Security service

About: Security service is a research topic. Over the lifetime, 17310 publications have been published within this topic receiving 309251 citations.

Public IT service strategy for social information security in the intelligence all-things environment

Abstract: In the area of public information service, information leakage through an insider is occurring frequently in recent. Considering the difficulty in tracking security breach incidents upon using cutting-edge technology instead of technology-centered security measure, establishing fundamental solution strategy is essential since the era of intelligence all-things environment is approaching which is referred to as future information & communications convergence environment. However, existing studies on the prevention of personal information leakage & misuse through insider have been centered on technical approach but security studies on managerial factor, especially, on identifying the possibility of information leakage in connection to work process have been very lacking. This study proposed ways to improve public information service for the social information security of individuals such as personal or policy information that are dealt with in public information service. It examined vulnerabilities in managerial, technical and operating environment areas for the purpose of preventing personal information leakage and misuse by selecting 8 representative public information services. For the purpose of solving such vulnerabilities, public information service strategy was deduced for preventing personal information leakage and misuse by referring to both domestic and international studies and cases on personal information protection.

Security models for lightweight grid architectures

Abstract: Security management is important for the effective functioning of a grid system. Here we present a security management model developed for the lightweight multilevel grid system. We decided to implement a role based security model, where a number of roles are defined for the grid. Different roles have different access restrictions. They are assigned to users and this is how users receive rights in the grid. Every cluster in the grid has security service, which handle user's identification and access control. The role based access control allows us to incorporate some simple access decision logic in the information service, which makes controlling user rights easier. Further in this paper we compare our security architecture with that of the lightweight middleware H2O and MOCCA in order to identify the important requirements, common concepts and technical solutions which may be reused.

Another Look at Secure Big Data Processing: Formal Framework and a Potential Approach

Abstract: Big data comprises high-volume, high-velocity, and high-variety information assets that demand cost effective and innovative forms of information processing for enhanced insight and decision making. The rise of cloud computing makes providing flexible computation, communication, and storage capacity possible. Due to the outsourcing and sharing feature of cloud computing, security becomes one of the main concerns. Both the data and program are potential targets for security compromise. These concerns hinder the end users to migrate to the cloud for big data processing. A lot of techniques have been developed to alleviate the security concerns for big data processing in the cloud environment. However, these approaches usually only focus on data protection or rely on certain security anchor in the cloud environment. We propose a formal framework and security definition of big data processing which takes both data and program protection into consideration. The framework/security definition captures the key features of the scenario and avoids sinking into unnecessary details. We develop a solution under this framework which combines operation steganography and FHE scheme to satisfy the security definition.

Is there a need for new information security models

Abstract: A considerable number of formal information security models have been developed during the last two decades. We present and discuss some of the most widespread ones that have been successfully applied to the traditional, centralised Information Systems of the past. We show the special security needs of modern information systems that are based on the concepts of Open Distributed Processing, the Object-oriented paradigm and multimedia technology. We argue that these Information Systems need new or enhanced information security models in order to address the information security issue effectively and present some efforts towards this goal

Platform for protecting small and medium enterprises from cyber security threats

Abstract: A device for protecting a network environment from cyber security threats includes a processing unit and a non-transitory memory having processor-executable instructions stored thereon. The processing unit is configured to execute the processor-executable instructions to: (a) perform one or more auditing stages for examining and analyzing network devices by retrieving information, via a network adapter, from each of the network devices, so as to enable automatically monitoring, scanning and learning the network environment and its security configurations; (b) generate a cyber-security check report that reflects the results of the one or more auditing stages; and (c) give recommendations according to the report in order to increase a security level of the network.