Abstract: With the deep combination of both modern information technology and traditional agriculture, the era of agriculture 4.0, which takes the form of smart agriculture, has come. Smart agriculture provides solutions for agricultural intelligence and automation. However, information security issues cannot be ignored with the development of agriculture brought by modern information technology. In this paper, three typical development modes of smart agriculture (precision agriculture, facility agriculture, and order agriculture) are presented. Then, 7 key technologies and 11 key applications are derived from the above modes. Based on the above technologies and applications, 6 security and privacy countermeasures (authentication and access control, privacy-preserving, blockchain-based solutions for data integrity, cryptography and key management, physical countermeasures, and intrusion detection systems) are summarized and discussed. Moreover, the security challenges of smart agriculture are analyzed and organized into two aspects: 1) agricultural production, and 2) information technology. Most current research projects have not taken agricultural equipment as potential security threats. Therefore, we did some additional experiments based on solar insecticidal lamps Internet of Things, and the results indicate that agricultural equipment has an impact on agricultural security. Finally, more technologies (5 G communication, fog computing, Internet of Everything, renewable energy management system, software defined network, virtual reality, augmented reality, and cyber security datasets for smart agriculture) are described as the future research directions of smart agriculture.

Abstract: Agriculture is a vital area for the sustenance of mankind engulfing manufacturing, security, traceability, and sustainable resource management. With the resources receding expeditiously, it is of utmost significance to innovate techniques that help in the subsistence of agriculture. The growth of Internet of Things (IoT) and Blockchain technology as two rapidly emerging fields can ameliorate the state of food chain today. This paper provides a rigorous literature review to inspect the state-of-the-art development of the schemes that provide information security using blockchain technology. After identifying the core requirements in smart agriculture, a generalized blockchain-based security architecture has been proposed. A detailed cost analysis has been conducted on the studied schemes. A meticulous comparative analysis uncovered the drawbacks in existing research. Furthermore, detailed analysis of the literature has also revealed the security goals towards which the research has been directed and helped to identify new avenues for future research using artificial intelligence.

Abstract: With the rapid development of Information Technology (IT) industries, data or information security has become one of the critical issues. Nowadays, Blockchain technology is widely using for improving data security. It is a tool for the individual and organization to interchange the digital asset without the intervention of a trusted third party i.e. a central administrator. This technology has given the ability to create digital tokens for representing assets, innovation and likely reshaping the scenery of entrepreneurship. Blockchain has several key properties, such as decentralization, immutability and transparency without using a trusted third party. It can be used in several fields, such as healthcare, digital voting, Internet of Things (IoT) and many more. This study aims to discuss the fundamentals of Blockchain. In this paper, the technology or working procedure of Blockchain including many applications in several fields are discussed. Finally, future work directions and open research challenges in the domain of Blockchain have been also discussed in detail.

Abstract: Aircraft spare parts inventory management (ASPM) has played a critical role in tracing and tracking spare parts as any related maintenance or movement shall be recorded. Traceability and trackability of data ensure the compliance of airworthiness requirements. The International Air Transport Association (IATA) has strongly emphasised the significance of quality traceability data throughout the aircraft part’s life cycle, leading to enhanced inventory control accuracy, reduced maintenance error, and effective decision-making processes. However, with the rapid increase of spare parts types, the complexity of aircraft parts multi-stage supply chains leads to inefficient tracing and tracking operations with unsatisfactory traceability data quality and information security. This paper proposed a blockchain-based system that provided a managerial platform for accurate recording of spare parts traceability data with organisational consensus and validation using Hyperledger Fabric and Hyperledger Composer. A data model has been determined based on the existing ASPM, enabling information integrity during transaction operations. The channel mechanism has yielded a trustful data sharing platform between each contracting organisation for logistics and operational arrangements, which has enhanced information visibility and security. The blockchain-based system, executed under a decentralised ledger mechanism, shall improve the quality of traceability data and reliable information sharing within the spare parts supply chain. The enhanced blockchain-based inventory management system can establish the digital twin of aviation as part of Industry 4.0 in the future.

Abstract: This tutorial reviews fundamental contributions to information security An integrative viewpoint is taken that explains the security metrics, including secrecy, privacy, and others, the methodology of information-theoretic approaches, along with the arising system design principles, as well as techniques that enable the information-theoretic designs to be applied in real communication and computing systems The tutorial, while summarizing these contributions, argues for the simultaneous pivotal role of fundamental limits and coding techniques for secure communication system design

Abstract: The rapid development of the Industrial Internet of Things (IIoT) and artificial intelligence (AI) brings new security threats by exposing secret and private data. Thus, information security has become a major concern in the communication environment of IIoT and AI, where security and privacy must be ensured for the messages between a sender and the intended recipient. In this article, we propose a method called Harris hawks optimization-integer wavelet transform (HHO-IWT) for covert communication and secure data in the IIoT environment based on digital image steganography. The method embeds secret data in the cover images using a metaheuristic optimization algorithm called HHO to efficiently select image pixels that can be used to hide bits of secret data within integer wavelet transforms. The HHO-based pixel selection operation uses an objective function evaluation depending on the following two phases: exploitation and exploration. The objective function is employed to determine an optimal encoding vector to transform secret data into an encoded form generated by the HHO algorithm. Several experiments are conducted to validate the performance of the proposed method with respect to visual quality, payload capacity, and security against attacks. The obtained results reveal that the HHO-IWT method achieves higher levels of security than the state-of-the-art methods and that it resists various forms of steganalysis. Thus, utilizing this approach can keep unauthorized individuals away from the transmitted information and solve some security challenges in the IIoT.

Abstract: This paper discusses how the features of blockchain technology impact supply chain transparency through the lens of the information security triad (confidentiality, integrity and availability). Ultimately, propositions are developed to encourage future research in supply chain applications of blockchain technology.,Propositions are developed based on a synthesis of the information security and supply chain transparency literature. Findings from text mining of Twitter data and a discussion of three major blockchain use cases support the development of the propositions.,The authors note that confidentiality limits supply chain transparency, which causes tension between transparency and security. Integrity and availability promote supply chain transparency. Blockchain features can preserve security and increase transparency at the same time, despite the tension between confidentiality and transparency.,The research was conducted at a time when most blockchain applications were still in pilot stages. The propositions developed should therefore be revisited as blockchain applications become more widely adopted and mature.,This study is among the first to examine the way blockchain technology eases the tension between supply chain transparency and security. Unlike other studies that have suggested only positive impacts of blockchain technology on transparency, this study demonstrates that blockchain features can influence transparency both positively and negatively.

Abstract: In recent days, increasing numbers of Internet and wireless network users have helped accelerate the need for encryption mechanisms and devices to protect user data sharing across an unsecured network. Data security, integrity, and verification may be used due to these features. In internet traffic encryption, symmetrical block chips play an essential role. Data Encryption Standard (DES) and Advanced Encryption Standard (AES) ensure privacy encryption underlying data protection standards. The DES and the AES provide information security. DES and AES have the distinction of being introduced in both hardware and applications. DES and AES hardware implementation has many advantages, such as increased performance and improved safety. This paper provides an exhaustive study of the implementation by DES and AES of field programming gate arrays (FPGAs) using both DES and AES. Since FPGAs can be defined as just one mission, computers are superior to them.

Abstract: Smart cities fully utilize the new generation of Internet of Things (IoT) technology in the process of urban informatization to optimize the urban management and service. However, in the IoT system, while information exchange and communication, wireless sensor network devices may not be able to resist all forms of attacks, which may lead to security issues such as user data disclosure. Aiming at the information security risks in smart city, the typical technologies in IoT is analyzed from the perspective of IoT perception layer and provides corresponding security solutions for the existing security threats. Regarding the communication security, the emerging wireless technology, long range (LoRa), is discussed, and the performance of wireless communication protocol is analyzed through simulation experiments, to verify that the IoT technology based on LoRa communication technology can improve the security of the system in the construction of smart city. The results show that REBEB, a new backoff algorithm, is similar to the binary exponential backoff algorithm in terms of throughput performance. REBEB focuses more on fairness, which is up to 0.985, and to a certain extent, its security is significantly improved. The fairness of REBEB algorithm is more than 0.4 in different nodes and competing windows, and the fairness of the system is better when the number of nodes is small. To sum up, the IoT system based on LoRa communication can effectively improve the security performance of the system in the construction of smart city and avoid the security threats in the IoT signal transmission.

Abstract: This paper aims to evaluate the cyber security culture readiness of organizations from different countries and business domains when teleworking became a necessity due to the COVID-19 crisis. We have designed a targeted questionnaire and conducted a web-based survey addressing employees while working from home during the COVID-19 spread over the globe. The questionnaire contained no more than 23 questions and was available for almost a month, from 7th April 2020 until 3rd May 2020. During that period, 264 participants from 13 European countries spent approximately 8 minutes to answer it. Gathered data were analyzed from different perspectives leading to evolutionary findings regarding information security readiness and resilience of both individuals and organizations. In this paper, results are being presented and discussed in detail while focusing on future scientific routes and research paths that need to be explored. It concludes on a number of cyber security recommendations addressing both the emerged vulnerabilities and the need for security culture evolution.

Abstract: In the field of frontier research, information security has received a lot of interest, but in the field of information security algorithm, the introduction of decimals makes it impossible to bypass the topic of calculation accuracy. This article creatively proposes the definition and related proofs of double parameters fractal sorting matrix (DPFSM). As a new matrix classification with fractal properties, DPFSM contains self-similar structures in the ordering of both elements and sub-blocks in the matrix. These two self-similar structures are determined by two different parameters. To verify the theory, this paper presents a type of 2×2 DPFSM iterative generation method, as well as the theory, steps, and examples of the iteration. DPFSM is a space position transformation matrix, which has a better periodic law than a single parameter fractal sorting matrix (FSM). The proposal of DPFSM expands the fractal theory and solves the limitation of calculation accuracy on information security. The image encryption algorithm based on DPFSM is proposed, and the security analysis demonstrates the security. DPFSM has good application value in the field of information security.

Abstract: The demands for information security in higher education will continue to increase. Serious data breaches have occurred already and are likely to happen again without proper risk management. This paper applies the Comprehensive Literature Review (CLR) Model to synthesize research within cybersecurity risk by reviewing existing literature of known assets, threat events, threat actors, and vulnerabilities in higher education. The review included published studies from the last twelve years and aims to expand our understanding of cybersecurity’s critical risk areas. The primary finding was that empirical research on cybersecurity risks in higher education is scarce, and there are large gaps in the literature. Despite this issue, our analysis found a high level of agreement regarding cybersecurity issues among the reviewed sources. This paper synthesizes an overview of mission-critical assets, everyday threat events, proposes a generic threat model, and summarizes common cybersecurity vulnerabilities. This report concludes nine strategic cyber risks with descriptions of frequencies from the compiled dataset and consequence descriptions. The results will serve as input for security practitioners in higher education, and the research contains multiple paths for future work. It will serve as a starting point for security researchers in the sector.

Abstract: Computer and Information Security (CIS) is usually approached adopting a technology-centric viewpoint, where the human components of sociotechnical systems are generally considered as their weakest part, with little consideration for the end users’ cognitive characteristics, needs and motivations. This paper presents a holistic/Human Factors (HF) approach, where the individual, organisational and technological factors are investigated in pilot healthcare organisations to show how HF vulnerabilities may impact on cybersecurity risks. An overview of current challenges in relation to cybersecurity is first provided, followed by the presentation of an integrated top–down and bottom–up methodology using qualitative and quantitative research methods to assess the level of maturity of the pilot organisations with respect to their capability to face and tackle cyber threats and attacks. This approach adopts a user-centred perspective, involving both the organisations’ management and employees, The results show that a better cyber-security culture does not always correspond with more rule compliant behaviour. In addition, conflicts among cybersecurity rules and procedures may trigger human vulnerabilities. In conclusion, the integration of traditional technical solutions with guidelines to enhance CIS systems by leveraging HF in cybersecurity may lead to the adoption of non-technical countermeasures (such as user awareness) for a comprehensive and holistic way to manage cyber security in organisations.

Abstract: Memorymanagement algorithms for operating systemhavebeen explored broadly, but inadequate devotion has been concentrated on the real-time characteristic. Furthermost advanced algorithms are general-purpose and do not fulfill the requirements of real-time systems. Additionally, a few allocators combining with real-time systems do not focus well on multiprocessor architecture. The emergent needs for high-performance computational processing can be satisfied by NUMA architecture-based systems having multicore system. In this paper, memory allocation algorithm has been proposed for soft real-time operating system for NUMAbased architecture which will be useful to achieve constant execution time and less fragmentation.

Abstract: The acceleration of cyber-attacks in recent years has negatively impacted the overall performance of organizations around the world Organizations face the challenge of enhancing their cyber security to prevent and combat cyber-attacks, but studies of factors impacting the cyber security awareness/readiness of organizations from a holistic perspective are lacking This study adopts the Technology-Organization-Environment (TOE) framework to examine a comprehensive set of factors influencing the cyber security readiness of organizations and the effects of these factors on organizational performance (financial and non-financial) mediated by improved organizational security performance Data are collected via a survey of IT professionals in Bahrain, with 270 valid responses The results confirm the importance of seven of nine factors affecting cyber security readiness identified in previous studies Cyber security readiness is found to positively impact organizational security performance, which in turn positively affects financial and non-financial performance The newly proposed comprehensive model of factors affecting the cyber security readiness of organizations and the evidence of their importance can be used to guide future research and enhance the current understanding of how organizations can better equip themselves to minimize the occurrence and impact of cyber-attacks

Abstract: After 15 years of research, this paper aims to present a review of the academic literature on the ISO/IEC 27001, the most renowned standard for information security and the third most widespread ISO certification. Emerging issues are reframed through the lenses of social systems thinking, deriving a theory-based research agenda to inspire interdisciplinary studies in the field.,The study is structured as a systematic literature review.,Research themes and sub-themes are identified on five broad research foci: relation with other standards, motivations, issues in the implementation, possible outcomes and contextual factors.,The study presents a structured overview of the academic body of knowledge on ISO/IEC 27001, providing solid foundations for future research on the topic. A set of research opportunities is outlined, with the aim to inspire future interdisciplinary studies at the crossroad between information security and quality management. Managers interested in the implementation of the standard and policymakers can find an overview of academic knowledge useful to inform their decisions related to implementation and regulatory activities.

Abstract: Information security broadly refers to the state of protection against unsanctioned access to information or data, principally electronic or digital data. In today’s world of modern technology, there is a need to design and develop security measures to protect information from various security risks and threats. Wireless Sensor Networks (WSNs) hold significant importance in this era of the technological world; as its wide range of applications are being used around the globe in almost every domain. WSNs are being deployed with several constraints and limitations, due to which deploying security mechanisms on such networks becomes a difficult task for the developers. This research work specifically targeted security issues in WSNs and hence subjected to provide authentication and data encryption in a novel manner for node-to-node communication. The proposed scheme not only provides security for the node to node communication network but also hoards memory space on nodes with the help of Elliptic Curve Digital Signature (ECDSA) cryptographic scheme to provide an appropriate mechanism for measuring key generation time, count of hello message and packet size. Furthermore, the Algorithm for Wireless Secure Communication (ASCW) also provides key management with acceptable key length. In addition to this, ASCW helps in securing the communication on node level which helps in securing the whole network in a better and efficient manner. ASCW also reduces the cost of risk and security threats on the network with the help of authentication mechanism. A physical testbed has designed based on devices and sensor motes according to the required specifications. The proposed solutions have evaluated in terms of key generation time, several hello message and size of data packets. Experimental results have indicated that ASCW is one of the suitable and a novel approach for securing data on nodes during communication in WSNs.

Abstract: The benefits ushered through the use of IoT come with its share of security concerns. IoT networks are heterogeneous and existing network security tools and controls are inadequate for them. The Io...

Abstract: Degree attestation verification and traceability are complex one-to-one processes between the Higher Education Commission (HEC) and universities. The procedure shifted to the digitalized manner, but still, on a certain note, manual authentication is required. In the initial process, the university verified the degree and stamp seal first. Then, a physical channel of degree submission to the receiving ends is activated. After that, the degree is attested while properly examining and analyzing the tamper records related to degree credentials through e-communication with the university for verification and validation. This issue poses a serious challenge to educational information integrity and privacy. Potentially, blockchain technology could become a standardized platform to perform tasks including issuing, verifying, auditing, and tracing immutable records, which would enable the HEC, universities, and Federal Education Ministry (FEM) to quickly and easily get attested and investigate the forge proof versions of certificates. Besides, decentralized distributed data blocks in chronological order provide high security between distributed ledgers, consensus engine, digital signature, smart contracts, permissioned application, and private network node transactions that guarantee degree record validation and traceability. This paper presents an architecture (HEDU-Ledger) and detail design of blockchain-enabled hyperledger fabric applications implementation for degree attestation verification and traceable direct channel design between HEC and universities. The hyperledger fabric endorses attestation records first, and then validates (committer) the degree and maintains the secure chain of tracing between stakeholder peer nodes. Furthermore, this HEDU-Ledger architecture avoids language and administrative barriers. It also provides robustness in terms of security and privacy of records and maintains integrity with secure preservation as compared to that of the other state-of-the-art methods.

Abstract: Blockchain is a revolutionary technology that is being used in many applications, including supply chain management. Although, the primary motive of using a blockchain for supply chain management is to reduce the overall production cost while providing the comprehensive security to the system. However, current blockchain-based supply-chain management (BC-SCM) systems still hold the possibility of cyber attacks. Therefore, the goal of this study is to investigate practical threats and vulnerabilities in the design of BC-SCM systems. As a starting point, we first establish key requirements for the reliability and security of supply chain management systems, i.e., transparency, privacy and traceability, and then discern a threat model that includes two distinctive but practical threats including computational (i.e., the ones that threaten the functionality of the application) and communication (i.e., the ones that threaten information exchange among interconnected services of the application). For investigation, we follow a unique approach based on the hypothesis that reliability is pre-requisite of security and identify the threats considering (i) design of smart contracts and associated supply chain management applications, (ii) underlying blockchain execution environment and (iii) trust between all interconnected supply management services. Moreover, we consider both academic and industry solutions to identify the threats. We identify several challenges that hinder to establish reliability and security of the BC-SCM systems. Importantly, we also highlight research gaps that can help to establish desired security of the BC-SCM. To the best of our knowledge, this paper is the first effort that identifies practical threats to blockchain-based supply chain management systems and provides their counter measures. Finally, this work establishes foundation for future investigation towards practical security of BC-SCM system.

Abstract: As recent cyber-attacks have been increasing exponentially, the importance of security training for employees also has become growing ever than before. In addition, it is suggested that security training and education be an effective method for discerning cyber-attacks within academia and industries. Despite the importance and the necessity of the training, prior study did not investigate the quantitative utility of security training in an organizational level. Due to the absence of referential studies, many firms are having troubles in making decisions with respect to arranging optimal security training programs with limited security budgets. The main objective of this study is to find out a relationship between cybersecurity training and the number of incidents of organizations. Thus, this study quantified the effectiveness of security training on security incidents as the first study. This research examined the relationship among three main factors; education time, education participants, and outsourcing with numbers of cybersecurity incidents. 7089 firm level data is analyzed through Poisson regression method. Based on analysis results, we found that the negative relationship between security trainings and the occurrence of cybersecurity incidents. This study sheds light on the role of security training and education by suggesting its positive association with reducing the number of incidents in organizations from the quantitative perspective. The result of this study can be used as a referential guide for information security training decision-making procedure in organizations.

Abstract: In this study, we use the attentional phase of social learning theory to link workplace security-related experiences and observations to employees’ security awareness. The responses of 398 organiza...