China
Africa
Explore chapters and articles related to this topic
Risk Management Framework of the U.S. Department of Defense and National Security
Published in Anna M. Doro-on, Handbook of Systems Engineering and Risk Management in Control Systems, Communication, Space Technology, Missile, Security and Defense Operations, 2023
The subsequent sections describe types of authorization use to launch IS and PIT system for specific environments. Authorization is the official management decision given by a senior organizational official to authorize operation of an IS and to explicitly accept the risk to organizational assets, individuals, other organizations, and the nation based on the implementation of an agreed-upon set of security controls (DCMA 2014). Authorization standards are one of the elements that aid the mitigation of risks. Authorization is typically joint with authentication. Reviews of lessons learned show the department has achieved modest reductions in its attack surface and still allows its highest-privileged users to leverage the weakest means of authentication (DoD 2016b). The goal of strong authentication is to reduce anonymity and improve the security posture of the department and DoD information networks (DoDIN; DoD 2016b). Strong authentication requires two or more factors in order to securely authenticate a user (DoD 2016b): (1) something the user knows, such as a password or key code; (2) something the user is, such as biometrics; and (3) something the user has such as a security token.
IT Security Action Plan
Published in Frank R. Spellman, Fundamentals of Public Utilities Management, 2020
Even with an encrypted channel and an authentication mechanism, it is possible that attackers may attempt to access the site by brute force. Improper authentication techniques can allow attackers to gather valid usernames or potentially gain access to the website. Strong authentication mechanisms can protect against phishing attacks, in which hackers may trick users into providing their personal credentials, and pharming, in which traffic to a legitimate website may be redirected to an illegitimate one. An appropriate level of authentication should be implemented based on the sensitivity of the web server’s users and content.
Cybersecurity and Risk
Published in Diego Galar Pascual, Pasquale Daponte, Uday Kumar, Handbook of Industry 4.0 and SMART Systems, 2019
Diego Galar Pascual, Pasquale Daponte, Uday Kumar
The resistance to attacks is increased by the use of access control mechanisms with strong authentication and encryption. The use of message and packet filtering and network and server segmentation also enhance network resistance. The use of appropriate intrusion detection techniques can help to identify an attack. Appropriate back-up techniques can be used for system and network recovery (ITU-T X.1205, 2008).
Assessing smart light enabled cyber-physical attack paths on urban infrastructures and services
Published in Connection Science, 2022
Ioannis Stellios, Kostas Mokos, Panayiotis Kotzanikolaou
Governance frameworks, guides and legislation initiatives regarding security and data privacy are also considered as a step in the right direction. The guide 'Cyber Security for Lighting Systems' ,6 released from US Department of Energy, showcases cybersecurity risks that are associated with light fixtures and common lighting controls/strategies, including common types of attacks on such systems. Among others, the guide proposes the adoption of wired instead of wireless communications protocols with proper network security controls, and the use of strong authentication and encryption mechanisms such as Advanced Encryption Standard (AES) algorithm with a minimum length of 128-bit encryption key, especially in cases where wireless deployment of such systems cannot be avoided. Moreover, a series of standards (UL 2900) that helps improving the security of IoT devices by providing measurable criteria for the testing of network-connected devices that send, store or transmit data has been developed from the American National Standard Institute (ANSI) with the UL 2900-1 focused on cybersecurity of smart lighting systems. Finally, the adoption of transparent, open standards rather than proprietary technology, guarantees that any potential vulnerabilities can be identified and addressed on time by the security community.
Fast-Sec: an approach to secure Big Data processing in the cloud
Published in International Journal of Parallel, Emergent and Distributed Systems, 2019
Julio C. S. dos Anjos, Tatiana Galibus, Cláudio F. R. Geyer, Gilles Fedak, João Paulo C. L. Costa, Rubem Pereira, Edison Pignaton de Freitas
Key storage: The symmetric keys for the data in the file storage are kept in the separate storage. The protection of the key storage is implemented via some strong authentication method, i.e. two-factor authentication. Additionally, in order to increase the security of the sensitive data we propose the following methods:Set up the key expiry period;Use separate key for the different files;Use secret sharing mechanism to key storing with the most sensitive data.Encryption server: The most important cryptography services are run on the Encryption server. This server generates the user keys and connects to the client UI, i.e. a separate user of the system and decides whether the access to the specific dataset should be granted to this user. In addition, the server runs the key renewal routines, stores the user public keys and attributes besides the auditing data.