This article explores the evolution of cloud computing, its advantages over traditional on-premises infrastructure, and its impact on information security. The study presents a comprehensive literature review covering...This article explores the evolution of cloud computing, its advantages over traditional on-premises infrastructure, and its impact on information security. The study presents a comprehensive literature review covering various cloud infrastructure offerings and security models. Additionally, it deeply analyzes real-life case studies illustrating successful cloud migrations and highlights common information security threats in current cloud computing. The article concludes by offering recommendations to businesses to protect themselves from cloud data breaches and providing insights into selecting a suitable cloud services provider from an information security perspective.展开更多
This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends t...This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].展开更多
In the era of the digital economy,the informatization degree of various industries is getting deeper and deeper,and network information security has also come into people’s eyes.Colleges and universities are in the p...In the era of the digital economy,the informatization degree of various industries is getting deeper and deeper,and network information security has also come into people’s eyes.Colleges and universities are in the position of training applied talents,because of the needs of teaching and education,as well as the requirements of teaching reform,the information construction of colleges and universities has been gradually improved,but the problem of network information security is also worth causing people to ponder.The low security of the network environment will cause college network information security leaks,and even hackers will attack the official website of the university and leak the personal information of teachers and students.To solve such problems,this paper studies the protection of college network information security against the background of the digital economy era.This paper first analyzes the significance of network information security protection,then points out the current and moral problems,and finally puts forward specific countermeasures,hoping to create a safe learning environment for teachers and students for reference.展开更多
In this paper,we aim to design a practical low complexity low-density parity-check(LDPC)coded scheme to build a secure open channel and protect information from eavesdropping.To this end,we first propose a punctured L...In this paper,we aim to design a practical low complexity low-density parity-check(LDPC)coded scheme to build a secure open channel and protect information from eavesdropping.To this end,we first propose a punctured LDPC coded scheme,where the information bits in a codeword are punctured and only the parity check bits are transmitted to the receiver.We further propose a notion of check node type distribution and derive multi-edge type extrinsic information transfer functions to estimate the security performance,instead of the well-known weak metric bit error rate.We optimize the check node type distribution in terms of the signal-to-noise ratio(SNR)gap and modify the progressive edge growth algorithm to design finite-length codes.Numerical results show that our proposed scheme can achieve a lower computational complexity and a smaller security gap,compared to the existing scrambling and puncturing schemes.展开更多
Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation inform...Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation information and group evaluation information of experts.Thus,this paper introduces the probabilistic linguistic term sets(PLTSs)to model the evaluation information of experts.Meanwhile,we propose a probabilistic linguistic multi-criteria decision-making(PL-MCDM)method to solve the information security assessment problem of ICSs.Firstly,we propose a novel subscript equivalence distance measure of PLTSs to improve the existing methods.Secondly,we use the Best Worst Method(BWM)method and Criteria Importance Through Inter-criteria Correlation(CRITIC)method to obtain the subjective weights and objective weights,which are used to derive the combined weights.Thirdly,we use the subscript equivalence distance measure method and the combined weight method to improve the probabilistic linguistic Visekriterijumska Optimizacija I Kompromisno Resenje(PL-VIKOR)method.Finally,we apply the proposed method to solve the information security assessment problem of ICSs.When comparing with the existing methods such as the probabilistic linguistic Tomada deDecisão Iterativa Multicritério(PL-TODIM)method and probabilistic linguistic Technique for Order Preference by Similarity to Ideal Solution(PL-TOPSIS)method,the case example shows that the proposed method can provide more reasonable ranking results.By evaluating and ranking the information security level of different ICSs,managers can identify problems in time and guide their work better.展开更多
In the process of continuous maturity and development of medical imaging diagnosis,it is common to transmit images through public networks.How to ensure the security of transmission,cultivate talents who combine medic...In the process of continuous maturity and development of medical imaging diagnosis,it is common to transmit images through public networks.How to ensure the security of transmission,cultivate talents who combine medical imaging and information security,and explore and cultivate new discipline growth points are difficult problems and challenges for schools and educators.In order to cope with industrial changes,a new round of scientific and technological revolution,and the challenges of the further development of artificial intelligence in medicine,this article will analyze the existing problems in the training of postgraduates in medical imaging information security by combining the actual conditions and characteristics of universities,and put forward countermeasures and suggestions to promote the progress of technology in universities.展开更多
In the contemporary era,the abundant availability of health information through internet and mobile technology raises concerns.Safeguarding and maintaining the confidentiality of patients’medical data becomes paramou...In the contemporary era,the abundant availability of health information through internet and mobile technology raises concerns.Safeguarding and maintaining the confidentiality of patients’medical data becomes paramount when sharing such information with authorized healthcare providers.Although electronic patient records and the internet have facilitated the exchange of medical information among healthcare providers,concerns persist regarding the security of the data.The security of Electronic Health Record Systems(EHRS)can be improved by employing the Cuckoo Search Algorithm(CS),the SHA-256 algorithm,and the Elliptic Curve Cryptography(ECC),as proposed in this study.The suggested approach involves usingCS to generate the ECCprivate key,thereby enhancing the security of data storage in EHR.The study evaluates the proposed design by comparing encoding and decoding times with alternative techniques like ECC-GA-SHA-256.The research findings indicate that the proposed design achieves faster encoding and decoding times,completing 125 and 175 iterations,respectively.Furthermore,the proposed design surpasses other encoding techniques by exhibiting encoding and decoding times that are more than 15.17%faster.These results imply that the proposed design can significantly enhance the security and performance of EHRs.Through the utilization of CS,SHA-256,and ECC,this study presents promising methods for addressing the security challenges associated with EHRs.展开更多
In recent years,China has witnessed continuous development and progress in its scientific and technological landscape,with widespread utilization of computer networks.Concurrently,issues related to computer network in...In recent years,China has witnessed continuous development and progress in its scientific and technological landscape,with widespread utilization of computer networks.Concurrently,issues related to computer network information security,such as information leakage and virus invasions,have become increasingly prominent.Consequently,there is a pressing need for the implementation of effective network security measures.This paper aims to provide a comprehensive summary and analysis of the challenges associated with computer network information security processing.It delves into the core concepts and characteristics of big data technology,exploring its potential as a solution.The study further scrutinizes the application strategy of big data technology in addressing the aforementioned security issues within computer networks.The insights presented in this paper are intended to serve as a valuable reference for individuals involved in the relevant fields,offering guidance on effective approaches to enhance computer network information security through the application of big data technology.展开更多
Mathematics foundations of information security is a core course in the subject of information security.In view of the current national ideological and political conference in universities,finding a way to integrate t...Mathematics foundations of information security is a core course in the subject of information security.In view of the current national ideological and political conference in universities,finding a way to integrate this course with ideological and political education attracts a lot of attention from the education community.This paper makes an assay of the significance of the combination of mathematics foundations of information security course and ideological and political education,and introduces the teaching practice of mathematics foundations of information security course combined with ideological and political education.Through the combination of ideological and political education and curriculum content,cultivating all-round development of talents who study information security.展开更多
The development of the Internet of Things(IoT)calls for a comprehensive in-formation security evaluation framework to quantitatively measure the safety score and risk(S&R)value of the network urgently.In this pape...The development of the Internet of Things(IoT)calls for a comprehensive in-formation security evaluation framework to quantitatively measure the safety score and risk(S&R)value of the network urgently.In this paper,we summarize the architecture and vulnerability in IoT and propose a comprehensive information security evaluation model based on multi-level decomposition feedback.The evaluation model provides an idea for information security evaluation of IoT and guides the security decision maker for dynamic protection.Firstly,we establish an overall evaluation indicator system that includes four primary indicators of threat information,asset,vulnerability,and management,respectively.It also includes eleven secondary indicators of system protection rate,attack detection rate,confidentiality,availability,controllability,identifiability,number of vulnerabilities,vulnerability hazard level,staff organization,enterprise grading and service continuity,respectively.Then,we build the core algorithm to enable the evaluation model,wherein a novel weighting technique is developed and a quantitative method is proposed to measure the S&R value.Moreover,in order to better supervise the performance of the proposed evaluation model,we present four novel indicators includes residual risk,continuous conformity of residual risk,head-to-tail consistency and decrease ratio,respectively.Simulation results show the advantages of the proposed model in the evaluation of information security for IoT.展开更多
In the field of information security,a gap exists in the study of coreference resolution of entities.A hybrid method is proposed to solve the problem of coreference resolution in information security.The work consists...In the field of information security,a gap exists in the study of coreference resolution of entities.A hybrid method is proposed to solve the problem of coreference resolution in information security.The work consists of two parts:the first extracts all candidates(including noun phrases,pronouns,entities,and nested phrases)from a given document and classifies them;the second is coreference resolution of the selected candidates.In the first part,a method combining rules with a deep learning model(Dictionary BiLSTM-Attention-CRF,or DBAC)is proposed to extract all candidates in the text and classify them.In the DBAC model,the domain dictionary matching mechanism is introduced,and new features of words and their contexts are obtained according to the domain dictionary.In this way,full use can be made of the entities and entity-type information contained in the domain dictionary,which can help solve the recognition problem of both rare and long entities.In the second part,candidates are divided into pronoun candidates and noun phrase candidates according to the part of speech,and the coreference resolution of pronoun candidates is solved by making rules and coreference resolution of noun phrase candidates by machine learning.Finally,a dataset is created with which to evaluate our methods using information security data.The experimental results show that the proposed model exhibits better performance than the other baseline models.展开更多
The goal of this manuscript is to present a research finding, based on a study conducted to identify, examine, and validate Social Media (SM) socio-technical information security factors, in line with usable-security ...The goal of this manuscript is to present a research finding, based on a study conducted to identify, examine, and validate Social Media (SM) socio-technical information security factors, in line with usable-security principles. The study followed literature search techniques, as well as theoretical and empirical methods of factor validation. The strategy used in literature search includes Boolean keywords search, and citation guides, using mainly web of science databases. As guided by study objectives, 9 SM socio-technical factors were identified, verified and validated. Both theoretical and empirical validation processes were followed. Thus, a theoretical validity test was conducted on 45 Likert scale items, involving 10 subject experts. From the score ratings of the experts, Content Validity Index (CVI) was calculated to determine the degree to which the identified factors exhibit appropriate items for the construct being measured, and 7 factors attained an adequate level of validity index. However, for reliability test, 32 respondents and 45 Likert scale items were used. Whereby, Cronbach’s alpha coefficient (α-values) were generated using SPSS. Subsequently, 8 factors attained an adequate level of reliability. Overall, the validated factors include;1) usability—visibility, learnability, and satisfaction;2) education and training—help and documentation;3) SM technology development—error handling, and revocability;4) information security —security, privacy, and expressiveness. In this case, the confirmed factors would add knowledge by providing a theoretical basis for rationalizing information security requirements on SM usage.展开更多
This paper presents an in-depth understanding of Availability, which is one of the important pillars of Information Security and yet is not taken too seriously while talking about the security of an information system...This paper presents an in-depth understanding of Availability, which is one of the important pillars of Information Security and yet is not taken too seriously while talking about the security of an information system. The paper highlights the importance of Availability w.r.t. Security of information and the other attributes of security and also gives a realistic shape to the existing CIA triad security model. An in-depth understanding of the various factors that can impact the Availability of an information system (Software, Hardware and Network) is given. The paper also gives a categorization of the type of Availability that a system can have. The paper also explains the relation between Availability and other security attributes and also explains through what issues an information system may go while providing Availability.展开更多
The increasing quantity of sensitive and personal data being gathered by data controllers has raised the security needs in the cloud environment.Cloud computing(CC)is used for storing as well as processing data.Theref...The increasing quantity of sensitive and personal data being gathered by data controllers has raised the security needs in the cloud environment.Cloud computing(CC)is used for storing as well as processing data.Therefore,security becomes important as the CC handles massive quantity of outsourced,and unprotected sensitive data for public access.This study introduces a novel chaotic chimp optimization with machine learning enabled information security(CCOML-IS)technique on cloud environment.The proposed CCOML-IS technique aims to accomplish maximum security in the CC environment by the identification of intrusions or anomalies in the network.The proposed CCOML-IS technique primarily normalizes the networking data by the use of data conversion and min-max normalization.Followed by,the CCOML-IS technique derives a feature selection technique using chaotic chimp optimization algorithm(CCOA).In addition,kernel ridge regression(KRR)classifier is used for the detection of security issues in the network.The design of CCOA technique assists in choosing optimal features and thereby boost the classification performance.A wide set of experimentations were carried out on benchmark datasets and the results are assessed under several measures.The comparison study reported the enhanced outcomes of the CCOML-IS technique over the recent approaches interms of several measures.展开更多
Information security is the backbone of current intelligent systems,such as the Internet of Things(IoT),smart grids,and Machine-to-Machine(M2M)communication.The increasing threat of information security requires new m...Information security is the backbone of current intelligent systems,such as the Internet of Things(IoT),smart grids,and Machine-to-Machine(M2M)communication.The increasing threat of information security requires new models to ensure the safe transmission of information through such systems.Recently,quantum systems have drawn much attention since they are expected to have a significant impact on the research in information security.This paper proposes a quantum teleportation scheme based on controlled multi-users to ensure the secure information transmission among users.Quantum teleportation is an original key element in a variety of quantum information tasks as well as quantum-based technologies,which plays a pivotal role in the current progress of quantum computing and communication.In the proposed scheme,the sender transmits the information to the receiver under the control of a third user or controller.Here,we show that the efficiency of the proposed scheme depends on the properties of the transmission channel and the honesty of the controller.Compared with various teleportation scheme presented recently in the literature,the most important difference in the proposed scheme is the possibility of suspicion about the honesty of the controller and,consequently,taking proper precautions.展开更多
The Intemet is a popular channel for allowing more and more users to exchange information without geographical limitations and time restrictions. Therefore, a large amount of digital data, such as digital images, text...The Intemet is a popular channel for allowing more and more users to exchange information without geographical limitations and time restrictions. Therefore, a large amount of digital data, such as digital images, text, audio, and video, is transmitted over the Intemet. Unfortunately, sensitive digital data can be intercepted by malicious users of the Internet, so the development of techniques for ensuring the secrecy and security of data during transmission has become a top priority.展开更多
With the growing of digitized data transforming on Internet,the issues of information security,data privacy,and forensic analysis have become more and more attracted.Researchers have provided solutions for problems in...With the growing of digitized data transforming on Internet,the issues of information security,data privacy,and forensic analysis have become more and more attracted.Researchers have provided solutions for problems in the field.The objective of this special issue is to present research and development activities in the various aspects.After a very careful review,展开更多
A news agency is an organization that gathers news reports and sells them to subscribing news organization, such as newspapers, magazines, radio and television broadcasters. A news agency may also be referred to as a ...A news agency is an organization that gathers news reports and sells them to subscribing news organization, such as newspapers, magazines, radio and television broadcasters. A news agency may also be referred to as a wire service, newswire, or news service. The main purpose of this paper is to evaluate the security policies and analyze the content of five press agencies in gulf countries which are (Kuwait News Agency (KUNA), Emirates News Agency (WAM), Saudi Press Agency (SPA), Bahrain News Agency (BNA), and Oman News Agency (OMA)) by using a fuzzy VIKOR approach where linguistic variables are applied to solve the uncertainties and subjectivities in expert decision making. Fuzzy VIKOR approach is one of the best Multi-Criteria Decision Making (MCDM) techniques working in fuzzy environment. This study benefits security and content analysis experts know which press agency has the mandate and the competence to educate the public on news agencies. Besides, this paper contributes to Gulf agencies in helping them in their resolve to ensure the quality of content information and information security policies over the internet.展开更多
COVID-19 has swept the whole our country and the world in the beginning of 2020.31 provinces and municipalities across the country have launched the first-level response to major public health emergencies since Januar...COVID-19 has swept the whole our country and the world in the beginning of 2020.31 provinces and municipalities across the country have launched the first-level response to major public health emergencies since January 24,and China has carried out intensive epidemic control.It is critical for effectively responding to COVID-19 to collect,collate and analyze people’s personal data.What’s more,obtaining identity information,travel records and health information of confirmed cases,suspected cases and close contacts has become a crucial step in epidemic investigation.All regions have made full use of big data to carry out personnel screening,travel records analysis and other related work in epidemic prevention and control,effectively improving the efficiency of epidemic prevention and control.However,data leakage,personnel privacy data exposure,and personal attack frequently occurred in the process of personnel travel records analysis and epidemic prevention and control.It even happened in the WeChat group to forward a person’s name,phone number,address,ID number and other sensitive information.It brought discrimination,telephone and SMS harassment to the parties,which caused great harm to individuals.Based on these,lack of information security and data security awareness and other issues were exposed.Therefore,while big data has been widely concerned and applied,attention should be paid to protecting personal privacy.It is urgent to pay more attention to data privacy and information security in order to effectively protect the legitimate rights of the people.Therefore,measures can be taken to achieve this goal,such as improving the relevant legal system,strengthening technical means to enhance the supervision and management of information security and data protection.展开更多
文摘This article explores the evolution of cloud computing, its advantages over traditional on-premises infrastructure, and its impact on information security. The study presents a comprehensive literature review covering various cloud infrastructure offerings and security models. Additionally, it deeply analyzes real-life case studies illustrating successful cloud migrations and highlights common information security threats in current cloud computing. The article concludes by offering recommendations to businesses to protect themselves from cloud data breaches and providing insights into selecting a suitable cloud services provider from an information security perspective.
文摘This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].
文摘In the era of the digital economy,the informatization degree of various industries is getting deeper and deeper,and network information security has also come into people’s eyes.Colleges and universities are in the position of training applied talents,because of the needs of teaching and education,as well as the requirements of teaching reform,the information construction of colleges and universities has been gradually improved,but the problem of network information security is also worth causing people to ponder.The low security of the network environment will cause college network information security leaks,and even hackers will attack the official website of the university and leak the personal information of teachers and students.To solve such problems,this paper studies the protection of college network information security against the background of the digital economy era.This paper first analyzes the significance of network information security protection,then points out the current and moral problems,and finally puts forward specific countermeasures,hoping to create a safe learning environment for teachers and students for reference.
文摘In this paper,we aim to design a practical low complexity low-density parity-check(LDPC)coded scheme to build a secure open channel and protect information from eavesdropping.To this end,we first propose a punctured LDPC coded scheme,where the information bits in a codeword are punctured and only the parity check bits are transmitted to the receiver.We further propose a notion of check node type distribution and derive multi-edge type extrinsic information transfer functions to estimate the security performance,instead of the well-known weak metric bit error rate.We optimize the check node type distribution in terms of the signal-to-noise ratio(SNR)gap and modify the progressive edge growth algorithm to design finite-length codes.Numerical results show that our proposed scheme can achieve a lower computational complexity and a smaller security gap,compared to the existing scrambling and puncturing schemes.
文摘Industrial control systems(ICSs)are widely used in various fields,and the information security problems of ICSs are increasingly serious.The existing evaluation methods fail to describe the uncertain evaluation information and group evaluation information of experts.Thus,this paper introduces the probabilistic linguistic term sets(PLTSs)to model the evaluation information of experts.Meanwhile,we propose a probabilistic linguistic multi-criteria decision-making(PL-MCDM)method to solve the information security assessment problem of ICSs.Firstly,we propose a novel subscript equivalence distance measure of PLTSs to improve the existing methods.Secondly,we use the Best Worst Method(BWM)method and Criteria Importance Through Inter-criteria Correlation(CRITIC)method to obtain the subjective weights and objective weights,which are used to derive the combined weights.Thirdly,we use the subscript equivalence distance measure method and the combined weight method to improve the probabilistic linguistic Visekriterijumska Optimizacija I Kompromisno Resenje(PL-VIKOR)method.Finally,we apply the proposed method to solve the information security assessment problem of ICSs.When comparing with the existing methods such as the probabilistic linguistic Tomada deDecisão Iterativa Multicritério(PL-TODIM)method and probabilistic linguistic Technique for Order Preference by Similarity to Ideal Solution(PL-TOPSIS)method,the case example shows that the proposed method can provide more reasonable ranking results.By evaluating and ranking the information security level of different ICSs,managers can identify problems in time and guide their work better.
文摘In the process of continuous maturity and development of medical imaging diagnosis,it is common to transmit images through public networks.How to ensure the security of transmission,cultivate talents who combine medical imaging and information security,and explore and cultivate new discipline growth points are difficult problems and challenges for schools and educators.In order to cope with industrial changes,a new round of scientific and technological revolution,and the challenges of the further development of artificial intelligence in medicine,this article will analyze the existing problems in the training of postgraduates in medical imaging information security by combining the actual conditions and characteristics of universities,and put forward countermeasures and suggestions to promote the progress of technology in universities.
文摘In the contemporary era,the abundant availability of health information through internet and mobile technology raises concerns.Safeguarding and maintaining the confidentiality of patients’medical data becomes paramount when sharing such information with authorized healthcare providers.Although electronic patient records and the internet have facilitated the exchange of medical information among healthcare providers,concerns persist regarding the security of the data.The security of Electronic Health Record Systems(EHRS)can be improved by employing the Cuckoo Search Algorithm(CS),the SHA-256 algorithm,and the Elliptic Curve Cryptography(ECC),as proposed in this study.The suggested approach involves usingCS to generate the ECCprivate key,thereby enhancing the security of data storage in EHR.The study evaluates the proposed design by comparing encoding and decoding times with alternative techniques like ECC-GA-SHA-256.The research findings indicate that the proposed design achieves faster encoding and decoding times,completing 125 and 175 iterations,respectively.Furthermore,the proposed design surpasses other encoding techniques by exhibiting encoding and decoding times that are more than 15.17%faster.These results imply that the proposed design can significantly enhance the security and performance of EHRs.Through the utilization of CS,SHA-256,and ECC,this study presents promising methods for addressing the security challenges associated with EHRs.
基金supported by the Hainan Provincial Key Laboratory of Philosophy and Social Sciences for Hainan Free Trade Port International Shipping Development and Property Rights Digitization,Hainan Vocational University of Science and Technology(Qiong Social Science[2022]No.26).
文摘In recent years,China has witnessed continuous development and progress in its scientific and technological landscape,with widespread utilization of computer networks.Concurrently,issues related to computer network information security,such as information leakage and virus invasions,have become increasingly prominent.Consequently,there is a pressing need for the implementation of effective network security measures.This paper aims to provide a comprehensive summary and analysis of the challenges associated with computer network information security processing.It delves into the core concepts and characteristics of big data technology,exploring its potential as a solution.The study further scrutinizes the application strategy of big data technology in addressing the aforementioned security issues within computer networks.The insights presented in this paper are intended to serve as a valuable reference for individuals involved in the relevant fields,offering guidance on effective approaches to enhance computer network information security through the application of big data technology.
文摘Mathematics foundations of information security is a core course in the subject of information security.In view of the current national ideological and political conference in universities,finding a way to integrate this course with ideological and political education attracts a lot of attention from the education community.This paper makes an assay of the significance of the combination of mathematics foundations of information security course and ideological and political education,and introduces the teaching practice of mathematics foundations of information security course combined with ideological and political education.Through the combination of ideological and political education and curriculum content,cultivating all-round development of talents who study information security.
基金This work was supported in part by National Key R&D Program of China under Grant 2019YFB2102400in part by the BUPT Excellent Ph.D.Students Foundation under Grant CX2019117.
文摘The development of the Internet of Things(IoT)calls for a comprehensive in-formation security evaluation framework to quantitatively measure the safety score and risk(S&R)value of the network urgently.In this paper,we summarize the architecture and vulnerability in IoT and propose a comprehensive information security evaluation model based on multi-level decomposition feedback.The evaluation model provides an idea for information security evaluation of IoT and guides the security decision maker for dynamic protection.Firstly,we establish an overall evaluation indicator system that includes four primary indicators of threat information,asset,vulnerability,and management,respectively.It also includes eleven secondary indicators of system protection rate,attack detection rate,confidentiality,availability,controllability,identifiability,number of vulnerabilities,vulnerability hazard level,staff organization,enterprise grading and service continuity,respectively.Then,we build the core algorithm to enable the evaluation model,wherein a novel weighting technique is developed and a quantitative method is proposed to measure the S&R value.Moreover,in order to better supervise the performance of the proposed evaluation model,we present four novel indicators includes residual risk,continuous conformity of residual risk,head-to-tail consistency and decrease ratio,respectively.Simulation results show the advantages of the proposed model in the evaluation of information security for IoT.
基金This work was supported by the National Natural Science Foundation of China(grant no.61602515).
文摘In the field of information security,a gap exists in the study of coreference resolution of entities.A hybrid method is proposed to solve the problem of coreference resolution in information security.The work consists of two parts:the first extracts all candidates(including noun phrases,pronouns,entities,and nested phrases)from a given document and classifies them;the second is coreference resolution of the selected candidates.In the first part,a method combining rules with a deep learning model(Dictionary BiLSTM-Attention-CRF,or DBAC)is proposed to extract all candidates in the text and classify them.In the DBAC model,the domain dictionary matching mechanism is introduced,and new features of words and their contexts are obtained according to the domain dictionary.In this way,full use can be made of the entities and entity-type information contained in the domain dictionary,which can help solve the recognition problem of both rare and long entities.In the second part,candidates are divided into pronoun candidates and noun phrase candidates according to the part of speech,and the coreference resolution of pronoun candidates is solved by making rules and coreference resolution of noun phrase candidates by machine learning.Finally,a dataset is created with which to evaluate our methods using information security data.The experimental results show that the proposed model exhibits better performance than the other baseline models.
文摘The goal of this manuscript is to present a research finding, based on a study conducted to identify, examine, and validate Social Media (SM) socio-technical information security factors, in line with usable-security principles. The study followed literature search techniques, as well as theoretical and empirical methods of factor validation. The strategy used in literature search includes Boolean keywords search, and citation guides, using mainly web of science databases. As guided by study objectives, 9 SM socio-technical factors were identified, verified and validated. Both theoretical and empirical validation processes were followed. Thus, a theoretical validity test was conducted on 45 Likert scale items, involving 10 subject experts. From the score ratings of the experts, Content Validity Index (CVI) was calculated to determine the degree to which the identified factors exhibit appropriate items for the construct being measured, and 7 factors attained an adequate level of validity index. However, for reliability test, 32 respondents and 45 Likert scale items were used. Whereby, Cronbach’s alpha coefficient (α-values) were generated using SPSS. Subsequently, 8 factors attained an adequate level of reliability. Overall, the validated factors include;1) usability—visibility, learnability, and satisfaction;2) education and training—help and documentation;3) SM technology development—error handling, and revocability;4) information security —security, privacy, and expressiveness. In this case, the confirmed factors would add knowledge by providing a theoretical basis for rationalizing information security requirements on SM usage.
文摘This paper presents an in-depth understanding of Availability, which is one of the important pillars of Information Security and yet is not taken too seriously while talking about the security of an information system. The paper highlights the importance of Availability w.r.t. Security of information and the other attributes of security and also gives a realistic shape to the existing CIA triad security model. An in-depth understanding of the various factors that can impact the Availability of an information system (Software, Hardware and Network) is given. The paper also gives a categorization of the type of Availability that a system can have. The paper also explains the relation between Availability and other security attributes and also explains through what issues an information system may go while providing Availability.
基金The authors extend their appreciation to the Deanship of Scientific Research at King Khalid University for funding this work under Grant Number(RGP 2/49/42)Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2022R237),Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘The increasing quantity of sensitive and personal data being gathered by data controllers has raised the security needs in the cloud environment.Cloud computing(CC)is used for storing as well as processing data.Therefore,security becomes important as the CC handles massive quantity of outsourced,and unprotected sensitive data for public access.This study introduces a novel chaotic chimp optimization with machine learning enabled information security(CCOML-IS)technique on cloud environment.The proposed CCOML-IS technique aims to accomplish maximum security in the CC environment by the identification of intrusions or anomalies in the network.The proposed CCOML-IS technique primarily normalizes the networking data by the use of data conversion and min-max normalization.Followed by,the CCOML-IS technique derives a feature selection technique using chaotic chimp optimization algorithm(CCOA).In addition,kernel ridge regression(KRR)classifier is used for the detection of security issues in the network.The design of CCOA technique assists in choosing optimal features and thereby boost the classification performance.A wide set of experimentations were carried out on benchmark datasets and the results are assessed under several measures.The comparison study reported the enhanced outcomes of the CCOML-IS technique over the recent approaches interms of several measures.
文摘Information security is the backbone of current intelligent systems,such as the Internet of Things(IoT),smart grids,and Machine-to-Machine(M2M)communication.The increasing threat of information security requires new models to ensure the safe transmission of information through such systems.Recently,quantum systems have drawn much attention since they are expected to have a significant impact on the research in information security.This paper proposes a quantum teleportation scheme based on controlled multi-users to ensure the secure information transmission among users.Quantum teleportation is an original key element in a variety of quantum information tasks as well as quantum-based technologies,which plays a pivotal role in the current progress of quantum computing and communication.In the proposed scheme,the sender transmits the information to the receiver under the control of a third user or controller.Here,we show that the efficiency of the proposed scheme depends on the properties of the transmission channel and the honesty of the controller.Compared with various teleportation scheme presented recently in the literature,the most important difference in the proposed scheme is the possibility of suspicion about the honesty of the controller and,consequently,taking proper precautions.
文摘The Intemet is a popular channel for allowing more and more users to exchange information without geographical limitations and time restrictions. Therefore, a large amount of digital data, such as digital images, text, audio, and video, is transmitted over the Intemet. Unfortunately, sensitive digital data can be intercepted by malicious users of the Internet, so the development of techniques for ensuring the secrecy and security of data during transmission has become a top priority.
文摘With the growing of digitized data transforming on Internet,the issues of information security,data privacy,and forensic analysis have become more and more attracted.Researchers have provided solutions for problems in the field.The objective of this special issue is to present research and development activities in the various aspects.After a very careful review,
文摘A news agency is an organization that gathers news reports and sells them to subscribing news organization, such as newspapers, magazines, radio and television broadcasters. A news agency may also be referred to as a wire service, newswire, or news service. The main purpose of this paper is to evaluate the security policies and analyze the content of five press agencies in gulf countries which are (Kuwait News Agency (KUNA), Emirates News Agency (WAM), Saudi Press Agency (SPA), Bahrain News Agency (BNA), and Oman News Agency (OMA)) by using a fuzzy VIKOR approach where linguistic variables are applied to solve the uncertainties and subjectivities in expert decision making. Fuzzy VIKOR approach is one of the best Multi-Criteria Decision Making (MCDM) techniques working in fuzzy environment. This study benefits security and content analysis experts know which press agency has the mandate and the competence to educate the public on news agencies. Besides, this paper contributes to Gulf agencies in helping them in their resolve to ensure the quality of content information and information security policies over the internet.
基金This paper is support by:In 2019,Liaoning Provincial Department of Education Project named“Study on the Path Selection of Rural Revitalization in Ethnic Autonomous Areas of Liaoning Province”The 3rd Azure Talent Project of Dalian Ocean University in 2018+1 种基金In 2019,Liaoning Province’s overseas training project“China-Canada Cooperation Research Plan on Marine Law and Policy”(2019GJWYB019)The Ministry of Education filed the 2017 National and Regional Research Center Project“Northeast Asia Research Center for Marine Law and Policy”(GQ17091).
文摘COVID-19 has swept the whole our country and the world in the beginning of 2020.31 provinces and municipalities across the country have launched the first-level response to major public health emergencies since January 24,and China has carried out intensive epidemic control.It is critical for effectively responding to COVID-19 to collect,collate and analyze people’s personal data.What’s more,obtaining identity information,travel records and health information of confirmed cases,suspected cases and close contacts has become a crucial step in epidemic investigation.All regions have made full use of big data to carry out personnel screening,travel records analysis and other related work in epidemic prevention and control,effectively improving the efficiency of epidemic prevention and control.However,data leakage,personnel privacy data exposure,and personal attack frequently occurred in the process of personnel travel records analysis and epidemic prevention and control.It even happened in the WeChat group to forward a person’s name,phone number,address,ID number and other sensitive information.It brought discrimination,telephone and SMS harassment to the parties,which caused great harm to individuals.Based on these,lack of information security and data security awareness and other issues were exposed.Therefore,while big data has been widely concerned and applied,attention should be paid to protecting personal privacy.It is urgent to pay more attention to data privacy and information security in order to effectively protect the legitimate rights of the people.Therefore,measures can be taken to achieve this goal,such as improving the relevant legal system,strengthening technical means to enhance the supervision and management of information security and data protection.