Enhancing ecological security for sustainable social,economic,and environmental development is a key focus of current research and a practical necessity for ecological management.However,the integration of retrospecti...Enhancing ecological security for sustainable social,economic,and environmental development is a key focus of current research and a practical necessity for ecological management.However,the integration of retrospective ecological security assessments with future trend predictions and fine-scale targeted regulations remains inadequate,limiting effective ecological governance and sustainable regional development.Guided by Social-Economic-Natural Complex Ecosystems(SENCE)theory,this study proposes an analytical framework that integrates ecological security assessment,prediction,and zoning management.The Daqing River Basin,a typical river basin in the North China Plain,was selected as a case study.The results indicate that overall ecological security in the Daqing River Basin improved from a“Moderate”level to a“Relatively Safe”level between 2000 and 2020;however,spatial heterogeneity persisted,with higher ecological security in northwestern and eastern regions and lower ecological security in the central region.Approximately 62% of the Basin experienced an improvement in ecological security level,except in the major urban areas of Beijing,Tianjin,and Hebei,where ecological security deteriorated.From 2025 to 2040,the overall ecological security of the Daqing River Basin is expected to improve and remain at the“Relatively Safe”level.However,spatial heterogeneity will be further aggravated as the ecological security of major urban areas continues to deteriorate.Ecological security management zones and regulation strategies are proposed at the regional and county scales to emphasize integrated regulation for the entire basin and major urban areas.The proposed analytical framework provides valuable insights for advancing theoretical research on ecological security.The case study offers a practical reference for ecological security enhancement in river basins and other regions facing significant human-land conflicts.展开更多
Against the backdrop of intensifying global water scarcity,reclaimed water reuse has emerged as a critical strategy for ecological replenishment of landscape water bodies.However,its potential ecological risks remain ...Against the backdrop of intensifying global water scarcity,reclaimed water reuse has emerged as a critical strategy for ecological replenishment of landscape water bodies.However,its potential ecological risks remain underexplored.This study aims to establish a multidimensional ecological safety evaluation framework for reclaimed water replenishment systems and propose hierarchical risk prevention strategies.By integrating ecotoxicological assays(algae growth inhibition,Daphnia behavioral anomalies,zebrafish embryo toxicity),multimedia exposure modeling,and Monte Carlo probabilistic simulations,the risk contributions and spatial heterogeneity of typical pollutants are quantitatively analyzed.Results revealed that sulfamethoxazole(RQ=2.3)and diclofenac(RQ=1.8)posed high ecological risks,with their effects nonlinearly correlated with hydraulic retention time(HRT<3 days)and nutrient loading(TN>1.2 mg/L).A three-tier risk prevention system was developed based on the“source-pathway-receptor”framework:ozone-activated carbon pretreatment achieved 85%removal efficiency for pharmaceutical contaminants,ecological floating beds enhanced nitrogen and phosphorus retention by 40%-60%,and hydraulic regulation(flow velocity>0.1 m/s)effectively suppressed pathogen proliferation.The innovation of this study lies in establishing a chemical-biological-hydrological coupled risk quantification model for reclaimed water reuse scenarios.The hierarchical prevention standards have been incorporated into local reclaimed water management regulations,providing a scientific foundation and technical paradigm for sustainable landscape water replenishment.展开更多
Energy access remains a critical challenge in rural South Sudan,with communities heavily relying on expensive and unfriendly environmental energy sources such as diesel generators and biomass.This study addresses the ...Energy access remains a critical challenge in rural South Sudan,with communities heavily relying on expensive and unfriendly environmental energy sources such as diesel generators and biomass.This study addresses the predicament by evaluating the feasibility of renewable energy-based decentralized electrification in the selected village ofDoleibHill,UpperNile,South Sudan.Using a demand assessment and theMulti-Tier Framework(MTF)approach,it categorizes households,public facilities,private sector,Non-GovernmentalOrganizations(NGOs)and business energy needs and designs an optimized hybrid energy system incorporating solar Photovoltaic(PV),wind turbines,batteries,and a generator.The proposed system,simulated in Hybrid Optimization Model Electric Renewable(HOMER)Pro,demonstrates strong economic viability,with a present worth of$292,145,an annual worth of$22,854,a return on investment(ROI)of 36.5%,and an internal rate of return(IRR)of 42.1%.The simple payback period is 2.31 years,and the discounted payback period is 2.62 years.The system achieves a levelized cost of energy(LCOE)of$0.276/kWh and significantly reduces dependence on diesel,producing 798,800 kWh annually fromwind energy.This research provides a replicable model for cost-effective,sustainable rural electrification,offering valuable insights for policymakers and energy planners seeking to expand electricity access in off-grid communities.展开更多
This research aims to propose a practical framework designed for the automatic analysis of a product’s comprehensive functionality and security vulnerabilities,generating applicable guidelines based on real-world sof...This research aims to propose a practical framework designed for the automatic analysis of a product’s comprehensive functionality and security vulnerabilities,generating applicable guidelines based on real-world software.The existing analysis of software security vulnerabilities often focuses on specific features or modules.This partial and arbitrary analysis of the security vulnerabilities makes it challenging to comprehend the overall security vulnerabilities of the software.The key novelty lies in overcoming the constraints of partial approaches.The proposed framework utilizes data from various sources to create a comprehensive functionality profile,facilitating the derivation of real-world security guidelines.Security guidelines are dynamically generated by associating functional security vulnerabilities with the latest Common Vulnerabilities and Exposure(CVE)and Common Vulnerability Scoring System(CVSS)scores,resulting in automated guidelines tailored to each product.These guidelines are not only practical but also applicable in real-world software,allowing for prioritized security responses.The proposed framework is applied to virtual private network(VPN)software,wherein a validated Level 2 data flow diagram is generated using the Spoofing,Tampering,Repudiation,Information Disclosure,Denial of Service,and Elevation of privilege(STRIDE)technique with references to various papers and examples from related software.The analysis resulted in the identification of a total of 121 vulnerabilities.The successful implementation and validation demonstrate the framework’s efficacy in generating customized guidelines for entire systems,subsystems,and selected modules.展开更多
An integrated security framework for a semantic web is proposed based on the social intelligence of an individual's avoiding harm and preserving transaction logic-integrity. The framework extends the semantic web mod...An integrated security framework for a semantic web is proposed based on the social intelligence of an individual's avoiding harm and preserving transaction logic-integrity. The framework extends the semantic web model and controls the dynamic security of semantic web services, such as trust, logic and reasoning. It includes four layers, that is, a trust entrance layer, a social intelligence layer, a transaction layer, and a TCP/IP security protocols layer. The trust entrance layer deals with trustable features from users. Social intelligence layer is responsible for logical questions for a semantic web. The transaction layer carries out transaction reasoning. And the TCP/IP security protocols layer ensures security communication. These layers can cooperate to build closed-security-ring with different security grades. The integrated security framework provides an integrated security method for semantic web flow so that it is universal for various semantic web technologies.展开更多
This paper is a continuation of our last paper [1] which describes the theory of Virt-BLP model. Based on Virt-BLP model,this paper implements a mandatory access control(MAC) framework applicable to multi-level securi...This paper is a continuation of our last paper [1] which describes the theory of Virt-BLP model. Based on Virt-BLP model,this paper implements a mandatory access control(MAC) framework applicable to multi-level security(MLS) in Xen. The Virt-BLP model is the theoretical basis of this MAC framework,and this MAC framework is the implementation of Virt-BLP model. Our last paper focuses on Virt-BLP model,while this paper concentrates on the design and implementation of MAC framework. For there is no MAC framework applicable to MLS in virtual machine system at present,our MAC framework fills the blank by applying Virt-BLP model to Xen,which is better than current researches to guarantee the security of communication between virtual machines(VMs) . The experimental results show that our MAC framework is effective to manage the communication between VMs.展开更多
Educational institutions are soft targets for the terrorist with massive and defenseless people.In the recent past,numbers of such attacks have been executed around the world.Conducting research,in order to provide a ...Educational institutions are soft targets for the terrorist with massive and defenseless people.In the recent past,numbers of such attacks have been executed around the world.Conducting research,in order to provide a secure environment to the educational institutions is a challenging task.This effort is motivated by recent assaults,made at Army Public School Peshawar,following another attack at Charsada University,Khyber Pukhtun Khwa,Pakistan and also the Santa Fe High School Texas,USA massacre.This study uses the basic technologies of edge computing,cloud computing and IoT to design a smart emergency alarm system framework.IoT is engaged in developing this world smarter,can contribute significantly to design the Smart Security Framework(SSF)for educational institutions.In the emergency situation,all the command and control centres must be informed within seconds to halt or minimize the loss.In this article,the SSF is proposed.This framework works on three layers.The first layer is the sensors and smart devices layer.All these sensors and smart devices are connected to the Emergency Control Room(ECR),which is the second layer of the proposed framework.The second layer uses edge computing technologies to process massive data and information locally.The third layer uses cloud computing techniques to transmit and process data and information to different command and control centres.The proposed system was tested on Cisco Packet Tracer 7.The result shows that this approach can play an efficient role in security alert,not only in the educational institutions but also in other organizations too.展开更多
The widespread adoption of QR codes has revolutionized various industries, streamlined transactions and improved inventory management. However, this increased reliance on QR code technology also exposes it to potentia...The widespread adoption of QR codes has revolutionized various industries, streamlined transactions and improved inventory management. However, this increased reliance on QR code technology also exposes it to potential security risks that malicious actors can exploit. QR code Phishing, or “Quishing”, is a type of phishing attack that leverages QR codes to deceive individuals into visiting malicious websites or downloading harmful software. These attacks can be particularly effective due to the growing popularity and trust in QR codes. This paper examines the importance of enhancing the security of QR codes through the utilization of artificial intelligence (AI). The abstract investigates the integration of AI methods for identifying and mitigating security threats associated with QR code usage. By assessing the current state of QR code security and evaluating the effectiveness of AI-driven solutions, this research aims to propose comprehensive strategies for strengthening QR code technology’s resilience. The study contributes to discussions on secure data encoding and retrieval, providing valuable insights into the evolving synergy between QR codes and AI for the advancement of secure digital communication.展开更多
The tremendous growth of the cloud computing environments requires new architecture for security services. Cloud computing is the utilization of many servers/data centers or cloud data storages (CDSs) housed in many d...The tremendous growth of the cloud computing environments requires new architecture for security services. Cloud computing is the utilization of many servers/data centers or cloud data storages (CDSs) housed in many different locations and interconnected by high speed networks. CDS, like any other emerging technology, is experiencing growing pains. It is immature, it is fragmented and it lacks standardization. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption. In this paper a comprehensive security framework based on Multi-Agent System (MAS) architecture for CDS to facilitate confidentiality, correctness assurance, availability and integrity of users' data in the cloud is proposed. Our security framework consists of two main layers as agent layer and CDS layer. Our propose MAS architecture includes main five types of agents: Cloud Service Provider Agent (CSPA), Cloud Data Confidentiality Agent (CDConA), Cloud Data Correctness Agent (CDCorA), Cloud Data Availability Agent (CDAA) and Cloud Data Integrity Agent (CDIA). In order to verify our proposed security framework based on MAS architecture, pilot study is conducted using a questionnaire survey. Rasch Methodology is used to analyze the pilot data. Item reliability is found to be poor and a few respondents and items are identified as misfits with distorted measurements. As a result, some problematic questions are revised and some predictably easy questions are excluded from the questionnaire. A prototype of the system is implemented using Java. To simulate the agents, oracle database packages and triggers are used to implement agent functions and oracle jobs are utilized to create agents.展开更多
Security risk assessment framework provides comprehensive structure for security risk analysis that would help uncover systems’ threats and vulnerabilities. While security risk assessment is an important step in the ...Security risk assessment framework provides comprehensive structure for security risk analysis that would help uncover systems’ threats and vulnerabilities. While security risk assessment is an important step in the security risk management process, this paper will focus only on the security risk assessment framework. Viewing issues that exist in a current framework, we have developed a new framework for security risk and vulnerabilities assessment by adding new components to the processes of the existing framework. The proposed framework will further enhance the outcome of the risk assessment, and improve the effectiveness of the current framework. To demonstrate the efficiency the proposed framework, a network security simulation as well as filed tests of an existing network where conducted.展开更多
Cloud computing plays a very important role in the development of business and competitive edge for many organisations including SMEs (Small and Medium Enterprises). Every cloud user continues to expect maximum servic...Cloud computing plays a very important role in the development of business and competitive edge for many organisations including SMEs (Small and Medium Enterprises). Every cloud user continues to expect maximum service, and a critical aspect to this is cloud security which is one among other specific challenges hindering adoption of the cloud technologies. The absence of appropriate, standardised and self-assessing security frameworks of the cloud world for SMEs becomes an endless problem in developing countries and can expose the cloud computing model to major security risks which threaten its potential success within the country. This research presents a security framework for assessing security in the cloud environment based on the Goal Question Metrics methodology. The developed framework produces a security index that describes the security level accomplished by an evaluated cloud computing environment thereby providing the first line of defence. This research has concluded with an eight-step framework that could be employed by SMEs to assess the information security in the cloud. The most important feature of the developed security framework is to devise a mechanism through which SMEs can have a path of improvement along with understanding of the current security level and defining desired state in terms of security metric value.展开更多
With more educational business absorbed into information management system at universities, traditional information management platform seems unable to provide efficient service for teaching and research. Some univers...With more educational business absorbed into information management system at universities, traditional information management platform seems unable to provide efficient service for teaching and research. Some universities then resort to cloud computing platform. In view of the problems existing in the traditional information platform, this study presented an information management framework designed with cloud technology, and introduced the security techniques for its protection.展开更多
The adopters of IoT face challenges with the surging Internet-based attacks on their IoT assets and inefficiencies within the technology. Unfortunately, IoT is overly distributed, still evolving and facing implementat...The adopters of IoT face challenges with the surging Internet-based attacks on their IoT assets and inefficiencies within the technology. Unfortunately, IoT is overly distributed, still evolving and facing implementation and security challenges. Given the above scenario, we argue that the IoT network should always be decentralized design, and security should be built by design. The paper is the design and construction of a decentralized IoT security framework, with the goal of making emerging IoT systems more resilient to attacks and supporting complex communication and resource sharing. The framework improves efficiency and scalability in IoT, exposes vulnerable subsystems and components as possible weak links to system compromise, and meets the requirements of a heterogeneous computing environment. Other features of the framework including efficient resource sharing, fault tolerance, and distributed storage support the Internet of Things. We discuss the design requirements and carry out the implementation of Proof of Concept and evaluation of our framework. Two underlying technologies: the actor model and the blockchain were used for the implementation. Our reason for choosing the actor model and blockchain is to compare its suitability for IoT integration in parallel. Hence, evaluation of the system is performed based on computational and memory efficiency, security, and scalability. We conclude from the evaluations that the actor-based implementation has better scalability than the block-chain-based implementation. Also, the blockchain seems to be computationally more intensive than the actors and less suitable for IoT systems.展开更多
Security issues are always difficult to deal with in mobile ad hoe networks. People seldom studied the costs of those security schemes respectively and for some security methods designed and adopted beforehand, their ...Security issues are always difficult to deal with in mobile ad hoe networks. People seldom studied the costs of those security schemes respectively and for some security methods designed and adopted beforehand, their effects are often investigated one by one. In fact, when facing certain attacks, different methods would respond individually and result in waste of resources. Making use of the cost management idea, we analyze the costs of security measures in mobile ad hoc networks and introduce a security framework based on security mechanisms cost management. Under the framework, the network system's own tasks can be finished in time and the whole network's security costs can be decreased. We discuss the process of security costs computation at each mobile node and in certain nodes groups. To show how to use the proposed security framework in certain applications, we give examples of DoS attacks and costs computation of defense methods. The results showed that more secure environment can be achieved based on the security framework in mobile ad hoc networks.展开更多
Point of Care (PoC) devices and systems can be categorized into three broad classes (CAT 1, CAT 2, and CAT 3) based on the context of operation and usage. In this paper, the categories are defined to address certain u...Point of Care (PoC) devices and systems can be categorized into three broad classes (CAT 1, CAT 2, and CAT 3) based on the context of operation and usage. In this paper, the categories are defined to address certain usage models of the PoC device. PoC devices that are used for PoC testing and diagnostic applications are defined CAT 1 devices;PoC devices that are used for patient monitoring are defined as CAT 2 devices (PoCM);PoC devices that are used for as interfacing with other devices are defined as CAT 3 devices (PoCI). The PoCI devices provide an interface gateway for collecting and aggregating data from other medical devices. In all categories, data security is an important aspect. This paper presents a security framework concept, which is applicable for all of the classes of PoC operation. It outlines the concepts and security framework for preventing security challenges in unauthorized access to data, unintended data flow, and data tampering during communication between system entities, the user, and the PoC system. The security framework includes secure layering of basic PoC system architecture, protection of PoC devices in the context of application and network. Developing the security framework is taken into account of a thread model of the PoC system. A proposal for a low-level protocol is discussed. This protocol is independent of communications technologies, and it is elaborated in relation to providing security. An algorithm that can be used to overcome the threat challenges has been shown using the elements in the protocol. The paper further discusses the vulnerability scanning process for the PoC system interconnected network. The paper also presents a four-step process of authentication and authorization framework for providing the security for the PoC system. Finally, the paper concludes with the machine to machine (M2M) security viewpoint and discusses the key stakeholders within an actual deployment of the PoC system and its security challenges.展开更多
Cloud computing is a type of emerging computing technology that relies on shared computing resources rather than having local servers or personal devices to handle applications. It is an emerging technology that provi...Cloud computing is a type of emerging computing technology that relies on shared computing resources rather than having local servers or personal devices to handle applications. It is an emerging technology that provides services over the internet: Utilizing the online services of different software. Many works have been carried out and various security frameworks relating to the security issues of cloud computing have been proposed in numerous ways. But they do not propose a quantitative approach to analyze and evaluate privacy and security in cloud computing systems. In this research, we try to introduce top security concerns of cloud computing systems, analyze the threats and propose some countermeasures for them. We use a quantitative security risk assessment model to present a multilayer security framework for the solution of the security threats of cloud computing systems. For evaluating the performance of the proposed security framework we have utilized an Own-Cloud platform using a 64-bit quad-core processor based embedded system. Own-Cloud platform is quite literally as any analytics, machine learning algorithms or signal processing techniques can be implemented using the vast variety of Python libraries built for those purposes. In addition, we have proposed two algorithms, which have been deployed in the Own-Cloud for mitigating the attacks and threats to cloud-like reply attacks, DoS/DDoS, back door attacks, Zombie, etc. Moreover, unbalanced RSA based encryption is used to reduce the risk of authentication and authorization. This framework is able to mitigate the targeted attacks satisfactorily.展开更多
Viability of decentralizing policing in Nigeria had been on the front burner of security discourse since Nigeria returned to democratic governance in 1999.Valid points had been put forward by both those in support and...Viability of decentralizing policing in Nigeria had been on the front burner of security discourse since Nigeria returned to democratic governance in 1999.Valid points had been put forward by both those in support and those in opposition.The Community Policing Department of the Nigeria Police had remained more of an administrative unit with little impact beyond the Police Community Relations Committee activities.Rising cases of herdsmen attacks of various communities,terrorist insurgency in the North-East,kidnappings across the different geo-political zones had resulted in the need to interrogate the efficacy of effective community policing and state policing as viable options to combating rising security challenges.The study adopted qualitative method,and being a library research relied entirely on secondary data.Sources of data included journals,relevant textbooks,newspapers,magazines,and materials downloaded from internet.The paper argues that the traditional security agencies had failed to effectively combat the many security challenges that Nigeria faces.The combination of the official security agencies and the military had failed to effectively combat insecurity in the country.The local vigilante groups on the other hand had made valuable inroad in curtailing some of the security challenges including terrorist insurgency as a result of their knowledge of the terrain.The paper concludes that to effectively combat the many security challenges,there is a need for new policy framework at the federal and state levels that would decentralize policing and give legal backing for collaboration between the official security agencies under the federal government and state security outfits including the vigilante.展开更多
This paper describes the definition of nuclear security that has been changing from the cold war age to the post-911 period, and clarifies the close relationship and yet a clear distinction between nuclear security, n...This paper describes the definition of nuclear security that has been changing from the cold war age to the post-911 period, and clarifies the close relationship and yet a clear distinction between nuclear security, nuclear safety and nuclear safeguard. Based on analyses of the current state of nuclear security activities in China as well as the requirements and the law infrastructure, a legislative and regulatory framework of nuclear security and the mandate of a regulatory body in China are recommended.展开更多
Email communication plays a crucial role in both personal and professional contexts;however,it is frequently compromised by the ongoing challenge of spam,which detracts from productivity and introduces considerable se...Email communication plays a crucial role in both personal and professional contexts;however,it is frequently compromised by the ongoing challenge of spam,which detracts from productivity and introduces considerable security risks.Current spam detection techniques often struggle to keep pace with the evolving tactics employed by spammers,resulting in user dissatisfaction and potential data breaches.To address this issue,we introduce the Divide and Conquer-Generative Adversarial Network Squeeze and Excitation-Based Framework(DaC-GANSAEBF),an innovative deep-learning model designed to identify spam emails.This framework incorporates cutting-edge technologies,such as Generative Adversarial Networks(GAN),Squeeze and Excitation(SAE)modules,and a newly formulated Light Dual Attention(LDA)mechanism,which effectively utilizes both global and local attention to discern intricate patterns within textual data.This approach significantly improves efficiency and accuracy by segmenting scanned email content into smaller,independently evaluated components.The model underwent training and validation using four publicly available benchmark datasets,achieving an impressive average accuracy of 98.87%,outperforming leading methods in the field.These findings underscore the resilience and scalability of DaC-GANSAEBF,positioning it as a viable solution for contemporary spam detection systems.The framework can be easily integrated into existing technologies to enhance user security and reduce the risks associated with spam.展开更多
基金supported by the project of the National Natural Science Foundation of China(42330705).
文摘Enhancing ecological security for sustainable social,economic,and environmental development is a key focus of current research and a practical necessity for ecological management.However,the integration of retrospective ecological security assessments with future trend predictions and fine-scale targeted regulations remains inadequate,limiting effective ecological governance and sustainable regional development.Guided by Social-Economic-Natural Complex Ecosystems(SENCE)theory,this study proposes an analytical framework that integrates ecological security assessment,prediction,and zoning management.The Daqing River Basin,a typical river basin in the North China Plain,was selected as a case study.The results indicate that overall ecological security in the Daqing River Basin improved from a“Moderate”level to a“Relatively Safe”level between 2000 and 2020;however,spatial heterogeneity persisted,with higher ecological security in northwestern and eastern regions and lower ecological security in the central region.Approximately 62% of the Basin experienced an improvement in ecological security level,except in the major urban areas of Beijing,Tianjin,and Hebei,where ecological security deteriorated.From 2025 to 2040,the overall ecological security of the Daqing River Basin is expected to improve and remain at the“Relatively Safe”level.However,spatial heterogeneity will be further aggravated as the ecological security of major urban areas continues to deteriorate.Ecological security management zones and regulation strategies are proposed at the regional and county scales to emphasize integrated regulation for the entire basin and major urban areas.The proposed analytical framework provides valuable insights for advancing theoretical research on ecological security.The case study offers a practical reference for ecological security enhancement in river basins and other regions facing significant human-land conflicts.
文摘Against the backdrop of intensifying global water scarcity,reclaimed water reuse has emerged as a critical strategy for ecological replenishment of landscape water bodies.However,its potential ecological risks remain underexplored.This study aims to establish a multidimensional ecological safety evaluation framework for reclaimed water replenishment systems and propose hierarchical risk prevention strategies.By integrating ecotoxicological assays(algae growth inhibition,Daphnia behavioral anomalies,zebrafish embryo toxicity),multimedia exposure modeling,and Monte Carlo probabilistic simulations,the risk contributions and spatial heterogeneity of typical pollutants are quantitatively analyzed.Results revealed that sulfamethoxazole(RQ=2.3)and diclofenac(RQ=1.8)posed high ecological risks,with their effects nonlinearly correlated with hydraulic retention time(HRT<3 days)and nutrient loading(TN>1.2 mg/L).A three-tier risk prevention system was developed based on the“source-pathway-receptor”framework:ozone-activated carbon pretreatment achieved 85%removal efficiency for pharmaceutical contaminants,ecological floating beds enhanced nitrogen and phosphorus retention by 40%-60%,and hydraulic regulation(flow velocity>0.1 m/s)effectively suppressed pathogen proliferation.The innovation of this study lies in establishing a chemical-biological-hydrological coupled risk quantification model for reclaimed water reuse scenarios.The hierarchical prevention standards have been incorporated into local reclaimed water management regulations,providing a scientific foundation and technical paradigm for sustainable landscape water replenishment.
文摘Energy access remains a critical challenge in rural South Sudan,with communities heavily relying on expensive and unfriendly environmental energy sources such as diesel generators and biomass.This study addresses the predicament by evaluating the feasibility of renewable energy-based decentralized electrification in the selected village ofDoleibHill,UpperNile,South Sudan.Using a demand assessment and theMulti-Tier Framework(MTF)approach,it categorizes households,public facilities,private sector,Non-GovernmentalOrganizations(NGOs)and business energy needs and designs an optimized hybrid energy system incorporating solar Photovoltaic(PV),wind turbines,batteries,and a generator.The proposed system,simulated in Hybrid Optimization Model Electric Renewable(HOMER)Pro,demonstrates strong economic viability,with a present worth of$292,145,an annual worth of$22,854,a return on investment(ROI)of 36.5%,and an internal rate of return(IRR)of 42.1%.The simple payback period is 2.31 years,and the discounted payback period is 2.62 years.The system achieves a levelized cost of energy(LCOE)of$0.276/kWh and significantly reduces dependence on diesel,producing 798,800 kWh annually fromwind energy.This research provides a replicable model for cost-effective,sustainable rural electrification,offering valuable insights for policymakers and energy planners seeking to expand electricity access in off-grid communities.
基金This work is the result of commissioned research project supported by the Affiliated Institute of ETRI(2022-086)received by Junho AhnThis research was supported by the National Research Foundation of Korea(NRF)Basic Science Research Program funded by the Ministry of Education(No.2020R1A6A1A03040583)this work was supported by Korea Institute for Advancement of Technology(KIAT)Grant funded by the Korea government(MOTIE)(P0008691,HRD Program for Industrial Innovation).
文摘This research aims to propose a practical framework designed for the automatic analysis of a product’s comprehensive functionality and security vulnerabilities,generating applicable guidelines based on real-world software.The existing analysis of software security vulnerabilities often focuses on specific features or modules.This partial and arbitrary analysis of the security vulnerabilities makes it challenging to comprehend the overall security vulnerabilities of the software.The key novelty lies in overcoming the constraints of partial approaches.The proposed framework utilizes data from various sources to create a comprehensive functionality profile,facilitating the derivation of real-world security guidelines.Security guidelines are dynamically generated by associating functional security vulnerabilities with the latest Common Vulnerabilities and Exposure(CVE)and Common Vulnerability Scoring System(CVSS)scores,resulting in automated guidelines tailored to each product.These guidelines are not only practical but also applicable in real-world software,allowing for prioritized security responses.The proposed framework is applied to virtual private network(VPN)software,wherein a validated Level 2 data flow diagram is generated using the Spoofing,Tampering,Repudiation,Information Disclosure,Denial of Service,and Elevation of privilege(STRIDE)technique with references to various papers and examples from related software.The analysis resulted in the identification of a total of 121 vulnerabilities.The successful implementation and validation demonstrate the framework’s efficacy in generating customized guidelines for entire systems,subsystems,and selected modules.
基金The National Natural Science Foundation of China(No.60474037),Program for New Century Excellent Talents in Univer-sity (No.NCET-04-415).
文摘An integrated security framework for a semantic web is proposed based on the social intelligence of an individual's avoiding harm and preserving transaction logic-integrity. The framework extends the semantic web model and controls the dynamic security of semantic web services, such as trust, logic and reasoning. It includes four layers, that is, a trust entrance layer, a social intelligence layer, a transaction layer, and a TCP/IP security protocols layer. The trust entrance layer deals with trustable features from users. Social intelligence layer is responsible for logical questions for a semantic web. The transaction layer carries out transaction reasoning. And the TCP/IP security protocols layer ensures security communication. These layers can cooperate to build closed-security-ring with different security grades. The integrated security framework provides an integrated security method for semantic web flow so that it is universal for various semantic web technologies.
基金supported by National Key Basic Research and Development Plan (973 Plan) of China (No. 2007CB310900)National Natural Science Foundation of China (No. 90612018, 90715030 and 60970008)
文摘This paper is a continuation of our last paper [1] which describes the theory of Virt-BLP model. Based on Virt-BLP model,this paper implements a mandatory access control(MAC) framework applicable to multi-level security(MLS) in Xen. The Virt-BLP model is the theoretical basis of this MAC framework,and this MAC framework is the implementation of Virt-BLP model. Our last paper focuses on Virt-BLP model,while this paper concentrates on the design and implementation of MAC framework. For there is no MAC framework applicable to MLS in virtual machine system at present,our MAC framework fills the blank by applying Virt-BLP model to Xen,which is better than current researches to guarantee the security of communication between virtual machines(VMs) . The experimental results show that our MAC framework is effective to manage the communication between VMs.
文摘Educational institutions are soft targets for the terrorist with massive and defenseless people.In the recent past,numbers of such attacks have been executed around the world.Conducting research,in order to provide a secure environment to the educational institutions is a challenging task.This effort is motivated by recent assaults,made at Army Public School Peshawar,following another attack at Charsada University,Khyber Pukhtun Khwa,Pakistan and also the Santa Fe High School Texas,USA massacre.This study uses the basic technologies of edge computing,cloud computing and IoT to design a smart emergency alarm system framework.IoT is engaged in developing this world smarter,can contribute significantly to design the Smart Security Framework(SSF)for educational institutions.In the emergency situation,all the command and control centres must be informed within seconds to halt or minimize the loss.In this article,the SSF is proposed.This framework works on three layers.The first layer is the sensors and smart devices layer.All these sensors and smart devices are connected to the Emergency Control Room(ECR),which is the second layer of the proposed framework.The second layer uses edge computing technologies to process massive data and information locally.The third layer uses cloud computing techniques to transmit and process data and information to different command and control centres.The proposed system was tested on Cisco Packet Tracer 7.The result shows that this approach can play an efficient role in security alert,not only in the educational institutions but also in other organizations too.
文摘The widespread adoption of QR codes has revolutionized various industries, streamlined transactions and improved inventory management. However, this increased reliance on QR code technology also exposes it to potential security risks that malicious actors can exploit. QR code Phishing, or “Quishing”, is a type of phishing attack that leverages QR codes to deceive individuals into visiting malicious websites or downloading harmful software. These attacks can be particularly effective due to the growing popularity and trust in QR codes. This paper examines the importance of enhancing the security of QR codes through the utilization of artificial intelligence (AI). The abstract investigates the integration of AI methods for identifying and mitigating security threats associated with QR code usage. By assessing the current state of QR code security and evaluating the effectiveness of AI-driven solutions, this research aims to propose comprehensive strategies for strengthening QR code technology’s resilience. The study contributes to discussions on secure data encoding and retrieval, providing valuable insights into the evolving synergy between QR codes and AI for the advancement of secure digital communication.
文摘The tremendous growth of the cloud computing environments requires new architecture for security services. Cloud computing is the utilization of many servers/data centers or cloud data storages (CDSs) housed in many different locations and interconnected by high speed networks. CDS, like any other emerging technology, is experiencing growing pains. It is immature, it is fragmented and it lacks standardization. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption. In this paper a comprehensive security framework based on Multi-Agent System (MAS) architecture for CDS to facilitate confidentiality, correctness assurance, availability and integrity of users' data in the cloud is proposed. Our security framework consists of two main layers as agent layer and CDS layer. Our propose MAS architecture includes main five types of agents: Cloud Service Provider Agent (CSPA), Cloud Data Confidentiality Agent (CDConA), Cloud Data Correctness Agent (CDCorA), Cloud Data Availability Agent (CDAA) and Cloud Data Integrity Agent (CDIA). In order to verify our proposed security framework based on MAS architecture, pilot study is conducted using a questionnaire survey. Rasch Methodology is used to analyze the pilot data. Item reliability is found to be poor and a few respondents and items are identified as misfits with distorted measurements. As a result, some problematic questions are revised and some predictably easy questions are excluded from the questionnaire. A prototype of the system is implemented using Java. To simulate the agents, oracle database packages and triggers are used to implement agent functions and oracle jobs are utilized to create agents.
文摘Security risk assessment framework provides comprehensive structure for security risk analysis that would help uncover systems’ threats and vulnerabilities. While security risk assessment is an important step in the security risk management process, this paper will focus only on the security risk assessment framework. Viewing issues that exist in a current framework, we have developed a new framework for security risk and vulnerabilities assessment by adding new components to the processes of the existing framework. The proposed framework will further enhance the outcome of the risk assessment, and improve the effectiveness of the current framework. To demonstrate the efficiency the proposed framework, a network security simulation as well as filed tests of an existing network where conducted.
文摘Cloud computing plays a very important role in the development of business and competitive edge for many organisations including SMEs (Small and Medium Enterprises). Every cloud user continues to expect maximum service, and a critical aspect to this is cloud security which is one among other specific challenges hindering adoption of the cloud technologies. The absence of appropriate, standardised and self-assessing security frameworks of the cloud world for SMEs becomes an endless problem in developing countries and can expose the cloud computing model to major security risks which threaten its potential success within the country. This research presents a security framework for assessing security in the cloud environment based on the Goal Question Metrics methodology. The developed framework produces a security index that describes the security level accomplished by an evaluated cloud computing environment thereby providing the first line of defence. This research has concluded with an eight-step framework that could be employed by SMEs to assess the information security in the cloud. The most important feature of the developed security framework is to devise a mechanism through which SMEs can have a path of improvement along with understanding of the current security level and defining desired state in terms of security metric value.
文摘With more educational business absorbed into information management system at universities, traditional information management platform seems unable to provide efficient service for teaching and research. Some universities then resort to cloud computing platform. In view of the problems existing in the traditional information platform, this study presented an information management framework designed with cloud technology, and introduced the security techniques for its protection.
文摘The adopters of IoT face challenges with the surging Internet-based attacks on their IoT assets and inefficiencies within the technology. Unfortunately, IoT is overly distributed, still evolving and facing implementation and security challenges. Given the above scenario, we argue that the IoT network should always be decentralized design, and security should be built by design. The paper is the design and construction of a decentralized IoT security framework, with the goal of making emerging IoT systems more resilient to attacks and supporting complex communication and resource sharing. The framework improves efficiency and scalability in IoT, exposes vulnerable subsystems and components as possible weak links to system compromise, and meets the requirements of a heterogeneous computing environment. Other features of the framework including efficient resource sharing, fault tolerance, and distributed storage support the Internet of Things. We discuss the design requirements and carry out the implementation of Proof of Concept and evaluation of our framework. Two underlying technologies: the actor model and the blockchain were used for the implementation. Our reason for choosing the actor model and blockchain is to compare its suitability for IoT integration in parallel. Hence, evaluation of the system is performed based on computational and memory efficiency, security, and scalability. We conclude from the evaluations that the actor-based implementation has better scalability than the block-chain-based implementation. Also, the blockchain seems to be computationally more intensive than the actors and less suitable for IoT systems.
文摘Security issues are always difficult to deal with in mobile ad hoe networks. People seldom studied the costs of those security schemes respectively and for some security methods designed and adopted beforehand, their effects are often investigated one by one. In fact, when facing certain attacks, different methods would respond individually and result in waste of resources. Making use of the cost management idea, we analyze the costs of security measures in mobile ad hoc networks and introduce a security framework based on security mechanisms cost management. Under the framework, the network system's own tasks can be finished in time and the whole network's security costs can be decreased. We discuss the process of security costs computation at each mobile node and in certain nodes groups. To show how to use the proposed security framework in certain applications, we give examples of DoS attacks and costs computation of defense methods. The results showed that more secure environment can be achieved based on the security framework in mobile ad hoc networks.
文摘Point of Care (PoC) devices and systems can be categorized into three broad classes (CAT 1, CAT 2, and CAT 3) based on the context of operation and usage. In this paper, the categories are defined to address certain usage models of the PoC device. PoC devices that are used for PoC testing and diagnostic applications are defined CAT 1 devices;PoC devices that are used for patient monitoring are defined as CAT 2 devices (PoCM);PoC devices that are used for as interfacing with other devices are defined as CAT 3 devices (PoCI). The PoCI devices provide an interface gateway for collecting and aggregating data from other medical devices. In all categories, data security is an important aspect. This paper presents a security framework concept, which is applicable for all of the classes of PoC operation. It outlines the concepts and security framework for preventing security challenges in unauthorized access to data, unintended data flow, and data tampering during communication between system entities, the user, and the PoC system. The security framework includes secure layering of basic PoC system architecture, protection of PoC devices in the context of application and network. Developing the security framework is taken into account of a thread model of the PoC system. A proposal for a low-level protocol is discussed. This protocol is independent of communications technologies, and it is elaborated in relation to providing security. An algorithm that can be used to overcome the threat challenges has been shown using the elements in the protocol. The paper further discusses the vulnerability scanning process for the PoC system interconnected network. The paper also presents a four-step process of authentication and authorization framework for providing the security for the PoC system. Finally, the paper concludes with the machine to machine (M2M) security viewpoint and discusses the key stakeholders within an actual deployment of the PoC system and its security challenges.
文摘Cloud computing is a type of emerging computing technology that relies on shared computing resources rather than having local servers or personal devices to handle applications. It is an emerging technology that provides services over the internet: Utilizing the online services of different software. Many works have been carried out and various security frameworks relating to the security issues of cloud computing have been proposed in numerous ways. But they do not propose a quantitative approach to analyze and evaluate privacy and security in cloud computing systems. In this research, we try to introduce top security concerns of cloud computing systems, analyze the threats and propose some countermeasures for them. We use a quantitative security risk assessment model to present a multilayer security framework for the solution of the security threats of cloud computing systems. For evaluating the performance of the proposed security framework we have utilized an Own-Cloud platform using a 64-bit quad-core processor based embedded system. Own-Cloud platform is quite literally as any analytics, machine learning algorithms or signal processing techniques can be implemented using the vast variety of Python libraries built for those purposes. In addition, we have proposed two algorithms, which have been deployed in the Own-Cloud for mitigating the attacks and threats to cloud-like reply attacks, DoS/DDoS, back door attacks, Zombie, etc. Moreover, unbalanced RSA based encryption is used to reduce the risk of authentication and authorization. This framework is able to mitigate the targeted attacks satisfactorily.
文摘Viability of decentralizing policing in Nigeria had been on the front burner of security discourse since Nigeria returned to democratic governance in 1999.Valid points had been put forward by both those in support and those in opposition.The Community Policing Department of the Nigeria Police had remained more of an administrative unit with little impact beyond the Police Community Relations Committee activities.Rising cases of herdsmen attacks of various communities,terrorist insurgency in the North-East,kidnappings across the different geo-political zones had resulted in the need to interrogate the efficacy of effective community policing and state policing as viable options to combating rising security challenges.The study adopted qualitative method,and being a library research relied entirely on secondary data.Sources of data included journals,relevant textbooks,newspapers,magazines,and materials downloaded from internet.The paper argues that the traditional security agencies had failed to effectively combat the many security challenges that Nigeria faces.The combination of the official security agencies and the military had failed to effectively combat insecurity in the country.The local vigilante groups on the other hand had made valuable inroad in curtailing some of the security challenges including terrorist insurgency as a result of their knowledge of the terrain.The paper concludes that to effectively combat the many security challenges,there is a need for new policy framework at the federal and state levels that would decentralize policing and give legal backing for collaboration between the official security agencies under the federal government and state security outfits including the vigilante.
文摘This paper describes the definition of nuclear security that has been changing from the cold war age to the post-911 period, and clarifies the close relationship and yet a clear distinction between nuclear security, nuclear safety and nuclear safeguard. Based on analyses of the current state of nuclear security activities in China as well as the requirements and the law infrastructure, a legislative and regulatory framework of nuclear security and the mandate of a regulatory body in China are recommended.
基金funded by the Deanship of Scientific Research(DSR)at King Abdulaziz University,Jeddah,Saudi Arabia under Grant No.(GPIP:71-829-2024).
文摘Email communication plays a crucial role in both personal and professional contexts;however,it is frequently compromised by the ongoing challenge of spam,which detracts from productivity and introduces considerable security risks.Current spam detection techniques often struggle to keep pace with the evolving tactics employed by spammers,resulting in user dissatisfaction and potential data breaches.To address this issue,we introduce the Divide and Conquer-Generative Adversarial Network Squeeze and Excitation-Based Framework(DaC-GANSAEBF),an innovative deep-learning model designed to identify spam emails.This framework incorporates cutting-edge technologies,such as Generative Adversarial Networks(GAN),Squeeze and Excitation(SAE)modules,and a newly formulated Light Dual Attention(LDA)mechanism,which effectively utilizes both global and local attention to discern intricate patterns within textual data.This approach significantly improves efficiency and accuracy by segmenting scanned email content into smaller,independently evaluated components.The model underwent training and validation using four publicly available benchmark datasets,achieving an impressive average accuracy of 98.87%,outperforming leading methods in the field.These findings underscore the resilience and scalability of DaC-GANSAEBF,positioning it as a viable solution for contemporary spam detection systems.The framework can be easily integrated into existing technologies to enhance user security and reduce the risks associated with spam.
