-verbal components of extremist materials are the main subject of research and the main source of evidence in criminal proceedings about crimes against the information security of Ukraine. A forensic linguist determines whether a specific text actually contains exhortations and what their content is, their direction, what their nature is and what audience they are intended for, etc. In addition, determining the semantic direction of the disputed text is a preliminary and mandatory condition for the legal assessment of the act as illegal and this provides grounds for conducting a pre-trial investigation. Interpretation and interpretation of the meaning of an oral statement or a written text requires the mandatory involvement of special linguistic knowledge not only in cases of using manipulative techniques of speech influence on the audience, but also to identify propaganda reflected by the audience, calls to commit certain actions, threats and incitement, justification or substantiation of the need to carry out illegal activity. The opinion is expressed that before the experts involved in the pre-trial investigation, the question arises not only of establishing the content of the text, but also its direction, the used specific means of influencing the reader or the audience with the aim of inciting certain illegal actions that harm the interests of the state. That is, issues of psychological influence are resolved by publicizing appeals using speech media. The article draws attention to the expediency of a comprehensive psycho-linguistic study of communication objects. It is emphasized that in the psycholinguistic examination it is necessary to form questions to the expert in such a way that it reflects the linguistic and psychological aspects of those phenomena which in law have a name that is conveyed in verbal form and in a certain way. It is noted separately that the expert opinion of both linguistic and psycho-linguistic expertise should in no case contain a legal assessment, which can be exercised only by the pre-trial investigation body, the defense and the court. [ABSTRACT FROM AUTHOR]

Published

2024

5. ОСНОВНІ АСПЕКТИ МЕХАНІЗМУ ЗАБЕЗПЕЧЕННЯ ІНФОРМАЦІЙНОЇ БЕЗПЕКИ ПІДПРИЄМНИЦЬКОЇ ДІЯЛЬНОСТІ

Author

М. О., Шевчук

Subjects

INFORMATION technology security, SECURITY systems, BUSINESS planning, RESEARCH personnel, GOVERNMENT agencies

Abstract

The article analyzes current issues in protecting the information security of enterprises, which is an integral part of modern business activities. Emphasizing the importance of confidentiality, integrity, and availability of information assets, the authors highlight the need to implement comprehensive measures aimed at neutralizing both internal and external threats. By utilizing modern methods of encryption, authentication, and access management, enterprises are capable of integrating information security into their overall business strategy, ensuring its resilience. Focusing on the importance of personnel training, the researchers recommend employing enhanced monitoring mechanisms to timely detect threats, thereby maintaining business stability and competitiveness in the contemporary information landscape. Effective information security of business activities requires the implementation of comprehensive mechanisms that cover both legal and technical aspects. One of the main elements of such a system is the legal framework. Modern laws and regulations create a legal framework for the protection of information data. Information cooperation between business entities, government agencies and international organizations is one of the main components of the information security system. Cooperation between these entities allows for timely detection and neutralization of threats. It is necessary to develop mechanisms for monitoring and evaluating the effectiveness of information security measures. Modern businesses need tools that allow them to respond quickly to threats and adapt to new challenges. Solving these unresolved issues is important for creating a reliable system of ensuring information security of business activities in the mod ern information environment. [ABSTRACT FROM AUTHOR]

Published

2024

6. ПРІОРИТЕТНІ НАПРЯМИ ЗАБЕЗПЕЧЕННЯ ІНФОРМАЦІЙНОГО СУВЕРЕНІТЕТУ УКРАЇНИ

Author

О., Солодка

Subjects

INTERNATIONAL law, INFORMATION technology security, NATIONAL unification, MEDIA literacy, STATE formation

Abstract

The article is devoted to the identification of priority directions for ensuring information sovereignty of Ukraine. The publication proves that the information sovereignty of the state should be talked about only under the condition of creating opportunities to ensure it, which should include: the creation of a comprehensive normative and legal regulation of the concept of «information sovereignty», directions of its provision (legislative definition and provision of strategic directions for the development and protection of the national information space, determination of norms, principles and limits of activities of foreign and international entities in the national information space of Ukraine); powers of relevant bodies and their coordination and interaction; participation in the creation and development of international law norms with a view to integration into the global information space, in particular, the activation of Ukraine's participation in the discussion and resolution of issues of the functioning and development of the global information space, because only under such conditions will its national interests in the aspect of ensuring information sovereignty be taken into account. An important aspect of ensuring Ukraine's information sovereignty is solving the problems of reintegration of Ukraine's information space through the formation of a state focused on democratic values and promoting its image as a civilized European country; citizen education and formation of national and civic identity, formation of a political nation on the basis of basic democratic values; unification of society by a national idea. In order to implement the mentioned initiatives, it is considered necessary to implement several vectors - information aimed at forming a sense of unity in the minds of citizens; legal, the purpose of which is to overcome gaps in national information legislation, to reconcile conflicts; public, aimed at the development of a broad public dialogue on the problems of forming the information model of the state, educational - aimed at forming a system of media literacy and media culture, security, aimed at forming the foundations of national information security. [ABSTRACT FROM AUTHOR]

Published

2024

7. ШТУЧНИЙ ІНТЕЛЕКТ ТА ПЕРСОНАЛЬНІ ДАНІ: ЗАХИСТ ПРИВАТНОСТІ В ЦИФРОВОМУ СЕРЕДОВИЩІ

Author

Є. З., Остіян

Subjects

GENERAL Data Protection Regulation, 2016, DATA protection, ARTIFICIAL intelligence, INFORMATION technology security, PERSONALLY identifiable information, DIGITAL transformation

Abstract

This paper focuses on the current risks associated with the use of artificial intelligence (AI) in processing personal data (PD), particularly about individuals' privacy and confidentiality rights. The paper identifies and examines specific areas of artificial intelligence data processing and discusses how modern trends and threats to data protection impact the development of a robust regulatory framework for managing such technologies. The analysis of Ukraine's digital transformation journey and specific cases of privacy rights violations through artificial intelligence globally has highlighted unauthorized access to data and insufficient preventive measures for information protection. These issues have been found to harm information security and economic stability. Despite this, there has been a notable trend on online platforms to label content created with the assistance of artificial intelligence. The paper delves into the legal nature of artificial intelligence and the need for an interdisciplinary approach involving both legal mechanisms and technological tools due to the complexity of the data it uses. Furthermore, artificial intelligence is shown to play a crucial role in updating legal regimes, particularly in information security, personal data protection, and individual privacy. Given this, the main shortcomings of the national legislation on the protection of PD have been considered. The national strategy for regulating artificial intelligence has been analyzed, and ways of solving key problems in these fields have been proposed. A separate point was noted in the draft laws on protecting personal data in Ukraine and how they align with European data protection standards in the context of developing artificial intelligence. Also, for comparison, strategies for developing artificial intelligence through the prism of international experience are presented, and European legislation on data protection (General Data Protection Regulation) and the EU Act on AI are processed to identify the main points of their relationship. [ABSTRACT FROM AUTHOR]

Published

2024

8. МІНІСТЕРСТВО КУЛЬТУРИ ТА СТРАТЕГІЧНИХ КОМУНІКАЦІЙ УКРАЇНИ В СИСТЕМІ СУБ'ЄКТІВ ЗАХИСТУ НАЦІОНАЛЬНИХ ІНТЕРЕСІВ В ІНФОРМАЦІЙНІЙ СФЕРІ

Author

В. М., Бігун

Subjects

INFORMATION technology security, STRATEGIC communication, CULTURAL property, TELEVISION broadcasting, INFORMATION policy

Abstract

The article examines the activities of the Ministry of Culture and Strategic Communications of Ukraine in the context of ensuring national interests and information security of the state. In the third year of the full-scale, combined with a hybrid component, the war of the Russian Federation against Ukraine, the issue of information sovereignty becomes a critical element of the country's overall security. Attention is focused on the role of the Ministry of Culture and Strategic Communications of Ukraine as a key body responsible for the formation and implementation of state policy in the fields of culture, information policy, and national heritage. The article analyzes the organizational and legal foundations of the Ministry of Culture and Strategic Communications of Ukraine, its functions and tasks. Special attention is paid to the legal and regulatory aspects of the functioning of the Ministry of Culture and Strategic Communications of Ukraine, its evolution, as well as interaction with other state authorities, in particular the National Security and Defense Council of Ukraine, the Security Service of Ukraine, and the National Council on Television and Radio Broadcasting. Since the Constitution of Ukraine does not provide for a specific department responsible for information security, the functions of the Ministry of Culture and Strategic Communications of Ukraine are regulated by secondary legislation and specific laws, such as the Law of Ukraine "On National Security of Ukraine" and the Law of Ukraine "On Media". The study emphasizes that the Information Security Strategy of Ukraine, approved in 2021, defines key threats and tasks in the field of information sovereignty. It also lays the foundation for coordinated actions of all subjects of state policy in countering destructive informational influences. The significance of the Information Security Strategy as an important regulatory document defining the basics of protection against external and internal threats is outlined. The Ministry of Culture and Strategic Communications of Ukraine, among other tasks, forms and publishes a list of persons who pose threats to national security. The problem of separation of powers in the field of information security is analyzed. At the same time, it is emphasized that information security remains one of the key priorities of national security, particularly in the context of countering disinformation and other negative informational influences. It is emphasized that strengthening cooperation between authorities and civil society is key to ensuring a stable information space and forming a favorable environment for the protection of Ukraine's national interests. The results of the study are aimed at finding ways to increase the effectiveness of the Ministry of Culture and Strategic Communications of Ukraine in the context of countering modern threats and ensuring information sovereignty. [ABSTRACT FROM AUTHOR]

Published

2024

9. ВПЛИВ ЦИФРОВІЗАЦІЇ НА РОЗВИТОК ЕЛЕКТРОННОЇ КОМЕРЦІЇ ТА ЇЇ ПРАВОВЕ РЕГУЛЮВАННЯ

Author

В. В., Гомонай

Subjects

INFORMATION technology security, DATA protection, INTERNET fraud, HIGH technology industries, DIGITAL technology, PERSONALLY identifiable information

Abstract

This scientific article is devoted to the analysis of key aspects that arise in connection with the digitalization of the economy and the growth of electronic commerce. The impact of technology on business models, legal regulation of electronic transactions, protection of consumer rights and cyber security issues are investigated. The article emphasizes that digitization opens new opportunities for business, in particular through the implementation of digital platforms, omnichannel strategies and process automation. Digital platforms such as Amazon and Alibaba are becoming important tools for business globalization as they facilitate access to international markets, reduce the need for physical infrastructure, and enable the integration of business processe s. The legal regulation of electronic transactions and contracts has been studied. It is noted that the development of e-commerce requires legal certainty, regarding electronic signatures, electronic documents and digital identifiers. There are differences in approaches to these issues in different countries, which creates challenges for cross-border trade. In Ukraine, this issue is regulated by the Law «On electronic identification and electronic trust services», which meets EU standards, particularly the eIDAS Regulation. Challenges related to the protection of consumer rights in the digital economy are analyzed. Consumers face new risks such as privacy breaches and fraud in the online environment. International standards, such as GDPR, ensure a high level of personal data protection, while Ukrainian legislation needs further harmonization with international norms to increase the level of consumer rights protection. The policy of cyber security in the field of implementation of legal relations in electronic commerce was studied. Data protection, cybercrime prevention and information security are becoming key challenges for national governments and international organizations. It is important to implement international standards, such as PCI DSS, which guarantee the security of payment card data during their processing and storage. The fact that digitalization, on the one hand, requires adaptation of legal regulation to new conditions, but on the other hand, creates new opportunities for improving legal mechanisms, is summarized. Studying these aspects allows for a deeper understanding of how to adapt legal systems to further the development of e-commerce and ensure a balance between innovation and the protection of the rights of participants in the digital economy. [ABSTRACT FROM AUTHOR]

Published

2024

10. ТЕОРЕТИЧНІ ПІДХОДИ ДО ПОНЯТТЯ ТА СУТНОСТІ НЕПОВНОЛІТНІХ СУБ'ЄКТІВ ІНФОРМАЦІЙНИХ ВІДНОСИН У КОНТЕКСТІ ПРАВОВОЇ КОМУНІКАЦІЇ

Author

В. А., Бондаренко and Х. І., Вербицька

Subjects

INFORMATION technology security, DIGITAL technology, DIGITAL transformation, PSYCHOLOGICAL safety, COMMUNICATION in law, CHILDREN'S rights, MINORS

Abstract

The article deals with theoretical approaches to the concept and essence of underage subjects of information relations in the context of legal communication. The article aims to provide a systemic analysis of the legal framework for minors' information security and formulate a comprehensive approach to its development in the context of the digital transformation of society. The object is social relations aimed at legal support of information security of minors. The subject of the study is a set of legal acts of Ukraine and international legal acts regulating public relations in the field of ensuring the information security of minors when using information technologies. The study is based on a comprehensive approach to the model of legal support for the information security of minors, taking into account their special status, based on an interdisciplinary approach. The systemic analysis expands the understanding of the peculiarities of subjects and objects of information relations related to the legal provision of information security of minors, and the conceptual and categorical apparatus in this area. The legal provisions relating to the information security of minors as subjects of information law are homogeneous in nature. They are widely used by various branches of law. It is noted that the system of information rights of minors should contain an element of development and formation of minors in the modern digital space and should consider a minor as a person who has reached a certain level of digital maturity. The second important element of the system of information rights is the right to use secure information technologies in the educational process, based on the right to secure information interaction, expressed in the absence of destructive influence as an element of care for children's information and psychological safety. It creates a sub-institution of information security of a minor as a component of the institution of legal support for the information security of a person. It expands theoretical and informational concepts regarding the content of the specific features of information rights of minors as independent subjects of information relations. [ABSTRACT FROM AUTHOR]

Published

2024

11. Information security decisions of security‐interdependent firms in the presence of consumer sensitivity.

Author

Wu, Yong, Jin, Zhijie, Dai, Tao, and Yang, Dong

Subjects

PRICES of securities, PRICE increases, INFORMATION technology security, CONSUMERS, CONTRACTING out

Abstract

Firms suffer security‐interdependent risks while applying network technology, causing severe customer churn. This paper studies the security and price decisions of security‐interdependent firms that face security‐sensitivity consumers. We show that one firm's product price increases (decreases) with the other's security efforts under positive (negative) interdependence. Firms can overinvest or underinvest in security due to security interdependence. Two mechanisms are proposed to solve this distortion. In the Reward mechanism, the firms reward (penalize) the other under the positive (negative) interdependence. In the Outsourcing mechanism, the security service providers raise (reduce) the compensations with consumer sensitivity. [ABSTRACT FROM AUTHOR]

Published

2024

12. A Deniable Encryption Method for Modulation-Based DNA Storage.

Author

Chu, Ling, Su, Yanqing, Zan, Xiangzhen, Lin, Wanmin, Yao, Xiangyu, Xu, Peng, and Liu, Wenbin

Subjects

DATA encryption, DNA, INFORMATION technology security, CRYPTOGRAPHY, NOISE

Abstract

Recent advancements in synthesis and sequencing techniques have made deoxyribonucleic acid (DNA) a promising alternative for next-generation digital storage. As it approaches practical application, ensuring the security of DNA-stored information has become a critical problem. Deniable encryption allows the decryption of different information from the same ciphertext, ensuring that the "plausible" fake information can be provided when users are coerced to reveal the real information. In this paper, we propose a deniable encryption method that uniquely leverages DNA noise channels. Specifically, true and fake messages are encrypted by two similar modulation carriers and subsequently obfuscated by inherent errors. Experiment results demonstrate that our method not only can conceal true information among fake ones indistinguishably, but also allow both the coercive adversary and the legitimate receiver to decrypt the intended information accurately. Further security analysis validates the resistance of our method against various typical attacks. Compared with conventional DNA cryptography methods based on complex biological operations, our method offers superior practicality and reliability, positioning it as an ideal solution for data encryption in future large-scale DNA storage applications. [ABSTRACT FROM AUTHOR]

Published

2024

13. ПРАВОВЕ ЗАБЕЗПЕЧЕННЯ ЕЛЕКТРОННОГО ДОКУМЕНТООБІГУ

Author

Н. П., Капітаненко

Subjects

DOCUMENT imaging systems, INFORMATION technology, ELECTRONIC records, INFORMATION technology security, PUBLIC administration, RECORDS management

Abstract

The article analyzes the legal support for electronic document management in Ukraine. It is determined that the introduction of innovative transformations in Ukraine in the context of information technology development involves the use of modern forms and methods of work based on electronic information exchange. Numerous forms and methods that have been used for decades in the field of information and communication relations for information processing have proven to be unjustified and ineffective in the new social and information and innovative realities. Electronic document management has replaced paper document management. The study found that the electronic document management system in Ukraine is undergoing a long path of development and formation. The introduction of electronic document management contributes to the digital modernization of Ukraine. The availability of reformed legislation is important for carrying out qualitative changes, which generates legal certainty of the status of subjects of the process of significant transformations. The electronic form of documents provides the necessary level of information security for participants in legal relations, since the exchange of documents occurs in encrypted form using a qualified electronic signature. It has been established that there is a saving of human and material resources that were previously used for printing, sending and storing documents. Remote advantages provide mobility and convenience of document transfer via electronic document management platforms or e-mail. The implementation of this document management system allows creating electronic archives for more efficient document storage. It has been established that the main effect of introducing electronic document management is resource-based. At the same time, it is necessary to take into account the risks of introducing electronic document management by both state and local government bodies a nd business entities. The state of electronic document management in Ukraine in the field of public administration has been analyzed and ways of its further development have been identified. It has been established that the legal support for electronic document management requires further development, updating, balance, harmonization with international legal norms and standards. Implementation of high-quality legal, institutional, organizational, and managerial transformations in the sphere of public administration in the context of European integration requirements based on the recognition of a person as the highest social value is an urgent vital necessity, which will contribute to the development of Ukraine as a competitive state with a strong economy and advanced technologi es. [ABSTRACT FROM AUTHOR]

Published

2024

14. ПИТАННЯ ЗАХИСТУ ПРОВІДНИХ ГАЛУЗЕЙ ВИРОБНИЦТВА УКРАЇНИ: НАЦІОНАЛЬНІ ПРІОРИТЕТИ.

Author

Петруненко, Я. В. and Тройніков, В. В.

Subjects

INTERNATIONAL competition, INTELLECTUAL property, INFORMATION technology security, ECONOMIC security, NATIONAL interest

Abstract

The article emphasises that in the context of a full-scale war and economic crisis, protection of Ukraine's leading industries becomes one of the state's priority tasks. Not only the economic independence of the country, but also its defence capability depends on the preservation and development of these industries. The article identifies the leading industries of Ukraine that require priority protection. The main risks and threats to these industries are analysed. A set of priority measures to protect the leading industries has been developed, including financial support, tax and customs benefits, state guarantees, creation of a favourable investment climate, technology modernisation and innovation, and protection of intellectual property. The implementation of the proposed measures will definitely contribute to strengthening the country's economic security and, accordingly, its defence capability. It is emphasised that in the context of globalisation and competition in international markets, it is extremely important to ensure the sustainability and competitiveness of key production sectors, including energy, machine building, and heavy industry. National priorities in this area should include the development and implementation of effective protection strategies, modernisation of the technological base, improvement of product quality, creation of a favourable investment climate and ener gy security. The author suggests that analysis of innovation trends, study of international experience and introduction of advanced technologies are key aspects of development and protection of leading industries. An effective system of intellectual property protection, implementation of effective cybersecurity and information security measures, and support of state programmes for the development of production capacities contribute to strengthening the protection of import ant sectors of the economy. The author concludes that studying and analysing the problems of protecting Ukraine's leading industries and developing national priorities in this regard are important tasks for ensuring the sustainability and competitiveness of the country's economy in the current conditions of geopolitical and economic challenges, as well as for the post-war reconstruc tion of the state. [ABSTRACT FROM AUTHOR]

Published

2024

15. Rewritable Dual‐Mode Patterns Based on DASA Decorated PEG Crystal.

Author

Pan, Xinyi and He, Yaning

Subjects

*CRYSTALLINE polymers, *FATIGUE limit, *INFORMATION technology security, *POLYETHYLENE glycol, *PHOTOCHROMISM

Abstract

Displaying the same data in different optical modes has improved both storage capacity and information security. However, it always requires either sophisticated chemistry or expensive experimental setup to build a dual‐mode or even multi‐mode anti‐counterfeiting system. Here, a rewritable dual‐mode pattern is designed, based on the second‐generation Donor‐acceptor Stenhouse adducts decorated polyethylene glycol crystal. Uniform square crystals are obtained through a simple process of controlled solvent evaporation. Complex pattern such as words can be written on the crystals with the help of microregional irradiation. It endows the high‐resolution of the pattern that only the area exposed to light goes through the discoloration and fluorescence change. The great reversibility and fatigue resistance of the photochromism enable the crystals to be repeatedly utilized, making them qualified candidates as high‐level anti‐counterfeiting materials. [ABSTRACT FROM AUTHOR]

Published

2024

16. Enhanced luminescence encryption via Mn4+ activation with organic acid surface modification.

Author

Yu, Yan, Zhang, Yiqing, Li, Yongshuai, Xie, Wenjing, Wang, Yuhang, Gao, Xianwu, Yu, Tong, Wang, Tiantian, Chang, Guangtao, and Li, Ruoxin

Subjects

*RED light, *INFORMATION technology security, *EDITING software, *POLYVINYL alcohol, *ORGANIC acids

Abstract

Mn4+-activated luminescent materials exhibit high color purity red light emission, but their limited water resistance hinders practical applications. In this study, citric and oxalic acids are innovatively employed for surface modification, resulting in luminescent materials with enhanced water resistance while preserving their luminescent intensity. This enhancement provides a prerequisite for their application in anti-counterfeiting films and aqueous fluorescent inks. Furthermore, the potential for optical information storage is successfully demonstrated by utilizing the photochromic fluorescent properties of polyvinyl alcohol films deposited on oxalic acid-modified K 2 SiF 6 :Mn4+. Exploiting the 3 ms day time difference between equivalently and non-equivalently doped Mn4+ fluoride, a millisecond information encryption mode is proposed by combining oxalic acid-modified K 2 SiF 6 :Mn4+ (long decay time, τ = 8.99 ms) and K 3 AlF 6 :Mn4+ (short decay time, τ = 5.31 ms). This mode can be effectively decoded using digital cameras and editing software, achieving high-level anti-counterfeiting capabilities. This work advances the application of highly efficient Mn4+-activated red phosphors in the realm of information security. [ABSTRACT FROM AUTHOR]

Published

2024

17. Microwave absorption performance of La1.5Sr0.5NiO4/SrFe12O19 composites with thin matching thickness.

Author

Tho, P.T., Tran, N., Xuan, C.T.A., Dat, T.Q., Bach, T.N., Ho, T.A., Tuan, N.Q., Khan, D.T., Tuyen, N.L., and Khien, N.V.

Subjects

*INFORMATION technology security, *ENERGY harvesting, *MAGNETIC flux leakage, *IMPEDANCE matching, *DIELECTRIC loss

Abstract

The global focus on electromagnetic interference and pollution is undeniable. To counter these challenges, high-performance microwave-absorbing materials (MAMs), typically composed of dielectric and magnetic components, offer effective solutions by ensuring favorable impedance matching. Leveraging these MAMs has proven beneficial across various sectors, including 5G technology, information security, energy harvesting, diminished radar cross-section, and advancements in military applications. We successfully synthesized composites of La 1.5 Sr 0.5 NiO 4 (LSNO) and SrFe 12 O 19 (SrM) composites through ball milling and heat treatment. With the escalation of SrM weight percentage in the composites, noticeable alteration in structural, morphological, and static magnetic characteristics was ensured. Moreover, the amalgamation of these components bolstered the EM properties, consequently yielding exceptional microwave absorption capabilities in the composites. The composites with 40, 60, and 80 wt% of SrM (named S4, S6, and S8) exhibited excellent microwave absorption performance with an absorption rate of over 99.9 % for a thin thickness. The S4 and S8 composites attained reflection loss (RL) values of −34.75 dB and −36.93 dB, with 2.0 and 1.6 mm thicknesses, respectively. Meanwhile, the S6 composite achieved an RL value of −44.24 dB with a thickness of 1.9 mm. These composites' outstanding microwave absorption performance can be attributed to their significant magnetic loss, remarkable dielectric loss, and synergistic effects. [ABSTRACT FROM AUTHOR]

Published

2024

18. Preparation, upconversion/downshifting emissions, temperature sensing, and thermochromic properties of one-dimensional Y2Zr2O7:Er3+/Yb3+ tube-in-tube nanostructures via single-nozzle electrospinning.

Author

Cong, Shanshan, Yu, Hongquan, Xu, Sai, Li, Xiangping, Liu, Tianshuo, and Chen, Baojiu

Subjects

*INFORMATION technology security, *OPTICAL materials, *OPTICAL properties, *NANOSTRUCTURES, *ELECTROSPINNING

Abstract

One-dimensional (1D) Y 2 Zr 2 O 7 :Er/Yb tube-in-tube nanostructures were prepared via a simple electrospinning technique with a single nozzle. The diameter of the outer tube of the Y 2 Zr 2 O 7 :Er/Yb tube-in-tube nanostructures is 190–170 nm, the thickness of the outer wall is 22–20 nm, the diameter of the inner tube is 120–100 nm, and the wall thickness of the inner tube is 17–14 nm. The optical properties of the Y 2 Zr 2 O 7 :Er/Yb tube-in-tube nanostructures, including the up-conversion and downshifting luminescence spectra, temperature sensitivity, and thermochromic properties, were studied in detail. Under 980 nm excitation, two weak green emissions at 528 nm and 550 nm, as well as a strong red emission at 650 nm of Er ions, are presented. When excited at 378 nm, the Er ions exhibit strong green emission at 545 nm, two weak red emission peaks at 650 and 680 nm, and near-infrared emission peaks at 1400–1600 nm. With increasing environmental temperature, the luminescence color of the 1D Y 2 Zr 2 O 7 :Er/Yb tube-in-tube nanostructures exhibited a transition from "orange→yellow→ green" when excited at 980 nm. For the 1D Y 2 Zr 2 O 7 :xEr/yYb tube-in-tube nanostructures (x = 0.01, 0.02, 0.03; y = 0.05, 0.10, 0.15), the maximum values of S r are 2.3 % K−1 under 980 nm excitation and 2.1%K−1 under 378 nm excitation within the temperature range of 303–723 K. This work develops integrated multifunctional optical materials and provides an alternative approach for the fabrication of nanoscale smart platforms, advanced displays, and applications in information security. [ABSTRACT FROM AUTHOR]

Published

2024

19. Engaging in cyber hygiene: the role of thoughtful decision-making and informational interventions.

Author

Howell, Christian, Maimon, David, Muniz, Caitlyn, Kamar, Eden, and Berenblum, Tamar

Subjects

INFORMATION technology security, SCIENTIFIC literature, RATIONAL choice theory, SECURITY systems, FIELD research, CYBERBULLYING

Abstract

Introduction: The effectiveness of human-centric cybersecurity largely depends on end-users' adherence to security and privacy behaviors. Understanding and predicting variations in the adoption of these safeguards is crucial for both theoretical advancement and practical application. While existing frameworks are often adapted from health science literature, there is potential to enhance these models by incorporating criminological constructs relevant to online victimization. This study introduce rational choice theory of thoughtfully reflective decision-making (TRDM) into the information security domain. TRDM suggests that variations in cognitive decision-making capabilities influence behavioral outcomes, particularly in the context of security and privacy practices. Methods: The study employed a field experiment to test the applicability of TRDM in predicting end-users' engagement in security and privacy behaviors. Participants were exposed to security-related warnings, with the hypothesis that thoughtfully reflective decision-makers would be more likely to adopt robust protective behaviors. Data was collected on participants' responses to these security warnings, as well as their overall adherence to privacy and security practices. Results: The findings support the theoretical framework: individuals exhibiting thoughtfully reflective decision-making tendencies demonstrated a higher likelihood of engaging in privacy and security behaviors. Specifically, participants with higher TRDM scores were more likely to adopt protective behaviors when warned of the consequences of non-compliance. These results indicate that cognitive decision-making capabilities significantly influence the likelihood of engaging in cybersecurity practices. Discussion: The study challenges the prevailing one-size-fits-all approach to cybersecurity by highlighting the importance of individual differences in cognitive decision-making. Thoughtfully reflective decision-makers are better equipped to adopt preventive security measures, suggesting the need for more tailored interventions in cybersecurity education and risk assessment. This research contributes to the development of sophisticated risk assessment tools aimed at mitigating vulnerabilities and reducing users' susceptibility to digital threats. Incorporating TRDM into information security models provides a more nuanced understanding of user behavior, offering insights into how cognitive processes influence cybersecurity adherence. [ABSTRACT FROM AUTHOR]

Published

2024

20. RIGHT TO INFORMATION: LEGAL POSITIONS OF THE CONSTITUTIONAL COURT OF UKRAINE.

Author

O. M., Kudriavtseva

Subjects

MILITARY medical personnel, INFORMATION technology security, CONSTITUTIONAL courts, DISCLOSURE, MEDICAL disclosure

Abstract

The article reveals the legal positions of the Constitutional Court of Ukraine regarding everyone’s right to information. Attention is focused on information that is collected by state authorities, local self-government bodies, institutions and organizations, and which is not a state or other secret protected by the Law of Ukraine «On Information» and which every person has the right to familiarize himself with. Separate attention is focused on confidential information (information with limited access). One of the types of confidential information is medical information, which, on the one hand, in special cases provided for by the Fundamentals of the Health Care Legislation of Ukraine, can be disclosed to family members or a legal representative of the patient, and on the other hand, in accordance with the decision of the European Court of Human Rights person in the case of «M.K. against Ukraine» confirmation by a doctor of a patient’s illness to a member of his family, even if he learned about it from the patient himself, is an interference by the state in a person’s right to private life, and in the case of infectious diseases, it is qualified as not carried out «in accordance with the law». Attention is focused on the fact that such situations arise more and more when military personnel undergo medical examinations and that there are prohibitive norms of a special law that forbid the disclosure of medical information regarding a certain list of diseases of a military personnel to his employer (military unit), commander, family members of the military personnel. Regarding the confidentiality of information and about a person who holds a position related to the performance of the functions of the state, local self-government bodies, and about members of his family, the legal positions of the Constitutional Court of Ukraine are established: absolutely in each specific case it is determined whether information about a person belongs to confidential; there are guarantees of protection of the rights of the above-mentioned persons, and additional legal burdens, and therefore the state is called upon to ensure a balance of public and private interest. The article also draws attention to the fact that even under martial law conditions, control (direct; indirect) by institutions of public power is prohibited both in terms of content and dissemination of information, even if the state pursues such a goal as protecting the information space from what is considered harmful by the state information that is not necessary for society. The practice of the Constitutional Court of Ukraine on this issue is established. Attention is focused on the fact that censorship cannot be used in Ukraine to protect the information field of the state even in war conditions - it is prohibited in part 3 of Art. 15 of the Constitution of Ukraine. [ABSTRACT FROM AUTHOR]

Published

2024

21. METHODOLOGICAL ASPECTS OF RESEARCH IN INFORMATION SECURITY.

Author

M. V., Honcharov and A. V., Honcharov

Subjects

INFORMATION technology security, NATIONAL security, LEGAL norms, LEGAL reasoning, MASS media ethics, RESEARCH ethics, HYGIENE

Abstract

The article discusses the research methodology of the basics of information security. A special place is given to the selection of methodological research tools. This selection was made on the basis of the exclusive importance of the field of information provision in interaction with other directions of state building and national security. At the same time, we note that the raised issue has an interdisciplinary nature due to its inherent legal and structural nature: legal, economic (technological), and moral and psychological components. Under such conditions, the philosophical-dialectical method is extremely important in view of its epistemological nature, which will contribute to the derivation of the author’s conclusions and judgments, which will be characterized by consistency and continuity. The conducted analysis made it possible to reveal that the current summary in terms of understanding the role and significance of the methodological component for the results of our research is the following: from the point of view of the methodology of legal science, the paradigm of information security has a complex structure, which is formed by the elements: law enforcement methodology, the legislation of Ukraine, the systematics of legal norms, explanations of the legal norm, the procedure for implementing the provisions of the law, the legal policy of the state in the field of information security, media culture and media ethics in the application of legislation that regulates the issue of complete access of citizens to sources of information, tactical and strategic directions of activities of entities ensuring security in the use of information, the effectiveness of the application of legislation, law-enforcement examination of departmental regulations regulating relations in the field of information security. Attention is drawn to the fact that any of the listed structural elements of a complete complex of information security can serve as the object of a separate scientific study. The above studies revealed that the selected methodological tools for solving the task of our scientific intelligence will contribute to the professional research of the in-depth component processes of the implementation of measures in the areas of protection of the information space of Ukraine. The application of methodological techniques will allow us to more fully and comprehensively reveal the role of the information security institute in the development of our ideas about the system of measures to ensure the information hygiene of the Ukrainian media, public-legal and private-legal intellectual space, to identify new aspects in its structure and elemental composition. [ABSTRACT FROM AUTHOR]

Published

2024

22. Employees’ Intention to Comply with Information Security Policies: The Impacts of Loafing and Commitment.

Author

Chiu, Chao-Min, Cheng, Hsiang-Lan, Hsu, Jack Shih-Chieh, Tan, Chiew Mei, and Huang, Chiung Hui

Subjects

*TAIWANESE people, *INFORMATION technology security, *STRUCTURAL equation modeling, *ORGANIZATIONAL commitment, *INFORMATION policy

Abstract

AbstractDrawing upon the attitude theory, this study theorizes that commitment affects loafing behaviors and ISP compliance. Further, drawing upon the transfer theory, this study adopts the concepts of loafing and commitment transfer in order to explore whether social loafing will enhance employee cyberloafing and whether organizational commitment can enhance ISP commitment, both of which, in turn, influence ISP compliance intention. This study utilized structural equation modeling (SEM) to analyze survey data collected in July 2023 from 361 Taiwanese individuals affiliated with organizations or companies. The results show that social loafing has a strong positive effect on cyberloafing, which, in turn, has a strong negative effect on ISP compliance intention. Organizational commitment has a strong positive effect on ISP commitment, which, in turn, has a strong positive effect on ISP compliance intention. In addition, distortion of consequences moderates the relationship between social loafing and cyberloafing. Advantageous comparison moderates the relationship between cyberloafing and ISP compliance intention. [ABSTRACT FROM AUTHOR]

Published

2024

23. Multi‐image encryption and authentication using computational ghost imaging and singular value decomposition.

Author

Huang, Hong and Han, ZhiGuang

Subjects

*SINGULAR value decomposition, *INFORMATION technology security, *IMAGE reconstruction, *IMAGE processing, *DIGITAL watermarking, *IMAGE reconstruction algorithms

Abstract

The non‐local imaging characteristics of computational ghost imaging (CGI) make it widely used in the field of information security. However, the information processing method based on traditional CGI has some problems in the process of multi‐image encryption, such as low efficiency and unsatisfactory reconstruction quality. Therefore, this article proposes to use wavelet transform and singular value decomposition technology to help computational ghost imaging to efficiently complete the coding and encryption of multiple images, and use alternating direction multiplier method (ADMM) in the process of image restoration to carry out high‐quality reconstruction of the original encrypted image. The results show that the scheme has good reconstruction effect, strong security and robustness even at a low sampling rate. It provides some reference for digital watermarking technology and cryptography. [ABSTRACT FROM AUTHOR]

Published

2024

24. A chiral supramolecular liquid crystal based on pillararene and its application in information encryption.

Author

Liang, Bicong, Cheng, Yujie, Ma, Jiaxin, Jia, Lan, Zheng, Qiang, Wang, Pi, and Xia, Danyu

Subjects

*LIQUID crystals, *INFORMATION technology security, *FLUORESCENCE

Abstract

A chiral supramolecular liquid crystal based on a pillararene mesogen was constructed. The regulation of liquid crystal behavior was achieved through the host–guest interactions between the pillararene-based mesogen and a tetraphenylethylene-containing guest. In addition, this supramolecular liquid crystal system, showing pH-responsive fluorescence emission character, was applied as an information encryption material capable of storing multiple levels of distinct information, thereby enriching the application of liquid crystal materials in the field of information security. [ABSTRACT FROM AUTHOR]

Published

2024

25. Resilient cloud cluster with DevSecOps security model, automates a data analysis, vulnerability search and risk calculation.

Author

Alghawli, Abed Saif Ahmed and Radivilova, Tamara

Subjects

INFORMATION technology security, WEB-based user interfaces, COMPUTER software development, COMMUNICATION infrastructure, RISK assessment

Abstract

Automated, secure software development is an important digitalization task, solved with the DevSecOps approach. An important part of the DevSecOps approach is continuous risk assessment, which is necessary to identify and evaluate risk factors. Combining the development cycle with continuous risk assessment creates software development and operation synergies and minimizes vulnerabilities. The article presents the main methods of deploying web applications and ways to increase information security at all stages of product development. It also compares different types of infrastructures and cloud computing providers and analyzes modern tools used to automate processes. The cloud cluster was deployed using Terraform and the Jenkins pipeline, written in the Groovy programming language, which checks program code for vulnerabilities and allows you to fix violations at the earliest stages of developing secure web applications. The developed cluster implements the proposed algorithm for automated risk assessment based on the calculation (modeling) of cloud infrastructure threats and vulnerabilities, which operates in real-time, periodically collecting all information and adjusting the system according to the risk and applied controls. The algorithm for calculating risk and losses is based on statistical data and FAIR information risk assessment methodology. The risk value obtained using the proposed method is quantitative, which allows more efficient forecasting of information security costs in software development. [ABSTRACT FROM AUTHOR]

Published

2024

26. Breaking the digitalization barrier for SMEs: a fuzzy logic approach to overcoming challenges in business transformation.

Author

Restrepo-Morales, Jorge Aníbal, Ararat-Herrera, Jaime Andrés, López-Cadavid, Diego Alejandro, and Camacho-Vargas, Aquileo

Subjects

DIGITAL transformation, INFORMATION technology security, ANALYTIC hierarchy process, SMALL business, FUZZY logic

Abstract

The purpose of this study was to investigate the barriers and drivers of digitalization in small- and medium-sized enterprises (SMEs). Specifically, the study aimed to identify the key factors influencing the adoption and implementation of digital technologies in SMEs, understand the challenges faced by these organizations in their digital transformation journey. In this study, a fuzzy logic methodology was employed to assess the digitalization process of 4531 SMEs. Additionally, an analytical hierarchy process (AHP) was applied to determine the weights of the dimensions in the fuzzy analysis. This allowed for a more accurate and precise assessment of the digitalization levels in SMEs. Furthermore, statistical analysis techniques were utilized to analyze the data and draw meaningful conclusions. The study revealed that insufficient financial resources, high investment costs, resistance from workers, a shortage of well-qualified staff, lack of knowledge about technology providers, high IT security requirements, the absence of a digital transformation-oriented business culture, and the application of fuzzy logic as a methodology were the key findings in the digitalization process of SMEs. These findings highlight the complex challenges faced by SMEs and emphasize the need to address these barriers to facilitate successful digital transformation. [ABSTRACT FROM AUTHOR]

Published

2024

27. Scalable, Fast Light‐Responsive, and Excellent Color‐Retention Fiber‐Based Photochromic Wearables for Sustainable Photo‐Patterning and Information Security Encryption.

Author

Zhang, Junze, Chen, Tiandi, Zhu, Meng, Lu, Jian, Liu, Xinlong, Sun, Weiwei, So, Mei Yi, and Xu, Bingang

Subjects

*INFORMATION technology security, *FATIGUE limit, *SILYL group, *POLYMER networks, *ACID solutions, *PHOTOCHROMIC materials

Abstract

Fiber‐based photochromic wearables have attracted growing attention in sustainable photo‐patterning information displays, information security encryption, and optical data recording/storage. Molybdenum trioxide (MoO3) is one of the key photochromic materials that possesses good photochromic performance, nevertheless, it faces considerable challenges in preparing photochromic textiles with stable, scalable, and long color‐retention properties. In this work, a new kind of fiber‐based photochromic wearables is designed and developed by combining cotton fabric with a MoO3‐based self‐adhesive polymer network and long chain silyl group. The prepared photochromic wearable has exhibited excellent fatigue resistance and favorable reversibility (> 40 cycles), rapid light response (reach color saturation with a UV dose of 60 kJ m−2), outstanding color retention capability (> 90 days), and desirable biocompatibility (cell viability > 100%). In addition, the prepared photochromic textiles could maintain a fast light response and excellent color retention even after experiencing repeated washing (20 cycles). Moreover, the photo‐patterning photochromic wearables are verified by resisting the deterioration of acid solution, alkali solution, and sweat (pH 2.0–9.0) as well as keeping clear patterns under sunlight irradiation. As a demonstration of the application, fiber‐based photochromic wearables are made and employed for the sustainable applications of rewritable photo‐patterning and information security encryption. [ABSTRACT FROM AUTHOR]

Published

2024

28. СИСТЕМА СУБ’ЄКТІВ АДМІНІСТРАТИВНО-ПРАВОВОГО ЗАБЕЗПЕЧЕННЯ ІНФОРМАЦІЙНОЇ БЕЗПЕКИ В УКРАЇНІ.

Author

А. О., Крупнова

Subjects

INFORMATION technology security, ADMINISTRATIVE assistants, LEGAL literature, NONGOVERNMENTAL organizations, NON-state actors (International relations)

Abstract

Based on the analysis of current legislation, available scientific, journalistic and methodological sources, the article clarifies the content of the system of subjects of administrative and legal support of information security in Ukraine. It is proposed that the system of subjects of administrative and legal support of information security should be understood as a set of legislative, executive and judicial authorities, state, public and other organizations and associations, and citizens who may participate in administrative and legal support of information security in accordance with the legislation regulating relations in the field of information security. It is established that the system of subjects of administrative and legal support of information security includes a wide range of structures of both state and non-state affiliation. The first group (state entities) is represented by the State represented by the President of Ukraine, legislative, executive and judicial bodies, which, having different competencies in the field of administrative and legal support of information security, perform key tasks and functions in it. The second group (non-state actors) can be divided into two subgroups. The first one includes society represented by legal entities, namely, commercial companies and non-governmental organizations (educational institutions, research institutes, research and analytical centers, etc.) The second group includes individuals (citizens) who may be directly involved in ensuring information security, represented by specialists, experts, information security consultants, etc. It is proposed to: include all non-state actors in the mechanism for implementing the goals and objectives of the Information Security Strategy; make the widest possible use of the capabilities of non-state actors in this area, and therefore intensify the involvement of citizens, public associations, organizations, etc. in solving the problem of information security; create an Interagency Commission on Information Security within the structure of the National Security and Defense Council of Ukraine. [ABSTRACT FROM AUTHOR]

Published

2024

29. Responding to the economic consequences of COVID 19 in Pakistan: lessons learnt.

Author

Ahmed, Vaqar

Subjects

*DATA protection, *SMALL business, *ECONOMIC impact, *INFORMATION technology security, *COVID-19

Abstract

This paper discusses the impact of COVID-19 on production and trade in Pakistan. The paper finds that Pakistan's outbreak preparedness and response has been a success story, but there are still some gaps that need to be addressed in order to better prepare for future crises. We recommend that the policy makers: conduct frequent structured dialogues with small firms to better understand the type and magnitude of unanticipated costs that increase during health crises; regularly source information to determine if the design of fiscal support is benefiting the beneficiaries; convene dialogues with businesses (which should include labour groups) to address the stringency of temporary trade measures; support smaller firms for adoption of online technologies; expedite the implementation of e-commerce policy, information security policy, and personal data protection law; and cut down business and trade costs during crisis through a more liberal tariff policy and rationalization of regulatory burden on firms. [ABSTRACT FROM AUTHOR]

Published

2024

30. Research Progress of Femtosecond Laser‐Printed Perovskite Quantum Dots in Amorphous Glass.

Author

Xiao, Han, Zeng, Lingwei, Lei, Lei, and Chen, Daqin

Subjects

*CERAMIC materials, *GLASS composites, *COMPOSITE structures, *QUANTUM dots, *INFORMATION technology security, *SEMICONDUCTOR lasers

Abstract

Lead halide perovskite quantum dots (PeQDs) have garnered increasing attention due to their extraordinary optoelectronic properties. In recent years, femtosecond (fs) laser direct writing shows to be an effective way of inducing localized crystallization of PeQDs inside glass matrix while remaining their structural stability and optical performance. This article reviews the research progress on fs laser irradiation‐induced nucleation/growth of PeQDs in glass and discusses the latest advancements in the use of the technology for optical data storage, micrometer‐scale light‐emitting diode (LED), information security protection, and other related fields. It offers novel insights and perspectives for exploring new functionality and device application of fs laser‐printed PeQDs glass composite structures. [ABSTRACT FROM AUTHOR]

Published

2024

31. Irreversible Ca2B2O5‐Based Multicolor Mechanoluminescence for Security Labels.

Author

Li, Xi, Sun, Junlu, Huang, Wentao, Jiao, Fuhang, Deng, Yuan, Zhang, Wei, Xiao, Ying, Shan, Chong‐Xin, and Dong, Lin

Subjects

*INFORMATION technology security, *SECURITY systems, *INTERNET of things, *DIGITAL technology, *LOW temperatures

Abstract

As the Internet of Things (IoT) continues its pervasive influence and digital technologies increasingly weave into the fabric of daily lives, the imperative for robust security measures becomes paramount to mitigate the escalating risks to the digital landscape. Traditional anti‐counterfeiting technologies, while capable to some extent, are constrained by factors such as material toxicity, low‐security efficacy, and intricate fabrication process. Mechanoluminescent materials have shown great potential in the areas of anti‐counterfeiting and security. Here, a multicolor mechanoluminescent (ML) material (lanthanide doped Ca2B2O5) synthesized by solid‐phase reaction is reported for the first time at a relatively lower temperature of 750 °C. The ML devices are obtained by embedding ML materials into polydimethylsiloxane elastomer, allowing for stress visualization with colors ranging from blue and green to orange and red. Through elaborate co‐doping, successive and accurate stress visualizations are realized. Finally, security labels based on the lanthanide ions doped Ca2B2O5 are prepared and also demonstrated to safeguard valuable packages. This work provides a novel multicolor ML material and pioneers its use in security labels, offering a universal solution for multicolor display, information security, dynamic anti‐counterfeiting, and other potential applications within the realm of IoT. [ABSTRACT FROM AUTHOR]

Published

2024

32. Cybersecurity work at Swedish administrative authorities: taking action or waiting for approval.

Author

Andreasson, Annika, Artman, Henrik, Brynielsson, Joel, and Franke, Ulrik

Subjects

*PUBLIC administration, *SITUATIONAL awareness, *INFORMATION technology security, *SECURITY sector, *SEMI-structured interviews

Abstract

In recent years, the Swedish public sector has undergone rapid digitalization, while cybersecurity efforts have not kept even steps. This study investigates conditions for cybersecurity work at Swedish administrative authorities by examining organizational conditions at the authorities, what cybersecurity staff do to acquire the cyber situation awareness required for their role, as well as what experience cybersecurity staff have with incidents. In this study, 17 semi-structured interviews were held with respondents from Swedish administrative authorities. The results showed the diverse conditions for cybersecurity work that exist at the authorities and that a variety of roles are involved in that work. It was found that national-level support for cybersecurity was perceived as somewhat lacking. There were also challenges in getting access to information elements required for sufficient cyber situation awareness. [ABSTRACT FROM AUTHOR]

Published

2024

33. Multi-teacher Universal Distillation Based on Information Hiding for Defense Against Facial Manipulation.

Author

Li, Xin, Ni, Rongrong, Zhao, Yao, Ni, Yu, and Li, Haoliang

Subjects

*INFORMATION technology security, *ARTIFICIAL intelligence, *INFORMATION networks, *DYNAMIC balance (Mechanics), *TEACHER influence

Abstract

The rapid development of AI-based facial manipulation techniques has made manipulated facial images highly deceptive. These techniques can be misused maliciously, which poses a severe threat to information security. Many effective detection methods have been developed to distinguish whether an image has been manipulated. However, malicious facial manipulation images or videos have been widely spread and had a harmful impact before detection. Thus protecting images from manipulation through proactive defense techniques has become the focus of current research. Currently, existing proactive defense methods disrupt the manipulation process through an adversarial attack on the facial manipulation network, which distorts or blurs parts of the manipulated facial image. Nevertheless, these methods are only slightly disruptive in defending against some facial manipulation methods, and the outputs are not only a stigmatized portrait but also that people still can not distinguish the real and fake. To overcome this issue, we propose a Multi-Teacher Universal Distillation based on information hiding for defense against facial manipulation. First, we propose a facial manipulation adversarial attacks network based on information hiding called IHA-Net. IHA-Net can hide the warning image in the protected image without affecting its visual quality and make the facial information disappear after manipulation to present the warning message. In this way, it prevents privacy leakage and stigmatization. Then to address the problem that the protected image cannot defend against multiple facial manipulations simultaneously, we propose the Multi-Teacher Universal Distillation framework. We use multiple trained teacher networks to co-direct the learning of the student network, allowing the student network to defend against multiple manipulation networks simultaneously. Specifically, we designed Multi-scale Discriminators for knowledge distillation at the feature map level to enable the student network to learn more rich knowledge from the teacher network. Furthermore, to balance the influence of multiple teacher networks on the student network during the training process, we designed a Dynamic Balancing Loss module that dynamically adjusts during the training process. Finally, extensive experiments on advanced facial manipulation systems demonstrate that the proposed method outperforms the state-of-the-art approaches. [ABSTRACT FROM AUTHOR]

Published

2024

34. Efficientnetv2-RegNet: an effective deep learning framework for secure SDN based IOT network.

Author

Swathi, Baswaraju, Kolisetty, Soma Sekhar, Sivanarayana, G Venkata, and Battula, Srinivasa Rao

Subjects

*GENERATIVE adversarial networks, *SOFTWARE-defined networking, *INFORMATION technology security, *DATA augmentation, *MACHINE learning

Abstract

Traditional network administration required manual programming of routing policies and related parameters on specific routers and switches, which was expensive. Therefore, software-defined networking (SDN) technology has been introduced, which has boosted flexibility and decreased hardware development costs by centralizing network management. Since intrusion detection is vital in the SDN environment, this centralized architecture makes information security vulnerable to network threats. To evaluate and recognize these attacks, many researchers have recently adopted cutting-edge approaches like machine learning. However, most of these methods are not very accurate and scalable. To address this issue, this paper proposes an EfficientNetV2-RegNet-based effective deep learning technique. It effectively extracted the network features and classified the intrusions in SDN-based IoT (Internet of Things). Afterwards, an effective mitigation process was performed by a remote SDN controller to mitigate the assaults and reconfigure the network resources for trusted network hosts. Furthermore, the Conditional Generative Adversarial Network (CGAN) based data augmentation approach efficiently tackles the data imbalance issue. The most recent realistic datasets, named InSDN and IoT-23, were utilized to train and assess the presented framework to validate its efficiency. The results of the experiments demonstrated that the suggested system surpassed competitors in identifying various attack types and achieved 99.53 and 99.56% accuracy for IoT-23 and InSDN datasets, correspondingly. [ABSTRACT FROM AUTHOR]

Published

2024

35. Design of distributed network intrusion prevention system based on Spark and P2DR models.

Author

An, Lei, Qiu, Jiankai, Zhang, Hanzhi, and Liu, Chen

Subjects

*RANDOM forest algorithms, *INFORMATION technology security, *COMPUTER network traffic, *COMPUTER network security, *FALSE alarms, *INTRUSION detection systems (Computer security)

Abstract

The commonly used method for network intrusion is based on pattern matching systems, but these systems do not have high detection accuracy when facing large-scale high-speed network traffic environments. In addition, when facing a wide variety of network attacks, relying solely on a certain network security technology is difficult to ensure network security. Therefore, a distributed network intrusion prevention system based on the Spark framework and dynamic information security theory model was innovatively proposed to improve the detection efficiency of network intrusion and solve these issues. The architecture and functional structure of the network intrusion prevention system were constructed by improving the random forest algorithm and Spark. In addition, the dynamic network intrusion prevention system was designed on the basis of the Policy Protection Detection Response (P2DR) model and the Protection Detection Reaction Recovery (PDRR) model to cope with the diverse network attacks and make up for the lack of dynamic defense based on improved forest algorithm and Spark. The test results showed that the network intrusion prevention system based on the improved random forest algorithm and Spark had a maximum detection time of 13,593 ms, a minimum detection time of 13,318 ms, and an average detection time of 13,468 ms when the data were 6000 pieces. The average success rate of the dynamic network intrusion prevention system based on the dynamic information security theory model was 87.72%, the average detection rate was 71.68%, and the average false alarm rate was 17.23%. The F1 values corresponding to the improved random forest algorithm under 7 different attack types of data were 0.985, 0.983, 0.876, 0.843, 0.797, 0.983, and 0.890, respectively, which were significantly better than the comparison algorithm. It can be seen that the dynamic network intrusion prevention system based on the improved random forest algorithm, Spark, and the dynamic information security theoretical model, has good performance and can effectively detect network intrusions, providing technical support for solving network intrusion problems in reality. The contribution of the research is reflected in the improvement of the detection performance of network intrusion detection systems and the reduction of detection time and false alarm rates. [ABSTRACT FROM AUTHOR]

Published

2024

36. Graph-ensemble fusion for enhanced IoT intrusion detection: leveraging GCN and deep learning.

Author

Mittal, Kajol and Khurana Batra, Payal

Subjects

*GRAPH neural networks, *CONVOLUTIONAL neural networks, *INFORMATION technology security, *COMPUTER network security, *DEEP learning, *DATA distribution

Abstract

The proliferation of Internet of Things (IoT) applications has heightened the vulnerability of information security, making it susceptible to attacks that may lead to the compromise of sensitive data. Intrusion Detection System (IDS) is deployed in IoT networks for the detection of attacks and to ensure the security of information. In previous works, the IDS datasets suffer from an imbalanced distribution of data about attacks and, the flow of packets in IDS which hinders the ability of deep learning models for potent and coherent classification. With the emergence of graph convolution neural network (GCN), a new sub-field of deep learning models, the structure of graphs can be leveraged to represent the data effectively. IDS datasets typically consist of flow records of data which can naturally be represented as graph structures capturing both edge features and network topology information for classification of attacks. Hence, in this paper, a novel GCN-Ensemble fusion model is proposed for enhanced IoT IDS. There are three stages in this proposed model: (1) Data processing and attribute graph generation, (2) Feature engineering and (3) Classification. The flow attributes of data packets in IDS datasets are represented as the edges and the corresponding varying attacks as nodes of the attribute graph. Here the GCN model is leveraged for feature engineering of the IDS dataset. Further, a novel Ensemble of Convolution Neural Networks is proposed for the classification task. The evaluation of the proposed model encompasses the utilization of four distinct datasets, namely BoT-IoT, ToN-IoT, CIC-IDS2018, and NF UQ NIDS. In the BoT-IoT dataset, the proposed model demonstrates superior performance compared to state-of-art models like Deep learning and Graph neural network (GNN), achieving accuracy improvements of 3.16 and 0.91%, respectively. The observed superior performance of the model in comparison to the baseline models serves to emphasize its potential to augment IoT network security. [ABSTRACT FROM AUTHOR]

Published

2024

37. DeepSLM: Speckle‐Licensed Modulation via Deep Adversarial Learning for Authorized Optical Encryption and Decryption.

Author

Huang, Haofan, Zhao, Qi, Li, Huanhao, Zheng, Yuandong, Yu, Zhipeng, Zhong, Tianting, Cheng, Shengfu, Woo, Chi Man, Gao, Yi, Liu, Honglin, Zheng, Yuanjin, Tian, Jie, and Lai, Puxiang

Subjects

DISTRIBUTION (Probability theory), INFORMATION technology security, SPECKLE interference, PEARSON correlation (Statistics), ACCESS control

Abstract

Optical encryption is pivotal in information security, offering parallel processing, speed, and robust security. The simplicity and compatibility of speckle‐based cryptosystems have garnered considerable attention. Yet, the predictable statistical distribution of speckle optical fields' characteristics can invite statistical attacks, undermining these encryption methods. The proposed solution, a deep adversarial learning‐based speckle modulation network (DeepSLM), disrupts the strong intercorrelation of speckle grains. Utilizing the unique encoding properties of speckle patterns, DeepSLM facilitates license editing within the modulation phase, pioneering a layered authentication encryption system. Our empirical studies confirm DeepSLM's superior performance on key metrics. Notably, the testing dataset reveals an average Pearson correlation coefficient above 0.97 between decrypted images and their original counterparts for intricate subjects like human faces, attesting to the method's high fidelity. This innovation marries adjustable modification, optical encryption, and deep learning to enforce tiered data access control, charting new paths for creating user‐specific access protocols. [ABSTRACT FROM AUTHOR]

Published

2024

38. ROADMAP FOR COMPANIES ADJUSTMENT TO LGPD.

Author

Hideo Arima, Carlos and Fernando Munhoz, Maurício

Subjects

DATA privacy, SCIENTIFIC method, INFORMATION technology security, INDUSTRIAL management, DATA protection

Abstract

Copyright of Environmental & Social Management Journal / Revista de Gestão Social e Ambiental is the property of Environmental & Social Management Journal and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

39. Unraveling influential factors shaping employee cybersecurity behaviors: an empirical investigation of public servants in Vietnam.

Author

Tran, Dien Van, Nguyen, Phuong Van, Vrontis, Demetris, Nguyen, Sam Thi Ngoc, and Dinh, Phuong Uyen

Subjects

PROTECTION motivation theory, INFORMATION technology security, EMPLOYEE motivation, CONSCIOUSNESS raising, INTERNET addiction

Abstract

Purpose: Government employees must comply with policies on information security regulations, online security practices, social networking usage, internet addiction, online cyberthreats and other related habits. These activities are considered cybersecurity behaviors. Government social media (GSM) accounts are increasingly used to educate employees about cybersecurity risks. To support the effectiveness of cybersecurity practices in government organizations, the purpose of this study is to investigate the impacts of GSM and organizational policy compliance on employees' cybersecurity awareness, motivation and behaviors. Design/methodology/approach: Data were obtained by administering a questionnaire survey to public personnel in Vietnam. A total of 330 valid responses were obtained, and the research hypotheses were tested using partial least squares–structural equation modeling. Findings: First, cybersecurity awareness enhances information protection motivation and employee protective behavior. Second, GSM has positive impacts on cybersecurity knowledge and information protection motivation. Third, there is a strong positive association between information protection motivation and employee protective behavior. Finally, while organizational compliance significantly increases cybersecurity awareness, its impact on employee protective behavior is ind irect. Originality/value: This research enhances the literature on the behavioral dimension of cybersecurity. The primary objective of this study is to assess the influence of cybersecurity awareness on protective behaviors rather than intents and attitudes alone. Furthermore, this research integrates protection motivation theory and cultivation theory to provide a more thorough assessment of cybersecurity awareness and protective behavior. By investigating the impact of GSM on the level of cybersecurity awareness among employees within government organizations, this study provides valuable insights into the efficacy of recent governmental initiatives aimed at fostering cybersecurity. [ABSTRACT FROM AUTHOR]

Published

2024

40. Development of a Flexible Information Security Risk Model Using Machine Learning Methods and Ontologies.

Author

Barlybayev, Alibek, Sharipbay, Altynbek, Shakhmetova, Gulmira, and Zhumadillayeva, Ainur

Subjects

MACHINE learning, CLUSTER analysis (Statistics), INFORMATION resources management, RISK assessment, INFORMATION technology security

Abstract

This paper presents a significant advancement in information security risk assessment by introducing a flexible and comprehensive model. The research integrates established standards, expert knowledge, machine learning, and ontological modeling to create a multifaceted approach for understanding and managing information security risks. The combination of standards and expert insights forms a robust foundation, ensuring a holistic grasp of the intricate risk landscape. The use of cluster analysis, specifically applying k-means on information security standards, expands the data-driven approach, uncovering patterns not discernible through traditional methods. The integration of machine learning algorithms in the creation of information security risk dendrogram demonstrates effective computational techniques for enhanced risk discovery. The introduction of a heat map as a visualization tool adds innovation, facilitating an intuitive understanding of risk interconnections and prioritization for decision makers. Additionally, a thesaurus optimizes risk descriptions, ensuring comprehensiveness and relevance despite evolving terminologies in the dynamic field of information security. The development of an ontological model for structured risk classification is a significant stride forward, offering an effective means of categorizing information security risks based on ontological relationships. These collective innovations enhance understanding and management of information security risks, paving the way for more effective approaches in the ever-evolving technological landscape. [ABSTRACT FROM AUTHOR]

Published

2024

41. THE ELECTRONIC ACCOUNTING INFORMATION SYSTEM AND ITS ROLE IN ENHANCING FINANCIAL INFORMATION SECURITY AND ITS EFFECTIVENESS IN THE QUALITY OF FINANCIAL REPORTS (AN APPLIED STUDY ON A SAMPLE OF IRAQI BANKS).

Author

Yaseen, Ghassan Ghaleb and Ep Baklouti, Sonda Wali

Subjects

INFORMATION technology security, FINANCIAL statements, FINANCIAL security, INFORMATION storage & retrieval systems, DATABASES

Abstract

Copyright of International Journal of Professional Business Review (JPBReview) is the property of Open Access Publications LLC and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

42. A Blockchain‐Based Proxy Re‐Encryption Scheme With Cryptographic Reverse Firewall for IoV.

Author

Jin, Chunhua, Chen, Zhiwei, Qin, Wenyu, Sun, Kaijun, Chen, Guanhua, and Chen, Liqing

Subjects

INFORMATION technology security, CONSORTIA, INFORMATION sharing, ENERGY consumption, SERVICE centers, BLOCKCHAINS

Abstract

As the internet of vehicles (IoV) technology develops, it promotes the intelligent interaction among vehicles, roadside units, and the environment. Nevertheless, it also brings vehicle information security challenges. In recent years, vehicle data sharing is suffering to algorithm substitution attacks (ASA), which means backdoor adversaries can carry out filtering attacks through data sharing. Therefore, this paper designs a blockchain‐based proxy re‐encryption (PRE) scheme with cryptographic reverse firewall (BIBPR‐CRF) for IoV. In our proposal, CRF can promise the internal safety of vehicle units. More specifically, it can prevent ASA attacks while ensuring chosen plaintext attack (CPA)‐security. Meanwhile, the PRE algorithm can provide the confidential sharing and secure operation of data. Moreover, we use a consortium blockchain service center (CBSC) to store the first ciphertext and re‐encrypt it with smart contracts on the blockchain, which can avoid single point of failure and achieve higher efficiency compared to proxy servers. Finally, we evaluate the performance of BIBPR‐CRF with regard to communication cost, computational cost, and energy consumption. Our proposal is the most fitting for IoV application, in contrast with the other three schemes. [ABSTRACT FROM AUTHOR]

Published

2024

43. Digitalisation and Cybersecurity: Towards an Operational Framework.

Author

Metin, Bilgin, Özhan, Fatma Gül, and Wynn, Martin

Subjects

INFORMATION technology security, INFORMATION technology, DIGITAL technology, TECHNOLOGICAL innovations, DIGITAL transformation

Abstract

As businesses increasingly adopt digital processes and solutions to enhance efficiency and productivity, they face heightened cybersecurity threats. Through a systematic literature review and concept development, this article examines the intersection of digitalisation and cybersecurity. It identifies the methodologies and tools used for cybersecurity assessments, factors influencing the adoption of cybersecurity measures, and the critical success factors for implementing these measures. The article also puts forward the concept of cybersecurity governance process categories, which are used to classify the factors uncovered in the research. Findings suggest that current information security standards tend to be too broad and not adequately tailored to the specific needs of small and medium-sized enterprises (SMEs) when implementing emerging technologies, like Internet of Things (IoT), blockchain, and artificial intelligence (AI). Additionally, these standards often employ a top-down approach, which makes it challenging for SMEs to effectively implement them, as they require more scalable solutions tailored to their specific risks and limited resources. The study thus proposes a new framework based on the Plan-Do-Check model, built around the cybersecurity governance process categories and the three core pillars of governance, culture and standards. This is essentially a bottom-up approach that complements current top-down methods, and will be of value to both information technology (IT) professionals as an operational guide, and to researchers as a basis for future research in this field. [ABSTRACT FROM AUTHOR]

Published

2024

44. Systematic Literature Review of Barriers and Enablers to Implementing Food Informatics Technologies: Unlocking Agri-Food Chain Innovation.

Author

Orjuela-Garzon, William Alejandro, Sandoval-Aldana, Angélica, and Mendez-Arteaga, Jonh Jairo

Subjects

GLOBAL value chains, INDUSTRY 4.0, FOOD science, CONSUMER confidence, POLITICAL stability, AGRICULTURAL technology, INFORMATION technology security

Abstract

Access to food products is becoming more and more complex due to population growth, climate change, political and economic instability, disruptions in the global value chain, as well as changes in consumption dynamics and food insecurity. Therefore, agri-food chains face increasingly greater challenges in responding to these dynamics, where the digitalization of agri-food systems has become an innovative alternative. However, efforts to adopt and use the technologies of the fourth industrial revolution (precision agriculture, smart agriculture, the Industrial Internet of Things, and the Internet of Food, among others) are still a challenge to improve efficiency in the links of production (cultivation), processing (food production), and final consumption, from the perspective of the implementation of Food Informatics technologies that improve traceability, authenticity, consumer confidence, and reduce fraud. This systematic literature review proposes the identification of barriers and enablers for the implementation of Food Informatics technologies in the links of the agri-food chain. The PRISMA methodology was implemented for the identification, screening, eligibility, and inclusion of articles from the Scopus and Clarivate databases. A total of 206 records were included in the in-depth analysis, through which a total of 34 barriers to the adoption of Food Informatics technologies (13 for the production link, 12 for the processing link, and 9 for the marketing link) and a total of 27 enablers (8 for the production link, 11 for the processing link, and 8 for the marketing link) were identified. Among the barriers analogous to the three links analyzed are privacy and information security and high investment and maintenance costs, while the analogous enablers are mainly government support. [ABSTRACT FROM AUTHOR]

Published

2024

45. BeLAS: Blockchain-envisioned lightweight authentication scheme for securing eHealth records.

Author

Patruni, Muralidhara Rao and Humayun, Abdul Gaffar

Subjects

WEARABLE technology, INFORMATION technology security, ELECTRONIC health records, VIRTUAL machine systems, ACCESS control

Abstract

With the rapid emergence of smart wearable devices and sensor-enabled medical equipment, patient-related Internet of Things (IoT) data must be handled securely in the smart healthcare sector. Electronic Health Records (EHR) provide the digital version of patient health information that needs to be handled securely while meeting access control, immutability and identity management paradigms. Information is sent to the eHealth systems via a dedicated network that leverages several application domains and is built on a centralized architecture. Regrettably, peer-to-peer (P2P) communications performance suffers substantially from computing complexity. Aiming for information security in EHR, Blockchain technology has remarkable solutions that were made possible to minimize third-party dependencies and increase security. Realizing the nature of IoT sensory equipment deployed in eHealth systems, we intended to design a Blockchain-envisioned lightweight authentication scheme using Ethereum Blockchain (BeLAS). The informal and formal security research demonstrates that BeLAS has a promising security level to withstand password guessing, replay, privileged insider, and forgery attacks and is computationally efficient. The decentralized application and interaction with Ethereum Virtual Machine (EVM) were considered to design smart contracts. Our experimental results prove that implementing a Blockchain-based EHR system is secure and efficient by enabling smart contracts to minimize third-party functionalities. The testbed analysis proves the BeLAS achieves minimal GAS per Ether consumption [1 Gas(gwei) = 10 - 9 ETH] for storing the successful EHR transactions. [ABSTRACT FROM AUTHOR]

Published

2024

46. SusChain: a sustainable sharding scheme for UAV blockchain networks.

Author

Chen, Jiale and Luo, Haoxiang

Subjects

INFORMATION technology, INFORMATION technology security, SMART cities, DRONE aircraft, SUSTAINABLE urban development

Abstract

With the continuous development of information technology, drones have become the supporting technology for sustainable smart cities. Currently, the blockchain that guarantees the information security of the unmanned aerial vehicle (UAV) network has become the focus of academic attention. However, due to the small size of the drone, and its limited storage and battery capacity, it is difficult to support the sustainable work of the UAV blockchain network. Therefore, this paper proposes the concept of sustainable blockchain (SusChain) and empowers the UAV blockchain network to better apply it to sustainable smart cities. In particular, we have introduced and improved the Ultra-Low Storage Overhead-Practical Byzantine Fault Tolerance (ULS-PBFT) consensus in the UAV blockchain network, making it a sharding scheme with extremely low storage overhead and energy consumption. Meanwhile, we design a reptation-and-matching-based UAV clustering scheme to ensure that each shard and SusChain have a high consensus success rate. The simulation results show that SusChain has a significant advantage in the key indicators of sustainability. In specific cases, it has a 9–227%, 11–58%, and 27–56% improvement effect in consensus security, consensus delay, and energy consumption, compared to other sharding schemes. [ABSTRACT FROM AUTHOR]

Published

2024

47. Examining formation and alleviation of information security fatigue by using job demands–resources theory.

Author

Hsu, Jack Shih‐Chieh, Hung, Yu Wen, Hsieh, Pei‐Jung, and Chiu, Chao‐Min

Subjects

INFORMATION technology security, BEHAVIORAL assessment, FATIGUE (Physiology), JOB security, INFORMATION policy

Abstract

The implementation and reinforcement of information security policies (ISPs) can lead to information security fatigue (hereafter security fatigue), which can drive employees to engage in unwanted behaviours. Thus, managers must reduce the likelihood of security fatigue. Therefore, in the present study, we employed job demands–resources theory and hypothesized that security‐related demands would result in security fatigue. Furthermore, we identified resources that may alleviate such fatigue. The research model was tested with data collected from 386 employees of organisations with ISPs. The findings indicate that job and personal resources can reduce the occurrence of security fatigue and engagement in opportunistic security behaviours by enhancing engagement. In addition, the effect of security fatigue on opportunistic security behaviours can be suppressed through the implementation of behavioural evaluations. Our study contributes to the formulation of methods for relieving security fatigue and ameliorating its negative effects. [ABSTRACT FROM AUTHOR]

Published

2024

48. CONSTRUCTION METHOD OF INFORMATION SECURITY DETECTION BASED ON CLUSTERING ALGORITHM.

Author

SHAOBO CHEN

Subjects

INFORMATION technology security, EXTREME value theory, GLOBAL optimization, HYBRID securities, ALGORITHMS

Abstract

A method for K-prototype clustering, which can process mixed data types, is proposed first. An algorithm for information security evaluation of hybrid clusters based on K-prototypes was constructed. This method makes full use of the excellent global optimization performance of PSO and effectively solves the defect that the K-protection function quickly falls into local optimization. Simulation results show that the proposed method can effectively prevent local extreme values and improve overall performance. [ABSTRACT FROM AUTHOR]

Published

2024

49. A LONG SHORT TERM MEMORY MODEL FOR CHARACTER-BASED ANALYSIS OF DNS TUNNELING DETECTION.

Author

TAYYEH, HUDA KADHIM and AHMED AL-JUMAILI, AHMED SABAH

Subjects

SHORT-term memory, LONG short-term memory, INFORMATION technology security, MACHINE learning, TUNNEL design & construction

Abstract

DNS tunneling is the attempt to create a hidden tunnel through a domain name service. Such a tunnel would jeopardize the targeted network and open the door for illegal access, control, and data exfiltration. The information security research community showed the variety of techniques that have been proposed to detect the tunnel. The majority of these efforts were relying on machine learning techniques where features of tunneling are considered such as length of DNS query, size, and entropy of the query. However, an additional analysis of the lexical information of the DNS query has been depicted recently and showed remarkable performance. This paper aims to examine the role of Long Short Term Memory (LSTM) model in terms of DNS lexical analysis. Two benchmark datasets related to DNS have been used. In addition, a character mapping mechanism has been used to replace every possible character with an integer number. Consequentially, the mapped representation has been fed into an LSTM model for DNS tunneling detection. Results showed that the proposed method was able to obtain a weighted average F1-score of 98% for both datasets respectively. Such results are competitive in the context of the state of the art and demonstrate the efficacy of the lexical analysis within the DNS tunneling detection task. [ABSTRACT FROM AUTHOR]

Published

2024

50. Financial information security behavior in online banking.

Author

Iqbal, Javaid, Soroya, Saira Hanif, and Mahmood, Khalid

Subjects

INFORMATION technology security, INFORMATION technology, INFORMATION-seeking behavior, FINANCIAL security, STRUCTURAL equation modeling

Abstract

The ubiquitous use of information technology in modern life leads to many problems of financial information security. Such security issues could be due to users' insecure behaviors during their financial transactions. The purpose of this study was to investigate the university teacher's financial information security behavior (FISB) and to examine the factors that influence their FISB. By using a survey method, the study collected primary data quantitatively. A closed-ended questionnaire based on IMB Model (Information Motivation Behavioral Skills Model) was developed. The population of the study comprised teachers from six faculties of University of the Punjab, Lahore, Pakistan. A simple random sampling technique was used to collect the data from the teachers via a print-format based questionnaire. The structural equation model (SEM) was used to test the proposed model by using ADANCO (2.1). ADANCO is a software that is used for SEM analysis. The results exhibited that a majority of the teachers are frequent users of online banking. The findings confirmed that measures familiarity and self-efficacy have a direct impact on the financial information security behavior of the respondents and self-efficacy mediates the relation between threat awareness and financial information security behavior. The study concludes that online banking users can perform secure behavior during online transactions if they are familiar with security measures and are confident to perform different online banking-related tasks. It is, therefore, suggested that individuals may be familiarized with the financial information security measures so that they may believe in their selves and develop secure financial information behavior. This can be done through awareness seminars and hands-on training by the Federal Investigation Agency in liaison with banks and educational institutions. The present study has contributed to the domain of financial information security behavior in the local context. [ABSTRACT FROM AUTHOR]

Published

2024