Search results

This paper proposes a holistic, proactive and adaptive approach to cybersecurity from a service lens, given the continuously evolving cyber-attack techniques, threat and vulnerability landscape that often overshadow existing cybersecurity approaches.

Through an extensive literature review of relevant concepts and analysis of existing cybersecurity frameworks, standards and best practices, a logical argument is made to produce a dynamic end-to-end cybersecurity service system model.

Cyberspace has provided great value for businesses and individuals. The COVID-19 pandemic has significantly motivated the move to cyberspace by organizations. However, the extension to cyberspace comes with additional risks as traditional protection techniques are insufficient and isolated, generally focused on an organization's perimeter with little attention to what is out there. More so, cyberattacks continue to grow in complexity creating overwhelming consequences. Existing cybersecurity approaches and best practices are limited in scope, and implementation strategies, differing in strength and focus, at different levels of granularity. Nevertheless, the need for a proactive, adaptive and responsive cybersecurity solution is recognized.

This paper presents a model that promises proactive, adaptive and responsive end-to-end cybersecurity. The proposed cybersecurity continuity and management model premised on a service system, leveraging on lessons learned from existing solutions, takes a holistic analytical view of service activities from source (service provider) to destination (Customer) to ensure end-to-end security, whether internally (within an organization) or externally.

The purpose of the study is to develop a secure, efficient, and enhanced user authentication mechanism to achieve reliable and authenticated connection. In online transactions, users and resources are located at different places, and the sensitive information is to be protected and transferred using the suitable, reliable mechanism.

One of the latest approach to handle the requirement is by a Public Key Infrastructure (PKI) or its variant Wireless Public Key Infrastructure (WPKI). Fundamental management techniques are required to be very secure and vital since they are one of the points of attack in public key cryptosystem. Entity authentication and key agreement (AKA) is a critical cryptographic problem in wireless communication, where a mutual entity authentication plays a vital role in the establishment of the secure and authentic connection. This paper proposes an efficient and enhanced AKA scheme (EAKA) with the end-to-end security and verifies the proposed system for protection using automated validation of internet security protocols and applications. An efficient way for the implementation of an enhanced version of the protocol is proposed using a lattice-based cryptographic algorithm.

The time consumed for the proposed research work shows that it is practical and acceptable.

The proposed research work is an efficient and enhanced user authentication mechanism.

Currently, in the health-care sector, information security and privacy are increasingly important issues. The improvement in information security is highlighted in adopting digital patient records based on regulation, providers’ consolidation, and the growing need to exchange information among patients, providers, and payers.

Big data on health care are likely to improve patient outcomes, predict epidemic outbreaks, gain valuable insights, prevent diseases, reduce health-care costs and improve analysis of the quality of life.

In this paper, the big data analytics-based cybersecurity framework has been proposed for security and privacy across health-care applications. It is vital to identify the limitations of existing solutions for future research to ensure a trustworthy big data environment. Furthermore, electronic health records (EHR) could potentially be shared by various users to increase the quality of health-care services. This leads to significant issues of privacy that need to be addressed to implement the EHR.

This framework combines several technical mechanisms and environmental controls and is shown to be enough to adequately pay attention to common threats to network security.

This paper aims to analyze the security issues that arise when integrating wireless sensor networks (WSN) and the internet. Also, it seeks to review whether existing technology mechanisms are suitable and can be applied in this context.

The paper considers the possible approaches that can be used to connect a WSN with the internet, and analyzes the security of their interactions.

By providing the services of the network through a front‐end proxy, a sensor network and the internet can interact securely. There are other challenges to be solved if the sensor nodes are integrated into the internet infrastructure, although there exists interesting advances on his matter.

The complete integration of sensor networks and the internet still remains as an open issue.

With the current state of the art, it is possible to develop a secure sensor network that can provide its services to internet hosts with certain security properties.

The paper studies the interactions between sensor networks and the internet from the point of view of security. It identifies both solutions and research challenges.

One of the purposes of this paper is to discuss special security concerns and new challenges at front‐end e‐business and back‐end supply chain operations. An e‐enterprise security management life cycle (eSMLC) is then proposed to ensure the unification and congruity of e‐enterprise security management.

To demonstrate the practicality of the eSMLC, a case study is presented to depict the application and implementation of the methodology at a leading US heating, ventilating, and air‐conditioning manufacturing company.

The case study substantiates that the eSMLC methodology can be employed as a unified mechanism to provide central, cohesive control and global visibility. It helps security professionals in the company develop practical steps and sustainable solutions for tackling the unique security challenges arising in an open, unbounded e‐enterprise environment.

Implementing eSMLC can help the security specialists focus on different critical security management jobs in a sequential but interrelated and logical manner. Through the use of eSMLC, in‐depth understanding of the potential environmental risks can be properly acquired. The methodology also helps managers perform a proactive analysis of the consequences of security breaches in relation to risks.

The proposed eSMLC methodology provides a viable foundation for building a secure and manageable computing environment using a recommended set of solutions, processes, procedures, and technologies. eSMLC methodology renders a unified, structured framework which helps develop an actual security plan and solutions and/or improve currently used security standards, practices, and configurations in response to special security requirements and long‐term e‐business needs.

The purpose of this paper is to reveal factors that impact information governance within the mobile technology implementation in organizations in the dual‐use context.

Case study methodology was used and 15 semi‐structured interviews were conducted with records and information management (RIM) and information security professionals from different types of organizations.

There are three main findings. First, stakeholder support is critical to drive the change and leverage organizational security culture. Second, records mobility with data security dimension represents the biggest challenge for RIM stakeholders. Third, mobile strategy and security framework are two must‐win areas for a successful mobile implementation.

The paper does not include any end‐user perspective in interviews and this end‐user context is missing.

Awareness through education and training of employees needs to be given very particular attention in the future mobile implementations. Moreover, management and employee support is the critical component of the effective information security governance framework implementation. Finally, mobile strategy needs undergo a very precise and detailed planning process to ensure the right technology acceptance by users.

The paper closes an existing research gap and provides useful insights to record management professionals and practitioners on factors that impact effective information governance implementation within the mobile dual‐use context.

This study aims to proposed that blockchain helps the organization improve supply chain (SC) performance by improving integration, agility and security through real-time information sharing, end-to-end visibility, transparency, data management, immutability, irrevocable information and cyber-security platforms.

This study has made an initial effort toward proposing a framework that shows the problems and challenges for the O&G SC under its segments (upstream, midstream and downstream) and provides the interlink among blockchain properties for SCM problems. SC managers were selected for survey questionnaires from the Pakistan O&G industries.

This study analyzes the impact of blockchain-enabled SC on firm performance with an understanding of the SC robustness capabilities as a mediator. The result revealed that the SC manager believes that the blockchain-enabled SC has a positive and significant on firm performance and robustness capabilities.

Blockchain technology is reflected as high-tech to support the firm process, responses and methods. The technology helps eliminate bottlenecks, avoid uncertainties and improve decision-making, leading to improved SC functions. This study guides managers about the potential problems of existing SC and how blockchain solves SC problems more effectively.

The oil and gas (O&G) sectors are neglected by researchers, and there are limited studies on O&G supply chain management (SCM). Additionally, no empirical evidence suggests implementing blockchain for O&G as a solution for potential problems. Furthermore, present the roadmap to other industries those having complex SC networks for the implication of blockchain to improve the SC performance.

Aims to establish a basic conceptual framework for understanding extranet implementation guidelines. Provides a specific case using VF Playwear, Inc.’s HealthTexbtob.com, a business‐to‐business extranet for linking VF with its customers. Owing to the heavy pressure to create a Web presence in the digital marketspace, some firms have found it beneficial to work with e‐business solution providers that can assist them through the critical points of the development life cycle. VF Playwear, Inc. manufactures children’s clothing and is part of the VF Corporation umbrella that supplies such well‐known clothing brands as Wrangler, Lee, Rustler, Vanity Fair, and Vassarette, among others. Lessons learned by VF Playwear, Inc., in close collaboration with MERANT E‐Solutions (enterprise solutions) and Egility I‐Solutions (infrastructure solutions), are featured in this case study.

The purpose of the paper is to analyze the layer wise security issues in IoT and to obtain the effective security mechanism for jamming attack .

In this study, the authors proposed a multi layer security approach for the detection of DDoS in IoT environment, which protects the smart devices from DDoS, this scheme also reduces the computational cost in the network under mobility condition.

Even though many works have been done for the security of wireless sensor network (WSN), all works have focused on encryption which depends on the key management strategy. In this study, the authors proposed a multilayer approach to analyze the layer wise security issues and also proposed a threshold-based countermeasure (TBC) for replay attack in each layer.

The results indicate that the proposed algorithm lowers the computational costs and energy consumption than in modern schemes. Also, the proposed research work improves the scalability of sensor networks using the TBC.