Filtry
wszystkich: 427
-
Katalog
Wyniki wyszukiwania dla: INFORMATION SECURITY
-
International Conference on Information Theoretic Security
Konferencje -
Computational Intelligence in Security for Information Systems
Konferencje -
International Conference on Security of Information and Networks
Konferencje -
International Conference on Information Systems Security
Konferencje -
Australian Information Warfare and Security Conference
Konferencje -
International Symposium on Information Assurance and Security
Konferencje -
International Workshop on Security in Information Systems
Konferencje -
Asia Conference on Information, Computer and Communications Security (ACM Symposium on Information, Computer and Communications Security)
Konferencje -
Immersive Technologies that Aid Additive Manufacturing Processes in CBRN Defence Industry
PublikacjaTesting unique devices or their counterparts for CBRN (C-chemical, B-biological, R-radiological, N-nuclear) defense relies on additive manufacturing processes. Immersive technologies aid additive manufacturing. Their use not only helps understand the manufacturing processes, but also improves the design and quality of the products. This article aims to propose an approach to testing CBRN reconnaissance hand-held products developed...
-
Workshop on Australasian Information Security, Data Mining and Web Intelligence, and Software Internationalisation
Konferencje -
International Workshop on Critical Information Infrastructures Security
Konferencje -
International Conference on Information Systems Security and Privacy
Konferencje -
Conference on Security in Network Architectures and Information Systems
Konferencje -
Joint Working Conference on Secure Information Networks: Communications and Multimedia Security
Konferencje -
Security Evaluation of IT Systems Underlying Critical Networked Infrastructures
PublikacjaCritical infrastructures have become highly dependent on information and communication technology (ICT). The drawback of this situation is that the consequences of disturbances of the underlying ICT networks may be serious as cascading effects can occur. This raises a high demand for security assurance, with a high importance assigned to security evaluations. In this paper we present an experiment-centric approach for the characterisation...
-
Cost assessment of computer security activities
PublikacjaComprehensive cost-benefit analysis plays a crucial role in the decision-making process when it comes to investments in information security solutions. The cost of breaches needs to be analysed in the context of spending on protection measures. However, no methods exist that facilitate the quick and rough prediction of true expenditures on security protection systems. Rafal Leszczyna of Gdansk University of Technology presents...
-
Agents in Simulation of Cyberattacks to Evaluate Security of Critical Infrastructures
PublikacjaIn the last years critical infrastructures have become highly dependent on the information technologies and exposed to cyberattacks. Because the effects of the attacks can be detrimental, it is crucial to comprehensively asses the security of the infrastructures' information systems. This chapter describes MAlSim - the simulator of malicious software based on software agents, developed for the needs of a testbed for critical infrastructures...
-
Rafał Leszczyna dr hab. inż.
OsobyDr hab. inż. Rafał Leszczyna jest profesorem uczelni na Wydziale Zarządzania i Ekonomii Politechniki Gdańskiej. W lipcu 2020 r., na podstawie osiągnięcia naukowego w obszarze zarządzania cyberbezpieczeństwem infrastruktur krytycznych w sektorze elektroenergetycznym, uzyskał stopień doktora habilitowanego w dziedzinie nauk inżynieryjno-technicznych, dyscyplina informatyka techniczna i telekomunikacja. W latach 2004–2008 pracował...
-
Determining and verifying the safety integrity level with security aspects
PublikacjaSafety and security aspects consist of two different group of functional requirements for the control and protection systems. It is the reason why the analyses of safety and security shouldnt be integrated directly. The paper proposes extension of the currently used methods of functional safety analyses. It can be done with inclusion of the level of information security assigned to the technical system. The article addresses some...
-
Security Assessment of a Turbo-Gas Power Plant
PublikacjaCritical infrastructures are exposed to new threats due to the large number of vulnerabilities and architectural weaknesses introduced by the extensive use of information and communication technologies. This paper presents the results of an exhaustive security assessment for a turbo-gas power plant.
-
Integrated functional safety and cyber security analysis
PublikacjaThe chapter is devoted some important issues of the functional safety analysis, in particular the safety integrity level (SIL) verification of safety functions to be implemented within the distributed control and protection systems with regard to security aspects. A method based on quantitative and qualitative information is proposed for the SIL (IEC 61508, 61511) verification with regard of the evaluation assurance levels (EAL)...
-
A Set of Experience-Based Smart Synergy Security Mechanism in Internet of Vehicles
PublikacjaIn this article, we introduce a novel security mechanism, the Smart Synergy Security (3S). The mechanism uses the Set of Experience Knowledge Structure (SOEKS) and the synergy of security methods in different domains to provide the global optimal security strategy. The proposed strategy is taking into account the characteristics of information security (i.e. confidentiality, integrity, availability, controllability, and reviewability)...
-
Security ontology construction and integration
PublikacjaThere are many different levels on which we can examine security. Each one is different from others, all of them are dependent on the context. Hence the need to bear additional knowledge enabling efficient utilization of the knowledge by the computers. Such information can be provided by ontologies. The paper presentsgathered requirements needed to be taken into account when creating an ontology. The method of ontology creation...
-
Wybrane problemy ochrony żeglugi (Maritime Security)
Publikacjaprzedstawiono zagadnienia ochrony żeglugi w aspekcie uwarunkowań związanych z radiokomunikacją morską. Opisano Międzynarodowy Kodeks Ochrony Statków i Urządzeń Portowych - ISPS (International Ship and Port Facility Security Code) i Statkowy System Alarmowania - SSAS (Ship Security Alert System) oraz także scharakteryzowano system AIS (Automated Information System) i System Identyfikacji i Śledzenia Dalekiego Zasięgu - LRIT (Long...
-
Jerzy Konorski dr hab. inż.
OsobyJerzy Konorski otrzymał tytuł mgr inż. telekomunikacji na Poitechnice Gdańskiej, zaś stopień doktora n.t. w dyscyplinie informatyka w Instytucie Podstaw Informatyki PAN. W r. 2007 obronił rozprawę habilitacyjną na Wydziale Elektroniki, Telekomnikacji i Informatyki PG. Jest autorem ponad 150 publikacji naukowych, prowadził projekty naukowo-badawcze finansowane ze środków Komitetu Badań Naukowych, UE, US Air Force Office of Scientific...
-
User Trust Levels and Their Impact on System Security and Usability
PublikacjaA multilateral trust between a user and a system is considered. First of all we concentrate on user trust levels associated with the context-oriented CoRBAC model. Consequently, there were computed user profiles on the basis of its implementation in the information processing system “My GUT”. Furthermore, analysis of these profiles and the impact of user trust levels on system security and usability have been discussed.
-
Integrated approach for functional safety and cyber security management in maritime critical infrastructures
PublikacjaThe work is devoted important issues of the management in maritime critical infrastructure of functional safety analysis, in particular the safety integrity level (SIL) verification of safety functions to be implemented within the distributed control and protection systems with regard to cyber security aspects. A method based on quantitative and qualitative information is proposed for the SIL (IEC 61508, 61511) verification with...
-
Redesign of the Research Platform for Monitoring, Control and Security of Critical Infrastructure Systems
PublikacjaCritical Infrastructure Systems (CISs) play a key role in modern societies. Their sustainable operation depends heavily on the performance of dedicated structures and algorithms targeting monitoring, control and security aspects. In previous work a Research Platform (RP) for the design and simulation of such systems was presented. This works updates the information on the RP through the description of major hardware and software...
-
Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments
Publikacja[Context] The goal of security is to protect digital assets, devices, and services from being disrupted, exploited or stolen by unauthorized users. It is also about having reliable information available at the right time. [Motivation] Since the inception in 2009 of the first cryptocurrency, few studies have been undertaken to analyze and review the state-of-the-art research and current developments with respect to the security...
-
Mobile Security: Threats and Best Practices
PublikacjaCommunicating mobile security threats and best practices has become a central objective due to the ongoing discovery of new vulnerabilities of mobile devices. To cope with this overarching issue, the goal of this paper is to identify and analyze existing threats and best practices in the domain of mobile security. To this extent, we conducted a literature review based on a set of keywords. The obtained results concern recognizable...
-
Simulating Malware with MAlSim
PublikacjaThis paper describes MAlSim - Mobile Agent Malware Simulator - a mobile agent framework developed to address one of the most important problems related to the simulation of attacks against information systems i.e. the lack of adequate tools for reproducing behaviour of malicious software (malware). The framework can be deployed over the network of an arbitrary information system and it aims at simulating behaviour of each instance...
-
Simulating malware with MAlSim
PublikacjaThis paper describes MAlSim - Mobile Agent Malware Simulator - a mobile agent framework developed to address one of the most important problems related to the simulation of attacks against information systems, i.e. the lack of adequate tools for reproducing behaviour of malicious software (malware). The framework can be deployed over the network of an arbitrary information system and it aims at simulating behaviour of each instance...
-
Secure access control and information protection mechanisms in radio system for monitoring and acquisition of data from traffic enforcement cameras
PublikacjaThe study presents the architecture of the Radio System for Monitoring and Acquisition of Data from Traffic Enforcement Cameras (in short: RSMAD), particularly concerning access control and protection of confidential data. RSMAD security structure will be discussed in relation to network security issues. Additionally, the paper presents the results of the work associated with the modelling of potential threats to system security.
-
Information-driven network resilience: Research challenges and perspectives
PublikacjaInternet designed over 40 years ago was originally focused on host-to-host message delivery in a best-effort manner. However, introduction of new applications over the years have brought about new requirements related with throughput, scalability, mobility, security, connectivity, and availability among others. Additionally, convergence of telecommunications, media, and information technology was responsible for transformation...
-
Safety integrity level verification for safety-related functions with security aspects
PublikacjaThe article is devoted some important issues of the functional safety analysis, in particular the safetyintegrity level (SIL) verification of safety functions to be implemented within the distributed controland protection systems with regard to cyber security aspects. The procedure for functional safety man-agement includes hazard identification, risk analysis and assessment, specification of overall safetyrequirements and definition...
-
Clustering Context Items into User Trust Levels
PublikacjaAn innovative trust-based security model for Internet systems is proposed. The TCoRBAC model operates on user profiles built on the history of user with system interaction in conjunction with multi-dimensional context information. There is proposed a method of transforming the high number of possible context value variants into several user trust levels. The transformation implements Hierarchical Agglomerative Clustering strategy....
-
Threat intelligence platform for the energy sector
PublikacjaIn recent years, critical infrastructures and power systems in particular have been subjected to sophisticated cyberthreats, including targeted attacks and advanced persistent threats. A promising response to this challenging situation is building up enhanced threat intelligence that interlinks information sharing and fine-grained situation awareness. In this paper a framework which integrates all levels of threat intelligence...
-
Janusz Górski prof. dr hab. inż.
Osoby -
Systems engineering approach to functional safety and cyber security of industrial critical installations
PublikacjaThis chapter addresses the systems engineering approach to integrated functional safety and cybersecurity analysis and management regarding selected references, standards and requirements concerning critical installations and their industrial automation and control system (IACS). The objective is to mitigate the vulnerability of industrial installations that include the information technology (IT) and the operational technology...
-
Systems engineering approach to functional safety and cyber security of industrial critical installations
PublikacjaThis chapter addresses the systems engineering approach to integrated functional safety and cybersecurity analysis and management regarding selected references, standards and requirements concerning critical installations and their industrial automation and control system (IACS). The objective is to mitigate the vulnerability of industrial installations that include the information technology (IT) and the operational technology...
-
Enhancing Security of Advanced Metering Infrastructure by Introducing Threshold Attendance Protocol
PublikacjaThe industry pushes towards smart grid systems in order to resolve current limitations of the unidirectional legacy power grid infrastructure. By introducing Advanced Metering Infrastructure (AMI) as an integral part of the smart grid solution, the utility company obtains an invaluable tool to optimize its network, lower the operational costs, and improve quality of service. Unfortunately, introducing two-way communication poses...
-
AUTONOMOUS PLATFORM TO PROTECT MARITIME INFRASTRUCTURE FACILITIES
PublikacjaProblems regarding the security of maritime infrastructure, especially harbours and offshore infrastructure, are currently a very hot topic. Due to these problems, there are some research projects in which the main goal is to decrease the gap and improve the methods of observation in the chosen area, for both in-air and underwater areas. The main goal of the paper is to show a new complex system for improving the security of the...
-
Situational Awareness Network for the Electric Power System: the Architecture and Testing Metrics
PublikacjaThe contemporary electric power system is highly dependent on Information and Communication Technologies which results in its exposure to new types of threats, such as Advanced Persistent Threats (APT) or Distributed-Denial-of-Service (DDoS) attacks. The most exposed components are Industrial Control Systems in substations and Distributed Control Systems in power plants. Therefore, it is necessary to ensure the cyber security of...
-
Business continuity management framework for Industry 4.0 companies regarding dependability and security of the ICT and ICS/SCADA system
PublikacjaThis chapter addresses a business continuity management (BCM) framework for the Industry 4.0 companies including the organizational and technical solutions, regarding the dependability and security of the information and telecommunication technology (ICT), and the industrial control system (ICS) / supervisory control and data acquisition (SCADA) system. These technologies and systems play nowadays important roles in modern advanced...
-
Evaluation of Open Source SIEM for Situation Awareness Platform in the Smart Grid Environment
PublikacjaThe smart grid as a large-scale system of systems has an exceptionally large surface exposed to cyber-attacks, including highly evolved and sophisticated threats such as Advanced Persistent Threats (APT) or Botnets. When addressing this situation the usual cyber security technologies are prerequisite, but not sufficient. The smart grid requires developing and deploying an extensive ICT infrastructure that supports significantly...
-
Paweł Lubomski dr inż.
OsobyAbsolwent Politechniki Gdańskiej. Po zebraniu doświadczeń jako analityk systemowy i biznesowy w dużych korporacjach IT wrócił na uczelnię, gdzie aktualnie pracuje na stanowisku Dyrektora Centrum Usług Informatycznych. Naukowo specjalizuje się w zagadnieniach bezpieczeństwa i niezawodności dużych rozproszonych systemów usługowych oraz budową bezpiecznych i wydajnych architektur IT, a także projektowania architektur chmurowych oraz...
-
ENISA Study: Challenges in Securing Industrial Control Systems
PublikacjaIn 2011, the European Network and Information Security Agency (ENISA) conducted a study in the domain of Industrial Control Systems (ICS). Its objective was to obtain the current view on the ICS protectionprimarily in Europe but also in the international context. The portrait' included threats, risks, and challenges in the area of ICS protection as well as national, pan European, and international initiatives on ICS security. The...
-
Horizon Europe proposals - Administrative Part
Dane BadawczeThe dataset contains data collected during the HE National Contact Point training on Oct. 12, 2022, reg. the administrative part of Horizon Europe grant proposals. The data set includes presentations concerning administrative forms of 2022 proposals and their content, including participant data; information about abstract writing, keyword choice and...
-
Cybersecurity and Privacy in Standards for Smart Grids – a Comprehensive Survey
PublikacjaResilient information and communications technologies are a prerequisite for reliable operation of smart grid. In recent years, many standards for the new form of electricity network have been proposed, which results in operators and other smart grid stakeholders having difficulties in finding the documents which can be related to their particular problems. The purpose of this paper is to bring in all smart grid standards that...
-
Koncepcja platformy wymiany informacji o incydentach cyberbezpieczeństwa dla krajowego systemu elektroenergetycznego
PublikacjaArtykuł opisuje wybrane zagadnienia związane z cyberbezpieczeństwem w sektorze elektroenergetyki. Jednym z elementów zapewniania bezpieczeństwa sieci elektro-energetycznej jest efektywna wymiana informacji o incydentach bezpieczeństwa. W jej ramach wszystkie zaangażowane podmioty systemu elektroenergetycznego, tj.: elektrownie, operatorzy systemów przesyłowych, operatorzy systemów dystrybucyjnych, dostawcy rozwiązań bezpieczeństwa,...