Visible to the public Biblio

Filters: Keyword is legislation  [Clear All Filters]
2020-10-16
Pandes, Tiffany Lyn O., Omorog, Challiz D., Medrano, Regino B..  2018.  LeMTrac: Legislative Management and Tracking System. :1—6.

{Information and Communications Technology (ICT) have rationalized government services into a more efficient and transparent government. However, a large part of the government services remained constant in the manual process due to the high cost of ICT. The purpose of this paper is to explore the role of e-governance and ICT in the legislative management of municipalities in the Philippines. This study adopted the phases of Princeton Project Management Methodology (PPMM) as the approach in the development of LeMTrac. This paper utilized the developmental- quantitative research design involving two (2) sets of respondents, which are the end-users and IT experts. Majority of the respondents perceived that the system as "highly acceptable" with an average Likert score of 4.72 for the ISO 9126 Software quality metric Usability. The findings also reveal that the integration of LeMTrac within the Sangguniang Bayan (SB) Office in the Municipal Local Government Units (LGU) of Nabua and Bula, Camarines Sur provided better accessibility, security, and management of documents.

2020-08-28
McFadden, Danny, Lennon, Ruth, O’Raw, John.  2019.  AIS Transmission Data Quality: Identification of Attack Vectors. 2019 International Symposium ELMAR. :187—190.

Due to safety concerns and legislation implemented by various governments, the maritime sector adopted Automatic Identification System (AIS). Whilst governments and state agencies have an increasing reliance on AIS data, the underlying technology can be found to be fundamentally insecure. This study identifies and describes a number of potential attack vectors and suggests conceptual countermeasures to mitigate such attacks. With interception by Navy and Coast Guard as well as marine navigation and obstacle avoidance, the vulnerabilities within AIS call into question the multiple deployed overlapping AIS networks, and what the future holds for the protocol.

2020-06-03
Chopade, Mrunali, Khan, Sana, Shaikh, Uzma, Pawar, Renuka.  2019.  Digital Forensics: Maintaining Chain of Custody Using Blockchain. 2019 Third International conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC). :744—747.

The fundamental aim of digital forensics is to discover, investigate and protect an evidence, increasing cybercrime enforces digital forensics team to have more accurate evidence handling. This makes digital evidence as an important factor to link individual with criminal activity. In this procedure of forensics investigation, maintaining integrity of the evidence plays an important role. A chain of custody refers to a process of recording and preserving details of digital evidence from collection to presenting in court of law. It becomes a necessary objective to ensure that the evidence provided to the court remains original and authentic without tampering. Aim is to transfer these digital evidences securely using encryption techniques.

2020-05-04
Zalozhnev, Alexey Yu., Andros, Denis A., Ginz, Vasiliy N., Loktionov, Anatoly Eu..  2019.  Information Systems and Network Technologies for Personal Data Cyber Security in Public Health. 2019 International Multidisciplinary Information Technology and Engineering Conference (IMITEC). :1–5.
The article focuses on Personal Data Cyber Security Systems. These systems are the critical components for Health Information Management Systems of Public Health enterprises. The purpose of this article is to inform and provide the reader with Personal Data Cyber Security Legislation and Regulation in Public Health Sector and enlighten him with the Information Systems that were designed and implemented for Personal Data Cyber Security in Public Health.
2020-04-03
Singi, Kapil, Kaulgud, Vikrant, Bose, R.P. Jagadeesh Chandra, Podder, Sanjay.  2019.  CAG: Compliance Adherence and Governance in Software Delivery Using Blockchain. 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB). :32—39.

The software development life cycle (SDLC) starts with business and functional specifications signed with a client. In addition to this, the specifications also capture policy / procedure / contractual / regulatory / legislation / standard compliances with respect to a given client industry. The SDLC must adhere to service level agreements (SLAs) while being compliant to development activities, processes, tools, frameworks, and reuse of open-source software components. In today's world, global software development happens across geographically distributed (autonomous) teams consuming extraordinary amounts of open source components drawn from a variety of disparate sources. Although this is helping organizations deal with technical and economic challenges, it is also increasing unintended risks, e.g., use of a non-complaint license software might lead to copyright issues and litigations, use of a library with vulnerabilities pose security risks etc. Mitigation of such risks and remedial measures is a challenge due to lack of visibility and transparency of activities across these distributed teams as they mostly operate in silos. We believe a unified model that non-invasively monitors and analyzes the activities of distributed teams will help a long way in building software that adhere to various compliances. In this paper, we propose a decentralized CAG - Compliance Adherence and Governance framework using blockchain technologies. Our framework (i) enables the capturing of required data points based on compliance specifications, (ii) analyzes the events for non-conformant behavior through smart contracts, (iii) provides real-time alerts, and (iv) records and maintains an immutable audit trail of various activities.

2020-02-17
Shukla, Meha, Johnson, Shane D., Jones, Peter.  2019.  Does the NIS implementation strategy effectively address cyber security risks in the UK? 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). :1–11.
This research explored how cyber security risks are managed across UK Critical National Infrastructure (CNI) sectors following implementation of the 2018 Networks and Information Security (NIS) legislation. Being in its infancy, there has been limited study into the effectiveness of this national framework for cyber risk management. The analysis of data gathered through interviews with key stakeholders against the NIS objectives indicated a collaborative implementation approach to improve cyber-risk management capabilities in CNI sectors. However, more work is required to bridge the gaps in the NIS framework to ensure holistic security across cyber spaces as well as non-cyber elements: cyber-physical security, cross-sector CNI service security measures, outcome-based regulatory assessments and risks due to connected smart technology implementations alongside legacy systems. This paper proposes ten key recommendations to counter the danger of not meeting the NIS key strategic objectives. In particular, it recommends that the approach to NIS implementation needs further alignment with its objectives, such as bringing a step-change in the cyber-security risk management capabilities of the CNI sectors.
2019-07-01
Saleem, Jibran, Hammoudeh, Mohammad, Raza, Umar, Adebisi, Bamidele, Ande, Ruth.  2018.  IoT Standardisation: Challenges, Perspectives and Solution. Proceedings of the 2Nd International Conference on Future Networks and Distributed Systems. :1:1-1:9.

The success and widespread adoption of the Internet of Things (IoT) has increased many folds over the last few years. Industries, technologists and home users recognise the importance of IoT in their lives. Essentially, IoT has brought vast industrial revolution and has helped automate many processes within organisations and homes. However, the rapid growth of IoT is also a cause for significant concern. IoT is not only plagued with security, authentication and access control issues, it also doesn't work as well as it should with fourth industrial revolution, commonly known as Industry 4.0. The absence of effective regulation, standards and weak governance has led to a continual downward trend in the security of IoT networks and devices, as well as given rise to a broad range of privacy issues. This paper examines the IoT industry and discusses the urgent need for standardisation, the benefits of governance as well as the issues affecting the IoT sector due to the absence of regulation. Additionally, through this paper, we are introducing an IoT security framework (IoTSFW) for organisations to bridge the current lack of guidelines in the IoT industry. Implementation of the guidelines, defined in the proposed framework, will assist organisations in achieving security, privacy, sustainability and scalability within their IoT networks.

2019-01-21
Kittmann, T., Lambrecht, J., Horn, C..  2018.  A privacy-aware distributed software architecture for automation services in compliance with GDPR. 2018 IEEE 23rd International Conference on Emerging Technologies and Factory Automation (ETFA). 1:1067–1070.

The recently applied General Data Protection Regulation (GDPR) aims to protect all EU citizens from privacy and data breaches in an increasingly data-driven world. Consequently, this deeply affects the factory domain and its human-centric automation paradigm. Especially collaboration of human and machines as well as individual support are enabled and enhanced by processing audio and video data, e.g. by using algorithms which re-identify humans or analyse human behaviour. We introduce most significant impacts of the recent legal regulation change towards the automations domain at a glance. Furthermore, we introduce a representative scenario from production, deduce its legal affections from GDPR resulting in a privacy-aware software architecture. This architecture covers modern virtualization techniques along with authorization and end-to-end encryption to ensure a secure communication between distributes services and databases for distinct purposes.

2018-06-11
Crabtree, A., Lodge, T., Colley, J., Greenghalgh, C., Mortier, R..  2017.  Accountable Internet of Things? Outline of the IoT databox model 2017 IEEE 18th International Symposium on A World of Wireless, Mobile and Multimedia Networks (WoWMoM). :1–6.

This paper outlines the IoT Databox model as a means of making the Internet of Things (IoT) accountable to individuals. Accountability is a key to building consumer trust and mandated in data protection legislation. We briefly outline the `external' data subject accountability requirement specified in actual legislation in Europe and proposed legislation in the US, and how meeting requirement this turns on surfacing the invisible actions and interactions of connected devices and the social arrangements in which they are embedded. The IoT Databox model is proposed as an in principle means of enabling accountability and providing individuals with the mechanisms needed to build trust in the IoT.

2017-03-07
Namazifard, A., Amiri, B., Tousi, A., Aminilari, M., Hozhabri, A. A..  2015.  Literature review of different contention of E-commerce security and the purview of cyber law factors. 2015 9th International Conference on e-Commerce in Developing Countries: With focus on e-Business (ECDC). :1–14.

Today, by widely spread of information technology (IT) usage, E-commerce security and its related legislations are very critical issue in information technology and court law. There is a consensus that security matters are the significant foundation of e-commerce, electronic consumers, and firms' privacy. While e-commerce networks need a policy for security privacy, they should be prepared for a simple consumer friendly infrastructure. Hence it is necessary to review the theoretical models for revision. In This theory review, we embody a number of former articles that cover security of e-commerce and legislation ambit at the individual level by assessing five criteria. Whether data of articles provide an effective strategy for secure-protection challenges in e-commerce and e-consumers. Whether provisions clearly remedy precedents or they need to flourish? This paper focuses on analyzing the former discussion regarding e-commerce security and existence legislation toward cyber-crime activity of e-commerce the article also purports recommendation for subsequent research which is indicate that through secure factors of e-commerce we are able to fill the vacuum of its legislation.