Explore chapters and articles related to this topic
Cybersecurity Incident Response in the Enterprise
Published in Mohiuddin Ahmed, Nour Moustafa, Abu Barkat, Paul Haskell-Dowland, Next-Generation Enterprise Security and Governance, 2022
Nickson M. Karie, Leslie F. Sikos
Many organizations require skilled personnel to maintain, and ensure the effectiveness of, a SOC or SIEM. This causes cost overhead to an organization. For organizations that want to utilize SIEM and other security products against security issues yet cannot meet the cost of buying and implementing SIEM products, or do not have a clear understanding of how to do it on their own, Security as a Service (SECaaS) offers an alternative. With SECaaS organizations can outsource all their cybersecurity services from third-party companies on a subscription basis, thereby avoiding all the upfront costs for buying hardware as well as the continuing costs for security software licenses. SECaaS allows organizations to use strong and powerful security tools, including SIEM products from third-party companies (mostly cloud providers) using only a web browser, making the use of SIEM functions easy and affordable. SECaaS is therefore considered a new way of delivering cybersecurity technologies to different organizations as a cloud service.
Trusted Digital Solutions and Cybersecurity in Healthcare
Published in Rajarshi Gupta, Dwaipayan Biswas, Health Monitoring Systems, 2019
One of the main trends in modern health IT is the exploitation of cloud infrastructure and services. Cloud services enable healthcare service providers to move data processing and storage onto the internet, provided that security and data ownership concerns are addressed. Towards this direction, the emerging security as a service (SecaaS) model offers a novel security solution for cloud services’ users. This model encompasses a variety of advantages such as authentication as a service (AaaS), encryption as a service (ENCaaS), as well as dedicated virtual firewalls and web application firewalls to the cloud infrastructure costumers. It also assists healthcare organizations in strengthening their virtual private clouds with controls applicable to their business domain.
Security in Internet of Drones: A Comprehensive Review
Published in Cogent Engineering, 2022
Snehal Samanth, Prema K V, Mamatha Balachandra
Chen et al. have proposed a secure and lightweight IoD network coding pseudonym scheme. The network model consists of a set of cellular-connected drones, ground users, and ground base stations. The security model for real-time object tracking application (ROTA) with outsourced database (ODB) consists of cloud ODB, service engine, and a certifying server. The threat model of the proposed scheme considers three types of attackers: malicious observers, link eavesdroppers, and curious users. The system design of the proposed scheme has the proposed scheme integrated with International Mobile Subscriber Identity (IMSI), and encryption of IMSI is required to preserve privacy. The proposed scheme is called a two-tier coding scheme because the scheme generates two keys, i.e. key A and key B for legitimate users’ identity authentication and users’ private data protection, respectively. Experiments use Android smart phones with Qualcomm QSD8250. When hash functions are used for key generation, this reduces the possibility of solving of IMSI security problem by an adversary. Security analysis also shows that the proposed network coding scheme can achieve an unconditional security level. Security analysis shows that the location data ownership privacy is fully preserved and that the proposed scheme is collision-resistant to insider attacker, provides user authentication security feature, and service continuity feature. The proposed scheme provides unconditional security when compared to computational security provided by hash-based pseudonyms. The processing time of standard IMSI encryptions in IoD devices is reduced by more than 95% when network coding technique is used instead of hash functions. Energy consumption of key generation for the proposed scheme based on network coding with Galois Field (GF()) is about 10% of that with hash functions like Message Digest 5 (MD5) or Secure Hash Algorithm (SHA) (Chen & Wang, 2018).