Pub Date : 2019-07-01DOI: 10.4018/ijhiot.2019070104
Ping Wang, H. d'Cruze
The workforce demand for cybersecurity professionals has been substantial and fast growing. Qualified cybersecurity professionals with appropriate knowledge, skills, and abilities for various tasks and job roles are needed to perform the challenging work of defending the cyber space. The certified information systems security professional (CISSP) certification is a globally recognized premier cybersecurity credential and validation of qualifications. This case study analyzes the CISSP certification requirements, domains and objectives and attempts to map them to the cybersecurity industry competencies and the US national cybersecurity workforce framework (NCWF). This research is an extended study with full mapping of all CISSP domain areas to the knowledge, skills, and abilities in NCWF. The extended study aims to discover the in-depth value and role of reputable certifications such as CISSP in competency development for cybersecurity workforce. This article also discusses the value and implications of the CISSP certification on cybersecurity education and training.
{"title":"Certifications in Cybersecurity Workforce Development","authors":"Ping Wang, H. d'Cruze","doi":"10.4018/ijhiot.2019070104","DOIUrl":"https://doi.org/10.4018/ijhiot.2019070104","url":null,"abstract":"The workforce demand for cybersecurity professionals has been substantial and fast growing. Qualified cybersecurity professionals with appropriate knowledge, skills, and abilities for various tasks and job roles are needed to perform the challenging work of defending the cyber space. The certified information systems security professional (CISSP) certification is a globally recognized premier cybersecurity credential and validation of qualifications. This case study analyzes the CISSP certification requirements, domains and objectives and attempts to map them to the cybersecurity industry competencies and the US national cybersecurity workforce framework (NCWF). This research is an extended study with full mapping of all CISSP domain areas to the knowledge, skills, and abilities in NCWF. The extended study aims to discover the in-depth value and role of reputable certifications such as CISSP in competency development for cybersecurity workforce. This article also discusses the value and implications of the CISSP certification on cybersecurity education and training.","PeriodicalId":262783,"journal":{"name":"International Journal of Hyperconnectivity and the Internet of Things","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122177902","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-07-01DOI: 10.4018/ijhiot.2019070102
Akvile Kiskis
This article describes how SQL injection has been a long-standing problem in database security. It is understandable why injection is considered number one because of the sheer number of web applications that exist currently. An injection attack can allow an attacker to gain complete access of a database which oftentimes contains sensitive information. This results in a loss of confidential information which places consumers at a huge risk.
{"title":"Why SQL Injection Attacks Are Still Plaguing Databases","authors":"Akvile Kiskis","doi":"10.4018/ijhiot.2019070102","DOIUrl":"https://doi.org/10.4018/ijhiot.2019070102","url":null,"abstract":"This article describes how SQL injection has been a long-standing problem in database security. It is understandable why injection is considered number one because of the sheer number of web applications that exist currently. An injection attack can allow an attacker to gain complete access of a database which oftentimes contains sensitive information. This results in a loss of confidential information which places consumers at a huge risk.","PeriodicalId":262783,"journal":{"name":"International Journal of Hyperconnectivity and the Internet of Things","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122470689","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-01DOI: 10.4018/IJHIOT.2019010102
Jean-Noel Colin, Laurent Evrard
In this article, the researchers introduce a 3-level model for security access control that comes as an extension to ABAC. This extension augments its structural and hierarchical expressiveness allowing to define arbitrarily complex access control rules. The authors apply this model to IoT platforms and show how it fulfils security access control requirements of these platforms. Finally, a reference architecture is introduced for access control applied to connected objects and its implementation details are presented.
{"title":"A Flexible and Centralized Approach for Access Control in Heterogeneous IoT Environment","authors":"Jean-Noel Colin, Laurent Evrard","doi":"10.4018/IJHIOT.2019010102","DOIUrl":"https://doi.org/10.4018/IJHIOT.2019010102","url":null,"abstract":"In this article, the researchers introduce a 3-level model for security access control that comes as an extension to ABAC. This extension augments its structural and hierarchical expressiveness allowing to define arbitrarily complex access control rules. The authors apply this model to IoT platforms and show how it fulfils security access control requirements of these platforms. Finally, a reference architecture is introduced for access control applied to connected objects and its implementation details are presented.","PeriodicalId":262783,"journal":{"name":"International Journal of Hyperconnectivity and the Internet of Things","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133656976","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-07-01DOI: 10.4018/IJHIOT.2018070104
Gyanendra Kumar, Parul Tomar
As IPv4 addresses are already exhausted before the beginning of Internet of Thing (IoT), IPv6 is widely used to assign unique identity to IoT nodes. In this article, the analysis of different components required in assigning IPv6 addresses to IoT nodes, a survey of IPv6 address assignment schemes and an examination of the different kinds of IPv6 addresses are presented. This article highlights the architectural complexity of IoT technologies, protocol stacks, limitations of IoT nodes, renumbering, multihoming, the merging of IoT network and other challenges towards assigning of IPv6 address to IoT nodes. A comprehensive survey on recent addressing schemes with classification based on allocation tables and spatial information are presented. This survey describes the address allocation mechanism, performance on different metrics, the area of applicability, and the merits and demerits of different addressing schemes. It also describes the future research options addressing IoT.
{"title":"A Survey of IPv6 Addressing Schemes for Internet of Things","authors":"Gyanendra Kumar, Parul Tomar","doi":"10.4018/IJHIOT.2018070104","DOIUrl":"https://doi.org/10.4018/IJHIOT.2018070104","url":null,"abstract":"As IPv4 addresses are already exhausted before the beginning of Internet of Thing (IoT), IPv6 is widely used to assign unique identity to IoT nodes. In this article, the analysis of different components required in assigning IPv6 addresses to IoT nodes, a survey of IPv6 address assignment schemes and an examination of the different kinds of IPv6 addresses are presented. This article highlights the architectural complexity of IoT technologies, protocol stacks, limitations of IoT nodes, renumbering, multihoming, the merging of IoT network and other challenges towards assigning of IPv6 address to IoT nodes. A comprehensive survey on recent addressing schemes with classification based on allocation tables and spatial information are presented. This survey describes the address allocation mechanism, performance on different metrics, the area of applicability, and the merits and demerits of different addressing schemes. It also describes the future research options addressing IoT.","PeriodicalId":262783,"journal":{"name":"International Journal of Hyperconnectivity and the Internet of Things","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116770414","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-07-01DOI: 10.4018/IJHIOT.2018070101
P. Taveras
In a distributed environment, such as IoT, the requirement for constant sensing and actuating from a diverse source of devices increases the complexity and therefore, the operational cost of the software required to keep the system running. The article covers the conceptual and technological aspects, together with a series of previous experiences, findings, and literature that constitute the essence of the body of knowledge related to the issues and challenges for developing a middleware that supports the IoT domain's independent functionality. The article provides the foundation to understand the challenges faced in the development of IoT middleware, focusing on five sensitizing elements, namely, IoT evolution, architecture, security, middleware, and programming. The systematic exploration on limitations for IoT software development revealed the need for programming methods and language abstractions to cope with the demands of IoT scenarios, specifically to deal with the challenges of massive communications, limited infrastructure, and multiplicity of devices.
{"title":"A Systematic Exploration on Challenges and Limitations in Middleware Programming for IoT Technology","authors":"P. Taveras","doi":"10.4018/IJHIOT.2018070101","DOIUrl":"https://doi.org/10.4018/IJHIOT.2018070101","url":null,"abstract":"In a distributed environment, such as IoT, the requirement for constant sensing and actuating from a diverse source of devices increases the complexity and therefore, the operational cost of the software required to keep the system running. The article covers the conceptual and technological aspects, together with a series of previous experiences, findings, and literature that constitute the essence of the body of knowledge related to the issues and challenges for developing a middleware that supports the IoT domain's independent functionality. The article provides the foundation to understand the challenges faced in the development of IoT middleware, focusing on five sensitizing elements, namely, IoT evolution, architecture, security, middleware, and programming. The systematic exploration on limitations for IoT software development revealed the need for programming methods and language abstractions to cope with the demands of IoT scenarios, specifically to deal with the challenges of massive communications, limited infrastructure, and multiplicity of devices.","PeriodicalId":262783,"journal":{"name":"International Journal of Hyperconnectivity and the Internet of Things","volume":"64 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128978679","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2018-07-01DOI: 10.4018/IJHIOT.2018070102
Van Nguyen, Derek Mohammed, Marwan Omar, Mubarak Banisakher
The repeal of net neutrality has caused a great public outcry from academic down to the end-users. Net neutrality was an FCC order that specified the principles for Internet Service Providers. The most prevalent principles were related to bandwidth throttling, preferential treatments, and privacy. Some described the action of the FCC will lead to the end of the Internet and consumer privacy. There have been many articles discussing about the fallout of the ruling, but it is difficult filtering fact from fiction. In this article, the authors discuss the nature of net neutrality, the history, the arguments for and against, and the roles of the FCC and their many orders. They also layout the implication of repeal on security and privacy. They present a few scenarios specifying what an ISP can do and cannot do. Finally, the authors specify what laws the consumers have left for their privacy.
{"title":"The Effects of the FCC Net Neutrality Repeal on Security and Privacy","authors":"Van Nguyen, Derek Mohammed, Marwan Omar, Mubarak Banisakher","doi":"10.4018/IJHIOT.2018070102","DOIUrl":"https://doi.org/10.4018/IJHIOT.2018070102","url":null,"abstract":"The repeal of net neutrality has caused a great public outcry from academic down to the end-users. Net neutrality was an FCC order that specified the principles for Internet Service Providers. The most prevalent principles were related to bandwidth throttling, preferential treatments, and privacy. Some described the action of the FCC will lead to the end of the Internet and consumer privacy. There have been many articles discussing about the fallout of the ruling, but it is difficult filtering fact from fiction. In this article, the authors discuss the nature of net neutrality, the history, the arguments for and against, and the roles of the FCC and their many orders. They also layout the implication of repeal on security and privacy. They present a few scenarios specifying what an ISP can do and cannot do. Finally, the authors specify what laws the consumers have left for their privacy.","PeriodicalId":262783,"journal":{"name":"International Journal of Hyperconnectivity and the Internet of Things","volume":"150 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125772145","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1900-01-01DOI: 10.4018/IJHIOT.2019010101
C. Nobles
The U.S. financial sector is the bedrock of the economic health and strategic advancement. As a critical infrastructure, the financial sector continuously faces cyber-attacks and other nefarious activity. The financial sector is undergoing a technological explosion and forcing banks and financial institutions to implement cutting edge technologies. Even though technological breakthroughs are yielding competitive advantages; consequently, the same technologies are more prone to cyber-attacks stemming from technologically-induced vulnerabilities. The integrative and hyperconnected state of the financial industry and the domestic and global financial ecosystems are highly centralized and vulnerable to sophisticated cybersecurity threats, human factors, social engineering, credit card fraud, and online banking schemes. Any attempts to degrade, disrupt, or deny vital services and transactions in the financial industry could be conceived as an infringement and blockade of the U.S. global powers.
{"title":"Disrupting the U.S. National Security Through Financial Cybercrimes","authors":"C. Nobles","doi":"10.4018/IJHIOT.2019010101","DOIUrl":"https://doi.org/10.4018/IJHIOT.2019010101","url":null,"abstract":"The U.S. financial sector is the bedrock of the economic health and strategic advancement. As a critical infrastructure, the financial sector continuously faces cyber-attacks and other nefarious activity. The financial sector is undergoing a technological explosion and forcing banks and financial institutions to implement cutting edge technologies. Even though technological breakthroughs are yielding competitive advantages; consequently, the same technologies are more prone to cyber-attacks stemming from technologically-induced vulnerabilities. The integrative and hyperconnected state of the financial industry and the domestic and global financial ecosystems are highly centralized and vulnerable to sophisticated cybersecurity threats, human factors, social engineering, credit card fraud, and online banking schemes. Any attempts to degrade, disrupt, or deny vital services and transactions in the financial industry could be conceived as an infringement and blockade of the U.S. global powers.","PeriodicalId":262783,"journal":{"name":"International Journal of Hyperconnectivity and the Internet of Things","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128635504","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: