Visible to the public Biblio

Filters: Keyword is information technology  [Clear All Filters]
2021-07-07
Wang, Guodong, Tian, Dongbo, Gu, Fengqiang, Li, Jia, Lu, Yang.  2020.  Design of Terminal Security Access Scheme based on Trusted Computing in Ubiquitous Electric Internet of Things. 2020 IEEE 9th Joint International Information Technology and Artificial Intelligence Conference (ITAIC). 9:188–192.
In the Ubiquitous Electric Internet of Things (UEIoT), the terminals are very easy to be accessed and attacked by attackers due to the lack of effective monitoring and safe isolation methods. Therefore, in the implementation of UEIoT, the security protection of terminals is particularly important. Therefore, this paper proposes a dual-system design scheme for terminal active immunity based on trusted computing. In this scheme, the terminal node in UEIoT is composed of two parts: computing part and trusted protection part. The computing component and the trusted protection component are logically independent of each other, forming a trusted computing active immune dual-system structure with both computing and protection functions. The Trusted Network Connection extends the trusted state of the terminal to the network, thus providing a solution for terminal secure access in the UEIoT.
2021-06-24
Abirami, R., Wise, D. C. Joy Winnie, Jeeva, R., Sanjay, S..  2020.  Detecting Security Vulnerabilities in Website using Python. 2020 International Conference on Electronics and Sustainable Communication Systems (ICESC). :844–846.
On the current website, there are many undeniable conditions and there is the existence of new plot holes. If data link is normally extracted on each of the websites, it becomes difficult to evaluate each vulnerability, with tolls such as XS S, SQLI, and other such existing tools for vulnerability assessment. Integrated testing criteria for vulnerabilities are met. In addition, the response should be automated and systematic. The primary value of vulnerability Buffer will be made of predefined and self-formatted code written in python, and the software is automated to send reports to their respective users. The vulnerabilities are tried to be classified as accessible. OWASP is the main resource for developing and validating web security processes.
Dang, Tran Khanh, Truong, Phat T. Tran, Tran, Pi To.  2020.  Data Poisoning Attack on Deep Neural Network and Some Defense Methods. 2020 International Conference on Advanced Computing and Applications (ACOMP). :15–22.
In recent years, Artificial Intelligence has disruptively changed information technology and software engineering with a proliferation of technologies and applications based-on it. However, recent researches show that AI models in general and the most greatest invention since sliced bread - Deep Learning models in particular, are vulnerable to being hacked and can be misused for bad purposes. In this paper, we carry out a brief review of data poisoning attack - one of the two recently dangerous emerging attacks - and the state-of-the-art defense methods for this problem. Finally, we discuss current challenges and future developments.
2021-05-25
Alnsour, Rawan, Hamdan, Basil.  2020.  Incorporating SCADA Cybersecurity in Undergraduate Engineering Technology Information Technology Education. 2020 Intermountain Engineering, Technology and Computing (IETC). :1—4.

The purpose of this paper is threefold. First, it makes the case for incorporating cybersecurity principles into undergraduate Engineering Technology Education and for incorporating Industrial Control Systems (ICS) principles into undergraduate Information Technology (IT)/Cybersecurity Education. Specifically, the paper highlights the knowledge/skill gap between engineers and IT/Cybersecurity professionals with respect to the cybersecurity of the ICS. Secondly, it identifies several areas where traditional IT systems and ICS intercept. This interception not only implies that ICS are susceptible to the same cyber threats as traditional IT/IS but also to threats that are unique to ICS. Subsequently, the paper identifies several areas where cybersecurity principles can be applied to ICS. By incorporating cybersecurity principles into Engineering Technology Education, the paper hopes to provide IT/Cybersecurity and Engineering Students with (a) the theoretical knowledge of the cybersecurity issues associated with administering and operating ICS and (b) the applied technical skills necessary to manage and mitigate the cyber risks against these systems. Overall, the paper holds the promise of contributing to the ongoing effort aimed at bridging the knowledge/skill gap with respect to securing ICS against cyber threats and attacks.

2021-05-13
Nakhushev, Rakhim S., Sukhanova, Natalia V..  2020.  Application of the Neural Networks for Cryptographic Information Security. 2020 International Conference Quality Management, Transport and Information Security, Information Technologies (IT QM IS). :421–423.
The object of research is information security. The tools used for research are artificial neural networks. The goal is to increase the cryptography security. The problems are: the big volume of information, the expenses for neural networks design and training. It is offered to use the neural network for the cryptographic transformation of information.
2021-04-27
Yang, Y., Lu, K., Cheng, H., Fu, M., Li, Z..  2020.  Time-controlled Regular Language Search over Encrypted Big Data. 2020 IEEE 9th Joint International Information Technology and Artificial Intelligence Conference (ITAIC). 9:1041—1045.

The rapid development of cloud computing and the arrival of the big data era make the relationship between users and cloud closer. Cloud computing has powerful data computing and data storage capabilities, which can ubiquitously provide users with resources. However, users do not fully trust the cloud server's storage services, so lots of data is encrypted and uploaded to the cloud. Searchable encryption can protect the confidentiality of data and provide encrypted data retrieval functions. In this paper, we propose a time-controlled searchable encryption scheme with regular language over encrypted big data, which provides flexible search pattern and convenient data sharing. Our solution allows users with data's secret keys to generate trapdoors by themselves. And users without data's secret keys can generate trapdoors with the help of a trusted third party without revealing the data owner's secret key. Our system uses a time-controlled mechanism to collect keywords queried by users and ensures that the querying user's identity is not directly exposed. The obtained keywords are the basis for subsequent big data analysis. We conducted a security analysis of the proposed scheme and proved that the scheme is secure. The simulation experiment and comparison of our scheme show that the system has feasible efficiency.

Yang, H., Bai, Y., Zou, Z., Zhang, Q., Wang, B., Yang, R..  2020.  Research on Data Security Sharing Mechanism of Power Internet of Things Based on Blockchain. 2020 IEEE 9th Joint International Information Technology and Artificial Intelligence Conference (ITAIC). 9:2029—2032.

The rapid growth of power Internet of Things devices has led to traditional data security sharing mechanisms that are no longer suitable for attribute and permission management of massive devices. In response to this problem, this article proposes a blockchain-based data security sharing mechanism for the power Internet of Things, which reduces the risk of data leakage through decentralization in the architecture and promotes the integration of multiple information and methods.

Sekar, K., Devi, K. Suganya, Srinivasan, P., SenthilKumar, V. M..  2020.  Deep Wavelet Architecture for Compressive sensing Recovery. 2020 Seventh International Conference on Information Technology Trends (ITT). :185–189.
The deep learning-based compressive Sensing (CS) has shown substantial improved performance and in run-time reduction with signal sampling and reconstruction. In most cases, moreover, these techniques suffer from disrupting artefacts or high-frequency contents at low sampling ratios. Similarly, this occurs in the multi-resolution sampling method, which further collects more components with lower frequencies. A promising innovation combining CS with convolutionary neural network has eliminated the sparsity constraint yet recovery persists slow. We propose a Deep wavelet based compressive sensing with multi-resolution framework provides better improvement in reconstruction as well as run time. The proposed model demonstrates outstanding quality on test functions over previous approaches.
Xie, J., She, H., Chen, X., Zhang, H., Niu, Y..  2020.  Test Method for Automatic Detection Capability of Civil Aviation Security Equipment Using Bayesian Estimation. 2020 IEEE 2nd International Conference on Civil Aviation Safety and Information Technology (ICCASIT. :831–835.
There are a lot of emerging security equipment required to be tested on detection rate (DR) and false alarm rate (FAR) for prohibited items. This article imports Bayesian approach to accept or reject DR and FAR. The detailed quantitative predictions can be made through the posterior distribution obtained by Markov chain Monte Carlo method. Based on this, HDI + ROPE decision rule is established. For the tests that need to make early decision, HDI + ROPE stopping rule is presented with biased estimate value, and criterial precision rule is presented with unbiased estimate value. Choosing the stopping rule according to the test purpose can achieve the balance of efficiency and accuracy.
Uthayashangar, S., Abinaya, J., Harshini, V., Jayavardhani, R..  2020.  Image And Text Encrypted Data With Authorized Deduplication In Cloud. 2020 International Conference on System, Computation, Automation and Networking (ICSCAN). :1—5.
In this paper, the role re-encryption is used to avoid the privacy data lekage and also to avoid the deduplication in a secure role re-encryption system(SRRS). And also it checks for the proof of ownership for to identify whether the user is authorized user or not. This is for the efficiency. Role re-encrytion method is to share the access key for the corresponding authorized user for accessing the particular file without the leakage of privacy data. In our project we are using both the avoidance of text and digital images. For example we have the personal images in our mobile, handheld devices, and in the desktop etc., So, as these images have to keep secure and so we are using the encryption for to increase the high security. The text file also important for the users now-a-days. It has to keep secure in a cloud server. Digital images have to be protected over the communication, however generally personal identification details like copies of pan card, Passport, ATM, etc., to store on one's own pc. So, we are protecting the text file and image data for avoiding the duplication in our proposed system.
Elavarasan, G., Veni, S..  2020.  Data Sharing Attribute-Based Secure with Efficient Revocation in Cloud Computing. 2020 International Conference on Computing and Information Technology (ICCIT-1441). :1—6.

In recent days, cloud computing is one of the emerging fields. It is a platform to maintain the data and privacy of the users. To process and regulate the data with high security, the access control methods are used. The cloud environment always faces several challenges such as robustness, security issues and so on. Conventional methods like Cipher text-Policy Attribute-Based Encryption (CP-ABE) are reflected in providing huge security, but still, the problem exists like the non-existence of attribute revocation and minimum efficient. Hence, this research work particularly on the attribute-based mechanism to maximize efficiency. Initially, an objective coined out in this work is to define the attributes for a set of users. Secondly, the data is to be re-encrypted based on the access policies defined for the particular file. The re-encryption process renders information to the cloud server for verifying the authenticity of the user even though the owner is offline. The main advantage of this work evaluates multiple attributes and allows respective users who possess those attributes to access the data. The result proves that the proposed Data sharing scheme helps for Revocation under a fine-grained attribute structure.

2021-04-09
Ozkan, N., Tarhan, A. K., Gören, B., Filiz, İ, Özer, E..  2020.  Harmonizing IT Frameworks and Agile Methods: Challenges and Solutions for the case of COBIT and Scrum. 2020 15th Conference on Computer Science and Information Systems (FedCSIS). :709—719.
Information Technology (IT) is a complex domain. In order to properly manage IT related processes, several frameworks including ITIL (Information Technologies Infrastructure Library), COBIT (Control OBjectives for Information and related Technologies), IT Service CMMI (IT Service Capability Maturity Model) and many others have emerged in recent decades. Meanwhile, the prevalence of Agile methods has increased, posing the coexistence of Agile approach with different IT frameworks already adopted in organizations. More specifically, the pursuit of being agile in the area of digitalization pushes organizations to go for agile transformation while preserving full compliance to IT frameworks for the sake of their survival. The necessity for this coexistence, however, brings its own challenges and solutions for harmonizing the requirements of both parties. In this paper, we focus on harmonizing the requirements of COBIT and Scrum in a same organization, which is especially challenging when a full compliance to COBIT is expected. Therefore, this study aims to identifying the challenges of and possible solutions for the coexistence of Scrum and COBIT (version 4.1 in this case) in an organization, by considering two case studies: one from the literature and the case of Akbank delivered in this study. Thus, it extends the corresponding previous case study from two points: adds one more case study to enrich the results from the previous case study and provides more opportunity to make generalization by considering two independent cases.
2021-04-08
Claycomb, W. R., Huth, C. L., Phillips, B., Flynn, L., McIntire, D..  2013.  Identifying indicators of insider threats: Insider IT sabotage. 2013 47th International Carnahan Conference on Security Technology (ICCST). :1—5.
This paper describes results of a study seeking to identify observable events related to insider sabotage. We collected information from actual insider threat cases, created chronological timelines of the incidents, identified key points in each timeline such as when attack planning began, measured the time between key events, and looked for specific observable events or patterns that insiders held in common that may indicate insider sabotage is imminent or likely. Such indicators could be used by security experts to potentially identify malicious activity at or before the time of attack. Our process included critical steps such as identifying the point of damage to the organization as well as any malicious events prior to zero hour that enabled the attack but did not immediately cause harm. We found that nearly 71% of the cases we studied had either no observable malicious action prior to attack, or had one that occurred less than one day prior to attack. Most of the events observed prior to attack were behavioral, not technical, especially those occurring earlier in the case timelines. Of the observed technical events prior to attack, nearly one third involved installation of software onto the victim organizations IT systems.
2021-02-08
Van, L. X., Dung, L. H., Hoa, D. V..  2020.  Developing Root Problem Aims to Create a Secure Digital Signature Scheme in Data Transfer. 2020 International Conference on Green and Human Information Technology (ICGHIT). :25–30.
This paper presents the proposed method of building a digital signature algorithm which is based on the difficulty of solving root problem and some expanded root problems on Zp. The expanded root problem is a new form of difficult problem without the solution, also originally proposed and applied to build digital signature algorithms. This proposed method enable to build a high-security digital signature platform for practical applications.
2021-02-03
Adil, M., Khan, R., Ghani, M. A. Nawaz Ul.  2020.  Preventive Techniques of Phishing Attacks in Networks. 2020 3rd International Conference on Advancements in Computational Sciences (ICACS). :1—8.

Internet is the most widely used technology in the current era of information technology and it is embedded in daily life activities. Due to its extensive use in everyday life, it has many applications such as social media (Face book, WhatsApp, messenger etc.,) and other online applications such as online businesses, e-counseling, advertisement on websites, e-banking, e-hunting websites, e-doctor appointment and e-doctor opinion. The above mentioned applications of internet technology makes things very easy and accessible for human being in limited time, however, this technology is vulnerable to various security threats. A vital and severe threat associated with this technology or a particular application is “Phishing attack” which is used by attacker to usurp the network security. Phishing attacks includes fake E-mails, fake websites, fake applications which are used to steal their credentials or usurp their security. In this paper, a detailed overview of various phishing attacks, specifically their background knowledge, and solutions proposed in literature to address these issues using various techniques such as anti-phishing, honey pots and firewalls etc. Moreover, installation of intrusion detection systems (IDS) and intrusion detection and prevention system (IPS) in the networks to allow the authentic traffic in an operational network. In this work, we have conducted end use awareness campaign to educate and train the employs in order to minimize the occurrence probability of these attacks. The result analysis observed for this survey was quite excellent by means of its effectiveness to address the aforementioned issues.

2021-01-25
Abbas, M. S., Mahdi, S. S., Hussien, S. A..  2020.  Security Improvement of Cloud Data Using Hybrid Cryptography and Steganography. 2020 International Conference on Computer Science and Software Engineering (CSASE). :123–127.
One of the significant advancements in information technology is Cloud computing, but the security issue of data storage is a big problem in the cloud environment. That is why a system is proposed in this paper for improving the security of cloud data using encryption, information concealment, and hashing functions. In the data encryption phase, we implemented hybrid encryption using the algorithm of AES symmetric encryption and the algorithm of RSA asymmetric encryption. Next, the encrypted data will be hidden in an image using LSB algorithm. In the data validation phase, we use the SHA hashing algorithm. Also, in our suggestion, we compress the data using the LZW algorithm before hiding it in the image. Thus, it allows hiding as much data as possible. By using information concealment technology and mixed encryption, we can achieve strong data security. In this paper, PSNR and SSIM values were calculated in addition to the graph to evaluate the image masking performance before and after applying the compression process. The results showed that PSNR values of stego-image are better for compressed data compared to data before compression.
2021-01-22
Kubba, Z. M. Jawad, Hoomod, H. K..  2019.  A Hybrid Modified Lightweight Algorithm Combined of Two Cryptography Algorithms PRESENT and Salsa20 Using Chaotic System. 2019 First International Conference of Computer and Applied Sciences (CAS). :199–203.

Cryptography algorithms play a critical role in information technology against various attacks witnessed in the digital era. Many studies and algorithms are done to achieve security issues for information systems. The high complexity of computational operations characterises the traditional cryptography algorithms. On the other hand, lightweight algorithms are the way to solve most of the security issues that encounter applying traditional cryptography in constrained devices. However, a symmetric cipher is widely applied for ensuring the security of data communication in constraint devices. In this study, we proposed a hybrid algorithm based on two cryptography algorithms PRESENT and Salsa20. Also, a 2D logistic map of a chaotic system is applied to generate pseudo-random keys that produce more complexity for the proposed cipher algorithm. The goal of the proposed algorithm is to present a hybrid algorithm by enhancing the complexity of the current PRESENT algorithm while keeping the performance of computational operations as minimal. The proposed algorithm proved working efficiently with fast executed time, and the analysed result of the generated sequence keys passed the randomness of the NIST suite.

2020-12-28
Chaves, A., Moura, Í, Bernardino, J., Pedrosa, I..  2020.  The privacy paradigm : An overview of privacy in Business Analytics and Big Data. 2020 15th Iberian Conference on Information Systems and Technologies (CISTI). :1—6.
In this New Age where information has an indispensable value for companies and data mining technologies are growing in the area of Information Technology, privacy remains a sensitive issue in the approach to the exploitation of the large volume of data generated and processed by companies. The way data is collected, handled and destined is not yet clearly defined and has been the subject of constant debate by several areas of activity. This literature review gives an overview of privacy in the era of Business Analytics and Big Data in different timelines, the opportunities and challenges faced, aiming to broaden discussions on a subject that deserves extreme attention and aims to show that, despite measures for data protection have been created, there is still a need to discuss the subject among the different parties involved in the process to achieve a positive ideal for both users and companies.
2020-11-17
Radha, P., Selvakumar, N., Sekar, J. Raja, Johnsonselva, J. V..  2018.  Enhancing Internet of Battle Things using Ultrasonic assisted Non-Destructive Testing (Technical solution). 2018 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC). :1—4.

The subsystem of IoMT (Internet of Military of Things) called IoBT (Internet of Battle of Things) is the major resource of the military where the various stack holders of the battlefield and different categories of equipment are tightly integrated through the internet. The proposed architecture mentioned in this paper will be helpful to design IoBT effectively for warfare using irresistible technologies like information technology, embedded technology, and network technology. The role of Machine intelligence is essential in IoBT to create smart things and provide accurate solutions without human intervention. Non-Destructive Testing (NDT) is used in Industries to examine and analyze the invisible defects of equipment. Generally, the ultrasonic waves are used to examine and analyze the internal defects of materials. Hence the proposed architecture of IoBT is enhanced by ultrasonic based NDT to study the properties of the things of the battlefield without causing any damage.

Kamhoua, C. A..  2018.  Game theoretic modeling of cyber deception in the Internet of Battlefield Things. 2018 56th Annual Allerton Conference on Communication, Control, and Computing (Allerton). :862—862.

Internet of Battlefield Things (IoBT) devices such as actuators, sensors, wearable devises, robots, drones, and autonomous vehicles, facilitate the Intelligence, Surveillance and Reconnaissance (ISR) to Command and Control and battlefield services. IoBT devices have the ability to collect operational field data, to compute on the data, and to upload its information to the network. Securing the IoBT presents additional challenges compared with traditional information technology (IT) systems. First, IoBT devices are mass produced rapidly to be low-cost commodity items without security protection in their original design. Second, IoBT devices are highly dynamic, mobile, and heterogeneous without common standards. Third, it is imperative to understand the natural world, the physical process(es) under IoBT control, and how these real-world processes can be compromised before recommending any relevant security counter measure. Moreover, unprotected IoBT devices can be used as “stepping stones” by attackers to launch more sophisticated attacks such as advanced persistent threats (APTs). As a result of these challenges, IoBT systems are the frequent targets of sophisticated cyber attack that aim to disrupt mission effectiveness.

2020-11-09
Muller, T., Walz, A., Kiefer, M., Doran, H. Dermot, Sikora, A..  2018.  Challenges and prospects of communication security in real-time ethernet automation systems. 2018 14th IEEE International Workshop on Factory Communication Systems (WFCS). :1–9.
Real-Time Ethernet has become the major communication technology for modern automation and industrial control systems. On the one hand, this trend increases the need for an automation-friendly security solution, as such networks can no longer be considered sufficiently isolated. On the other hand, it shows that, despite diverging requirements, the domain of Operational Technology (OT) can derive advantage from high-volume technology of the Information Technology (IT) domain. Based on these two sides of the same coin, we study the challenges and prospects of approaches to communication security in real-time Ethernet automation systems. In order to capitalize the expertise aggregated in decades of research and development, we put a special focus on the reuse of well-established security technology from the IT domain. We argue that enhancing such technology to become automation-friendly is likely to result in more robust and secure designs than greenfield designs. Because of its widespread deployment and the (to this date) nonexistence of a consistent security architecture, we use PROFINET as a showcase of our considerations. Security requirements for this technology are defined and different well-known solutions are examined according their suitability for PROFINET. Based on these findings, we elaborate the necessary adaptions for the deployment on PROFINET.
2020-11-04
Rajamäki, J., Nevmerzhitskaya, J., Virág, C..  2018.  Cybersecurity education and training in hospitals: Proactive resilience educational framework (Prosilience EF). 2018 IEEE Global Engineering Education Conference (EDUCON). :2042—2046.

Healthcare is a vital component of every nation's critical infrastructure, yet it is one of the most vulnerable sector for cyber-attacks. To enforce the knowledge on information security processes and data protection procedures, educational and training schemes should be establishedfor information technology (IT) staff working in healthcare settings. However, only training IT staff is not enough, as many of cybersecurity threats are caused by human errors or lack of awareness. Current awareness and training schemes are often implemented in silos, concentrating on one aspect of cybersecurity at a time. Proactive Resilience Educational Framework (Prosilience EF) provides a holistic cyber resilience and security framework for developing and delivering a multilateral educational and training scheme based on a proactive approach to cybersecurity. The framework is built on the principle that education and training must be interactive, guided, meaningful and directly relevant to the user' operational environment. The framework addresses capacity mapping, cyber resilience level measuring, utilizing available and mapping missing resources, adaptive learning technologies and dynamic content delivery. Prosilience EF launches an iterative process of awareness and training development with relevant stakeholders (end users - hospitals, healthcare authorities, cybersecurity training providers, industry members), evaluating the framework via joint exercises/workshops andfurther developing the framework.

Turkanović, M., Welzer, T., Hölbl, M..  2019.  An Example of a Cybersecurity Education Model. 2019 29th Annual Conference of the European Association for Education in Electrical and Information Engineering (EAEEIE). :1—4.

IT technology is a vital part of our everyday life and society. Additionally, as it is present in strategic domains like the military, healthcare or critical infrastructure, the aspect of protection, i.e. cybersecurity is of utmost importance. In recent years, the demand for cybersecurity experts is exponentially rising. Additionally, the field of cybersecurity is very much interdisciplinary and therefore requires a broad set of skills. Renowned organisations as ACM or IEEE have recognized the importance of cybersecurity experts and proposed guidelines for higher education training of such professionals. This paper presents an overview of a cybersecurity education model from the Information Systems and Information Technology perspective together with a good example and experience of the University of Maribor. The presented education model is shaped according to the guidelines by the Joint Task Force on Cybersecurity Education and the expectations of the Slovene industry regarding the knowledge and skills their future employees should possess.

2020-10-16
Tungela, Nomawethu, Mutudi, Maria, Iyamu, Tiko.  2018.  The Roles of E-Government in Healthcare from the Perspective of Structuration Theory. 2018 Open Innovations Conference (OI). :332—338.

The e-government concept and healthcare have usually been studied separately. Even when and where both e-government and healthcare systems were combined in a study, the roles of e-government in healthcare have not been examined. As a result., the complementarity of the systems poses potential challenges. The interpretive approach was applied in this study. Existing materials in the areas of healthcare and e-government were used as data from a qualitative method viewpoint. Dimension of change from the perspective of the structuration theory was employed to guide the data analysis. From the analysis., six factors were found to be the main roles of e-government in the implementation and application of e-health in the delivering of healthcare services. An understanding of the roles of e-government promotes complementarity., which enhances the healthcare service delivery to the community.

Sayed Javed, Ahmad.  2018.  Total e-Governance: Pros Cons. 2018 International Conference on Computational Science and Computational Intelligence (CSCI). :245—249.

"Good Governance" - may it be corporate or governmental, is a badly needed focus area in the world today where the companies and governments are struggling to survive the political and economical turmoil around the globe. All governments around the world have a tendency of expanding the size of their government, but eventually they would be forced to think reducing the size by incorporating information technology as a way to provide services to the citizens effectively and efficiently. Hence our attempt is to offer a complete solution from birth of a citizen till death encompassing all the necessary services related to the well being of a person living in a society. Our research and analysis would explore the pros and cons of using IT as a solution to our problems and ways to implement them for a best outcome in e-Governance occasionally comparing with the present scenario when relevant.