Search results
1 – 10 of over 80000Godwin Thomas and Mary-Jane Sule
This paper proposes a holistic, proactive and adaptive approach to cybersecurity from a service lens, given the continuously evolving cyber-attack techniques, threat and…
Abstract
Purpose
This paper proposes a holistic, proactive and adaptive approach to cybersecurity from a service lens, given the continuously evolving cyber-attack techniques, threat and vulnerability landscape that often overshadow existing cybersecurity approaches.
Design/methodology/approach
Through an extensive literature review of relevant concepts and analysis of existing cybersecurity frameworks, standards and best practices, a logical argument is made to produce a dynamic end-to-end cybersecurity service system model.
Findings
Cyberspace has provided great value for businesses and individuals. The COVID-19 pandemic has significantly motivated the move to cyberspace by organizations. However, the extension to cyberspace comes with additional risks as traditional protection techniques are insufficient and isolated, generally focused on an organization's perimeter with little attention to what is out there. More so, cyberattacks continue to grow in complexity creating overwhelming consequences. Existing cybersecurity approaches and best practices are limited in scope, and implementation strategies, differing in strength and focus, at different levels of granularity. Nevertheless, the need for a proactive, adaptive and responsive cybersecurity solution is recognized.
Originality/value
This paper presents a model that promises proactive, adaptive and responsive end-to-end cybersecurity. The proposed cybersecurity continuity and management model premised on a service system, leveraging on lessons learned from existing solutions, takes a holistic analytical view of service activities from source (service provider) to destination (Customer) to ensure end-to-end security, whether internally (within an organization) or externally.
Details
Keywords
Krishna Prakasha, Balachandra Muniyal and Vasundhara Acharya
The purpose of the study is to develop a secure, efficient, and enhanced user authentication mechanism to achieve reliable and authenticated connection. In online transactions…
Abstract
Purpose
The purpose of the study is to develop a secure, efficient, and enhanced user authentication mechanism to achieve reliable and authenticated connection. In online transactions, users and resources are located at different places, and the sensitive information is to be protected and transferred using the suitable, reliable mechanism.
Design/methodology/approach
One of the latest approach to handle the requirement is by a Public Key Infrastructure (PKI) or its variant Wireless Public Key Infrastructure (WPKI). Fundamental management techniques are required to be very secure and vital since they are one of the points of attack in public key cryptosystem. Entity authentication and key agreement (AKA) is a critical cryptographic problem in wireless communication, where a mutual entity authentication plays a vital role in the establishment of the secure and authentic connection. This paper proposes an efficient and enhanced AKA scheme (EAKA) with the end-to-end security and verifies the proposed system for protection using automated validation of internet security protocols and applications. An efficient way for the implementation of an enhanced version of the protocol is proposed using a lattice-based cryptographic algorithm.
Findings
The time consumed for the proposed research work shows that it is practical and acceptable.
Originality/value
The proposed research work is an efficient and enhanced user authentication mechanism.
Details
Keywords
Shanying Zhu, Vijayalakshmi Saravanan and BalaAnand Muthu
Currently, in the health-care sector, information security and privacy are increasingly important issues. The improvement in information security is highlighted in adopting…
Abstract
Purpose
Currently, in the health-care sector, information security and privacy are increasingly important issues. The improvement in information security is highlighted in adopting digital patient records based on regulation, providers’ consolidation, and the growing need to exchange information among patients, providers, and payers.
Design/methodology/approach
Big data on health care are likely to improve patient outcomes, predict epidemic outbreaks, gain valuable insights, prevent diseases, reduce health-care costs and improve analysis of the quality of life.
Findings
In this paper, the big data analytics-based cybersecurity framework has been proposed for security and privacy across health-care applications. It is vital to identify the limitations of existing solutions for future research to ensure a trustworthy big data environment. Furthermore, electronic health records (EHR) could potentially be shared by various users to increase the quality of health-care services. This leads to significant issues of privacy that need to be addressed to implement the EHR.
Originality/value
This framework combines several technical mechanisms and environmental controls and is shown to be enough to adequately pay attention to common threats to network security.
Details
Keywords
Rodrigo Roman and Javier Lopez
This paper aims to analyze the security issues that arise when integrating wireless sensor networks (WSN) and the internet. Also, it seeks to review whether existing technology…
Abstract
Purpose
This paper aims to analyze the security issues that arise when integrating wireless sensor networks (WSN) and the internet. Also, it seeks to review whether existing technology mechanisms are suitable and can be applied in this context.
Design/methodology/approach
The paper considers the possible approaches that can be used to connect a WSN with the internet, and analyzes the security of their interactions.
Findings
By providing the services of the network through a front‐end proxy, a sensor network and the internet can interact securely. There are other challenges to be solved if the sensor nodes are integrated into the internet infrastructure, although there exists interesting advances on his matter.
Research limitations/implications
The complete integration of sensor networks and the internet still remains as an open issue.
Practical implications
With the current state of the art, it is possible to develop a secure sensor network that can provide its services to internet hosts with certain security properties.
Originality/value
The paper studies the interactions between sensor networks and the internet from the point of view of security. It identifies both solutions and research challenges.
Details
Keywords
Stephen C. Shih and H. Joseph Wen
One of the purposes of this paper is to discuss special security concerns and new challenges at front‐end e‐business and back‐end supply chain operations. An e‐enterprise security…
Abstract
Purpose
One of the purposes of this paper is to discuss special security concerns and new challenges at front‐end e‐business and back‐end supply chain operations. An e‐enterprise security management life cycle (eSMLC) is then proposed to ensure the unification and congruity of e‐enterprise security management.
Design/methodology/approach
To demonstrate the practicality of the eSMLC, a case study is presented to depict the application and implementation of the methodology at a leading US heating, ventilating, and air‐conditioning manufacturing company.
Findings
The case study substantiates that the eSMLC methodology can be employed as a unified mechanism to provide central, cohesive control and global visibility. It helps security professionals in the company develop practical steps and sustainable solutions for tackling the unique security challenges arising in an open, unbounded e‐enterprise environment.
Practical implications
Implementing eSMLC can help the security specialists focus on different critical security management jobs in a sequential but interrelated and logical manner. Through the use of eSMLC, in‐depth understanding of the potential environmental risks can be properly acquired. The methodology also helps managers perform a proactive analysis of the consequences of security breaches in relation to risks.
Originality/value
The proposed eSMLC methodology provides a viable foundation for building a secure and manageable computing environment using a recommended set of solutions, processes, procedures, and technologies. eSMLC methodology renders a unified, structured framework which helps develop an actual security plan and solutions and/or improve currently used security standards, practices, and configurations in response to special security requirements and long‐term e‐business needs.
Details
Keywords
The purpose of this paper is to reveal factors that impact information governance within the mobile technology implementation in organizations in the dual‐use context.
Abstract
Purpose
The purpose of this paper is to reveal factors that impact information governance within the mobile technology implementation in organizations in the dual‐use context.
Design/methodology/approach
Case study methodology was used and 15 semi‐structured interviews were conducted with records and information management (RIM) and information security professionals from different types of organizations.
Findings
There are three main findings. First, stakeholder support is critical to drive the change and leverage organizational security culture. Second, records mobility with data security dimension represents the biggest challenge for RIM stakeholders. Third, mobile strategy and security framework are two must‐win areas for a successful mobile implementation.
Research limitations/implications
The paper does not include any end‐user perspective in interviews and this end‐user context is missing.
Practical implications
Awareness through education and training of employees needs to be given very particular attention in the future mobile implementations. Moreover, management and employee support is the critical component of the effective information security governance framework implementation. Finally, mobile strategy needs undergo a very precise and detailed planning process to ensure the right technology acceptance by users.
Originality/value
The paper closes an existing research gap and provides useful insights to record management professionals and practitioners on factors that impact effective information governance implementation within the mobile dual‐use context.
Details
Keywords
Javed Aslam, Aqeela Saleem and Yun Bae Kim
This study aims to proposed that blockchain helps the organization improve supply chain (SC) performance by improving integration, agility and security through real-time…
Abstract
Purpose
This study aims to proposed that blockchain helps the organization improve supply chain (SC) performance by improving integration, agility and security through real-time information sharing, end-to-end visibility, transparency, data management, immutability, irrevocable information and cyber-security platforms.
Design/methodology/approach
This study has made an initial effort toward proposing a framework that shows the problems and challenges for the O&G SC under its segments (upstream, midstream and downstream) and provides the interlink among blockchain properties for SCM problems. SC managers were selected for survey questionnaires from the Pakistan O&G industries.
Findings
This study analyzes the impact of blockchain-enabled SC on firm performance with an understanding of the SC robustness capabilities as a mediator. The result revealed that the SC manager believes that the blockchain-enabled SC has a positive and significant on firm performance and robustness capabilities.
Research limitations/implications
Blockchain technology is reflected as high-tech to support the firm process, responses and methods. The technology helps eliminate bottlenecks, avoid uncertainties and improve decision-making, leading to improved SC functions. This study guides managers about the potential problems of existing SC and how blockchain solves SC problems more effectively.
Originality/value
The oil and gas (O&G) sectors are neglected by researchers, and there are limited studies on O&G supply chain management (SCM). Additionally, no empirical evidence suggests implementing blockchain for O&G as a solution for potential problems. Furthermore, present the roadmap to other industries those having complex SC networks for the implication of blockchain to improve the SC performance.
Details
Keywords
Aims to establish a basic conceptual framework for understanding extranet implementation guidelines. Provides a specific case using VF Playwear, Inc.’s HealthTexbtob.com, a…
Abstract
Aims to establish a basic conceptual framework for understanding extranet implementation guidelines. Provides a specific case using VF Playwear, Inc.’s HealthTexbtob.com, a business‐to‐business extranet for linking VF with its customers. Owing to the heavy pressure to create a Web presence in the digital marketspace, some firms have found it beneficial to work with e‐business solution providers that can assist them through the critical points of the development life cycle. VF Playwear, Inc. manufactures children’s clothing and is part of the VF Corporation umbrella that supplies such well‐known clothing brands as Wrangler, Lee, Rustler, Vanity Fair, and Vassarette, among others. Lessons learned by VF Playwear, Inc., in close collaboration with MERANT E‐Solutions (enterprise solutions) and Egility I‐Solutions (infrastructure solutions), are featured in this case study.
Details
Keywords
A.B. Feroz Khan and Anandharaj G
The purpose of the paper is to analyze the layer wise security issues in IoT and to obtain the effective security mechanism for jamming attack .
Abstract
Purpose
The purpose of the paper is to analyze the layer wise security issues in IoT and to obtain the effective security mechanism for jamming attack .
Design/methodology/approach
In this study, the authors proposed a multi layer security approach for the detection of DDoS in IoT environment, which protects the smart devices from DDoS, this scheme also reduces the computational cost in the network under mobility condition.
Findings
Even though many works have been done for the security of wireless sensor network (WSN), all works have focused on encryption which depends on the key management strategy. In this study, the authors proposed a multilayer approach to analyze the layer wise security issues and also proposed a threshold-based countermeasure (TBC) for replay attack in each layer.
Originality/value
The results indicate that the proposed algorithm lowers the computational costs and energy consumption than in modern schemes. Also, the proposed research work improves the scalability of sensor networks using the TBC.
Details