Secure Tropos: A Security-Oriented Extension of the Tropos methodology

Although security plays an important role in the development of multiagent systems, a careful analysis of software development processes shows that the definition of security requirements is, usually, considered after the design of the system. One of the reasons is the fact that agent oriented software engineering methodologies have not integrated security concerns throughout their developing stages. The integration of security concerns during the whole range of the development stages can help towards the development of more secure multiagent systems. In this paper we introduce extensions to the Tropos methodology to enable it to model security concerns throughout the whole development process. A description of the new concepts and modelling activities is given along with a discussion on how these concepts and modelling activities are integrated to the current stages of Tropos. A real life case study from the health and social care sector is used to illustrate the approach.

What Attitude Changes Are Needed to Cause SMEs to Take a Strategic Approach to Information Security?

Spending on security in an SME usually has to compete with demands for hardware, infrastructure, and strategic applications. In this paper, the authors seek to explore the reasons why smaller SMEs in particular have consistently failed to see securing information as strategic year-on-year spending, and just regard as part of an overall tight IT budget. The authors scrutinise the typical SMEs reasoning for choosing to see non-spending on security as an acceptable strategic risk. They look particularly at possible reasons why SMEs tend not to take much notice of "scare stories" in the media based on research showing they are increasingly at risk, whilst larger businesses are taking greater precautions and become more difficult to penetrate. The results and their analysis provide useful pointers towards broader business environment changes that would cause SMEs to be more risk-averse and ethical in their approach to securing their own and their clients’ information.

Resource security impacts men’s female breast size preferences

It has been suggested human female breast size may act as signal of fat reserves, which in turn indicates access to resources. Based on this perspective, two studies were conducted to test the hypothesis that men experiencing relative resource insecurity should perceive larger breast size as more physically attractive than men experiencing resource security. In Study 1, 266 men from three sites in Malaysia varying in relative socioeconomic status (high to low) rated a series of animated figures varying in breast size for physical attractiveness. Results showed that men from the low socioeconomic context rated larger breasts as more attractive than did men from the medium socioeconomic context, who in turn perceived larger breasts as attractive than men from a high socioeconomic context. Study 2 compared the breast size judgements of 66 hungry versus 58 satiated men within the same environmental context in Britain. Results showed that hungry men rated larger breasts as significantly more attractive than satiated men. Taken together, these studies provide evidence that resource security impacts upon men’s attractiveness ratings based on women’s breast size.

Coordination between mid-term maintenance outage decisions and short-term security-constrained scheduling in smart distribution systems

Distribution systems are the first volunteers experiencing the benefits of smart grids. The smart grid concept impacts the internal legislation and standards in grid-connected and isolated distribution systems. Demand side management, the main feature of smart grids, acquires clear meaning in low voltage distribution systems. In these networks, various coordination procedures are required between domestic, commercial and industrial consumers, producers and the system operator. Obviously, the technical basis for bidirectional communication is the prerequisite of developing such a coordination procedure. The main coordination is required when the operator tries to dispatch the producers according to their own preferences without neglecting its inherent responsibility. Maintenance decisions are first determined by generating companies, and then the operator has to check and probably modify them for final approval. In this paper the generation scheduling from the viewpoint of a distribution system operator (DSO) is formulated. The traditional task of the DSO is securing network reliability and quality. The effectiveness of the proposed method is assessed by applying it to a 6-bus and 9-bus distribution system.

Contexts-management strategy in considering the security in urban computing based on urban design

Urban Computing (UrC) provides users with the situation-proper information by considering context of users, devices, and social and physical environment in urban life. With social network services, UrC makes it possible for people with common interests to organize a virtual-society through exchange of context information among them. In these cases, people and personal devices are vulnerable to fake and misleading context information which is transferred from unauthorized and unauthenticated servers by attackers. So called smart devices which run automatically on some context events are more vulnerable if they are not prepared for attacks. In this paper, we illustrate some UrC service scenarios, and show important context information, possible threats, protection method, and secure context management for people.

An Enhanced WLAN Security System With FPGA Implementation for Multimedia Applications

Maintaining a high level of data security with a low impact on system performance is more challenging in wireless multimedia applications. Protocols that are used for wireless local area network (WLAN) security are known to significantly degrade performance. In this paper, we propose an enhanced security system for a WLAN. Our new design aims to decrease the processing delay and increase both the speed and throughput of the system, thereby making it more efficient for multimedia applications. Our design is based on the idea of offloading computationally intensive encryption and authentication services to the end systems’ CPUs. The security operations are performed by the hosts’ central processor (which is usually a powerful processor) before delivering the data to a wireless card (which usually has a low-performance processor). By adopting this design, we show that both the delay and the jitter are significantly reduced. At the access point, we improve the performance of network processing hardware for real-time cryptographic processing by using a specialized processor implemented with field-programmable gate array technology. Furthermore, we use enhanced techniques to implement the Counter (CTR) Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) and the CTR protocol. Our experiments show that it requires timing in the range of 20–40 μs to perform data encryption and authentication on different end-host CPUs (e.g., Intel Core i5, i7, and AMD 6-Core) as compared with 10–50 ms when performed using the wireless card. Furthermore, when compared with the standard WiFi protected access II (WPA2), results show that our proposed security system improved the speed to up to 3.7 times.

Maritime Security in the Gulf of Guinea: Issues and Solutions for the 21st Century

A producer of 5.4 M bbl/d, totalling almost half of the consumption of the entire European Union, the Gulf of Guinea is a fundamental lifeline and maritime link between Europe, the Americas and Africa. Geographically positioned as a staging post for transit originating in Latin America and coupled with its relatively porous borders, the region is also the perfect stepping stone for contraband heading to European shores. While blessed with an enviable wealth of marine and mineral resources, the region is also plagued by an ever-increasing spectre of maritime piracy; accounting for around 30% of incidents in African waters from 2003 to 2011. It is for these reasons that this research centres around the issues of maritime security in the Gulf of Guinea, with a particular focus on the first two decades of the 21st century. This research looks to examine the overall picture of the present state of play in the area, before going on to provide an analysis of potential regional developments in maritime security. This research begins with the analysis of concepts/phenomena that have played a notable role in the shaping of the field of maritime security, namely Globalisation and security issues in the post-Cold War era. The ensuing chapter then focuses in on the Gulf of Guinea and the issues dominating the field of maritime security in the region. The penultimate chapter presents a SWOT analysis, undertaken as part of this research with the aim of correlating opinions from a variety of sectors/professions regarding maritime security in the Gulf of Guinea. The final chapter builds upon the results obtained from the abovementioned SWOT analysis, presenting a series of potential proposals/strategies that can contribute to the field of maritime security in the region over the coming years. This research draws to a close with the presentation of conclusions taken from this particular investigation, as well as a final overview of the earlier presented proposals applicable to the field of maritime security during the second decade of the 21st century.

A cyber security architecture for military networks using a cognitive network approach

Cyber security is one of the main topics that are discussed around the world today. The threat is real, and it is unlikely to diminish. People, business, governments, and even armed forces are networked in a way or another. Thus, the cyber threat is also facing military networking. On the other hand, the concept of Network Centric Warfare sets high requirements for military tactical data communications and security. A challenging networking environment and cyber threats force us to consider new approaches to build security on the military communication systems. The purpose of this thesis is to develop a cyber security architecture for military networks, and to evaluate the designed architecture. The architecture is described as a technical functionality. As a new approach, the thesis introduces Cognitive Networks (CN) which are a theoretical concept to build more intelligent, dynamic and even secure communication networks. The cognitive networks are capable of observe the networking environment, make decisions for optimal performance and adapt its system parameter according to the decisions. As a result, the thesis presents a five-layer cyber security architecture that consists of security elements controlled by a cognitive process. The proposed architecture includes the infrastructure, services and application layers that are managed and controlled by the cognitive and management layers. The architecture defines the tasks of the security elements at a functional level without introducing any new protocols or algorithms. For evaluating two separated method were used. The first method is based on the SABSA framework that uses a layered approach to analyze overall security of an organization. The second method was a scenario based method in which a risk severity level is calculated. The evaluation results show that the proposed architecture fulfills the security requirements at least at a high level. However, the evaluation of the proposed architecture proved to be very challenging. Thus, the evaluation results must be considered very critically. The thesis proves the cognitive networks are a promising approach, and they provide lots of benefits when designing a cyber security architecture for the tactical military networks. However, many implementation problems exist, and several details must be considered and studied during the future work.

New threats - old routines : bureaucratic adaptability in the security policy environment

Within the framework of state security policy, the focus of this dissertation are the relations between how new security threats are perceived and the policy planning and bureaucratic implementation that are designed to address them. In addition, this thesis explores and studies some of the inertias that might exist in the core of the state apparatus as it addresses new threats and how these could be better managed. The dissertation is built on five thematic and interrelated articles highlighting different aspects of when new significant national security threats are detected by different governments until the threats on the policy planning side translate into protective measures within the society. The timeline differs widely between different countries and some key aspects of this process are also studied. One focus concerns mechanisms for adaptability within the Intelligence Community, another on the policy planning process within the Cabinet Offices/National Security Councils and the third focus is on the planning process and how policy is implemented within the bureaucracy. The issue of policy transfer is also analysed, revealing that there is some imitation of innovation within governmental structures and policies, for example within the field of cyber defence. The main findings of the dissertation are that this context has built-in inertias and bureaucratic seams found in most government bureaucratic machineries. As much of the information and planning measures imply security classification of the transparency and internal debate on these issues, alternative assessments become limited. To remedy this situation, the thesis recommends ways to improve the decision-making system in order to streamline the processes involved in making these decisions. Another special focus of the thesis concerns the role of the public policy think tanks in the United States as an instrument of change in the country’s national security decision-making environment, which is viewed from the perspective as being a possible source of new ideas and innovation. The findings in this part are based on unique interviews data on how think tanks become successful and influence the policy debate in a country such as the United States. It appears clearly that in countries such as the United States think tanks smooth the decision making processes, and that this model with some adaptations also might be transferrable to other democratic countries.

Economic security & reconstruction: utility, history and practice in post-conflict environments

Please consult the paper edition of this thesis to read. It is available on the 5th Floor of the Library at Call Number: Z 9999 P65 D53 2007

Printed blank of Statement of Security Form naming the bond as Jones County Texas Bonds for the purpose of building a courthouse

Printed blank of Statement of Security Form naming the bond as Jones County Texas Bonds for the purpose of building a courthouse. It is made out to S.D. Woodruff and dated June 12, 1885. An envelope addressed to Mr. S.D. Woodruff is also included. The postmarks are Kansas, 1885 and St. Catharines, June 13, 1885.

Data Security in Fault Tolerant Hard Real Time Systems- Use of Time Dependant Multiple Random Cipher Code

The present research problem is to study the existing encryption methods and to develop a new technique which is performance wise superior to other existing techniques and at the same time can be very well incorporated in the communication channels of Fault Tolerant Hard Real time systems along with existing Error Checking / Error Correcting codes, so that the intention of eaves dropping can be defeated. There are many encryption methods available now. Each method has got it's own merits and demerits. Similarly, many crypt analysis techniques which adversaries use are also available.

Studies,Design and Development of Network Security Enhancement Services Using Novel Cryptographic Algorithms

Internet today has become a vital part of day to day life, owing to the revolutionary changes it has brought about in various fields. Dependence on the Internet as an information highway and knowledge bank is exponentially increasing so that a going back is beyond imagination. Transfer of critical information is also being carried out through the Internet. This widespread use of the Internet coupled with the tremendous growth in e-commerce and m-commerce has created a vital need for infonnation security.Internet has also become an active field of crackers and intruders. The whole development in this area can become null and void if fool-proof security of the data is not ensured without a chance of being adulterated. It is, hence a challenge before the professional community to develop systems to ensure security of the data sent through the Internet.Stream ciphers, hash functions and message authentication codes play vital roles in providing security services like confidentiality, integrity and authentication of the data sent through the Internet. There are several ·such popular and dependable techniques, which have been in use widely, for quite a long time. This long term exposure makes them vulnerable to successful or near successful attempts for attacks. Hence it is the need of the hour to develop new algorithms with better security.Hence studies were conducted on various types of algorithms being used in this area. Focus was given to identify the properties imparting security at this stage. By making use of a perception derived from these studies, new algorithms were designed. Performances of these algorithms were then studied followed by necessary modifications to yield an improved system consisting of a new stream cipher algorithm MAJE4, a new hash code JERIM- 320 and a new message authentication code MACJER-320. Detailed analysis and comparison with the existing popular schemes were also carried out to establish the security levels.The Secure Socket Layer (SSL) I Transport Layer Security (TLS) protocol is one of the most widely used security protocols in Internet. The cryptographic algorithms RC4 and HMAC have been in use for achieving security services like confidentiality and authentication in the SSL I TLS. But recent attacks on RC4 and HMAC have raised questions about the reliability of these algorithms. Hence MAJE4 and MACJER-320 have been proposed as substitutes for them. Detailed studies on the performance of these new algorithms were carried out; it has been observed that they are dependable alternatives.

Social Security of Labour in the New Indian Economy

Globalisation has many facets and its impact on labour is one of the most significant aspects.Though its influence is worldwide,it is much more significant in a transforming economy like India.The right of workers to social security is seen recognised under the Constitution of India and other welfare legislations.But,after adoption of the new economic policy of liberalisation and privatisation by the Government of India,the labour is exposed to new set of challenges.They are posed mainly due to economic restructuring affected in employment relationship,coupled with the increase in unprotected informal labour force.This study is an attempt to analyse the new challenges stemming up in employment relation,efficacy of the existing measures for social security of labour in the present economic condition and the suggestions for securing workers'right to social security in the trade regime.

Implications of Government Sponsored Social Security and Welfare Schemes on Socioeconomic Status of Small Scale Marine Fisherfolk in Kerala

A socio-economic research is required as an attempt to address the socio-economic issues facing small-scale fisheries. A study of the socio economic conditions of small-scale fishermen is a prerequisite for good design and successful implementation of effective assistance Programmes. It will provide an overall pidure of the structure, activities and standards of living of small-scale fisherfolk The study is confined to the coastal districts of Ernakulam, Thrissur and Malappuram districts. It also gives a picture of socio-economic conditions of the fisher folk in the study area. The variables that may depict the standard of living of the small-scale fisherfolk are occupational structure, family size, age structure, income, expenditure, education, housing and other social amenities. It attempts to see the asset creation of the fisherfolk with the help of government agencies, and the nature of savings and expenditure pattern of the fisherfolk. It also provides a picture of the indebtedness of the fisherfolk in the study area. The study analyses the schemes implemented by the government through its agencies, like Fisheries Department, Matsyaboard, and Matsyafed; and the awareness of fisherfolk regarding these schemes, their attitude and reactions, the extent of accessibility, and the viability of the schemes.