期刊文献+
共找到19篇文章
< 1 >
每页显示 20 50 100
Enhancing Cybersecurity Competency in the Kingdom of Saudi Arabia:A Fuzzy Decision-Making Approach
1
作者 Wajdi Alhakami 《Computers, Materials & Continua》 SCIE EI 2024年第5期3211-3237,共27页
The Kingdom of Saudi Arabia(KSA)has achieved significant milestones in cybersecurity.KSA has maintained solid regulatorymechanisms to prevent,trace,and punish offenders to protect the interests of both individual user... The Kingdom of Saudi Arabia(KSA)has achieved significant milestones in cybersecurity.KSA has maintained solid regulatorymechanisms to prevent,trace,and punish offenders to protect the interests of both individual users and organizations from the online threats of data poaching and pilferage.The widespread usage of Information Technology(IT)and IT Enable Services(ITES)reinforces securitymeasures.The constantly evolving cyber threats are a topic that is generating a lot of discussion.In this league,the present article enlists a broad perspective on how cybercrime is developing in KSA at present and also takes a look at some of the most significant attacks that have taken place in the region.The existing legislative framework and measures in the KSA are geared toward deterring criminal activity online.Different competency models have been devised to address the necessary cybercrime competencies in this context.The research specialists in this domain can benefit more by developing a master competency level for achieving optimum security.To address this research query,the present assessment uses the Fuzzy Decision-Making Trial and Evaluation Laboratory(Fuzzy-DMTAEL),Fuzzy Analytic Hierarchy Process(F.AHP),and Fuzzy TOPSIS methodology to achieve segment-wise competency development in cyber security policy.The similarities and differences between the three methods are also discussed.This cybersecurity analysis determined that the National Cyber Security Centre got the highest priority.The study concludes by perusing the challenges that still need to be examined and resolved in effectuating more credible and efficacious online security mechanisms to offer amoreempowered ITES-driven economy for SaudiArabia.Moreover,cybersecurity specialists and policymakers need to collate their efforts to protect the country’s digital assets in the era of overt and covert cyber warfare. 展开更多
关键词 Cyber security fuzzy DMTAEL security policy cyber crime MCDM
下载PDF
Federated Network Intelligence Orchestration for Scalable and Automated FL-Based Anomaly Detection in B5G Networks
2
作者 Pablo Fernández Saura José M.Bernabé Murcia +3 位作者 Emilio García de la Calera Molina Alejandro Molina Zarca Jorge Bernal Bernabé Antonio F.Skarmeta Gómez 《Computers, Materials & Continua》 SCIE EI 2024年第7期163-193,共31页
The management of network intelligence in Beyond 5G(B5G)networks encompasses the complex challenges of scalability,dynamicity,interoperability,privacy,and security.These are essential steps towards achieving the reali... The management of network intelligence in Beyond 5G(B5G)networks encompasses the complex challenges of scalability,dynamicity,interoperability,privacy,and security.These are essential steps towards achieving the realization of truly ubiquitous Artificial Intelligence(AI)-based analytics,empowering seamless integration across the entire Continuum(Edge,Fog,Core,Cloud).This paper introduces a Federated Network Intelligence Orchestration approach aimed at scalable and automated Federated Learning(FL)-based anomaly detection in B5Gnetworks.By leveraging a horizontal Federated learning approach based on the FedAvg aggregation algorithm,which employs a deep autoencoder model trained on non-anomalous traffic samples to recognize normal behavior,the systemorchestrates network intelligence to detect and prevent cyber-attacks.Integrated into a B5G Zero-touch Service Management(ZSM)aligned Security Framework,the proposal utilizes multi-domain and multi-tenant orchestration to automate and scale the deployment of FL-agents and AI-based anomaly detectors,enhancing reaction capabilities against cyber-attacks.The proposed FL architecture can be dynamically deployed across the B5G Continuum,utilizing a hierarchy of Network Intelligence orchestrators for real-time anomaly and security threat handling.Implementation includes FL enforcement operations for interoperability and extensibility,enabling dynamic deployment,configuration,and reconfiguration on demand.Performance validation of the proposed solution was conducted through dynamic orchestration,FL,and real-time anomaly detection processes using a practical test environment.Analysis of key performance metrics,leveraging the 5G-NIDD dataset,demonstrates the system’s capability for automatic and near real-time handling of anomalies and attacks,including real-time network monitoring and countermeasure implementation for mitigation. 展开更多
关键词 Federated learning 6G ORCHESTRATION anomaly detection security policy
下载PDF
Semantics-Based Compliance An a lys is o f N e two rk S e cu rity Policy Hie ra rch ie s 被引量:1
3
作者 Yao Shan Xia Chunhe +2 位作者 Hu Junshun Jiao Jian Li Xiaojian 《China Communications》 SCIE CSCD 2012年第7期22-35,共14页
Network security policy and the automated refinement of its hierarchies aims to simplify the administration of security services in complex network environments. The semantic gap between the policy hierarchies reflect... Network security policy and the automated refinement of its hierarchies aims to simplify the administration of security services in complex network environments. The semantic gap between the policy hierarchies reflects the validity of the policy hierarchies yielded by the automated policy refinement process. However, little attention has been paid to the evaluation of the compliance between the derived lower level policy and the higher level policy. We present an ontology based on Ontology Web Language (OWL) to describe the semantics of security policy and their implementation. We also propose a method of estimating the semantic similarity between a given 展开更多
关键词 policy refinement network security policy semantic similarity ontology
下载PDF
Security Policy: Consistency, Adjustments and Restraining Factors
4
作者 Yang Jiemian Research Professor and Deputy Director, Shanghai Institute of International Studies. 《Contemporary International Relations》 2004年第11期33-38,共6页
关键词 Security policy Adjustments and Restraining Factors CONSISTENCY
下载PDF
The Transformation of German Security Policy in the Context of the Russia–Ukraine Crisis
5
作者 Li Chao 《Contemporary International Relations》 2022年第5期98-121,共24页
Germany has recently taken multiple actions to adjust its security policy: for instance, promoting re-militarization, increasing foreign military intervention and overseas operations, and adopting measures to comprehe... Germany has recently taken multiple actions to adjust its security policy: for instance, promoting re-militarization, increasing foreign military intervention and overseas operations, and adopting measures to comprehensively safeguard security in the domains of energy, supply chain, and ideology. Externally, such moves result directly from the threat of a hot war emanating from the Russia–Ukraine crisis. Germany is severely deficient in hard power and the rules and order on which it previously relied are proving increasingly ineffective. The nation is also witnessing a sharply rising sense of insecurity as its inter-system competition with nonWestern countries intensifies. Internally, the present policy shift represents a continuation of German foreign policy transformations initiated during the Merkel era. This change is strongly driven by the new ruling coalition, especially the Green Party, and is staunchly supported by the public. In the future, Germany will probably further normalize its military, intensify its confrontations with non-Western countries, and diversify its means of comprehensively safeguarding security. However, security-related policy transformation processes will be time-consuming and Germany’s investments will not immediately pay off. Traditionally, Germany tends toward the pragmatic and balanced implementation of policies. Thus, it is less likely to pursue military hegemony than to increasingly assume security responsibilities within the Western alliance. 展开更多
关键词 GERMANY security policy Russia–Ukraine crisis
下载PDF
The Future and Influence of the European Common Foreign and Security Policy
6
作者 Tang HaijunWangZheng 《International Understanding》 2003年第4期20-21,共2页
关键词 SECURITY The Future and Influence of the European Common Foreign and Security policy of
下载PDF
Evolving National Security: A Roadmap from Present to Future in Renewable and Nonrenewable Energy Policies (A Technical Review) 被引量:1
7
作者 Bahman Zohuri 《Journal of Energy and Power Engineering》 2023年第3期102-108,共7页
This comprehensive exploration delves into the intricate dynamics of national security policies in the realm of renewable and nonrenewable energy sources.From the present landscape characterized by the diversification... This comprehensive exploration delves into the intricate dynamics of national security policies in the realm of renewable and nonrenewable energy sources.From the present landscape characterized by the diversification of energy portfolios to the long-term vision encompassing nuclear fusion,this article navigates through the nuanced interplay of technology,resilience,and environmental responsibility.The synthesis of established nuclear fission technologies and evolving renewable sources forms the cornerstone of a strategic approach,addressing challenges and opportunities to ensure a secure,sustainable energy future. 展开更多
关键词 National security policy renewable energy nonrenewable energy nuclear fission nuclear fusion energy resilience sustainability technological innovation environmental responsibility global collaboration.
下载PDF
SMINER:Detecting Unrestricted and Misimplemented Behaviors of Software Systems Based on Unit Test Cases
8
作者 Kyungmin Sim Jeong Hyun Yi Haehyun Cho 《Computers, Materials & Continua》 SCIE EI 2023年第5期3257-3274,共18页
Despite the advances in automated vulnerability detection approaches,security vulnerabilities caused by design flaws in software systems are continuously appearing in real-world systems.Such security design flaws can ... Despite the advances in automated vulnerability detection approaches,security vulnerabilities caused by design flaws in software systems are continuously appearing in real-world systems.Such security design flaws can bring unrestricted and misimplemented behaviors of a system and can lead to fatal vulnerabilities such as remote code execution or sensitive data leakage.Therefore,it is an essential task to discover unrestricted and misimplemented behaviors of a system.However,it is a daunting task for security experts to discover such vulnerabilities in advance because it is timeconsuming and error-prone to analyze the whole code in detail.Also,most of the existing vulnerability detection approaches still focus on detecting memory corruption bugs because these bugs are the dominant root cause of software vulnerabilities.This paper proposes SMINER,a novel approach that discovers vulnerabilities caused by unrestricted and misimplemented behaviors.SMINER first collects unit test cases for the target system from the official repository.Next,preprocess the collected code fragments.SMINER uses pre-processed data to show the security policies that can occur on the target system and creates a test case for security policy testing.To demonstrate the effectiveness of SMINER,this paper evaluates SMINER against Robot Operating System(ROS),a real-world system used for intelligent robots in Amazon and controlling satellites in National Aeronautics and Space Administration(NASA).From the evaluation,we discovered two real-world vulnerabilities in ROS. 展开更多
关键词 Security vulnerability test case generation security policy test robot operating system vulnerability assessment
下载PDF
On Development of Platform for Organization Security Threat Analytics and Management (POSTAM) Using Rule-Based Approach 被引量:2
9
作者 Joseph E. Mbowe Simon S. Msanjila +1 位作者 George S. Oreku Khamisi Kalegele 《Journal of Software Engineering and Applications》 2016年第12期601-623,共23页
The integration of organisation’s information security policy into threat modeling enhances effectiveness of security strategies for information security management. These security policies are the ones which define ... The integration of organisation’s information security policy into threat modeling enhances effectiveness of security strategies for information security management. These security policies are the ones which define the sets of security issues, controls and organisation’s commitment for seamless integration with knowledge based platforms in order to protect critical assets and data. Such platforms are needed to evaluate and share violations which can create security loop-hole. The lack of rules-based approaches for discovering potential threats at organisation’s context, poses a challenge for many organisations in safeguarding their critical assets. To address the challenge, this paper introduces a Platform for Organisation Security Threat Analytic and Management (POSTAM) using rule-based approach. The platform enhances strategies for combating information security threats and thus improves organisations’ commitment in protecting their critical assets. R scripting language for data visualization and java-based scripts were used to develop a prototype to run on web protocol. MySQL database management system was used as back-end for data storage during threat analytic processes. 展开更多
关键词 Security Threats Analytic Threat Visualization Security Management Automated Security Policies
下载PDF
Security Policies for Web Service Invocation of Automotive Industry Chain Collaboration Platform
10
作者 韩敏 《Journal of Southwest Jiaotong University(English Edition)》 2007年第3期192-196,共5页
To meet the actual requirements of an automotive industry chain collaboration platform (AICCP), this paper offers several simple but effective security policies based upon the traditional security mechanism of data ... To meet the actual requirements of an automotive industry chain collaboration platform (AICCP), this paper offers several simple but effective security policies based upon the traditional security mechanism of data transfer, including user ID verification with SOAP (simple object access protocol), header, SOAP message encryption with SOAP extension and XML (extensible markup language) file encryption and decryption. Application of these policies to the AICCP for more than one year proves the effectiveness of the data exchange practice between the AICCP and enterprise Intranet. 展开更多
关键词 Security policies Automotive industry chain collaboration platform (AICCP) Web service XML SOAP header SOAP extension
下载PDF
NATO and EU Strategies for the Black Sea Region: The Challenge of Power Balance in New Security Environment
11
作者 Siyana Lutzkanova 《Journal of Shipping and Ocean Engineering》 2017年第5期210-215,共6页
The article gives an overview on the dynamic political processes in the Black Sea region after some major geostrategic changes posing instability concerns in the region. The aim is to summarise the policy tendencies o... The article gives an overview on the dynamic political processes in the Black Sea region after some major geostrategic changes posing instability concerns in the region. The aim is to summarise the policy tendencies of the international organisations (NATO and EU) towards Russia and to present some analytical thoughts on current Euro-Atlantic strategies. Proposed is a different way of thinking based on the "congagement" approach. 展开更多
关键词 Black sea region security balance of power NATO and EU security policies in the Black Sea.
下载PDF
The Missile Defense System and Its Effects on Security Policies of the EU, the US and Turkey
12
作者 Sezgin Mercan Ozdemir Akbal 《International Relations and Diplomacy》 2014年第8期504-517,共14页
The concept of smart power requires to combine soft and hard power. Thus, smart power is a new approach for the US politics towards the Middle East. As a consequence of smart power politics of the US, some newly membe... The concept of smart power requires to combine soft and hard power. Thus, smart power is a new approach for the US politics towards the Middle East. As a consequence of smart power politics of the US, some newly members of the EU and Turkey has become a part of missile defense system. This is a significant indicator of usage of smart power for the EU members and Turkey. The security policies and practices of the US disclose a necessity for straight allies. For this reason, the relationship between the US, the EU and Turkey may be conceptualize with reference to the concept of smart power. In the case of Missile Defense System, Turkey has agreed to be a participant of this system after signing an agreement with the US. After that, Turkish government has confronted with some interior and exterior political difficulties. One of the most important difficulties is the interior resistance of missile defense system's Kiirecik Radar Station and its usage in Turkey. Another important point is the question of control of Turkish National Security and Defense strategy. In that respect, the US government's smart power applications may be included in the establishment of the radar station. The EU has also been included in that strategy. This paper will argue smart power practices of the US, the EU and Turkey with reference to comparative practices of power politics and the case of Missile Defense System. In this way, a comprehensive and system-type assessment of possible responses and the change in relations between stakeholder states not only in the issue of a set-up of a Turkish radar station, but on a broader range of international "hard" security balance will be demonstrated. 展开更多
关键词 smart power security policy missile defense system Ktirecik Radar Station
下载PDF
Fuzzy VIKOR Approach to Evaluate the Information Security Policies and Analyze the Content of Press Agencies in Gulf Countries
13
作者 Amir Mohamed Talib 《Journal of Information Security》 2020年第4期189-200,共12页
A news agency is an organization that gathers news reports and sells them to subscribing news organization, such as newspapers, magazines, radio and television broadcasters. A news agency may also be referred to as a ... A news agency is an organization that gathers news reports and sells them to subscribing news organization, such as newspapers, magazines, radio and television broadcasters. A news agency may also be referred to as a wire service, newswire, or news service. The main purpose of this paper is to evaluate the security policies and analyze the content of five press agencies in gulf countries which are (Kuwait News Agency (KUNA), Emirates News Agency (WAM), Saudi Press Agency (SPA), Bahrain News Agency (BNA), and Oman News Agency (OMA)) by using a fuzzy VIKOR approach where linguistic variables are applied to solve the uncertainties and subjectivities in expert decision making. Fuzzy VIKOR approach is one of the best Multi-Criteria Decision Making (MCDM) techniques working in fuzzy environment. This study benefits security and content analysis experts know which press agency has the mandate and the competence to educate the public on news agencies. Besides, this paper contributes to Gulf agencies in helping them in their resolve to ensure the quality of content information and information security policies over the internet. 展开更多
关键词 Content Analysis Fuzzy VIKOR Approach Gulf Countries Information Security policy Press Agencies Multi-Criteria Decision Making (MCDM) Online Information Quality
下载PDF
Suggestions on China's Petroleum Security Strategy and Policies
14
《China Oil & Gas》 CAS 2001年第1期23-27,共5页
关键词 SECURITY Suggestions on China’s Petroleum Security Strategy and Policies
下载PDF
An optimal coupling incentive mechanism concerning insider’s compliance behavior towards marine information security policy
15
作者 Xiaolong Wang Changlin Wang +1 位作者 Zaiguan Sun Chunhui Wang 《Journal of Ocean Engineering and Science》 SCIE 2023年第5期573-575,共3页
It is widely agreed that the insider’s noncompliance to the marine information security policies has brought about a major security problem in the organizational context.Previous research has stressed the potential o... It is widely agreed that the insider’s noncompliance to the marine information security policies has brought about a major security problem in the organizational context.Previous research has stressed the potential of remunerative control,i.e.,reward,to better understand this problem.Few studies have been devoted to the exploration of the coupling incentive mechanism of tangible and intangible rewards that would induce insider’s compliance behavior towards the marine information security policy.In the present study,we address this research gap by proposing a theoretical model that explains the optimal coupling incentive mechanism of these two different types of remunerative control.Our findings have delivered insightful implications for practice and research on how to improve the marine information security policy compliance in a more subtle way. 展开更多
关键词 Marine information Information security policy Compliance behavior Incentive mechanism
原文传递
Simulation of the role of emphasis on scheduling in the optimal incentive scheme for marine engineering employee’s routine job and information security compliance
16
作者 Xiaolong Wang 《Journal of Ocean Engineering and Science》 SCIE 2024年第1期1-8,共8页
In the organizational context of marine engineering,employee individual often prefers to concentrate herself to the day-to-day routine job,but to shirk the responsibilities of the Information Security Policies(ISPs)co... In the organizational context of marine engineering,employee individual often prefers to concentrate herself to the day-to-day routine job,but to shirk the responsibilities of the Information Security Policies(ISPs)compliance,after she has been delegated by the employer to perform the two different tasks in the same time period.This would lead to negative influences on the security of marine information systems and the employee’s routine job performance.In view of the task structures of employee’s routine job and marine ISPs compliance,the variables of emphasis on scheduling are incorporated into a multi-task principal-agent model to explore the optimal incentive scheme to motivate and control the employees to select appropriate effort levels for conducting the two highly structured tasks.The role of emphasis on scheduling on the incentive intensities for the two tasks have been clarified through modeling and simulation,and the corresponding incentive tactics are suggested.The new two-task incentive scheme is expected to provide useful insight for understanding and controlling marine engineering employee’s routine job and ISPs compliance behavior. 展开更多
关键词 Marine engineering Incentive scheme Information security policy compliance Task structure SCHEDULING SIMULATION
原文传递
Understanding the deterrence effect of punishment for marine information security policies non-compliance
17
作者 Xiaolong Wang Changlin Wang +1 位作者 Tianyu Yi Wenli Li 《Journal of Ocean Engineering and Science》 SCIE 2024年第1期9-12,共4页
In the organizational setting of marine engineering,a significant number of information security incidents have been arised from the employees’failure to comply with the information security policies(ISPs).This may b... In the organizational setting of marine engineering,a significant number of information security incidents have been arised from the employees’failure to comply with the information security policies(ISPs).This may be treated as a principal-agent problem with moral hazard between the employer and the employee for the practical compliance effort of an employee is not observable without high cost-.On the other hand,according to the deterrence theory,the employer and the employee are inherently self-interested beings.It is worth examining to what extent the employee is self-interested in the marine ISPs compliance context.Moreover,it is important to clarify the proper degree of severity of punishment in terms of the deterrent effect.In this study,a marine ISPs compliance game model has been proposed to evaluate the deterrence effect of punishment on the non-compliance behavior of employee individuals.It is found that in a non-punishment contract,the employee will decline to comply with the marine ISPs;but in a punishment contract,appropriate punishment will lead her to select the marine ISPs compliance effort level expected by the employer,and cause no potential backfire effect. 展开更多
关键词 Deterrence mechanism Marine engineering Information security policies Non-compliance behavior Principal-agent model with moral hazard Punishment
原文传递
Semantic Description and Verification of Security Policy Based on Ontology 被引量:1
18
作者 TANG Chenghua WANG Lina +2 位作者 TANG Shensheng QIANG Baohua TIAN Jilong 《Wuhan University Journal of Natural Sciences》 CAS 2014年第5期385-392,共8页
To solve the shortage problem of the semantic descrip- tion scope and verification capability existed in the security policy, a semantic description method for the security policy based on ontology is presented. By de... To solve the shortage problem of the semantic descrip- tion scope and verification capability existed in the security policy, a semantic description method for the security policy based on ontology is presented. By defining the basic elements of the security policy, the relationship model between the ontology and the concept of security policy based on the Web ontology language (OWL) is established, so as to construct the semantic description framework of the security policy. Through modeling and reasoning in the Protege, the ontology model of authorization policy is proposed, and the first-order predicate description logic is introduced to the analysis and verification of the model. Results show that the ontology-based semantic description of security policy has better flexibility and practicality. 展开更多
关键词 security policy ONTOLOGY semantic description ofpolicy the first-order predicate description logic
原文传递
CSchema: A Downgrading Policy Language for XML Access Control
19
作者 刘东喜 《Journal of Computer Science & Technology》 SCIE EI CSCD 2007年第1期44-53,共10页
The problem of regulating access to XML documents has attracted much attention from both academic and industry communities. In existing approaches, the XML elements specified by access policies axe either accessible o... The problem of regulating access to XML documents has attracted much attention from both academic and industry communities. In existing approaches, the XML elements specified by access policies axe either accessible or inaccessible according to their sensitivity. However, in some cases, the original XML elements are sensitive and inaccessible, but after being processed in some appropriate ways, the results become insensitive and thus accessible. This paper proposes a policy language to accommodate such cases, which can express the downgrading operations on sensitive data in XML documents through explicit calculations on them. The proposed policy language is called calculation-embedded schema (CSchema), which extends the ordinary schema languages with protection type for protecting sensitive data and specifying downgrading operations. CSchema language has a type system to guarantee the type correctness of the embedded calculation expressions and moreover this type system also generates a security view after type checking a CSchema policy. Access policies specified by CSchema are enforced by a validation procedure, which produces the released documents containing only the accessible data by validating the protected documents against CSchema policies. These released documents are then ready to be accessed by, for instance, XML query engines. By incorporating this validation procedure, other XML processing technologies can use CSchema as the access control module. 展开更多
关键词 access control programming language security policy type system XML
原文传递
上一页 1 下一页 到第
使用帮助 返回顶部