The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The use of Bluetooth Low Energy (BLE) recently became famous in crowd localization services. In this article we show that such service induces significant threats and we propose a scheme that achieves privacy preserving crowd localization. Crowd localization applications leverage all their users to perform periodic BLE scan and detect the nearby tracked devices. The users run a smartphone application...
Threats to information security can have great impact on business finances and company's reputation. Traditional methodologies for evaluating the maturity of data centers investigate security parameters to determine the compliance of data centers and international security norms. This paper proposes two innovative evaluation procedures to capture other security perspectives on data center environments:...
A standardized Communication / Information Protocol is necessary for implementing the 4 upper digitalization layers of Industrie 4.0-compliant solutions. OPC UA is one of the leading and preferred technology. Currently, there are many different OPC UA implementations available on the market. This paper gives an overview of existing solutions and shows the results of an initial benchmarking based on...
We present a novel approach for detecting malicious user activity in databases. Specifically, we propose a new machine learning algorithm for detecting attacks such as a stolen user account or illegal use by a user. Our algorithm relies on two main components that examine the consistency of a user's activity and compare it with activity patterns learned from past access. The first component tests...
This scheme is a method for controlling functionality of a mobile device. The operation of the element function of the mobile device is blocked by a blocking code, and the operation of the blocked element function is unblocked by an unblocking code. The blocking code is a code used to block the operation of the element function of the mobile device in an area in which a user is located, and the unblocking...
In today's knowledge society data plays a central role. Large parts of an organization's critical data currently resides in databases which makes them an attractive target for cyber-attacker. The increasing digitization and interconnection of organizations combined with growing complexity of IT systems led to increased attack surface of most organizations. At the same time cyber-adversaries increased...
In this paper, we introduce a new phishing detection method, which is based on the analysis of legitimate website server log information. The idea is based on finding the references. Because of the references, every time the victim opens phishing website, the phishing website will refer to the legitimate website by asking for resources. Then, there is a log, which is recorded by the legal website...
Discovering potential attacks on a system is an essential step in engineering secure systems, as the identified attacks will determine essential security requirements. The prevalence of Socio-Technical Systems (STSs) makes attack analysis particularly challenging. These systems are composed of people and organizations, their software systems, as well as physical infrastructures. As such, a thorough...
Any individual that re-registers an expired domain implicitly inherits the residual trust associated with the domain's prior use. We find that adversaries can, and do, use malicious re-registration to exploit domain ownership changes -- undermining the security of both users and systems. In fact, we find that many seemingly disparate security problems share a root cause in residual domain trust abuse...
Android devices (Phone, Tablet) are steadily gaining popularity and computational power (CPU, Storage Memory and RAM) of them is almost on par with a desktop computer or Laptop in the recent years. However, Android devices were not being used for executing any computation intensive tasks till 2012 extensively. A recent study shows that users charge their Android devices for 8 hours on an average in...
This system is based on C/S architecture design and development of service-oriented architecture of financial information management system, users can end the system directly through the client-related operations, the user submits a request to the server, the server accesses the database, in order to ensure that the database security, according to the function of the system is divided module testing,...
Cloud computing is the fruit of recent developments in information technology, it provides access to many online services as well as remote computing resources as needed. To be more specific, cloud computing stands today as a satisfactory answer to the problem of storage and computing of data encountered by companies. It provides treatment and accommodation of their digital information via a fully...
The trend of adapting BYOD or "Bring Your Own Device" concept in enterprise environment is increasing due to mutual benefits that the company and employees get. Organizations get benefit of increased productivity and reduced IT expenditure whereas the employees are able to use the mobile device which is comfortable and convenient for them. However, BYOD deployment brings serious security...
This paper reports on a case study that was conducted in a cloud High Performance Computing (HPC) project one that used very sensitive and confidential data. The study aimed to explore the security challenges and practicalities that occur within a cloud HPC project and to develop a method for making critical security decisions. Action research was used to examine the nuances throughout the project...
The threat of cyber-attacks grows up, as one can see by several negative security-news from companies and private persons. [7] Especially small-and-medium-sized enterprises (SME) are in focus of external attackers because they have not implemented sufficient security strategies and components for their networks yet. Additionally, tablets, smartphones, and netbooks changed the requirements of IT security...
Cloud computing as a potential paradigm offers tremendous advantages to enterprises. With the cloud computing, the market's entrance time is reduced, computing capabilities is augmented and computing power is really limitless. Usually, to use the full power of cloud computing, cloud users has to rely on external cloud service provider for managing their data. Nevertheless, the management of data and...
The introduction of bring your own device (BYOD) policy in the corporate world creates benefits for companies as well as job satisfaction for the employee. However, it also creates challenges in terms of security as new vulnerabilities arise. In particular, these challenges include space isolation, data confidentiality, and policy compliance as well as handling the resource constraints of mobile devices...
The presented OptInv software system provides support for inventory and sales optimization. Generally, small and medium enterprises cannot afford expensive Enterprise Resource Planning (ERP) systems, with effective supply management modules. Supplies are often managed based only on former experience. Inconvenient situations can occur when an order cannot be accomplished because the needed product...
Most enterprises today have their own Private Branch Exchange (PBX) systems that enable them to communicate on-premise and with the external or public switch telephone network. Companies that rely on heavy phone calls (especially, debt collectors) find the approach cost effective especially when automation techniques are introduced for auto dialing as a measure to reduce the number of employees who...
Three approaches exist for a company to migrate its services in the cloud. The first is select the most appropriate commercial cloud provider, such as Microsoft, Amazon, Google or SalesForce, and to rent their resources and deploy its services. These cloud service providers The second approach is to build a private cloud with some of the open source cloud frameworks like Eucalyptus, OpenStack, OpenNebula...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.