March 2015 Proceedings Mag - Cyber Security - R2 (1) (1) (1)
Alfred Berkeley
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
Traditional "network-centric" cyber defenses intend to prevent a thief from reaching data, while new "data-centric" cyber defenses assume the thief will reach it. The new defenses make information hard to find and impossible to read. The difference between the old and new approaches is profound. By changing the balance of power between predator and prey, it introduces a new priceperformance curve for cyber security.
Related papers
Elevating the discussion on security management: The data centric paradigm
Business-Driven IT …, 2007
Corporate decision makers have normally been disconnected from the details of the security management infrastructures of their organizations. The management of security resources has traditionally been the domain of a small group of skilled and technically savvy professionals, who report to the executive team. As threats become more prevalent, attackers get smarter and the infrastructure required to secure corporate assets become more complex, the communication gap between the decision makers and the implementers has widened.
Data-centric security: Integrating data privacy and data security
IBM Journal of Research and Development, 2000
Classifying data according to its permissible use, appropriate handling, and business value is critical for data privacy and security protection. This is essential for compliance with the constantly evolving regulatory landscape concerning protected data. Problems arise when users compromise data privacy and security by overlooking the critical need to manage data according to these requirements. This paper considers the creation and application of data classification systems for security and privacy purposes. It focuses primarily on classifying information in a meaningful way through the use of a partially automated methodology that normalizes and classifies structured data throughout an enterprise. We introduce the three pillars of the data-centric security model, which are based on the data-centric security classification offering by IBM Global Business Services (GBS) and the IBM Research Division. In particular, we describe the data classification pillar of the data-centric security architecture, which provides the framework and method for partially automated classification of data to meet the demands of compliance standards.
Introducing a Hybrid Infrastructure and Information-Centric Approach for Secure Cloud Computing
Security has been considered as the key concern of adopting cloud computing. This could be ascribed to the customers’ lack of control over their confidential data once in the cloud and to the absence of trust in cloud providers. Unfortunately, the research efforts in the area of cloud security have not yet succeeded to give the required ”peace of mind” to cloud customers. Therefore, in an attempt to figure out the main loopholes in cloud security, this paper questions the fundamental principles of the security approaches in the cloud. The paper highlights two main drawbacks; the first is due to a potential incompatibility among security measures, while the other is due to the focus on securing the infrastructure rather than the data itself. Therefore, the paper advocates the need for integrating information-centric security approaches, and hence presents a novel security framework that adopts both infrastructure and information-centric security services.
The Current Trends, Techniques, and Challenges of Cybersecurity
European Journal of Information Technologies and Computer Science
Recently, the world witnessing rapidly growing in using computer systems based on networks, and no doubt that most of the systems are running over the internet which become a normal regular issue for governments, companies, organizations, institutions, and individuals. and the majority of these systems rely on using various cloud computing services that consequently at the same time have many advantages and disadvantages, and one of the disadvantages is that some security issues are arising, and these systems sometimes are increasingly affected by the number of security threats, and by default, the threats become troubles that gained the concerns of companies and governments. where researchers work hard to find solutions to those threats. Now the demand for finding tools techniques and skills for cybersecurity professionals has become an essential issue. This paper highlights the important aspects of cybersecurity such as Cybersecurity Institutions of cybersecurity, Attacks and Atta...
Issues and Requirements for Cybersecurity in Network Centric Warfare
2004
The transition to network centric warfare brings with it great promise for the effectiveness of future military operations. This promise arises from the capability for network centric warfare to empower individuals at all levels with vast amounts of relevant information and thereby lift the "fog of war." By achieving the promise, commanders will be able to effectively and efficiently employ their resources to achieve objectives; in addition, individuals can exploit information in real-time to increase their effectiveness in mission accomplishment and to capitalize upon transient opportunities in the battlespace. However, a central, but generally unspoken, tenet of network centric warfare is that the information received is actionable; i.e., that the information is timely and correct. However, the increasing sophistication of computer and network attack tools and technologies coupled with the increasing technical sophistication of potential adversaries calls this central tenet into question and raises the question of how to secure the network and software against the threat of attack and subversion. Clearly, network and application security, or cybersecurity, is a broad topic, but is of pressing importance if network centric warfare is to fulfill its potential and become a key component of the future battlespace. There are a variety of attacks upon network and software that must be addressed in order to achieve cybersecurity; some attacks are as simple as denial of service attacks and some as complex as attacks that exploit cyber vulnerabilities in order to alter key networks and software and thereby subvert the information without the user being aware that the subversion has occurred. Our objective is to examine the need for network and software security in light of the network centric warfare paradigm. In view of the need and threat, we present a new strategy for cyber defense, one that builds upon but enhances the proven concept of defense in depth. This new strategy exploits the defensive advantages offered in cyberspace while also minimizing the opportunities for the attacker as well as making an attack more difficult. This paper discusses the following topics. The first section contains the motivation for our research as well as a discussion of the challenges that must be addressed to provide cybersecurity in the cyber battlespace in support of network centric warfare. Next, the paper presets a discussion of background material necessary to understand this research area. The focus of the paper is in the third section, which contains a discussion of the scope of the threat and of cyber security issues and requirements in the cyber battlespace. The concluding section contains a brief summary and suggestions for further research. Public reporting burden for the collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to a penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number.
Editorial: Special issue on security of information and networks
Journal of Information Security and Applications, 2015
SECURWARE 2014, The Eighth International Conference on Emerging Security Information, Systems and Technologies
The Eighth International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2014), held between November 16-20, 2014 in Lisbon, Portugal, continued a series of events covering related topics on theory and practice on security, cryptography, secure protocols, trust, privacy, confidentiality, vulnerability, intrusion detection and other areas related to low enforcement, security data mining, malware models, etc. Security, defined for ensuring protected communication among terminals and user applications across public and private networks, is the core for guaranteeing confidentiality, privacy, and data protection. Security affects business and individuals, raises the business risk, and requires a corporate and individual culture. In the open business space offered by Internet, it is a need to improve defenses against hackers, disgruntled employees, and commercial rivals. There is a required balance between the effort and resources spent on security versus security achievements. Some vulnerability can be addressed using the rule of 80:20, meaning 80% of the vulnerabilities can be addressed for 20% of the costs. Other technical aspects are related to the communication speed versus complex and time consuming cryptography/security mechanisms and protocols. Digital Ecosystem is defined as an open decentralized information infrastructure where different networked agents, such as enterprises (especially SMEs), intermediate actors, public bodies and end users, cooperate and compete enabling the creation of new complex structures. In digital ecosystems, the actors, their products and services can be seen as different organisms and species that are able to evolve and adapt dynamically to changing market conditions. Digital Ecosystems lie at the intersection between different disciplines and fields: industry, business, social sciences, biology, and cutting edge ICT and its application driven research. They are supported by several underlying technologies such as semantic web and ontology-based knowledge sharing, self-organizing intelligent agents, peer-to-peer overlay networks, web services-based information platforms, and recommender systems. We take here the opportunity to warmly thank all the members of the SECURWARE 2014 Technical Program Committee, as well as the numerous reviewers. The creation of such a high quality conference program would not have been possible without their involvement. We also kindly thank all the authors who dedicated much of their time and efforts to contribute to SECURWARE 2014. We truly believe that, thanks to all these efforts, the final conference program consisted of top quality contributions. Also, this event could not have been a reality without the support of many individuals, organizations, and sponsors. We are grateful to the members of the SECURWARE 2014 organizing committee for their help in handling the logistics and for their work to make this professional meeting a success. We hope that SECURWARE 2014 was a successful international forum for the exchange of ideas and results between academia and industry and for the promotion of progress in emerging security information, systems and technologies. We are convinced that the participants found the event useful and communications very open. We hope Lisbon provided a pleasant environment during the conference and everyone saved some time for exploring this beautiful city.
Seeking Foundations for the Science of Cyber Security Editorial for Special Issue of Information Systems Frontiers
Cyber security (or cybersecurity) has become a fundamental issue which deeply affects citizen's lives (including their privacy), the public's economic prosperity, and national security. The high frequency of media reports on highprofile cyber attacks, which cause substantial and, at times, catastrophic damages, highlights that cyberspace is a very fragile and vulnerable ecosystem, and that our understanding of cybersecurity and our capability of defending cyberspace are far from adequate. This is true despite the numerous advancements and breakthroughs in some fields of cybersecurity. One outstanding example is cryptography, which has been built on a firm foundation in Computational Complexity Theory, starting with a number of breakthroughs, e.g. Diffie and Hellman (1976), Rivest et al. (1978), Goldwasser and Micali (1982), and Yao (1982). However, there are many cyber attacks that go beyond the standard cryptographic threats models, such as attacks which can compromise cryptographic private keys by directly stealing memory pages (e.g., Harrison and Xu (2007)), or indirectly exploiting side-channel attacks (e.g., Kocher (1996)). The state-of-the-art is that we are far from being capable of adequately dealing with such attacks in
Related papers
Data Centric Security Approach: A Way to Achieve Security & Privacy in Cloud Computing
SSRN Electronic Journal, 2018
Cloud computing can be said to be the phenomena which enable one to use the common pool of configured resources' with minimum administration labors often on the internet and this sharing paradigm give rises to many issues and one such is that the clarity of data transfer is not transparent in cloud and even it lacks in providing the clarity regarding the ownership of the data. Cloud computing patterns are gaining worldwide well-known recognition because of the various assistance it can offer. These assistances comprises of costeffectiveness, saving of time and optimally utilization of resources of computing. Privacy of data and its security are the two major issues that prove to be hindrance in the adoption of this new technology. Recent researches have shown the focus of various researchers in improving of the security at OS level, Virtual Machine/Hardware level or at application level. But still no broad solution is provided for this problem and still the data security measures are being cared by the cloud providers. Another trend of research is based on Trust Computing concepts. This concept of Trust Computing provides certain set of technologies to trusted third party for securing virtual machines from cloud providers. This concept provides the user with various tools to monitor and assess the data in a secured manner but with much managed facility. In gap, Data Centric Security (DCS) upcoming technology that provides the data provider with full control of security of the data that is being provided right from the beginning till it is removed i.e. throughout the lifespan. DCS technology has been mentioned in various ways in the literature but there is still not a homogeneous framework for apply it to cloud model.
Report on Contemporary Cyber Security Issues
International Journal of Computer Science and Information Security (IJCSIS), Vol. 22, No. 3, June 2024, 2024
The contemporary landscape of cybersecurity is fraught with challenges, necessitating a keen understanding of evolving threats and robust defense mechanisms. By examining the Data Encryption Standard (DES) as a key element therein, this paper explores the complexities of cryptography, a foundational element of contemporary security paradigms. Securing confidential data from unwanted access is one of the many facets of cryptography, the art of secure communication. In the context of data protection, DES is recognized as a foundational cryptographic algorithm, valued for both its historical importance and ongoing applicability. But as technology moves more quickly and cyberattacks get more complex, DES's effectiveness is called into question, which has sparked debate about whether it is still sufficient in modern security scenarios. Here, in this paper we explore the complexities surrounding cryptography and DES, elucidating their strengths, limitations, and implications for cybersecurity practices. By examining current trends and emerging challenges, it endeavors to offer insights into mitigating risks and fortifying defenses against cyber threats in the digital age.
Secure Cloud Collaboration in Data Centric Security
International Journal on Recent and Innovation Trends in Computing and Communication, 2024
Online work may be made safer and simpler with the help of secure cloud collaboration. This article discusses challenges encountered, solutions proposed, and novel approaches to data security in cloud collaboration. Access restrictions, data integrity checks, and encryption are some of the instruments that we might employ to secure private data while it is being sent or stored. The report also discusses recent developments that have made cloud collaboration even safer, such as the use of blockchain technology and zero-trust techniques. As more businesses utilize the cloud for collaboration, they must be aware of and abide by security guidelines to preserve client privacy and adhere to legal requirements. This article outlines strategies for enhancing the security of data and cloud collaboration in several businesses, both now and in the future.
The Reality of Technologies for Cyber Security Challenges
International Journal of Recent Technology and Engineering
In the field of informational technology, cyber securit y plays an important role in ensuring that information has becom e one of today's major challenges. The first thing that comes to our mind when we ever talk about cyber security is ' cyber crimes, ' which are rising exponentially every day. Different governments and companies take numerous measures to prevent such cyber crimes. In addition to various cyber security measures, many still have a major concern. It also reports on the innovations in cyber security strategies, practices and developments that change the face of online health. This paper focuses mainly on cyber security challenges facing the latest technologies.
A Brief Survey on Various Technologies Involved in Cloud Computing Security
Asian Journal of Applied Science and Technology, 2020
In the past decade, big technical advances have appeared which can bring more comfort not only in the corporate sector but at the personal level of everyday life activities. The growth and deployment of cloud computing technologies by either private or public sectors were important. Recently it became apparent to many organizations and businesses that their workloads were moved to the cloud. However, protection for cloud providers focused on Internet connectivity is a major problem, leaving it vulnerable to numerous attacks. Although cloud storage protection mechanisms are being introduced in recent years. However, cloud protection remains a major concern. This survey paper tackles this problem by recent technology that enables confidentiality conscious outsourcing of the data to public cloud storage and analysis of sensitive data. In specific, as an advancement, we explore outsourced data strategies focused on data splitting, anonymization and cryptographic methods. We then compare these approaches for operations assisted by accuracy, overheads, masked outsourced data and data processing implications. Finally, we recognize excellent solutions to these cloud security issues.
Comprehensive Survey of Security Issues Framework in Data-Centric Cloud Applications
Journal of Engineering Science and Technology Review, 2021
The emergence of the cloud computing paradigm has influenced business organizations for migration over two decades. This has enabled a more incredible communication speed paired with a better fault tolerance of web-based applications and the scope of having practically unlimited storage available for the user and business data. Such colossal data availability over cloud platforms has increased concerns about the security of the same from various threats such as unauthorized eavesdropping, deliberate malicious mutation of data, loss of data integrity, and identity theft. The presence of such security vulnerabilities has rendered cloud security to be an active research area. This article aims to deep dive into the present stateof-the-art in cloud security research and mitigation approaches. It is observed that cloud storage, cloud services are the widely used applications among the organization. However, vulnerabilities and security challenges faced by this two area is maximum. Besides, outsourcing sensitive information to cloud service provider's (CSP) end leads to trust issues among organizations. This article performs a detailed comparative analysis of the security frameworks developed towards cloud storage level, cloud service level, and cloud trust level to date and throws light on future research directives. All the existing research has been evaluated against CIA (confidentiality, Integrity, Availability) principles here.
ADVANCING U.S. NATIONAL SECURITY WITH CLOUD COMPUTING: STRENGTHENING INTELLIGENCE, CYBER RESILIENCE, AND HOMELAND DEFENSE STRATEGIES
Journal IJETRM, 2025
The integration of cloud computing into U.S. national security has become a transformative force in strengthening intelligence operations, cyber resilience, and homeland defense strategies. As security threats evolve, traditional on-premise infrastructure faces challenges in scalability, agility, and real-time threat mitigation. Cloud computing offers distributed, scalable, and AI-enhanced solutions that enhance data-driven intelligence, improve operational efficiency, and fortify national cybersecurity frameworks. This study explores how federal agencies, defense institutions, and intelligence communities leverage cloud-based architectures to facilitate real-time threat analysis, secure data-sharing, and cross-agency collaboration. By utilizing hybrid and multi-cloud environments, government agencies gain enhanced security postures, improved threat detection, and AI-powered predictive analytics for proactive risk mitigation. Additionally, Zero Trust security models and quantum-safe cryptographic techniques ensure data integrity and protection against sophisticated cyber threats.Despite these advantages, cloud adoption in national security presents challenges related to data sovereignty, compliance with federal regulations, and risks associated with cloud-based cyberattacks. This paper discusses best practices for implementing secure cloud solutions in national security infrastructure, including federal cloud security frameworks, AI-driven automation, and resilience planning for critical missions. The findings emphasize that secure cloud integration is critical for maintaining U.S. military and intelligence superiority, strengthening cyber resilience against nation-state adversaries, and enhancing real-time situational awareness for homeland defense. Future research should explore AI-augmented cloud security, blockchain for classified information integrity, and post-quantum encryption methods to ensure continued national security advancements in an era of evolving cyber threats.
CYBER SECURITY-EMERGNING TRENDS ON LATEST TECHNOLOGIES AND ITS CHALLENGES
isara solutions, 2018
Digital Security assumes a significant job in the field of data innovation Securing the data have turned out to be perhaps the greatest test in the present day. At whatever point we consider the digital security the principal thing that rings a bell is 'digital wrongdoings' which are expanding colossally step by step. Different Governments and organizations are taking numerous measures so as to avoid these digital violations. Other than different measures digital security is as yet an exceptionally enormous worry to many. This paper fundamentally centers around difficulties looked by digital security on the most recent advancements .It likewise centers around most recent about the digital security methods, morals and the patterns changing the essence of digital security.
The Future of Cyber Security
INTERNATIONAL JOURNAL OF ADVANCE RESEARCH, IDEAS AND INNOVATIONS IN TECHNOLOGY
In the near future, cyber security will play a dominant role in personal and business applications. As society is becoming more and more digitized, there are more chances to win by exploiting this. As a result of the growing proliferation of digitization and connected devices, the demand for cyber security solutions is growing at a relatively high rate. The complexity and connectivity of digitized systems have a direct impact on their security. The goal of this review is to summarize the logical predictions of the future of cybersecurity.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.