Wyszukiwarka
Wyniki wyszukiwania dla: SECURITY ASSESSMENT
-
Supporting Cybersecurity Compliance Assessment of Industrial Automation and Control System Components
PublikacjaThe chapter presents a case study demonstrating how security requirements of an Industrial Automation and Control System (IACS) component can be represented in a form of Protection Profile that is based on IEC 62443 standards and how compliance assessment of such component can be supported by explicitly representing a conformity argument in a form based on the OMG SACM meta-model. It is also demonstrated how an advanced argument...
-
Automatic sound recognition for security purposes
PublikacjaIn the paper an automatic sound recognition system is presented. It forms a part of a bigger security system developed in order to monitor outdoor places for non-typical audio-visual events. The analyzed audio signal is being recorded from a microphone mounted in an outdoor place thus a non stationary noise of a significant energy is present in it. In the paper an especially designed algorithm for outdoor noise reduction is presented,...
-
A sense of security and freedom in a residential environment
PublikacjaThe article is based on the results of a survey carried out among students of architecture faculties in several countries, which examined the students’ knowledge of shaping the housing environment in such a way as to enable them to fulfil two basic and, at the same time, seemingly mutually exclusive psychological needs of a person: a sense of security and a sense of freedom. In examining these issues, particular emphasis was placed...
-
Energy Security of Polish Consumers in 2004-2021
PublikacjaTheoretical background: Energy security is one of the most important components of economic security. It is influenced not only by access to energy sources and the economic situation of the state and the individual consumer. The authors adopted the definition of energy security of an individual consumer as included in the UN report. It states that energy security of an individual consumer is guaranteed when the average consumer...
-
Practical Evaluation of Internet Systems' Security Mechanisms
PublikacjaA proposed Internet systems security layer with context-oriented security mechanisms reduces the risk associated with possible vulnerabilities. A metric of the system trust level is proposed, and then evaluated according to a university Internet system.
-
Some Security Features of Selected IoT Platforms
PublikacjaIoT (Internet of Things) is certainly one of the leading current and future trends for processing in the current distributed world. It is changing our life and society. IoT allows new ubiquitous applications and processing, but, on the other hand, it introduces potentially serious security threats. Nowadays researchers in IoT areas should, without a doubt, consider and focus on security aspects. This paper is aimed at a high-level...
-
Security Information Sharing for the Polish Power System
PublikacjaThe Polish Power System is becoming increasingly more dependent on Information and Communication Technologies which results in its exposure to cyberattacks, including the evolved and highly sophisticated threats such as Advanced Persistent Threats or Distributed Denial of Service attacks. The most exposed components are SCADA systems in substations and Distributed Control Systems in power plants. When addressing this situation...
-
Wybrane problemy ochrony żeglugi (Maritime Security)
Publikacjaprzedstawiono zagadnienia ochrony żeglugi w aspekcie uwarunkowań związanych z radiokomunikacją morską. Opisano Międzynarodowy Kodeks Ochrony Statków i Urządzeń Portowych - ISPS (International Ship and Port Facility Security Code) i Statkowy System Alarmowania - SSAS (Ship Security Alert System) oraz także scharakteryzowano system AIS (Automated Information System) i System Identyfikacji i Śledzenia Dalekiego Zasięgu - LRIT (Long...
-
CIP Security Awareness and Training: Standards and Practice
PublikacjaThese are critical infrastructure employees who have access to the critical cyber assets in the first place. This situation is well recognized by international and national standardization bodies which recommend security education, training and awareness as one of the key elements of critical infrastructure protection. In this chapter the standards are identified and their relevant areas are described. A practical implementation...
-
CIP Security Awareness and Training: Standards and Practice
PublikacjaThese are critical infrastructure employees who have access to the critical cyber assets in the first place. This situation is well recognised by international and national standardisation bodies which recommend security education, training and awareness as one of the key elements of critical infrastructure protection. In this chapter the standards are identified and their relevant areas are described. A practical implementation...
-
Indo-French Defence and Security Partnership
Publikacja -
The Impact of Terrorism on International Peace and Security
Publikacja -
Aspects of maritime security and safety of Poland
PublikacjaReferat przedstawia wybrane aspekty morskiego bezpieczeństwa Polski. Prezentacja problematyki jest ukierunkowana na problemy techniczne związane z bezpieczeństwem, pozostawiając na uboczu problemy prawne, logistyczne i społeczne. Na wstępie przedstawiono analizę zagrożeń dla bezpieczeństwa Bałtyku. Następnie opisano wybrane instytucje odpowiedzialne za morskie bezpieczeństwo Polski, ze szczegółowym uwzględnieniem Morskiej Straży...
-
An integrated method for security protocols analysis
Publikacja -
Architecture supporting security of agent systems
PublikacjaW rozprawie zaproponowano nową architekturę bezpieczeństwa wspomagającą anonimowość w systemach agentowych. Moduł I architektury zapewnia funkcjonalność protokołu ochrony przed tropieniem (ang. untraceability), z tą zaletą, że nie wprowadza ograniczeń wobec agentów samodzielnie ustalających trasę własnej wędrówki. Stanowi rdzeń architektury, który zaimplementowano jako rozszerzenie platformy agentowej JADE, udostępniane publicznie...
-
Determining and verifying the safety integrity level with security aspects
PublikacjaSafety and security aspects consist of two different group of functional requirements for the control and protection systems. It is the reason why the analyses of safety and security shouldnt be integrated directly. The paper proposes extension of the currently used methods of functional safety analyses. It can be done with inclusion of the level of information security assigned to the technical system. The article addresses some...
-
Adapting Agile Practices to Security Context – Practitioners’ Perspective
PublikacjaIn this paper we explore the problem of introducing agile practices to projects dealing with systems with high security requirements. We also propose an approach based on AgileSafe method and OWASP ASVS guidelines, that could support such introduction. What is more, we present the results of two surveys aimed at analyzing IT practitioners’ views on applying agile methods to security reliant systems as well as evaluating the set...
-
Portable raman spectrometer for maritime security applications
PublikacjaThe fast identification of explosives, narcotics and other chemicals carried on board of ships or transported in containers to the harbors is an important problem of maritime security. Raman spectroscopy is widely used for fast identification of various chemicals. Continuous progress in the field of photonics has resulted in commercial availability of low-power compact Raman spectrometers which can be integrated into portable systems....
-
Managing the security vulnerabilities of critical systems and hazardous plants
PublikacjaRozdział poświęcono aktualnym problemom zarządzania ochroną obiektów podwyższonego ryzyka jako ważnych systemów infrastruktury krytycznej. Zarządzanie odpornością na ataki takich obiektów jest oparte na ocenach ryzyka. Podkreśla się, że występują ważne instalacje i systemy wymagające specjalnej uwagi i zabezpieczeń, szczególnie systemy kontroli dostępu do sterowni i urządzeń komunikacji. Opisuje się przykładowe technologie ochrony....
-
Security-oriented agile approach with AgileSafe and OWASP ASVS
PublikacjaIn this paper we demonstrate a security enhancing approach based on a method called AgileSafe that can be adapted to support the introduction of OWASP ASVS compliant practices focused on improving security level to the agile software development process. We also present results of the survey evaluating selected agile inspired security practices that can be incorporated into an agile process. Based on the survey’s results, these...
-
Integrated monitoring, control and security of Critical Infrastructure Systems
PublikacjaModern societies have reached a point where everyday life relies heavily on desired operation of critical infrastructures, in spite of accidental failures and/or deliberate attacks. The issue of desired performance operation of CIS at high security level receives considerable attention worldwide. The pioneering generic methodologies and methods are presented in the paper project for designing systems capable of achieving these...
-
User Trust Levels and Their Impact on System Security and Usability
PublikacjaA multilateral trust between a user and a system is considered. First of all we concentrate on user trust levels associated with the context-oriented CoRBAC model. Consequently, there were computed user profiles on the basis of its implementation in the information processing system “My GUT”. Furthermore, analysis of these profiles and the impact of user trust levels on system security and usability have been discussed.
-
Software modules and application layer's security structure of RSMAD
PublikacjaThe paper discusses the software modules of Radio System for Monitoring and Acquisition of Data from Traffic Enforcement Cameras (in short RSMAD). The structure of the application layer of the system has also been analysed in details, including: purpose, structure and principles of operation of software modules constituting this system. In addition, the paper presents and discusses the structure of security of application layer...
-
Supporting Compliance with Security Standards by Trust Case Templates
PublikacjaTrust Cases are used to justify that a given object (a system, an infrastructure, an organization) exhibits certain properties. One of possible applications of trust cases is related to the processes of achieving and demonstrating the compliance with standards. A Trust Case Template derived from a given standard constitutes a skeleton of justification (encompassing evidence and argumentation) of the compliance with the standard....
-
Anti-theft lab security system based on RFID
PublikacjaThe aim of the project is to design and create an electronic system, which can be used to protect laboratory equipment against theft. The main task of the system is to warn a person responsible for the facilities about any attempts made to steal equipment from a laboratory. In a case of an alarm situation, the system emits a sound signal. The concept of the anti-theft security system based on RFID was developed on the basis of...
-
Sectarianism as a Factor Shaping Persian Gulf Security
Publikacja -
Hierarchical approach to security monitoring and risk evaluation
PublikacjaPrzedstawiono problemy bezpieczeństwa sieciowego z uwzględnieiem metod szacowania i oceny bezpieczeństwa w skali lokalnej i globalnej. Podano przykłady analizy 3 systemów wraz z wnioskami oraz sugestie dotyczące trendów przyszłościowych.
-
Functional safety and security management in critical systems
PublikacjaGłównym celem referatu jest przedstawienie wybranych kwestii zarządzania bezpieczeństwem i ochroną w systemach podwyższonego ryzyka i systemach krytycznych. Zarysowuje się kilka praktycznych problemów analizy bezpieczeństwa funkcjonalnego w celu podejmowania decyzji zgodnie z normami międzynarodowymi IEC 61508 i IEC 61511. Podkreśla się, że aspekty związane z ochroną powinny być starannie rozpatrzone zarówno w fazie projektowania,...
-
Web-based marine gis for littoral security
PublikacjaW artykule opisano koncepcję oraz przykładowe zastosowania systemu informacji geograficznej umożliwiającego zbieranie, przetwarzanie, integrowanie oraz wizualizację danych pochodzących z pomiarów bezpośrednich, obrazów lotniczych i satelitarnych oraz systemów hydroakustycznych.Przedstawiono przykłady zastosowania systemu w dziedzinie ochrony strefy przybrzeżnej takie, jak: -monitoring rozprzestrzeniania wylewu olejowego, -monitoring...
-
Lab security improvement using RFID technologies
PublikacjaTechnologia RFID stanowi nie tylko technologię bliźniaczą w stosunku do kodów paskowych, ale posiada również dodatkowe cechy takie jak zdalna identyfikacja przy użyciu fal radiowych. Technologia ta staje się coraz bardziej dostępna i koszty jej wdrożenia są coraz mniejsze. W artykule przedstawiono wykorzystanie technologii RFID do ochrony sprzętu laboratoryjengo przed kradzieżą. Zawarto opis laboratorium wyposażonego w urządzenia...
-
Network-centric warfare: a strategy for homeland security
PublikacjaPojawienie się międzynarodowego terroryzmu skutkuje nowym podejście do identyfikacji potencjalnych zagrożeń dla bezpieczeństwa krajowego. Powstał strategiczny dylemat - jak zidentyfikować przeciwnika? Utworzono pojęcie asymetrycznego zagrożenia i, w konsekwencji, asymetrycznej wojny. Z dużym prawdopodobieństwem można założyć, że kolejne zagrożenia będą dotyczyć takich elementów krajowej infrastruktury, jak źródła energii, elektrownie,...
-
The Sense of Security of the Prison Service Offi cers
Publikacja -
Water resources security and management for sustainable communities
Publikacja -
Climate Changes in Southeastern Poland and Food Security
Publikacja -
Security level estimation as a function of residual risks
PublikacjaArtykuł przedstawia sposób oceny poziomu bezpieczeństwa organizacji IT w oparciu o metodę oceny ryzyka. Opisane są podstawowe kroki wspomnianej metody, proponowane rozwiązania i zastosowania. Zaproponowano prosty sposób oceny bezpieczeństwa systemów informatycznych organizacji w oparciu o wielkość wyznaczoną na podstawie wyliczonego ryzyka rezydualnego tychże systemów.
-
Data Model Development for Security Information Sharing in Smart Grids
PublikacjaThe smart grid raises new security concerns which require novel solutions. It is commonly agreed that to protect the grid, the effective collaboration and information sharing between the relevant stakeholders is prerequisite. Developing a security information sharing platform for the smart grid is a new research direction which poses several challenges related to the highly distributed and heterogeneous character of the grid. In...
-
Evaluating Security and Resilience of Critical Networked Infrastructures after Stuxnet
PublikacjaThe chapter presents the current configuration of the simulation environment for the evaluations of the security and resilience of critical networked infrastructures, which enables simulations of Stuxnet-like attacks. The configuration includes new features added to the MAlSim - Mobile Agent Malware Simulator after the advent of Stuxnet in reference to the experiments aiming at the security evaluation of a power plant which we...
-
China-Russia Bilateral Security and Military Partnership in Changing World Order: Security Challenges for the United States of America in Asia and Beyond
Publikacja -
Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments
Publikacja[Context] The goal of security is to protect digital assets, devices, and services from being disrupted, exploited or stolen by unauthorized users. It is also about having reliable information available at the right time. [Motivation] Since the inception in 2009 of the first cryptocurrency, few studies have been undertaken to analyze and review the state-of-the-art research and current developments with respect to the security...
-
Towards systemic functional safety and security management in hazardous plants
PublikacjaThe aim of this article is to identify and discuss some issues related to functional safety and security management in hazardous industrial plants. The safety functions are to be realised using the electric / electronic / programmable electronic systems (E/E/PESs) or the safety instrumented systems (SISs) that are designed and operated respectively according to IEC 61508 and IEC 61511 requirements in life cycle. Although the role...
-
Security of export transactions in the offer of leading banks on the Polish market
PublikacjaThe following article presents the so-called conditioned payment methods, i.e. instruments for securing export transactions, such as letter of credit, documentary collection, bank guarantees, factoring and forfaiting. The characteristics of each particular method are presented as well as the transactions using them are described. In the following paper, the author included also the leading Polish banks, which offer the above- mentioned...
-
Research Platform for Monitoring, Control and Security of Critical Infrastructure Systems
PublikacjaSustainable operation of Critical Infrastructure Systems (CISs) is of a major concern to modern societies. Monitoring, control and security of such systems plays a key role in guaranteeing continuous, reliable and above all secure access to the resources provided by these systems. Development of adequate software and hardware structures, as well as algorithms to perform such functions cannot be done apart from the operational conditions...
-
A Set of Experience-Based Smart Synergy Security Mechanism in Internet of Vehicles
PublikacjaIn this article, we introduce a novel security mechanism, the Smart Synergy Security (3S). The mechanism uses the Set of Experience Knowledge Structure (SOEKS) and the synergy of security methods in different domains to provide the global optimal security strategy. The proposed strategy is taking into account the characteristics of information security (i.e. confidentiality, integrity, availability, controllability, and reviewability)...
-
PUBLIC SOURCES OF FINANCE FOR CULTURE AS AN ELEMENT OF CULTURAL SECURITY IN POLAND
PublikacjaCulture is an important element of the country, playing an important role both for its security and the economy. It cannot be only seen as a cost-creating sector, but may be a significant factor in economic development. For this to happen, it is necessary to create a system of financing this economic sector. This article’s aim is to analyze the use of funds from public sources in Poland to finance culture-related activities. The...
-
Application of BAN Network to Increase Security in Transport Systems
PublikacjaIn the article general characteristics of the BAN network with M2M communications are presented. These are networks that enable the implementation of wireless transmission of signals using special sensors located on the body or implanted subcutaneously. These sensors allow monitoring of different type life parameters of a human. In the next part of work there is proposed the implementation of BAN networks to transport systems as...
-
Challenges in security and safety management of critical systems and infrastructures
PublikacjaReferat poświęcono aktualnym problemom zarządzania bezpieczeństwem systemów i infrastruktur krytycznych. Infrastruktury krytyczne szereguje się z uwzględnieniem kilku kryteriów. Zarysowuje się problematykę zarządzania podatnością obiektów podwyższonego ryzyka na działania z zewnątrz oraz zagadnienie analizy ryzyka na przykładzie systemu elektroenergetycznego. W końcowej części referatu opisuje się nowe wyzwania związane z zarządzaniem...
-
Cryptographic Protocols' Performance and Network Layer Security of RSMAD
PublikacjaW artykule omówiono architekturę bezpieczeństwa warstwy sieciowej Radiowego Systemu Monitorowania i Akwizycji Danych z urządzeń fotoradarowych (w skrócie RSMAD). Bezpieczeństwo w warstwie sieciowej tego systemu jest zapewniane przede wszystkim dzięki wykorzystaniu Virtual Private Network (w skrócie VPN). W tym celu zaimplementowano dwa protokoły IPsec i L2TP.Zastosowane mechanizmy ochrony danych, w tym typy i parametry VPNów zostały...
-
Safety and security governance problems of critical systems and infrastructures
PublikacjaW artykule przedstawiono kilka problemów związanych z zarządzaniem bezpieczeństwem i ochroną informacji w systemach i infrastrukturach krytycznych.Bardzo ważne jest zidentyfikowanie i scharakteryzowanie infrastruktury krytycznej. Przedstawiono nowe wyzwania związane z łączeniem podejścia bezpieczeństwa i ochrony informacji w procesie podejmowania decyzji
-
Selected Methods For Increases Reliability The Of Electronic Systems Security
Publikacja -
Integrated safety and security analysis of hazardous plants and systems of critical infrastructure
PublikacjaThis article addresses an integrated safety and security analysis approach of hazardous industrial plants and systems of critical infrastructure. Nowadays due to new hazards that emerge there are opinions among experts that these issues require an integrated approach in life cycle, from the design concept, through the design and operation of the plant, to its decommissioning. It is proposed to start from an interesting methodology...