The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The methodological aspects of building standardized profiles describing the development of a security system that is an integral part of a distributed information system are considered. Functional standardization instruments and the theory of open systems are used.
We evaluated the support proposed by the RSO to represent graphically our EAM-ISSRM (Enterprise Architecture Management - Information System Security Risk Management) integrated model. The evaluation of the RSO visual notation has been done at two different levels: completeness with regards to the EAM-ISSRM integrated model (Section III) and cognitive effectiveness, relying on the nine principles...
Objective: This article objective is to model authorization process from role-based access control (RBAC) using restrict mode features (separation of duties (SoD) implementation) via Colored Petri Nets (CPN) simulations to map security concerns or limitations of this access control while addressing ISO 14441 requirements for Electronic Health Records (EHR) systems. Method: We have mapped the two separation...
Companies willing to survive the numeric economy are forced to collaborate with each other in order to maximize their co-creation of value. This co-creation exists for many reasons: to sell and acquire information, goods and services, to optimize the quality of procedures, to improve security and privacy, etc. In this paper, we analyze and model value co-creation through three dimensions: the value's...
Increased interest in security has resulted in greater demand for automated test systems to comply with security standards. Automated test systems have traditionally been operated in isolated environments because of their unique characteristics. However, changes in United States defense acquisition regulations require that defense contractors bring these test systems into compliance with National...
In order to provide a reference for the establishment of power information system, this paper reviewed electrical power information system including security model, communication mechanism and risk assessment. Security model including OSI and P2DR, communication mechanism including IEC 62351 and IEC 61850, risk assessment including Fault Tree and Attack Tree were introduced. In each section, literature...
The purpose of this study was to evaluate the application system TULIS in the Main Library of UIN Syarif Hidayatulllah Jakarta by using COBIT 5 framework focuses on the process of managing security (APO13) and managed security services and to know the gap and provide recommendations to top management of the Library. This study used Likert scale calculations. The results of this study are as score...
Sustainable technology means technology is capable of being maintained over a long span of time; independent of shifts in both hardware and software. Effective implementation and use of Health information Systems (HIS) for years to come is crucial as sustainable HIS. Numbers of studies have discussed various factors contributes towards barriers for successful implementation of HIS. However, very few...
As an important research part of ship intelligence and networking, the communication quality of ship information system is affected by its closeness and fragility which has increased the risk of cyberattack in ship environment. However, before the research of defense mechanisms, the study of attack in ship information system has its own irreplaceable value. Therefore, in this paper, some systematic...
It is critical and foremost to come up with the corresponding security requirements first which the following implementations are based on. However, previous security requirement elicitation work based on Common Criteria (CC) rarely addresses the detailed elicitation process of threats from specific functional requirements, which thus results in the widen gap between specific functional requirements...
Critical information systems strongly rely on event logging techniques to collect data, such as housekeeping/error events, execution traces and dumps of variables, into unstructured text logs. Event logs are the primary source to gain actionable intelligence from production systems. In spite of the recognized importance, system/application logs remain quite underutilized in security analytics when...
In this paper, we propose a new approach to manage the threats brought by an IoT infrastructure to a legacy information system (IS). We first give a state of art for information security properties in IoT and IS based on standards such as ISO 16982 and ISO 27005 and a previously published taxonomy. Then we detail an innovative method, based on the evaluation of threats brought by an IoT infrastructure...
The information system audit developed in a data center it was based on the study of the domains of COBIT; for this reason the survey for each component it was developed with the goal of obtain the necessary information for audit. The analysis of this information, permited to establish the degree of compliance with international standards, and determine the maturity, risk levels of each of the components...
The existence of increasingly more sophisticated and modern information systems and technologies which may enable an easier collection, storage, processing and dissemination of information is paramount for the good performance of an organization. However, the planning of such systems must be effective, thus enabling the definition of the envisaged future of the organization's information systems....
The impact of efficient Information System Strategy Plans has proven crucial to modern-day corporations. However, during the analysis phase for a technical solution to fulfil an identified need in an enterprise, many teams tend to focus on a very issue-specific analysis and overlook its underlying global corporate impacts. On the other hand, it is difficult and time-expensive for these teams to analyse...
From the perspective of services to the population, with vast social implications, in which the security, confidentiality, and access to personal data represents a critical region, the medical services and information systems that are on the base of the strategic management in health care systems, are a theme of maximum interest and rather less approached. In particular, the prospect of at-home health...
In our previous work, we have applied ordinary linear regression equation to network anomaly detection. However, the performance of ordinary linear regression equation is susceptible to outliers. Unfortunately, it is almost impossible to obtain a “clean” traffic data set for ordinary regression model due to the burstiness of network traffic and the pervasive network attacks. In this paper, we make...
Consider a cellular multiple-input single-output (MISO) channel, in the presence of multiple eavesdroppers (Eves) and one pair of single-antenna device-to-device (D2D) nodes working as an underlay. A novel eavesdropping scenario, termed as selective eavesdropping, is studied in this paper, where Eves arbitrarily select one target from the cellular receiver and the D2D receiver to overhear, but their...
Full duplex (FD) communication promises significant performance gains under ideal network settings. Generally, it has been shown that the throughput and delay gains of FD communication are somewhat limited in realistic conditions, leading researchers to study other possible applications where significantly higher gains over half duplex communication can be availed. The potential of FD nodes in improving...
In this paper, the security in a device-to-device (D2D) spectrum sharing network is investigated. The cellular users and eavesdroppers are distributed according to two independent Poisson Point Processes (PPPs), and the positions of the D2D transmitters follow a hard-core point process. Based on the stochastic geometry, we first derive closed-form expressions of the connection and secrecy outage probabilities...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.