Human Aspects of Smart Technologies'Security:The Role of Human Failure

Security of smart technologies like smart grids and crowd energy systems cannot rely only on technical solutions, humans play a significant role in failure, security culture, information security, cyber security, trust and sharing, and perceptions and concern. This paper investigates security issues in smart technologies and the related role of human failure, whether it is intentional or unintentional.Methods that help reducing this failure are discussed. A human oriented framework for failure reduction is presented in order to enhance security.

The Transformation of German Security Policy in the Context of the Russia–Ukraine Crisis

Germany has recently taken multiple actions to adjust its security policy: for instance, promoting re-militarization, increasing foreign military intervention and overseas operations, and adopting measures to comprehensively safeguard security in the domains of energy, supply chain, and ideology. Externally, such moves result directly from the threat of a hot war emanating from the Russia–Ukraine crisis. Germany is severely deficient in hard power and the rules and order on which it previously relied are proving increasingly ineffective. The nation is also witnessing a sharply rising sense of insecurity as its inter-system competition with nonWestern countries intensifies. Internally, the present policy shift represents a continuation of German foreign policy transformations initiated during the Merkel era. This change is strongly driven by the new ruling coalition, especially the Green Party, and is staunchly supported by the public. In the future, Germany will probably further normalize its military, intensify its confrontations with non-Western countries, and diversify its means of comprehensively safeguarding security. However, security-related policy transformation processes will be time-consuming and Germany’s investments will not immediately pay off. Traditionally, Germany tends toward the pragmatic and balanced implementation of policies. Thus, it is less likely to pursue military hegemony than to increasingly assume security responsibilities within the Western alliance.

Ontology-Based Cyber Security Policy Implementation in Saudi Arabia

Cyber security is an important element of national security and the safekeeping of a nation’s constituency and assets. In Saudi Arabia, the point of interest on cyber security is particularly outstanding due to the fact that Saudi Arabia has a highly cyber attacks all over the Arab countries. This paper displays on contemporary studies done in Saudi Arabia in regards to cyber security policy coverage. The point of interest of this paper is the use of ontology to identify and suggest a formal, encoded description of the cyber security strategic environment, and propose the development of ontology to be able to permit the implementation of the sort of policy. The intention of the ontology is to become aware of and constitute the multi-layered company of gamers and their related roles and obligations within the cyber security environment. This could make contributions in large part to the improvement, implementation and rollout of a country wide cyber security policy in Saudi Arabia.

A Role-Based PMI Security Model for E-Government

We introduce the general AC( atlribure certificate), the role specificationAC and the rolt assignment AC We discuss the rolt-based PMI(Privilege Management Infrastructure)architecture. The role-based PMT(Public-Kty In-frastructure) secure model forE-govcrnment isresearehed by combining the role-bastd PMI with PKI architeclure (Public Key Infrastructure). Themodel has advantages of flexibility, convenience, less storage space and less network consumptionetc. We are going to ust iht secure modelin the E-govern-ment system.

A Conceptual Framework for Threat Assessment Based on Organization’s Information Security Policy

The security breaches of sensitive information have remained difficult to solve due to increased malware programs and unauthorized access to data stored in critical assets. As risk appetite differ from one organization to another, it prompts the threat analysis tools be integrated with organization’s information security policy so as to ensure security controls at local settings. However, it has been noted that the current tools for threat assessment processes have not encompassed information security policy for effective security management (i.e.?confidentiality, integrity and availability) based on organization’s risk appetite and culture. The information security policy serves as a tool to provide guidance on how to manage and secure all business operations including critical assets, infrastructure and people in the organization. This guidance (e.g. usage and controls) facilitates the provisions for threat assessment and compliance based on local context. The lack of effective threat assessment frameworks at local context have promoted the exposure of critical assets such as database servers, mails servers, web servers and user smart-devices at the hand of attackers and thus increase risks and probability to compromise the assets. In this paper we have proposed a conceptual framework for security threat assessment based on organization’s information security policy. Furthermore, the study proposed the policy automation canvas for provision of a methodology to alert the security managers what possible threats found in their organizations for quick security mitigation without depending on security expertise.

Security Policy Management Process within Six Sigma Framework

This paper presents a management process for creating adaptive, real-time security policies within the Six Sigma (6σ) framework. A key challenge for the creation of a management process is the integration with models of known Industrial processes. One of the most used industrial process models is Six Sigma which is a business management model wherein customer centric needs are put in perspective with business data to create an efficient system. The security policy creation and management process proposed in this paper is based on the Six Sigma model and presents a method to adapt security goals and risk management of a computing service. By formalizing a security policy management process within an industrial process model, the adaptability of this model to existing industrial tools is seamless and offers a clear risk based policy decision framework. In particular, this paper presents the necessary tools and procedures to map Six Sigma DMAIC (Define-Measure-Analyze-Improve-Control) methodology to security policy management.

Simulation of the role of emphasis on scheduling in the optimal incentive scheme for marine engineering employee’s routine job and information security compliance

In the organizational context of marine engineering,employee individual often prefers to concentrate herself to the day-to-day routine job,but to shirk the responsibilities of the Information Security Policies(ISPs)compliance,after she has been delegated by the employer to perform the two different tasks in the same time period.This would lead to negative influences on the security of marine information systems and the employee’s routine job performance.In view of the task structures of employee’s routine job and marine ISPs compliance,the variables of emphasis on scheduling are incorporated into a multi-task principal-agent model to explore the optimal incentive scheme to motivate and control the employees to select appropriate effort levels for conducting the two highly structured tasks.The role of emphasis on scheduling on the incentive intensities for the two tasks have been clarified through modeling and simulation,and the corresponding incentive tactics are suggested.The new two-task incentive scheme is expected to provide useful insight for understanding and controlling marine engineering employee’s routine job and ISPs compliance behavior.

Function and Role of China＇s Securities Market

The article discusses the determinant factor of the function of the securities market at first and then proposes that the basic factor is the inherent need of social economic operation and development process itself. In addition, the primary factor of mature securities market is perfect and integrated function of the securities market. Afterwards, the article analyses the static and dynamic function of the securities market. At last, it probes into the government role in the securities market briefly and proposes that China needs to carry out the essential change on government role, market function location, development goal and the mode of securities market if the function of China＇s securities market is to be exerted properly.

Analysis of Two Different Pacifist Concepts under the Second Abe Administration from a Role Theory Perspective

This article examines a concept‘pacifism’described by Japanese prime minister and Liberal Democratic Party's(LDP)president Abe Shinzo and the New Komei Party's(NKP)leader Yamaguchi Natsuo through a lens of role theory to understand what roles they think Japan should play.First,how the concept'pacifism'is used in statements(speeches,interviews,and remarks on the press)of Abe,Yamaguchi and other related materials,which are assumed to give a clue about their ideas of Japan's role in the world related to pacifism,is examined because this comparison enables to expose accord and discord between them.Second,national role conception or NRC(an actor’s subjective understanding of the country’s appropriate role in the world and the perception of domestic and foreign expectations)about Japan's role and the worldview of each party is discussed in connection with the issue of the revision of the Japanese Constitution which stipulates a general framework of Japan's foreign policy.The LDP aims to play more proactive roles by revising the constitution and Abe dismisses the current constitution as it makes only'one-country pacifism'possible.On the other hand,the NKP tries to maintain the constitution as it is to protect traditional non-military pacifism.

Japanese Prime Minister Abe Shinzo’s Multilateral Role Conception and US and China Policies

Promotion of multilateralism has been one of key Japanese roles.It is not limited to support to the United Nations but also related to the promotion of global and regional free trade in Asia-Pacific.This article shows the result of a research based on Japanese,United States,and Chinese political leaders’statements and behaviors related to economic multilateralism during the second Abe administration.The research uses role theory as a theoretical framework.This article proves that Prime Minister Abe has consistently endorsed multilateralism,deepening economic ties both Asia-Pacific and European countries by examining Japanese,US,and Chinese political leaders’speeches,interviews,and remarks on the media.His foreign policy does not indicate unilateralism or dismissal of international cooperation because he perceives multilateralism is essential for Japan’s prosperity and security.In addition,Abe does not break the ties with the US but it is difficult to say that Japan-China relations improved during his tenure.This is because China’s influence will grow and the importance of Japan will relatively decline in Asia-Pacific.

Enhancing Cybersecurity Competency in the Kingdom of Saudi Arabia:A Fuzzy Decision-Making Approach

The Kingdom of Saudi Arabia(KSA)has achieved significant milestones in cybersecurity.KSA has maintained solid regulatorymechanisms to prevent,trace,and punish offenders to protect the interests of both individual users and organizations from the online threats of data poaching and pilferage.The widespread usage of Information Technology(IT)and IT Enable Services(ITES)reinforces securitymeasures.The constantly evolving cyber threats are a topic that is generating a lot of discussion.In this league,the present article enlists a broad perspective on how cybercrime is developing in KSA at present and also takes a look at some of the most significant attacks that have taken place in the region.The existing legislative framework and measures in the KSA are geared toward deterring criminal activity online.Different competency models have been devised to address the necessary cybercrime competencies in this context.The research specialists in this domain can benefit more by developing a master competency level for achieving optimum security.To address this research query,the present assessment uses the Fuzzy Decision-Making Trial and Evaluation Laboratory(Fuzzy-DMTAEL),Fuzzy Analytic Hierarchy Process(F.AHP),and Fuzzy TOPSIS methodology to achieve segment-wise competency development in cyber security policy.The similarities and differences between the three methods are also discussed.This cybersecurity analysis determined that the National Cyber Security Centre got the highest priority.The study concludes by perusing the challenges that still need to be examined and resolved in effectuating more credible and efficacious online security mechanisms to offer amoreempowered ITES-driven economy for SaudiArabia.Moreover,cybersecurity specialists and policymakers need to collate their efforts to protect the country’s digital assets in the era of overt and covert cyber warfare.

Semantic Description and Verification of Security Policy Based on Ontology

To solve the shortage problem of the semantic descrip- tion scope and verification capability existed in the security policy, a semantic description method for the security policy based on ontology is presented. By defining the basic elements of the security policy, the relationship model between the ontology and the concept of security policy based on the Web ontology language （OWL） is established, so as to construct the semantic description framework of the security policy. Through modeling and reasoning in the Protege, the ontology model of authorization policy is proposed, and the first-order predicate description logic is introduced to the analysis and verification of the model. Results show that the ontology-based semantic description of security policy has better flexibility and practicality.

An optimal coupling incentive mechanism concerning insider’s compliance behavior towards marine information security policy

It is widely agreed that the insider’s noncompliance to the marine information security policies has brought about a major security problem in the organizational context.Previous research has stressed the potential of remunerative control,i.e.,reward,to better understand this problem.Few studies have been devoted to the exploration of the coupling incentive mechanism of tangible and intangible rewards that would induce insider’s compliance behavior towards the marine information security policy.In the present study,we address this research gap by proposing a theoretical model that explains the optimal coupling incentive mechanism of these two different types of remunerative control.Our findings have delivered insightful implications for practice and research on how to improve the marine information security policy compliance in a more subtle way.

Security Structure Transformation in the Asia-Pacific Region and the ASEAN Role

After the end of the cold war, the Asia-Pacific security structure has experienced great changes, especially on the occasion of the current "power-sharing" and "power-shifting" between China and the United States in the Asia-Pacific region, the Asia-Pacific security structure adjustment is especially significant. On the one hand, the Alliance structure with the United States as the pivot has experienced transformation from a hub-spokes system to a network, has formed the hierarchical layout of new alliance, quasi-alliance and potential alliance, On the other hand, emerging economies represented by China and Russia, while reinforcing the existing coordinate security framework, reshape the Asia-Pacific and even the whole Eurasia geopolitical posture through strategic initiatives such as the Belt and Road Initiative, the Eurasian Economic Union. As the third force in the Asia-Pacific security architecture, the Association of South-East Asian Nations(ASEAN) with the construction of a series of multilateral security mechanisms provides dialogue platform for the two security architectures led by major countries, and has also become one of the feasible paths to realize the future holistic security architecture in the Asia-Pacific region. Meanwhile, the major countries strategic competitions have intensified, which has gradually eroded the ASEAN ‘s cohesion, neutrality and even the central position in a holistic security architecture. The future's reconstruction of the Asia-Pacific security architecture needs to find new strategic consensus and reconfirm the ASEAN central position.

Cyber Resilience through Real-Time Threat Analysis in Information Security

This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].

An Analysis on the Inconsistency of the Security Supervision Policy in the Method of Game Theory

This article expounds and proves the basic model of the inconsistency of the security supervision policy and makes an analysis in the method of game theory on the inconsistency of the security transaction-tax-rate policy, concludes that the security supervision department is inclined to increase or decrease the security transaction tax rate, thus points out ways for supervision department to surmount this difficulty.

Investigation of Climate and Land Use Policy Change Impacts on Food Security in Eastern Sudan, Gadarif State

The aims of this research were to investigate the impacts of climate variations on land use policies, food security and vegetation cover in Gadarif State (eastern Sudan) during 1961 to 2013. Analysis of precipitation and temperature time series revealed that the annual precipitation was decreasing while the temperature was increased in the study area. Precipitation was decreasing at a rate of −50.3 mm/10a, while the temperature was increasing at a rate of 0.02°C/10a. The result of both SPEI and SPI showed that the Gadarif State has been changed to a high frequency of drought during 1961-2013. Sorghum yield showed a significant positive relationship with precipitation during July and October (CC = 0.364 and 0.321, respectively), moreover, a significant positive relationship between Sesame yield and precipitation was observed during July (CC = 0.335). A significant negative relationship between Sorghum yield and mean temperature was observed during the rainy season (July to October) with CC = −0.278. The yield productivity of Sorghum and Sesame had decreased significantly (from more than 800 kg/ha in the 1960s to less than 200 kg/ha in 2000s for Sorghum, while 500 kg/ha in 1960s to 100 kg/ha in 2000s for Sesame). The Mechanized Rain-fed Agriculture (MRA) area of Sorghum and Sesame in the Gadarif State had been increased from 1,058,241 ha to 2,799,655 ha during 1961 to 2013. Thus, we ultimately suggest that in the Gadarif State, policy makers must strive for an increase in yield per unit area by using sufficient fertilizers along with the gradual increment in tendencies of grain production through expansion of the cultivated area.

Policy Framework for Community and State Policing in Combating Rising Security Challenges in Nigeria

Viability of decentralizing policing in Nigeria had been on the front burner of security discourse since Nigeria returned to democratic governance in 1999.Valid points had been put forward by both those in support and those in opposition.The Community Policing Department of the Nigeria Police had remained more of an administrative unit with little impact beyond the Police Community Relations Committee activities.Rising cases of herdsmen attacks of various communities,terrorist insurgency in the North-East,kidnappings across the different geo-political zones had resulted in the need to interrogate the efficacy of effective community policing and state policing as viable options to combating rising security challenges.The study adopted qualitative method,and being a library research relied entirely on secondary data.Sources of data included journals,relevant textbooks,newspapers,magazines,and materials downloaded from internet.The paper argues that the traditional security agencies had failed to effectively combat the many security challenges that Nigeria faces.The combination of the official security agencies and the military had failed to effectively combat insecurity in the country.The local vigilante groups on the other hand had made valuable inroad in curtailing some of the security challenges including terrorist insurgency as a result of their knowledge of the terrain.The paper concludes that to effectively combat the many security challenges,there is a need for new policy framework at the federal and state levels that would decentralize policing and give legal backing for collaboration between the official security agencies under the federal government and state security outfits including the vigilante.