A Study on the Challenges of Human-Centric Cyber-Security and the Guarantee of Information Quality

Information security and quality management are often considered two different fields. However, organizations must be mindful of how software security may affect quality control. This paper examines and promotes methods through which secure software development processes can be integrated into the Systems Software Development Life-cycle (SDLC) to improve system quality. Cyber-security and quality assurance are both involved in reducing risk. Software security teams work to reduce security risks, whereas quality assurance teams work to decrease risks to quality. There is a need for clear standards, frameworks, processes, and procedures to be followed by organizations to ensure high-level quality while reducing security risks. This research uses a survey of industry professionals to help identify best practices for developing software with fewer defects from the early stages of the SDLC to improve both the quality and security of software. Results show that there is a need for better security awareness among all members of software development teams.

Information Security in the Cloud: Emerging Trends and Challenges

This article explores the evolution of cloud computing, its advantages over traditional on-premises infrastructure, and its impact on information security. The study presents a comprehensive literature review covering various cloud infrastructure offerings and security models. Additionally, it deeply analyzes real-life case studies illustrating successful cloud migrations and highlights common information security threats in current cloud computing. The article concludes by offering recommendations to businesses to protect themselves from cloud data breaches and providing insights into selecting a suitable cloud services provider from an information security perspective.

Research on College Network Information Security Protection in the Digital Economy Era

In the era of the digital economy,the informatization degree of various industries is getting deeper and deeper,and network information security has also come into people’s eyes.Colleges and universities are in the position of training applied talents,because of the needs of teaching and education,as well as the requirements of teaching reform,the information construction of colleges and universities has been gradually improved,but the problem of network information security is also worth causing people to ponder.The low security of the network environment will cause college network information security leaks,and even hackers will attack the official website of the university and leak the personal information of teachers and students.To solve such problems,this paper studies the protection of college network information security against the background of the digital economy era.This paper first analyzes the significance of network information security protection,then points out the current and moral problems,and finally puts forward specific countermeasures,hoping to create a safe learning environment for teachers and students for reference.

A dynamic algorithm for trust inference based on double DQN in the internet of things

The development of the Internet of Things(IoT)has brought great convenience to people.However,some information security problems such as privacy leakage are caused by communicating with risky users.It is a challenge to choose reliable users with which to interact in the IoT.Therefore,trust plays a crucial role in the IoT because trust may avoid some risks.Agents usually choose reliable users with high trust to maximize their own interests based on reinforcement learning.However,trust propagation is time-consuming,and trust changes with the interaction process in social networks.To track the dynamic changes in trust values,a dynamic trust inference algorithm named Dynamic Double DQN Trust(Dy-DDQNTrust)is proposed to predict the indirect trust values of two users without direct contact with each other.The proposed algorithm simulates the interactions among users by double DQN.Firstly,CurrentNet and TargetNet networks are used to select users for interaction.The users with high trust are chosen to interact in future iterations.Secondly,the trust value is updated dynamically until a reliable trust path is found according to the result of the interaction.Finally,the trust value between indirect users is inferred by aggregating the opinions from multiple users through a Modified Collaborative Filtering Averagebased Similarity(SMCFAvg)aggregation strategy.Experiments are carried out on the FilmTrust and the Epinions datasets.Compared with TidalTrust,MoleTrust,DDQNTrust,DyTrust and Dynamic Weighted Heuristic trust path Search algorithm(DWHS),our dynamic trust inference algorithm has higher prediction accuracy and better scalability.

Influence of Quantum Information Technology on International Security

Humanity is currently undergoing the fourth industrial revolution,characterized by advancements in artificial intelligence,clean energy,quantum information technology,virtual reality,and biotechnology.This technological revolution is poised to have a profound impact on the world.Quantum information technology encompasses both quantum computing and the transmission of quantum information.This article aims to integrate quantum information technology with international security concerns,exploring its implications for international security and envisioning its groundbreaking significance.

Exploring the Characteristics of Data Breaches: A Descriptive Analytic Study

Data breaches have massive consequences for companies, affecting them financially and undermining their reputation, which poses significant challenges to online security and the long-term viability of businesses. This study analyzes trends in data breaches in the United States, examining the frequency, causes, and magnitude of breaches across various industries. We document that data breaches are increasing, with hacking emerging as the leading cause. Our descriptive analyses explore factors influencing breaches, including security vulnerabilities, human error, and malicious attacks. The findings provide policymakers and businesses with actionable insights to bolster data security through proactive audits, patching, encryption, and response planning. By better understanding breach patterns and risk factors, organizations can take targeted steps to enhance protections and mitigate the potential damage of future incidents.

Design and Implementation of USB Key System Based on Dual-Factor Identity Authentication Protocol

With the increasing demand for information security,traditional single-factor authentication technology can no longer meet security requirements.To this end,this paper proposes a Universal Serial Bus(USB)Key hardware and software system based on a two-factor authentication protocol,aiming to improve the security and reliability of authentication.This paper first analyzes the current status and technical principles of USB Key-related research domestically and internationally and designs a two-factor authentication protocol that combines impact/response authentication and static password authentication.The system consists of a host computer and a USB Key device.The host computer interacts with the USB Key through a graphical user interface.The Secure Hash Algorithm 1(SHA-1)and MySQL database are used to implement the authentication function.Experimental results show that the designed two-factor authentication protocol can effectively prevent replay attacks and information tampering,and improve the security of authentication.If the corresponding USB Key is not inserted,the system will prompt that the device is not found.Once the USB Key is inserted,user identity is confirmed through two-factor verification,which includes impact/response authentication and static password authentication.

Evolution and impacts of the United States’Arctic strategy and China’s responses

On 7 October,2022,the Biden administration released an updated version of the National Strategy for the Arctic Region based on new developments in the Arctic region and global affairs.This strategy emphasizes traditional security issues in the Arctic,attaches great importance to climate governance in the region,and advocates for restoring American leadership through international cooperation.In view of the strong influence of the United States(U.S.)in the Arctic region,the changes of the U.S.Arctic strategy will inevitably have an impact on China’s scientific researchrights,economic interests,and governance rights in the Arctic region.To respond to the new situation brought about by the changes in the U.S.Arctic strategy,China should take the initiative to maintain positive relationships with all Arctic countries,and continue its active participation in Arctic affairs.

Strengthening the Security of Supervised Networks by Automating Hardening Mechanisms

In recent years, the place occupied by the various manifestations of cyber-crime in companies has been considerable. Indeed, due to the rapid evolution of telecommunications technologies, companies, regardless of their size or sector of activity, are now the target of advanced persistent threats. The Work 2035 study also revealed that cyber crimes (such as critical infrastructure hacks) and massive data breaches are major sources of concern. Thus, it is important for organizations to guarantee a minimum level of security to avoid potential attacks that can cause paralysis of systems, loss of sensitive data, exposure to blackmail, damage to reputation or even a commercial harm. To do this, among other means, hardening is used, the main objective of which is to reduce the attack surface within a company. The execution of the hardening configurations as well as the verification of these are carried out on the servers and network equipment with the aim of reducing the number of openings present by keeping only those which are necessary for proper operation. However, nowadays, in many companies, these tasks are done manually. As a result, the execution and verification of hardening configurations are very often subject to potential errors but also highly consuming human and financial resources. The problem is that it is essential for operators to maintain an optimal level of security while minimizing costs, hence the interest in automating hardening processes and verifying the hardening of servers and network equipment. It is in this logic that we propose within the framework of this work the reinforcement of the security of the information systems (IS) by the automation of the mechanisms of hardening. In our work, we have, on the one hand, set up a hardening procedure in accordance with international security standards for servers, routers and switches and, on the other hand, designed and produced a functional application which makes it possible to: 1) Realise the configuration of the hardening;2) Verify them;3) Correct the non conformities;4) Write and send by mail a verification report for the configurations;5) And finally update the procedures of hardening. Our web application thus created allows in less than fifteen (15) minutes actions that previously took at least five (5) hours of time. This allows supervised network operators to save time and money, but also to improve their security standards in line with international standards.

Research on Residents’Willingness to Protect Privacy in the Context of the Personal Information Protection Law:A Survey Based on Foshan Residents’Data

The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremely important role in promoting the development of the digital economy,the legalization of socialism with Chinese characteristics and social public security,and marks a new historical development stage in the protection of personal information in China.However,the awareness of privacy protection and privacy protection behavior of the public in personal information privacy protection is weak.Based on the literature review and in-depth understanding of current legal regulations,this study integrates the relevant literature and theoretical knowledge of the Personal Protection Law to construct a conceptual model of“privacy information protection willingness-privacy information protection behavior”.Taking the residents of Foshan City as an example,this paper conducts a questionnaire survey on their attitudes toward the Personal Protection Law,analyzes the factors influencing their willingness to protect their privacy and their behaviors,and explores the mechanisms of their influencing variables,to provide advice and suggestions for promoting the protection of privacy information and building a security barrier for the high-quality development of public information security.

Quantum information entropies of the eigenstates for the Pschl-Teller-like potential

Shannon entropy for lower position and momentum eigenstates of Ptschl-Teller-like potential is evaluated. Based on the entropy densities demonstrated graphically, we note that the wave through of the position information entropy density p （x） moves right when the potential parameter V1 increases and its amplitude decreases. However, its wave through moves left with the increase in the potential parameter 丨V2丨. Concerning the momentum information entropy density p（p）, we observe that its amplitude increases with increasing potential parameter V1, but its amplitude decreases with increasing丨V2丨. The Bialynicki-Birula-Mycielski （BBM） inequality has also been tested for a number of states. Moreover, there exist eigenstates that exhibit squeezing in the momentum information entropy. Finally, we note that position information entropy increases with V1, but decreases with 丨V2丨, However, the variation of momentum information entropy is contrary to that of the position information entropy.

Challenges and Solutions of Information Security Issues in the Age of Big Data

Big data has been taken as a Chinese national strategy in order to satisfy the developments of the social and economic requirements and the development of new information technology. The prosperity of big data brings not only convenience to people's daily life and more opportunities to enterprises, but more challenges with information security as well. This paper has a research on new types and features of information security issues in the age of big data, and puts forward the solutions for the above issues: build up the big data security management platform, set up the establishment of information security system and implement relevant laws and regulations.

Security of the Decoy State Two-Way Quantum Key Distribution with Finite Resources

The quantum key distribution （QKD） allows two parties to share a secret key by typically making use of a one-way quantum channel. Howevery the two-way QKD has its own unique advantages, which means the two-way QKD has become a focus recently. To improve the practieM performance of the two-way QKD, we present a security analysis of a two-way QKD protocol based on the decoy method with heralded single-photon sources （HSPSs）. We make use of two approaches to calculate the yield and the quantum bit error rate of single-photon and two-photon pulses. Then we present the secret key generation rate based on the GLLP formula. The numerical simulation shows that the protocol with HSPSs has an advantage in the secure distance compared with weak coherent state sources. In addition, we present the final secret key by considering the statistical fluctuation of the yield generation rate of the LM05 protocol with finite resources and the error rate.

Information Security and the Theory of Unfaithful Information

In this article, the theory of information security is written as a context of national security. Article is devoted to an actual problem of legal support of information security in the Republic of Kazakhstan. The author analyzes modern problems and threats of information security in the conditions of globalization and considers aspects of information security. This article focuses on issues of spreading harmful information, which negatively affects the psyche, behavior, health, society and destabilizes the government administration. The article makes the case for improving the legislation of the Republic of Kazakhstan in strengthening informational security of individuals, society, the state, and measures to prevent the destructive impact of harmful information.

Applications of state estimation in multi-sensor information fusion for the monitoring of open pit mine slope deformation

The traditional open pit mine slope deformation monitoring system can not use the monitoring information coming from many monitoring points at the same time, can only using the monitoring data coming from a key monitoring point,and that is to say it can only handle one-dimensional time series.Given this shortage in the monitoring, the multi-sensor information fusion in the state estimation techniques would be intro- duced to the slope deformation monitoring system,and by the dynamic characteristics of deformation slope,the open pit slope would be regarded as a dynamic goal,the condi- tion monitoring of which would be regarded as a dynamic target tracking.Distributed In- formation fusion technology with feedback was used to process the monitoring data and on this basis Klman filtering algorithms was introduced,and the simulation examples was used to prove its effectivenes.

Information Availability: An Insight into the Most Important Attribute of Information Security

This paper presents an in-depth understanding of Availability, which is one of the important pillars of Information Security and yet is not taken too seriously while talking about the security of an information system. The paper highlights the importance of Availability w.r.t. Security of information and the other attributes of security and also gives a realistic shape to the existing CIA triad security model. An in-depth understanding of the various factors that can impact the Availability of an information system (Software, Hardware and Network) is given. The paper also gives a categorization of the type of Availability that a system can have. The paper also explains the relation between Availability and other security attributes and also explains through what issues an information system may go while providing Availability.

Teaching Reform of Mathematics Foundations of Information Security with Algorithm as the Core

In view of the problems existing in the teaching of Mathematics Foundations of Information Security,such as emphasizing theory but neglecting practice,combined with the concept of engineering education certification and emerging engineering education teaching reform,this paper combs the knowledge points and learning context of Mathematics Foundations of Information Security,puts forward a new teaching mode of Mathematics Foundations of Information Security with algorithm as the core,and gives the teaching content,organization form and assessment method.Thus,it improves the students’learning interest and practical ability,and improves the achievement of graduation requirements.

The Necessity of Information Security in the Vulnerable Pharmaceutical Industry

The pharmaceutical industry produces billions of dollars in sales each year. The industry is evolving and relying on using technology more and more to conduct day-to-day business. The pharmaceutical industry generates enormous amounts of sensitive and private information such as medical records, employee information, financial data and research data. This makes the pharmaceutical industry vulnerable to cybercrime. The pharmaceutical industry has a big responsibility to stakeholders, patients, employees and customers all over the world to ensure this information is secure. It is imperative for organizations to budget adequate amounts of money and resources to have effective Information Security Management. Information Security Management is critical in the pharmaceutical industry and the alternative of not having it would be devastating to a pharmaceutical company. Cyber criminals can tarnish company reputations and the effects can take years to overcome. The main contributions of this paper will be to describe the concerns about the security of information in the pharmaceutical industry, provide examples of organizations that are victims of cybercrime, describe regulations in place to help reduce information security breaches and illustrate why information security is necessary in the pharmaceutical industry.

Capacity of a Class of Dirty-Tape Gaussian Orthogonal Relay Channel with State Information at the Source and Relay

A Gaussian channel with additive interference that is causally known to the transmitter is called a Dirty-Tape Channel(DTC).In this paper,we consider a state-dependent dirty-tape Gaussian relay channel with orthogonal channels from the source to the relay and from the source and relay to the destination.The orthogonal channels are corrupted by two independent additive interferences causally known to both the source and relay.The lower and upper bounds of the channel capacity are established.The lower bound is obtained by employing superposition coding at the source,Partial Decode-and-Forward(PDF)relaying at the relay,and a strategy similar to that used by Shannon at the source and relay.The explicit capacity is characterised when the power of the relay is sufficiently large.Finally,several numerical examples are provided to illustrate the impact of additive interferences and the role of the relay in information transmission and in removing the interference.

Research on the Ideological and Political Construction of Mathematics Foundations of Information Security

Mathematics foundations of information security is a core course in the subject of information security.In view of the current national ideological and political conference in universities,finding a way to integrate this course with ideological and political education attracts a lot of attention from the education community.This paper makes an assay of the significance of the combination of mathematics foundations of information security course and ideological and political education,and introduces the teaching practice of mathematics foundations of information security course combined with ideological and political education.Through the combination of ideological and political education and curriculum content,cultivating all-round development of talents who study information security.