Given the grave local and international network security landscape,a national strategic level analysis indicates that the modernization and advancement within the Industry 4.0 era are closely correlated with overall c...Given the grave local and international network security landscape,a national strategic level analysis indicates that the modernization and advancement within the Industry 4.0 era are closely correlated with overall competitive strength.Consequently,China proposed a strategy for the integration of industrialization and informatization,optimizing and adjusting its industrial structure to swiftly achieve transformation and upgrading in the Industry 4.0 era,thereby enhancing the sophistication of intelligent industrial control systems.The distributed control system in a nuclear power plant functions as an industrial control system,overseeing the operational status of the physical process.Its ability to ensure safe and reliable operation is directly linked to nuclear safety and the cybersecurity of the facility.The management of network security in distributed control systems(DCS)is crucial for achieving this objective.Due to the varying network settings and parameters of the DCS implemented in each nuclear power plant,the network security status of the system sometimes diverges from expectations.During system operation,it will undoubtedly encounter network security issues.Consequently,nuclear power plants utilize the technical criteria outlined in GB/T 22239 to formulate a network security management program aimed at enhancing the operational security of DCS within these facilities.This study utilizes existing network security regulations and standards as a reference to analyze the network security control standards based on the nuclear power plant’s control system.It delineates the fundamental requirements for network security management,facilitating integration with the entire life cycle of the research,development,and application of the nuclear power plant’s distributed control system,thereby establishing a network security management methodology that satisfies the control requirements of the nuclear power plant.Initially,it presents DCS and network security management,outlines current domestic and international network security legislation and standards,and specifies the standards pertinent to the administration of DCS in nuclear power plants.Secondly,the design of network security management for DCS is executed in conjunction with the specific context of nuclear power plants.This encompasses the deployment of network security apparatus,validation of the network security management strategy,and optimization adjustments.Consequently,recommendations beneficial to the network security management of nuclear power plants are compiled,aimed at establishing a management system and incorporating the concept of full life cycle management,which is predicated on system requirements,system design,and both software and hardware considerations.Conversely,it presents the notion of comprehensive life cycle management and suggests network security management strategies encompassing system requirements,system architecture,detailed hardware and software design and implementation,procurement,internal system integration,system validation and acceptance testing,system installation,operational maintenance,system modifications,and decommissioning.We will consistently enhance the performance and functionality of DCS in nuclear power plants,establish a safe and secure operational environment,and thereby facilitate the implementation of DCS in nuclear facilities while ensuring robust network security in the future.展开更多
In the context of the rapid development of digital education,the security of educational data has become an increasing concern.This paper explores strategies for the classification and grading of educational data,and ...In the context of the rapid development of digital education,the security of educational data has become an increasing concern.This paper explores strategies for the classification and grading of educational data,and constructs a higher educational data security management and control model centered on the integration of medical and educational data.By implementing a multi-dimensional strategy of dynamic classification,real-time authorization,and secure execution through educational data security levels,dynamic access control is applied to effectively enhance the security and controllability of educational data,providing a secure foundation for data sharing and openness.展开更多
China's marine data includes marine hydrology,marine meteorology,marine biology,marine chemistry,marine substrate,marine geophysical,seabed topography and other categories of data,the total amount of data reaches ...China's marine data includes marine hydrology,marine meteorology,marine biology,marine chemistry,marine substrate,marine geophysical,seabed topography and other categories of data,the total amount of data reaches the magnitude of PB,and the amount of data is still increasing.The safe management of these marine data storage is the basis of building a Smart Ocean.This paper discusses the current situation of security management of marine data storage in China,analyzes the problems of security management in domestic marine data storage,and puts forward suggestions.展开更多
In order to manage all kinds of network security devices and software systems efficiently, and make them collaborate with each other, the model for an open network security management platform is presented. The feasib...In order to manage all kinds of network security devices and software systems efficiently, and make them collaborate with each other, the model for an open network security management platform is presented. The feasibility and key implementing technology of the model are expatiated. A prototype system is implemented to validate it.展开更多
With the increasing importance of supply chain transparency,blockchain-based data has emerged as a valuable and verifiable source for analyzing procurement transaction risks.This study extends the mathematical model a...With the increasing importance of supply chain transparency,blockchain-based data has emerged as a valuable and verifiable source for analyzing procurement transaction risks.This study extends the mathematical model and proof of‘the Overall Performance Characteristics of the Supply Chain’to encompass multiple variables within blockchain data.Utilizing graph theory,the model is further developed into a single-layer neural network,which serves as the foundation for constructing two multi-layer deep learning neural network models,Feedforward Neural Network(abbreviated as FNN)and Deep Clustering Network(abbreviated as DCN).Furthermore,this study retrieves corporate data from the Chunghwa Yellow Pages online resource and Taiwan Economic Journal database(abbreviated as TEJ).These data are then virtualized using‘the Metaverse Algorithm’,and the selected virtualized blockchain variables are utilized to train a neural network model for classification.The results demonstrate that a single-layer neural network model,leveraging blockchain data and employing the Proof of Relation algorithm(abbreviated as PoR)as the activation function,effectively identifies anomalous enterprises,which constitute 7.2%of the total sample,aligning with expectations.In contrast,the multi-layer neural network models,DCN and FNN,classify an excessively large proportion of enterprises as anomalous(ranging from one-fourth to one-third),which deviates from expectations.This indicates that deep learning may still be inadequate in effectively capturing or identifying malicious corporate behaviors associated with distortions in procurement transaction data.In other words,procurement transaction blockchain data possesses intrinsic value that cannot be replaced by artificial intelligence(abbreviated as AI).展开更多
Refined management,as a management concept and method that pursues efficiency,quality,and low consumption,has been applied in various industries.Due to its particularity,the construction industry needs to strengthen m...Refined management,as a management concept and method that pursues efficiency,quality,and low consumption,has been applied in various industries.Due to its particularity,the construction industry needs to strengthen management and refined management has become the primary choice for the industry,which is of great significance for its stable development.The article elaborates on the definition of refined management,analyzes the necessity of refined management in the construction industry,and explores the application measures of refined management in construction industry management,aiming to provide reference for improving the management level of the construction industry.展开更多
This paper introduces the PKPM-BIM construction management platform and its applications in the construction security management. The PKPM-BIM platform is an integrated management system mainly developed for the contr...This paper introduces the PKPM-BIM construction management platform and its applications in the construction security management. The PKPM-BIM platform is an integrated management system mainly developed for the contractors to implement the BIM-aided construction management. Application of BIM technology would bring many beneficial changes to the security management in construction.展开更多
The integration of organisation’s information security policy into threat modeling enhances effectiveness of security strategies for information security management. These security policies are the ones which define ...The integration of organisation’s information security policy into threat modeling enhances effectiveness of security strategies for information security management. These security policies are the ones which define the sets of security issues, controls and organisation’s commitment for seamless integration with knowledge based platforms in order to protect critical assets and data. Such platforms are needed to evaluate and share violations which can create security loop-hole. The lack of rules-based approaches for discovering potential threats at organisation’s context, poses a challenge for many organisations in safeguarding their critical assets. To address the challenge, this paper introduces a Platform for Organisation Security Threat Analytic and Management (POSTAM) using rule-based approach. The platform enhances strategies for combating information security threats and thus improves organisations’ commitment in protecting their critical assets. R scripting language for data visualization and java-based scripts were used to develop a prototype to run on web protocol. MySQL database management system was used as back-end for data storage during threat analytic processes.展开更多
In this paper, a technical and statistical analysis of security system and security management is provided for crowd energy and smart living. At the same time, a clear understanding is made for crowd energy concept an...In this paper, a technical and statistical analysis of security system and security management is provided for crowd energy and smart living. At the same time, a clear understanding is made for crowd energy concept and next generation smart living. Various case examples have been studied and a brief summary has been provided.Furthermore, a statistical analysis has been provided in terms of security management in smart living where it is found that young technocrats give the highest importance to security management in smart living. Last but not the least, current limitation, constraints, and future scope of security implementation have been discussed in terms of crowd energy clustered with next generation smart living.展开更多
The Internet of Medical Things(IoMT)is an online device that senses and transmits medical data from users to physicians within a time interval.In,recent years,IoMT has rapidly grown in the medicalfield to provide heal...The Internet of Medical Things(IoMT)is an online device that senses and transmits medical data from users to physicians within a time interval.In,recent years,IoMT has rapidly grown in the medicalfield to provide healthcare services without physical appearance.With the use of sensors,IoMT applications are used in healthcare management.In such applications,one of the most important factors is data security,given that its transmission over the network may cause obtrusion.For data security in IoMT systems,blockchain is used due to its numerous blocks for secure data storage.In this study,Blockchain-assisted secure data management framework(BSDMF)and Proof of Activity(PoA)protocol using malicious code detection algorithm is used in the proposed data security for the healthcare system.The main aim is to enhance the data security over the networks.The PoA protocol enhances high security of data from the literature review.By replacing the malicious node from the block,the PoA can provide high security for medical data in the blockchain.Comparison with existing systems shows that the proposed simulation with BSD-Malicious code detection algorithm achieves higher accuracy ratio,precision ratio,security,and efficiency and less response time for Blockchain-enabled healthcare systems.展开更多
Security evaluation and management has become increasingly important for Web-based information technology(IT)systems,especially for educational institutions.For the security evaluation and management of IT systems in ...Security evaluation and management has become increasingly important for Web-based information technology(IT)systems,especially for educational institutions.For the security evaluation and management of IT systems in educational institutions,determining the security level for a single IT system has been well developed.However,it is still dificult to evaluate the information security level of the entire educational institution consid-ering multiple IT systems,because there might be too many different IT systems in one institution,educational institutions can be very different,and there is no standard model or method to provide a just ifable information security evaluation among different educational inst itutions considering their differences.In light of these difi-culties,a security evaluation model of educational institutions'IT systems(SEMEIS)is proposed in this work to facilitate the information security management for the educat ional institutions.Firstly,a simplified educational industry information system security level protection rating(EIISSLPR)with a new weight redistribution strategy for a single IT systern is proposed by choosing important evaluation questions from EIISSLPR and redistributing the weights of these questions.Then for the entire educational institution,analytic hierarchy process(AHP)is used to redistribute the weights of multiple IT systems at different security levels.considering the risk of pos-sible network security vulnerabilities,a risk index is forulated by weighting different factors,normalized by a utility function,and calculated with the real data collected from the institutions under the evaluation.Finally,the information security performance of educational institutions is obtained as the final score from SEMEIS.The results show that SEMEIS can evaluate the security level of the educat ion institutions practically and provide an efficient and effective management tool for the information security management.展开更多
Organizations implement an information security program for the protection of their information assets. The success of such a program depends primarily on the effective implementation and execution of associated infor...Organizations implement an information security program for the protection of their information assets. The success of such a program depends primarily on the effective implementation and execution of associated information security policies and controls. These policies and controls depend directly upon the resultant behavior and actions of end-users. Hence, end-users play a critical role in the effective implementation and running of an information security program in any organization. However, end-users are often unable to navigate and comprehend the various policies, controls and associated issues. Support to end-users is therefore a vital element, but is often neglected by present information security management systems. In the service industry, support to customers is established as an important determinant of customer perceived service quality. This paper applies the same philosophy to provide support to end-users, who are the customers of the Information Security Service.展开更多
This research discusses the role of information security development (ISD) using organizational factors such as information security plans, information security awareness, perceived quality training programs, inform...This research discusses the role of information security development (ISD) using organizational factors such as information security plans, information security awareness, perceived quality training programs, information security policies and procedures, and organizational culture in effective information security management (ISM) implementation in the banks (a Nigerian case). This paper explores the existing literature and a proposed framework that consists of ISD such as information security plans, information security awareness, perceived quality training programs, information security policies and procedures, and organizational culture in ISM implementation. ISD factors are found to be statistically significant, because it motivates an organization to implement effective ISM in the banks. Hence, it could be said that the role of ISD practices in an effective implementation of ISM among banks in Nigeria will be of great value.展开更多
With the continuous development of network applications, network security equipment type and the number of growing, heterogeneous security devices is difficult synergistic, massive alarm information is difficult to de...With the continuous development of network applications, network security equipment type and the number of growing, heterogeneous security devices is difficult synergistic, massive alarm information is difficult to deal and the lack of an effective response to the treatment process as well as on security incidents. To solve these problems, the proposed design of a unified management platform for a variety of heterogeneous network security equipment. A brief introduction for the main functions of the platform.The article proposed a traffic handling mechanisms of heterogeneous security devices, allowing the platform to support heterogeneous security devices.展开更多
The Internet plays increasingly important roles in everyone's life; however, the existence of a mismatch between the basic architectural idea beneath the Internet and the emerging requirements for it is becoming m...The Internet plays increasingly important roles in everyone's life; however, the existence of a mismatch between the basic architectural idea beneath the Internet and the emerging requirements for it is becoming more and more obvious. Although the Internet community came up with a consensus that the future network should be trustworthy, the concept of 'trustworthy networks' and the ways leading us to a trustworthy network are not yet clear. This research insists that the security, controllability, manageability, and survivability should be basic properties of a trustworthy network. The key ideas and techniques involved in these properties are studied, and recent developments and progresses are surveyed. At the same time, the technical trends and challenges are briefly discussed. The network trustworthiness could and should be eventually achieved.展开更多
At present, the social security fund has a serious problem in all aspects. This paper introduces the social security fund related background, elaborated the social security fund and social security fund related to sus...At present, the social security fund has a serious problem in all aspects. This paper introduces the social security fund related background, elaborated the social security fund and social security fund related to sustainable development concept and its significance: analyzes the current situation of the social security fund and the problems that can realize sustainable development, the key lies in the internal operation mechanism of social security funds, especially the social security fund raising mechanism capacity and investment capacity, ability to pay and supervision ability; finally puts forward some countermeasures for promoting the sustainable development of the social security fund, the balance of the social security fund is the social security system of sustainable development conditions.展开更多
In order to better safeguard the interests of the people and seek welfare for the people, our country pays more attention to the optimization of the social security system of the people. Therefore, our government has ...In order to better safeguard the interests of the people and seek welfare for the people, our country pays more attention to the optimization of the social security system of the people. Therefore, our government has invested more energy and financial resources in the social security management. The implementation of social security management is directly related to the welfare and interests of our citizens. Paying attention to the vital interests of citizens is very important to promote people's well-being and ensure the long-term stability of the country. While developing and building a socialist country, China's enterprises are facing huge market competition. In order to enhance the cohesion of the company and build a more harmonious corporate atmosphere, we need to continuously optimize the welfare benefits of the employees to ensure that they are guaranteed in order to lay a good foundation for the development of the enterprise and social progress.展开更多
An interactive network security measure and a description of its function as well as its principle are presented. Based on the existing security loopholes and bugs in operating systems, this measure focuses on the res...An interactive network security measure and a description of its function as well as its principle are presented. Based on the existing security loopholes and bugs in operating systems, this measure focuses on the restrictive condition of security and the establishment of configuration files. Under the control and administration of the secure management of configuration files, each system module brings much flexibility, adaptability and high-level security. The security detecting and managing software used in UNIX based on this measure has obtained good results, achieving the goal of automatically detecting and handling inner and outer system-violation and system abuse.展开更多
文摘Given the grave local and international network security landscape,a national strategic level analysis indicates that the modernization and advancement within the Industry 4.0 era are closely correlated with overall competitive strength.Consequently,China proposed a strategy for the integration of industrialization and informatization,optimizing and adjusting its industrial structure to swiftly achieve transformation and upgrading in the Industry 4.0 era,thereby enhancing the sophistication of intelligent industrial control systems.The distributed control system in a nuclear power plant functions as an industrial control system,overseeing the operational status of the physical process.Its ability to ensure safe and reliable operation is directly linked to nuclear safety and the cybersecurity of the facility.The management of network security in distributed control systems(DCS)is crucial for achieving this objective.Due to the varying network settings and parameters of the DCS implemented in each nuclear power plant,the network security status of the system sometimes diverges from expectations.During system operation,it will undoubtedly encounter network security issues.Consequently,nuclear power plants utilize the technical criteria outlined in GB/T 22239 to formulate a network security management program aimed at enhancing the operational security of DCS within these facilities.This study utilizes existing network security regulations and standards as a reference to analyze the network security control standards based on the nuclear power plant’s control system.It delineates the fundamental requirements for network security management,facilitating integration with the entire life cycle of the research,development,and application of the nuclear power plant’s distributed control system,thereby establishing a network security management methodology that satisfies the control requirements of the nuclear power plant.Initially,it presents DCS and network security management,outlines current domestic and international network security legislation and standards,and specifies the standards pertinent to the administration of DCS in nuclear power plants.Secondly,the design of network security management for DCS is executed in conjunction with the specific context of nuclear power plants.This encompasses the deployment of network security apparatus,validation of the network security management strategy,and optimization adjustments.Consequently,recommendations beneficial to the network security management of nuclear power plants are compiled,aimed at establishing a management system and incorporating the concept of full life cycle management,which is predicated on system requirements,system design,and both software and hardware considerations.Conversely,it presents the notion of comprehensive life cycle management and suggests network security management strategies encompassing system requirements,system architecture,detailed hardware and software design and implementation,procurement,internal system integration,system validation and acceptance testing,system installation,operational maintenance,system modifications,and decommissioning.We will consistently enhance the performance and functionality of DCS in nuclear power plants,establish a safe and secure operational environment,and thereby facilitate the implementation of DCS in nuclear facilities while ensuring robust network security in the future.
基金supported by:the 2023 Basic Public Welfare Research Project of the Wenzhou Science and Technology Bureau“Research on Multi-Source Data Classification and Grading Standards and Intelligent Algorithms for Higher Education Institutions”(Project No.G2023094)Major Humanities and Social Sciences Research Projects in Zhejiang higher education institutions(Grant/Award Number:2024QN061)2023 Basic Public Welfare Research Project of Wenzhou(No.:S2023014).
文摘In the context of the rapid development of digital education,the security of educational data has become an increasing concern.This paper explores strategies for the classification and grading of educational data,and constructs a higher educational data security management and control model centered on the integration of medical and educational data.By implementing a multi-dimensional strategy of dynamic classification,real-time authorization,and secure execution through educational data security levels,dynamic access control is applied to effectively enhance the security and controllability of educational data,providing a secure foundation for data sharing and openness.
文摘China's marine data includes marine hydrology,marine meteorology,marine biology,marine chemistry,marine substrate,marine geophysical,seabed topography and other categories of data,the total amount of data reaches the magnitude of PB,and the amount of data is still increasing.The safe management of these marine data storage is the basis of building a Smart Ocean.This paper discusses the current situation of security management of marine data storage in China,analyzes the problems of security management in domestic marine data storage,and puts forward suggestions.
文摘In order to manage all kinds of network security devices and software systems efficiently, and make them collaborate with each other, the model for an open network security management platform is presented. The feasibility and key implementing technology of the model are expatiated. A prototype system is implemented to validate it.
文摘With the increasing importance of supply chain transparency,blockchain-based data has emerged as a valuable and verifiable source for analyzing procurement transaction risks.This study extends the mathematical model and proof of‘the Overall Performance Characteristics of the Supply Chain’to encompass multiple variables within blockchain data.Utilizing graph theory,the model is further developed into a single-layer neural network,which serves as the foundation for constructing two multi-layer deep learning neural network models,Feedforward Neural Network(abbreviated as FNN)and Deep Clustering Network(abbreviated as DCN).Furthermore,this study retrieves corporate data from the Chunghwa Yellow Pages online resource and Taiwan Economic Journal database(abbreviated as TEJ).These data are then virtualized using‘the Metaverse Algorithm’,and the selected virtualized blockchain variables are utilized to train a neural network model for classification.The results demonstrate that a single-layer neural network model,leveraging blockchain data and employing the Proof of Relation algorithm(abbreviated as PoR)as the activation function,effectively identifies anomalous enterprises,which constitute 7.2%of the total sample,aligning with expectations.In contrast,the multi-layer neural network models,DCN and FNN,classify an excessively large proportion of enterprises as anomalous(ranging from one-fourth to one-third),which deviates from expectations.This indicates that deep learning may still be inadequate in effectively capturing or identifying malicious corporate behaviors associated with distortions in procurement transaction data.In other words,procurement transaction blockchain data possesses intrinsic value that cannot be replaced by artificial intelligence(abbreviated as AI).
文摘Refined management,as a management concept and method that pursues efficiency,quality,and low consumption,has been applied in various industries.Due to its particularity,the construction industry needs to strengthen management and refined management has become the primary choice for the industry,which is of great significance for its stable development.The article elaborates on the definition of refined management,analyzes the necessity of refined management in the construction industry,and explores the application measures of refined management in construction industry management,aiming to provide reference for improving the management level of the construction industry.
基金Supported by the Ministry of Housing and Urban-Rural Development Science and Technology Project Program of China(2016-K8-045)
文摘This paper introduces the PKPM-BIM construction management platform and its applications in the construction security management. The PKPM-BIM platform is an integrated management system mainly developed for the contractors to implement the BIM-aided construction management. Application of BIM technology would bring many beneficial changes to the security management in construction.
文摘The integration of organisation’s information security policy into threat modeling enhances effectiveness of security strategies for information security management. These security policies are the ones which define the sets of security issues, controls and organisation’s commitment for seamless integration with knowledge based platforms in order to protect critical assets and data. Such platforms are needed to evaluate and share violations which can create security loop-hole. The lack of rules-based approaches for discovering potential threats at organisation’s context, poses a challenge for many organisations in safeguarding their critical assets. To address the challenge, this paper introduces a Platform for Organisation Security Threat Analytic and Management (POSTAM) using rule-based approach. The platform enhances strategies for combating information security threats and thus improves organisations’ commitment in protecting their critical assets. R scripting language for data visualization and java-based scripts were used to develop a prototype to run on web protocol. MySQL database management system was used as back-end for data storage during threat analytic processes.
基金the support provided by the University of Asia Pacific and Institute for Energy, Environment, Research and Development (IEERD)
文摘In this paper, a technical and statistical analysis of security system and security management is provided for crowd energy and smart living. At the same time, a clear understanding is made for crowd energy concept and next generation smart living. Various case examples have been studied and a brief summary has been provided.Furthermore, a statistical analysis has been provided in terms of security management in smart living where it is found that young technocrats give the highest importance to security management in smart living. Last but not the least, current limitation, constraints, and future scope of security implementation have been discussed in terms of crowd energy clustered with next generation smart living.
基金Taif University Researchers Supporting Project Number(TURSP-2020/98),Taif University,Taif,Saudi Arabia.
文摘The Internet of Medical Things(IoMT)is an online device that senses and transmits medical data from users to physicians within a time interval.In,recent years,IoMT has rapidly grown in the medicalfield to provide healthcare services without physical appearance.With the use of sensors,IoMT applications are used in healthcare management.In such applications,one of the most important factors is data security,given that its transmission over the network may cause obtrusion.For data security in IoMT systems,blockchain is used due to its numerous blocks for secure data storage.In this study,Blockchain-assisted secure data management framework(BSDMF)and Proof of Activity(PoA)protocol using malicious code detection algorithm is used in the proposed data security for the healthcare system.The main aim is to enhance the data security over the networks.The PoA protocol enhances high security of data from the literature review.By replacing the malicious node from the block,the PoA can provide high security for medical data in the blockchain.Comparison with existing systems shows that the proposed simulation with BSD-Malicious code detection algorithm achieves higher accuracy ratio,precision ratio,security,and efficiency and less response time for Blockchain-enabled healthcare systems.
基金the Science and Technology Innovation Program of Shanghai Science and Technology Commit-tee(No.19511103500)。
文摘Security evaluation and management has become increasingly important for Web-based information technology(IT)systems,especially for educational institutions.For the security evaluation and management of IT systems in educational institutions,determining the security level for a single IT system has been well developed.However,it is still dificult to evaluate the information security level of the entire educational institution consid-ering multiple IT systems,because there might be too many different IT systems in one institution,educational institutions can be very different,and there is no standard model or method to provide a just ifable information security evaluation among different educational inst itutions considering their differences.In light of these difi-culties,a security evaluation model of educational institutions'IT systems(SEMEIS)is proposed in this work to facilitate the information security management for the educat ional institutions.Firstly,a simplified educational industry information system security level protection rating(EIISSLPR)with a new weight redistribution strategy for a single IT systern is proposed by choosing important evaluation questions from EIISSLPR and redistributing the weights of these questions.Then for the entire educational institution,analytic hierarchy process(AHP)is used to redistribute the weights of multiple IT systems at different security levels.considering the risk of pos-sible network security vulnerabilities,a risk index is forulated by weighting different factors,normalized by a utility function,and calculated with the real data collected from the institutions under the evaluation.Finally,the information security performance of educational institutions is obtained as the final score from SEMEIS.The results show that SEMEIS can evaluate the security level of the educat ion institutions practically and provide an efficient and effective management tool for the information security management.
文摘Organizations implement an information security program for the protection of their information assets. The success of such a program depends primarily on the effective implementation and execution of associated information security policies and controls. These policies and controls depend directly upon the resultant behavior and actions of end-users. Hence, end-users play a critical role in the effective implementation and running of an information security program in any organization. However, end-users are often unable to navigate and comprehend the various policies, controls and associated issues. Support to end-users is therefore a vital element, but is often neglected by present information security management systems. In the service industry, support to customers is established as an important determinant of customer perceived service quality. This paper applies the same philosophy to provide support to end-users, who are the customers of the Information Security Service.
文摘This research discusses the role of information security development (ISD) using organizational factors such as information security plans, information security awareness, perceived quality training programs, information security policies and procedures, and organizational culture in effective information security management (ISM) implementation in the banks (a Nigerian case). This paper explores the existing literature and a proposed framework that consists of ISD such as information security plans, information security awareness, perceived quality training programs, information security policies and procedures, and organizational culture in ISM implementation. ISD factors are found to be statistically significant, because it motivates an organization to implement effective ISM in the banks. Hence, it could be said that the role of ISD practices in an effective implementation of ISM among banks in Nigeria will be of great value.
文摘With the continuous development of network applications, network security equipment type and the number of growing, heterogeneous security devices is difficult synergistic, massive alarm information is difficult to deal and the lack of an effective response to the treatment process as well as on security incidents. To solve these problems, the proposed design of a unified management platform for a variety of heterogeneous network security equipment. A brief introduction for the main functions of the platform.The article proposed a traffic handling mechanisms of heterogeneous security devices, allowing the platform to support heterogeneous security devices.
基金the National Key BasicResearch Program (973 Program) under Grant2007CB307104.
文摘The Internet plays increasingly important roles in everyone's life; however, the existence of a mismatch between the basic architectural idea beneath the Internet and the emerging requirements for it is becoming more and more obvious. Although the Internet community came up with a consensus that the future network should be trustworthy, the concept of 'trustworthy networks' and the ways leading us to a trustworthy network are not yet clear. This research insists that the security, controllability, manageability, and survivability should be basic properties of a trustworthy network. The key ideas and techniques involved in these properties are studied, and recent developments and progresses are surveyed. At the same time, the technical trends and challenges are briefly discussed. The network trustworthiness could and should be eventually achieved.
文摘At present, the social security fund has a serious problem in all aspects. This paper introduces the social security fund related background, elaborated the social security fund and social security fund related to sustainable development concept and its significance: analyzes the current situation of the social security fund and the problems that can realize sustainable development, the key lies in the internal operation mechanism of social security funds, especially the social security fund raising mechanism capacity and investment capacity, ability to pay and supervision ability; finally puts forward some countermeasures for promoting the sustainable development of the social security fund, the balance of the social security fund is the social security system of sustainable development conditions.
文摘In order to better safeguard the interests of the people and seek welfare for the people, our country pays more attention to the optimization of the social security system of the people. Therefore, our government has invested more energy and financial resources in the social security management. The implementation of social security management is directly related to the welfare and interests of our citizens. Paying attention to the vital interests of citizens is very important to promote people's well-being and ensure the long-term stability of the country. While developing and building a socialist country, China's enterprises are facing huge market competition. In order to enhance the cohesion of the company and build a more harmonious corporate atmosphere, we need to continuously optimize the welfare benefits of the employees to ensure that they are guaranteed in order to lay a good foundation for the development of the enterprise and social progress.
基金Supported by the China Academy of Engineering Physics Fundation (No.20020605)
文摘An interactive network security measure and a description of its function as well as its principle are presented. Based on the existing security loopholes and bugs in operating systems, this measure focuses on the restrictive condition of security and the establishment of configuration files. Under the control and administration of the secure management of configuration files, each system module brings much flexibility, adaptability and high-level security. The security detecting and managing software used in UNIX based on this measure has obtained good results, achieving the goal of automatically detecting and handling inner and outer system-violation and system abuse.
