Pub Date : 2023-10-03DOI: 10.1080/19393555.2023.2260818
Alec Wells, Aminu Bello Usman
Biometric technology has various applications in smart healthcare systems, including patient authentication, health monitoring, telemedicine, clinical decision support, and personalized care. In addition, medical records contain sensitive and personal information, making them vulnerable to unauthorized access and theft. Because biometric data is distinct and unchangeable, unlike passwords or PINs, using biometric technologies in smart healthcare systems creates privacy problems. This creates privacy concerns as this information is highly sensitive and can be used to identify an individual, making it a valuable target for malicious actors. Subsequently, the storage and use of biometric data in smart healthcare systems must be handled with care to ensure that individuals’ privacy rights are protected. Privacy by design is a concept that emphasizes the importance of incorporating privacy considerations into the design and development of products, services, and systems. In this paper, we presented different forms of biometric factors and technologies and their applications in the smart healthcare system to enhance security and privacy in relation to principles of privacy by design. In addition, the study analyzed a variety of attacks and techniques that can be utilized to compromise biometric technology in a smart healthcare system and presented some open research questions.
{"title":"Privacy and biometrics for smart healthcare systems: attacks, and techniques","authors":"Alec Wells, Aminu Bello Usman","doi":"10.1080/19393555.2023.2260818","DOIUrl":"https://doi.org/10.1080/19393555.2023.2260818","url":null,"abstract":"Biometric technology has various applications in smart healthcare systems, including patient authentication, health monitoring, telemedicine, clinical decision support, and personalized care. In addition, medical records contain sensitive and personal information, making them vulnerable to unauthorized access and theft. Because biometric data is distinct and unchangeable, unlike passwords or PINs, using biometric technologies in smart healthcare systems creates privacy problems. This creates privacy concerns as this information is highly sensitive and can be used to identify an individual, making it a valuable target for malicious actors. Subsequently, the storage and use of biometric data in smart healthcare systems must be handled with care to ensure that individuals’ privacy rights are protected. Privacy by design is a concept that emphasizes the importance of incorporating privacy considerations into the design and development of products, services, and systems. In this paper, we presented different forms of biometric factors and technologies and their applications in the smart healthcare system to enhance security and privacy in relation to principles of privacy by design. In addition, the study analyzed a variety of attacks and techniques that can be utilized to compromise biometric technology in a smart healthcare system and presented some open research questions.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135743606","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-07-28DOI: 10.1080/19393555.2023.2240343
Kazi Zakia Sultana, Vaibhav Anu, Tai-Yin Chong
{"title":"Using software metrics for predicting vulnerable classes in java and python based systems","authors":"Kazi Zakia Sultana, Vaibhav Anu, Tai-Yin Chong","doi":"10.1080/19393555.2023.2240343","DOIUrl":"https://doi.org/10.1080/19393555.2023.2240343","url":null,"abstract":"","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133780123","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-29DOI: 10.1080/19393555.2023.2230205
B. Rahul, K. Kuppusamy, A. Senthilrajan
{"title":"Bio-Metric Based Colour-Image-Encryption using Multi-Chaotic Dynamical Systems and SHA-256 Hash Algorithm","authors":"B. Rahul, K. Kuppusamy, A. Senthilrajan","doi":"10.1080/19393555.2023.2230205","DOIUrl":"https://doi.org/10.1080/19393555.2023.2230205","url":null,"abstract":"","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124373724","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-09DOI: 10.1080/19393555.2023.2222713
Joakim Kävrestad, S. Furnell, Marcus Nohlberg
{"title":"User perception of Context-Based Micro-Training – a method for cybersecurity training","authors":"Joakim Kävrestad, S. Furnell, Marcus Nohlberg","doi":"10.1080/19393555.2023.2222713","DOIUrl":"https://doi.org/10.1080/19393555.2023.2222713","url":null,"abstract":"","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130459710","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-01DOI: 10.1080/19393555.2023.2218852
S. M M, Basarkod P I
ABSTRACT Advanced Metering Infrastructure (AMI) is one of the Internet of Things (IoT) enabled smart applications of smart grids. The Routing Protocol for Low Power and Lossy network (RPL) has been accepted to facilitate effective routing services for the AMI. However, numerous RPL attacks appear in AMI due to resource scarcity and dubious wireless medium, which significantly impedes the successful deployment of AMI-RPL. To enable secure and reliable AMI-RPL, this work proposes a novel Intrusion Detection System (IDS) named AMI Attack-aware Intelligent Machine learning IDS (AIMS). The primary objectives of AIMS are to predict, detect, and mitigate different types of RPL security attacks in the AMI environment. To predict the RPL attacks using the Stacked Ensemble (SE) machine learning model, a novel AMI-RPL Attack Dataset (ARAD) is generated by the Cooja simulator with the suitable pre-processing and the Spider Monkey Optimization (SMO) based feature selection. The advanced prediction of attack nodes improves the performance and significantly diminishes the future damages of AMI. The attack detection is based on immutable blocks of a light-chain model, and the cryptocurrency-based mitigation model effectively isolates the attackers. AIMS mechanism amplifies RPL security with high reliability and maximizes the AMI network lifetime by delivering superior results.
{"title":"Securing AMI-IoT networks against multiple RPL attacks using ensemble learning IDS and light-chain based prediction detection and mitigation mechanisms","authors":"S. M M, Basarkod P I","doi":"10.1080/19393555.2023.2218852","DOIUrl":"https://doi.org/10.1080/19393555.2023.2218852","url":null,"abstract":"ABSTRACT Advanced Metering Infrastructure (AMI) is one of the Internet of Things (IoT) enabled smart applications of smart grids. The Routing Protocol for Low Power and Lossy network (RPL) has been accepted to facilitate effective routing services for the AMI. However, numerous RPL attacks appear in AMI due to resource scarcity and dubious wireless medium, which significantly impedes the successful deployment of AMI-RPL. To enable secure and reliable AMI-RPL, this work proposes a novel Intrusion Detection System (IDS) named AMI Attack-aware Intelligent Machine learning IDS (AIMS). The primary objectives of AIMS are to predict, detect, and mitigate different types of RPL security attacks in the AMI environment. To predict the RPL attacks using the Stacked Ensemble (SE) machine learning model, a novel AMI-RPL Attack Dataset (ARAD) is generated by the Cooja simulator with the suitable pre-processing and the Spider Monkey Optimization (SMO) based feature selection. The advanced prediction of attack nodes improves the performance and significantly diminishes the future damages of AMI. The attack detection is based on immutable blocks of a light-chain model, and the cryptocurrency-based mitigation model effectively isolates the attackers. AIMS mechanism amplifies RPL security with high reliability and maximizes the AMI network lifetime by delivering superior results.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131464592","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-04-21DOI: 10.1080/19393555.2023.2198737
Payal Sharma, Purushothama B R
{"title":"A lightweight group key management scheme with constant rekeying cost and public bulletin size","authors":"Payal Sharma, Purushothama B R","doi":"10.1080/19393555.2023.2198737","DOIUrl":"https://doi.org/10.1080/19393555.2023.2198737","url":null,"abstract":"","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"747 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121077167","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-04-21DOI: 10.1080/19393555.2023.2201482
Benjamin F. Madnick, Keman Huang, S. Madnick
Developing cybersecurity norms and global normative cybersecurity behaviors play an increasingly critical role in global cybersecurity governance. This paper takes a longitudinal approach to analyze cybersecurity norms development activities during the period 1997–2020. A total of 206 individual cases were collected, and 233 individual cybersecurity norms were identified and compiled into 25 subject categories. Categorizing the norm subjects alongside the frequency of cases and norms identified each year allowed for a longitudinal view of cyber norm activities and the evolution in developments over these years. This examination enables us to categorize cybersecurity norms, including their dynamic focus and evolution patterns. By studying those viewed as “successful,” we gain guidance regarding the construction of global cybersecurity governance in the digital age. KEYWORDS
{"title":"The evolution of global cybersecurity norms in the digital age: A longitudinal study of the cybersecurity norm development process","authors":"Benjamin F. Madnick, Keman Huang, S. Madnick","doi":"10.1080/19393555.2023.2201482","DOIUrl":"https://doi.org/10.1080/19393555.2023.2201482","url":null,"abstract":"Developing cybersecurity norms and global normative cybersecurity behaviors play an increasingly critical role in global cybersecurity governance. This paper takes a longitudinal approach to analyze cybersecurity norms development activities during the period 1997–2020. A total of 206 individual cases were collected, and 233 individual cybersecurity norms were identified and compiled into 25 subject categories. Categorizing the norm subjects alongside the frequency of cases and norms identified each year allowed for a longitudinal view of cyber norm activities and the evolution in developments over these years. This examination enables us to categorize cybersecurity norms, including their dynamic focus and evolution patterns. By studying those viewed as “successful,” we gain guidance regarding the construction of global cybersecurity governance in the digital age. KEYWORDS","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128440438","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-28DOI: 10.1080/19393555.2023.2195577
Nelson Russo, Leonilde Reis, Clara Silveira, H. Mamede
ABSTRACT Organizational dependency on Information and Communication Technology (ICT) drives the preparedness challenge to cope with business process disruptions. Business Continuity Management (BCM) encompasses effective planning to enable business functions to resume to an acceptable state of operation within a defined timeframe. This paper presents a systematic literature review that communicates the strategic guidelines to streamline the organizational processes in the BCM program, culminating in the Business Continuity Plan design, according to the organization’s maturity. The systematic literature review methodology follows the Evidence-Based Software Engineering protocol assisted by the Parsifal tool, using the EbscoHost, ScienceDirect, and Scopus databases, ranging from 2000 to February 2021. International Standards and Frameworks guide the BCM program implementation, however, there is a gap in communicating metrics and what needs to be measured in the BCM program. The major paper result is the confirmation of the identified gap, through the analysis of the studies that, according to the BCM components, report strategic guidelines to streamline the BCM program. The analysis quantifies and discusses the contribution of the studies on each BCM component to design a framework supported by metrics, that allows assessing the organization’s preparedness in each BCM component, focusing on Information Systems and ICT strategies.
{"title":"Towards a Comprehensive Framework for the Multidisciplinary Evaluation of Organizational Maturity on Business Continuity Program Management: A Systematic Literature Review","authors":"Nelson Russo, Leonilde Reis, Clara Silveira, H. Mamede","doi":"10.1080/19393555.2023.2195577","DOIUrl":"https://doi.org/10.1080/19393555.2023.2195577","url":null,"abstract":"ABSTRACT Organizational dependency on Information and Communication Technology (ICT) drives the preparedness challenge to cope with business process disruptions. Business Continuity Management (BCM) encompasses effective planning to enable business functions to resume to an acceptable state of operation within a defined timeframe. This paper presents a systematic literature review that communicates the strategic guidelines to streamline the organizational processes in the BCM program, culminating in the Business Continuity Plan design, according to the organization’s maturity. The systematic literature review methodology follows the Evidence-Based Software Engineering protocol assisted by the Parsifal tool, using the EbscoHost, ScienceDirect, and Scopus databases, ranging from 2000 to February 2021. International Standards and Frameworks guide the BCM program implementation, however, there is a gap in communicating metrics and what needs to be measured in the BCM program. The major paper result is the confirmation of the identified gap, through the analysis of the studies that, according to the BCM components, report strategic guidelines to streamline the BCM program. The analysis quantifies and discusses the contribution of the studies on each BCM component to design a framework supported by metrics, that allows assessing the organization’s preparedness in each BCM component, focusing on Information Systems and ICT strategies.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121769542","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-03-28DOI: 10.1080/19393555.2023.2193350
Asia Othman Aljahdalic, Shoroq Banafee, Thana A Aljohani
{"title":"URL filtering using machine learning algorithms","authors":"Asia Othman Aljahdalic, Shoroq Banafee, Thana A Aljohani","doi":"10.1080/19393555.2023.2193350","DOIUrl":"https://doi.org/10.1080/19393555.2023.2193350","url":null,"abstract":"","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-03-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115609565","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-29DOI: 10.1080/19393555.2022.2160390
S. Mashhadi
ABSTRACT In a verifiable secret sharing (VSS) scheme, each participant can check cheating by the dealer or the other participants. In this work, we construct a VSS scheme with the strongest level of computational security and prove its security in the standard model. This scheme is secure against active attack and does not use bilinear pairing and hash function.
{"title":"Game-based security proofs for verifiable secret sharing schemes in the standard model","authors":"S. Mashhadi","doi":"10.1080/19393555.2022.2160390","DOIUrl":"https://doi.org/10.1080/19393555.2022.2160390","url":null,"abstract":"ABSTRACT In a verifiable secret sharing (VSS) scheme, each participant can check cheating by the dealer or the other participants. In this work, we construct a VSS scheme with the strongest level of computational security and prove its security in the standard model. This scheme is secure against active attack and does not use bilinear pairing and hash function.","PeriodicalId":103842,"journal":{"name":"Information Security Journal: A Global Perspective","volume":"141 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124707000","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: