SlideShare a Scribd company logo

WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX

IJNSA Journal
IJNSA Journal

Nowadays, use of wireless technology in organizations is a regular act, and we can see this technology erupted in all possible different areas. Related to employing wireless technology those organizations need to apply properly security level, depend on security policy which already defined. If security system applied but not required, or security system required but not provided, leads to improper security system. In this paper we have shown the way to evaluate the data significant and their appropriate security level. Here a model to evaluate the cost of data on security point of view by consideration of some parameters like sensitivity, volume, life, frequency, etc…, this research makes organizations to predict and implement or understand the cost involved for security of their data by measuring the data value. We used questionnaire and survey methodologies to collect the data; and then used SPSS and SAS program to calculate and design a model. In this way regression and BOOTSTARP help us to find accurate result.

Engineering
1 of 10
Download to read offline
International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 DOI : 10.5121/ijnsa.2010.2311 158 WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX Reza Amirpoor 1 and Ajay Kumar 2 and Satish R. Deavne 3 1 Research Student, IMED, Department of Computer Management, Bharati Vidyapeeth University, Pune, INDIA, 411008, Tel No. : +91 9890307927 reza_amirpoor@yahoo.com 2 Director, JSPM’s JAYAWANT Institute of Computer Applications, Tathawade, Pune, INDIA, 411033 ajay19_61@rediffmail.com 3 Principal, Dr. D. Y. Patil Ramrao Adik Institute of Technology, Nerul, Navi Mumbai, INDIA satish@rait.ac.in ABSTRACT Nowadays, use of wireless technology in organizations is a regular act, and we can see this technology erupted in all possible different areas. Related to employing wireless technology those organizations need to apply properly security level, depend on security policy which already defined. If security system applied but not required, or security system required but not provided, leads to improper security system. In this paper we have shown the way to evaluate the data significant and their appropriate security level. Here a model to evaluate the cost of data on security point of view by consideration of some parameters like sensitivity, volume, life, frequency, etc…, this research makes organizations to predict and implement or understand the cost involved for security of their data by measuring the data value. We used questionnaire and survey methodologies to collect the data; and then used SPSS and SAS program to calculate and design a model. In this way regression and BOOTSTARP help us to find accurate result. . KEYWORDS Data Value, Security Policy, Wireless 1. INTRODUCTION Wireless technologies are increasingly popular around the world, many organizations applied to wireless networks at part of own networks, in recent years, , price of wireless production has been reduced and we can prepare device of wireless network cheaper than wire device.. With respect of this cost and easily to install and also user friendly, organizations looking for wireless networks. Despite we will take reap of benefits in this way, but security is becoming main challenge. Wireless heritance is more vulnerable than wire technology. With this security concern, we implement security policy related to our organization to cover all angle of breach architecture, and answer to all questions which will come later about security. The goal of this paper is to make the reader aware of the weakness in current wireless security models and to lay a framework for a reliable wireless security policy for all organizations by any value of the data on security view. To that end, this paper will examine the data and identify the effective wireless security policies. As the number of employees, applications and systems increases, the management of the organization’s information becomes much more
International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 159 difficult and consequently vulnerabilities potentially increase. To determine secure use of hardware and software, as well as, facilitating and encouraging secure employee behaviour, organizations make use of information security policies. An information security policy is a combination of principles, regulations, methodologies, techniques and tools [1] established to protect the organization from threats. These policies also help organizations to identify its information assets and define the corporate attitude to these information assets [2]. 2. LITERATURE SURVEY The security of business transactions and personal data is not simply dependent upon the security of the network. From a survey of small-medium enterprises in Hong Kong, Chung and Tang (1999) [3], conclude security management is an important success factor for the adoption of information systems in small-medium enterprises. So as new customer-based information systems are designed, developed, procured and deployed the privacy related security issues of the information system needs careful consideration. With the increasing use of the Internet and mobile technologies by smaller organizations, enabling them to be more flexible and diverse in their operations, the threats are broadening. Effective security management is therefore, essential for all organizations in this increasingly interoperable world in order to ensure that the information remains confidential, available and retains integrity. Table 1 summarizes level of adoption of security management policies by small businesses. The levels of planning and policy definition are low in comparison to larger organizations. Only 41 per cent of small businesses have written a security policy that will protect customer privacy [4] in comparison to 76 per cent of large organizations [5]. The reasons for this difference relates to expertise, resources, and an understanding of the risk.[6] Our policy throughout was to ensure privacy of data by ensuring the system and organizations were secure from accidental, deliberate and opportunistic attack. The security policy was based on the international information security standard for best practice (ISO17799). Table 1 Policies and Procedures Currently in Place [3] Document % of respondents Data recovery procedures 47 Computer use and misuse policy 43 Information security policy 41 Information security procedures 33 Business continuity plan 24 Data destruction procedures 21 Organizations need to understand the real risks and build security management policies on them; evaluate technological solutions and external hosting decisions on the total cost of ownership; build systems with defence in depth, where the first line of defence is users who are aware of the issues; and to minimize the chance of unauthorized access by defaulting to a policy of least privilege access and monitoring the network to maintain confidence to ensure the security policy working.
International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 160 3. SECURITY POLICY Protection of assets is critical part of each organization. Wireless vulnerable can give anxious to organization about the data. Despite benefit of wireless is always an enthusiasm to remain in organizations. Changes in technological solutions should be based upon a security policy. Without a policy, security practices will be undertaken without any clear strategy, purpose or common understanding. So important is this area of management that there is now an international standard (IS0 17799) that states the principal tenants of information security management policies, such as ensuring that the policy is aligned to business objectives. A. Why Policy? Security policies help organizations to define important assets and specify the appropriate steps to be taken to safeguard those assets. Organizations can benefit from the conveniences of wireless but it’s risky from a security standpoint not to have a policy in place to help, to guide the users in the appropriate implementation and use of the technology [7]. A well-written wireless security policy will provide a reference document that will answer users’ questions about wireless security and is a document that can be referenced if conflicts arise during the implementation or daily use of the technology. It will provide a centralized location for security guidance and allows for centralized updates as the technology and risks associated with its use evolve. Additionally, the policy should standardize the security practices of the user base. For example, the policy may state that no wireless devices may be taken into areas designated for classified information. This will make it easier for the security department to advertise this rule to users by referencing its inclusion in the policy document, which all users are required to read [8]. In any case, poor security architecture can create conflicts and tensions by unnaturally restricting the user’s options. Inferior security components can hinder application growth, and applications might be forced into choosing between business feature support and security. Well- designed applications can catch and address many of these issues successfully at the architecture review. The major purpose of the security policy is to select the appropriate security solutions to face those threat events while ensuring that the cost of protecting the infrastructure does not exceed the benefit it provides. In business jargon, the rules of the security policy should guarantee a return on investment 4. ADJUST SECURITY POLICY IN ORGANIZATION BY THE DATA VALUE One expert commented on the budget "One day my boss asked me 'are we protected?', I told him if you have a house and you want to protect it you will need money to do so… So the level of security or the protection you will get depends on how much money you will spend. According to the budget, we plan for information security”. The budget needs to be adequate: "Without enough money, we can’t have security in the organization; money will bring software, hardware, and consultants". Without a proper budget, organizations won’t be equipped with sufficient resources to ensure information security.
International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 161 If security system applied but not required, or security system required but not provided, leads to improper security system. In first case we wasted our resource and it make trouble in opposed goal in system architecture. The goals of performance and portability are in conflict with security architecture goal. We will lose that goal by increasing and adding more security system in our organization, and this is force and pressure in total system architecture. In Second case, if we denied implementing properly security system in organization, it means we push our assets to vulnerable field. So we can’t protect the data from malicious attack. Table 2 shows the relation between appropriate security level and data value. First column is security policy levels, start from minimum security to maximum security, in second column we use a model to find the data value which start from minimum value to maximum value. Any level of data value model can compare to same level of security level or one level up, it means any organization can calculate of own the data value and then can find security policy level of those data. Security policy model can use from ITSEC or other standards, but we recommend to use of ITSEC standard. The ITSEC addressed an expanded view of confidentiality, integrity and availability with the aim of more explicitly addressing both military and commercial requirements [9]. Table 2 also can help to prediction of security level need for the organization. By calculating the value cost of data for next few years and you can take security level for those years. The data value is derived from our model are calculated by a questionnaire, which collected from network administrator of organizations. This questionnaire is useful to put in our model to find data value of security view of the organization’s data. In fact data value model is observation of network administrator on the organization’s data. Through this observation we can find data value. Table 2 Relation between Security Levels and Data Value Model By finding the relation between data value and security policy, our goal be accessible to define the best security policy level for our organization. 5. MODEL OF DATA VALUE POINT OF SECURITY VIEW Implementation of security architecture in system should be balanced by the data value of that organization. Before applying security in system, one must know about the data value in system. The data in any organization have cost and value. Some data is less value and some of them can’t take value or price. Some data are looked by hackers and malicious people, to access by different mention. The data is affected by some parameters; we can show this by formula: • DATA value from security point of view = F(X,Y...) (1) Security policy levels Data value Model S1 D1 S2 D2 … … Sm Dn
International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 162 Which F() is a function included some parameters; these parameters has been effected on the data value; and caused to change value and price of the data. The value of data can calculated by linear function, however, this function (1) should cover whole area atmosphere on data value. These parameters are shown as below (2): • Sensitivity of data • Volume of data • Life of data • Multiple places of users • Frequency of use • Update frequency of data • Wireless data All of the seven parameters are affecting on data to get value, but by different coefficient; The data can weight by these parameters, definitely may be more parameter can find and added to this collection, here we have considered only seven parameters to describe the model; these parameters are varying from organization to organization and system to system; it can be high, it can be low or in middle range accordingly we have to apply the security level for cost effectiveness and proper security implementation. The final model (3) can calculate data value for Table 3 , minimum be 0 and maximum be 8400, which 0 is equal to D level of security level policy (minimum security required) and 8400 is equal to A level of security policy (maximum security required) for the organization. We should divide and category range of (0 … 8400) to all security level policy, to draw properly relate between data value and security policy. This model given by: • DATA value from security point of view = α +β1 S+ β2 V + β3 L + β4 M+ β5 U+ β6 F + β7 W+ ε (3) • α = Intercept cost of Data • S = Sensitivity of Data • V = Volume of Data • L = Life time of Data • M = Multiple places users • U = Updated Frequency of Data • F = Frequency of Data used • W = Wireless Data • ε = Hidden parameter cost Which β1... β7 are coefficients on parameters. By regression calculation and SPSS software, we have derived those coefficients. A. Methodology and Empirical Evidence Our research is aimed at all companies, which used wireless technology for communication; the interview was arranged and conducted with all of the participants at the convenience of the interviewee and took place in the interviewees’ offices. Confidentiality of the data was guaranteed. All participants requested that anonymity also be guaranteed.
International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 163 Thirty six organizations selected in six different areas to collect the data; these six areas cover all variation of organizations which have data by different value. These are as below: • Educations • Research places • Business • Medical • Industry • Citizen Service All of them used wireless technology as basic part of own networks. We collected the data value of 36 organizations through questionnaire and survey; network administrator in all organizations responsible for those questions, through these questionnaire we tried to collect effective of parameters on value of data on security view by administrators of organizations, and take their observation on the data value. Table 3 shows the variation of data value collected by questionnaires on different area which already defined. Depend on inherently of area these data value should be changed. Despite security level required also is changed. In Table 3, we can see maximum security level required is on the business row and also in education level. In these two categories we should apply maximum security policy level. Maximum data value which we collected is 6400 in bank category, and minimum value is 790 in industry category. Table 3 Tabulation of Data Value Range in Different Area of Wireless Users Range of value Min. Value Max. Value Education 1530 4960 Research 3075 3720 Medical 2460 2720 Citizen Service 1080 2910 Industry 790 2720 Business 6240 6400 Each parameter through questionnaire designed 1200 score and maximum value on each organization is 8400 (7 * 1200). B. Analyze of Data Figure 1 shows the variation of value of different parameters on the data value, each parameter has specific effect on the data value. Sensitivity and life of data on organizations are important parameter which can increase the value of data on security view. Update frequency of data is less effect on the data value from security point of view. In some area as citizen service don’t need more security level, because no one of the specifics is high and average of all seven parameter (2) is in half down of Table 2. In this case, we can apply minimum or like this to security organization. Business area included bank is in high level of security, and consequently must apply maximum security level on this organization. Figure 2 shows the three parameter cover 45 per cent of total value of data. These parameters are wireless data, sensitivity of data and multi places of data.
International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 164 Figure 1 Different parameter by different coefficient on total data value A common specific on these three is all of them use various users, and consider by hackers. Figure 2 Percentage of different parameter In questionnaire designed different way and different question to take value of each parameter; our mentioned is to define common coefficient for each parameter for only one formula, and finally we can apply this formula to every organization. We used SPSS and SAS to find coefficient, SPSS used to make components of our parameters, result be as below: Component 1= (freq *.852) + (update-freq *.886) + (life* .604). (4) Component 2= (volume * .858) + (multi-places * .750). Component 3= (wireless * .920) + (sensitivity * .716).
International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 165 Three parameters of them (frequency of use, update frequency of data and life of data) make a component and volume of data and multi places of users are another component and the last wireless data and sensitivity of data are a component. Each component is elaborate included parameters in the same level, and they can be in same range of effectiveness. We have written a program for SAS application to use a bootstrap methodology for help us in this way, bootstrap used 100 000 resample of this 36 observation. Bootstrap helps us to find accurate result. By this methodology we have got the coefficients of all parameters. A program for SAS to compute a coefficients and variants through BOOTSTRAP methodology is written; and apply to inference coefficient of our components. By 100 000 resampling model and 36 observation finally we got result of our model. This model given by: Formula (3) will be completed by: -3334 + F (I, S, V, L, M, U, F, W); And final model be: = -3334 + 8.29 F + 8.62 U+ 5.88 L + 20.97 V + 18.33 M+ 11.71 W + 9.11 S; (5) Formula (5) is a common formula to take value of data on security view on every organization, and through this result and use Table 2, we can adjust our security policy on organizations. Now we can use this model to find accurate data value of security point on our observations; the result shown in Table 4. Maximum score is for business group and minimum came in industry and citizen service groups. Table 4 Tabulation of Data Value Range in Different Area of Wireless Users Used Formula (5) Range of value Min. Value Max. Value Education 2538 3971 Research 2516 3586 Medical 1168 2759 Citizen Service 728 4070 Industry 106 4021 Business 4606 4958 But as in above table we can see in some industry area also have high data value; and depend on organization and data value we can apply for security level, and through Table 2 and adjust between security levels and data value we can find level of security in our organization and we can apply or modify on that level. 6. CONCLUSION AND FUTURE AREAS OF RESEARCH With the myriad of security issues facing wireless technology there is a need for strong and effective wireless security policies. Fortunately, while there are many wireless security policy templates available, this paper has shown how to select the best security policy for own organization, and discussed the weakness and strong in select properly security policy and proposed a framework for a reliable wireless security policy for all organizations by any level of data value. Near 45 per cent of data value from security point of view is included of Wireless, Multi places users and Sensitivity of organization’s data. Any organizations use out of these three specific of data should use top half of security level model for own organization.
International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 166 In this paper, we have developed a model to estimate a data value point of security view on organization. This model allow the systems to find the best security model for own organizations. Applying this model to system security design will improve system security performance and decrease the overheads in nearly every security related area. This model to evaluate the cost of data on security point of view by consideration of some parameters like sensitivity, volume, life, frequency, etc…, this research makes organizations to predict and implement or understand the cost involved for security of their data by measuring the data value. Because this is the first time we try to model the data value, there are some important works that we can calculate the data value for different area by different security policy in the future. It helps to define and implement appropriate security policy for all organizations. Also we can suggest new parameter which can be effect on the data value on security view, and redesign our model. REFERENCES [1]. Tryfonas, T., Kiountouzis, E. and Poulymenakou A, Embedding Security Practices in Contemporary Information Systems Development Approaches. Information Management & Computer Security, Vol. 9, No. 4, (2001) 183-197. [2]. Canavan, S., An Information Security Policy Development Guide for Large Companies. SANS Institute, 2003. [3]. Chung, C-W and Tang, Computer Based Information Systems (CBIS) adoption in small businesses: Hong Kong experience and success factors, Journal of Global Information Technology Management, M-ML (1999), 2(2) 5-22. [4]. Gupta, A. and Hammond, Information Systems Security Issues and Decisions for Small Businesses: An Empirical Examination ,Information Management &Computer Security, R. ( 2005), 13(4) 297-310. [5]. Fulford, H. and Doherty, The Application of Information Security Policies in Large UK-based Organizations: An Exploratory Investigation, Information Management & Computer Security, N. F. (2003) , 11(3) 106-114. [6]. Ian Allison, Privacy through Security: Policy and Practice in a Small-Medium Enterprise, The Robert Gordon University, UK. [7]. MICHAEL MANLEY, CHERI MCENTEE, ANTHONY MOLET, AND JOON S. PARK. A FRAMEWORK OF AN EFFECTIVE WIRELESS SECURITY POLICY FOR SENSITIVE ORGANIZATIONS. IN PROCEEDINGS OF THE 6TH IEEE INFORMATION ASSURANCE WORKSHOP (IAW), IEEE COMPUTER SOCIETY WEST POINT, NEW YORK, JUNE 15-17, (2005)150–157. [8]. Jay Ramachandran, Designing Security Architecture Solutions, WILE, 2006. [9]. An Oracle White Paper, Computer Security Criteria: Security Evaluations and Assessment, July 2001.
International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 167 Authors Reza Amirpoor received the B.E. degree from Sharif University of Technology in 1996 and MBA (IT) degrees, from Symbiosis International Univ. in 2006. He is Ph.D. student in Bharati vidyapeeth Univ. in PUNE since 2007. His research interest includes Computer Networks, wireless systems and security systems. Dr. Ajay Kumar has completed M.Sc. Engg. in Computer Science and Ph.D. He is having 21 years of teaching and research experience. Presently he is working as Director, JSPM’s JAYAWANT Institute of Computer Applications, Pune-India, He has published four books in Information Technology. He has also published more than 35 papers in National / International Conferences and Journals. His area of research is Computer Networks, mobile computing, wireless systems, security systems and Software engineering. Dr. SATISH R. DEVANE has completed M.E. Electronics, from Dr. B.A. M University, Aurangabad and Ph.D. in Information Technology from IIT Bombay 2006. Presently he is working as Principal, Dr. D. Y. Patil Ramrao Adik Institute of Technology, Nerul, Navi Mumbai -India, He has published one book in Computer programming. He has also published more than 20 papers in National / International Conferences and Journals. He has Life Membership in IEEE, ISTE, CSI, IETE, ISACA, Security Technology Forum of CSI. His area of research is E-Commerce, Computer Organization, Network Communication, Web Technology, Smartcard, System Analysis and Design, Operating System, Network Security, Software Engineering.

Recommended

Safeguarding the Enterprise
Safeguarding the EnterpriseSafeguarding the Enterprise
Safeguarding the EnterpriseADGP, Public Grivences, Bangalore
 
McNair_Paper_Hill
McNair_Paper_HillMcNair_Paper_Hill
McNair_Paper_HillDennis Hill
 
Conference Paper at International Conference on Enterprise Information System...
Conference Paper at International Conference on Enterprise Information System...Conference Paper at International Conference on Enterprise Information System...
Conference Paper at International Conference on Enterprise Information System...Malaysia University of Science and Technology (MUST)
 
An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...researchinventy
 
Paper Titled Information Security in an organization
Paper Titled Information Security in an organizationPaper Titled Information Security in an organization
Paper Titled Information Security in an organizationMohammed Mahfouz Alhassan
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile securityJAYANT RAJURKAR
 
Information Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsInformation Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsOxfordCambridge
 
Security risk analysis of bring your own device system in manufacturing compa...
Security risk analysis of bring your own device system in manufacturing compa...Security risk analysis of bring your own device system in manufacturing compa...
Security risk analysis of bring your own device system in manufacturing compa...TELKOMNIKA JOURNAL
 

Recommended

Safeguarding the Enterprise
Safeguarding the EnterpriseSafeguarding the Enterprise
Safeguarding the EnterpriseADGP, Public Grivences, Bangalore
 
McNair_Paper_Hill
McNair_Paper_HillMcNair_Paper_Hill
McNair_Paper_HillDennis Hill
 
Conference Paper at International Conference on Enterprise Information System...
Conference Paper at International Conference on Enterprise Information System...Conference Paper at International Conference on Enterprise Information System...
Conference Paper at International Conference on Enterprise Information System...Malaysia University of Science and Technology (MUST)
 
An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...An Overview of Information Systems Security Measures in Zimbabwean Small and ...
An Overview of Information Systems Security Measures in Zimbabwean Small and ...researchinventy
 
Paper Titled Information Security in an organization
Paper Titled Information Security in an organizationPaper Titled Information Security in an organization
Paper Titled Information Security in an organizationMohammed Mahfouz Alhassan
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile securityJAYANT RAJURKAR
 
Information Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsInformation Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsOxfordCambridge
 
Security risk analysis of bring your own device system in manufacturing compa...
Security risk analysis of bring your own device system in manufacturing compa...Security risk analysis of bring your own device system in manufacturing compa...
Security risk analysis of bring your own device system in manufacturing compa...TELKOMNIKA JOURNAL
 
Pdf7
Pdf7Pdf7
Pdf7Editor IJARCET
 
Information Security : Is it an Art or a Science
Information Security : Is it an Art or a ScienceInformation Security : Is it an Art or a Science
Information Security : Is it an Art or a SciencePankaj Rane
 
Information Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesInformation Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesJack Nichelson
 
Cyber security: challenges for society- literature review
Cyber security: challenges for society- literature reviewCyber security: challenges for society- literature review
Cyber security: challenges for society- literature reviewIOSR Journals
 
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdfControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdfsulu98
 
Electronic Healthcare Record Security and Management in Healthcare Organizations
Electronic Healthcare Record Security and Management in Healthcare OrganizationsElectronic Healthcare Record Security and Management in Healthcare Organizations
Electronic Healthcare Record Security and Management in Healthcare Organizationsijtsrd
 
Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Janghyuck Choi
 
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...IJNSA Journal
 
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School FDMagazine
 
Forensics
ForensicsForensics
ForensicsLaura Aviles
 
Why uem-is-the-key-to-enterprise-it-security
Why uem-is-the-key-to-enterprise-it-securityWhy uem-is-the-key-to-enterprise-it-security
Why uem-is-the-key-to-enterprise-it-securityCincoC
 
E1804012536
E1804012536E1804012536
E1804012536IOSR Journals
 
Iso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIskcon Ahmedabad
 
Information Security Management System: Emerging Issues and Prospect
Information Security Management System: Emerging Issues and ProspectInformation Security Management System: Emerging Issues and Prospect
Information Security Management System: Emerging Issues and ProspectIOSR Journals
 
Iidss 2017 sarwono sutikno arwin sumari (cps in defense)
Iidss 2017 sarwono sutikno arwin sumari (cps in defense)Iidss 2017 sarwono sutikno arwin sumari (cps in defense)
Iidss 2017 sarwono sutikno arwin sumari (cps in defense)Sarwono Sutikno, Dr.Eng.,CISA,CISSP,CISM,CSX-F
 
Information Security - I.T Project Management
Information Security - I.T Project ManagementInformation Security - I.T Project Management
Information Security - I.T Project ManagementWe Learn - A Continuous Learning Forum from Welingkar's Distance Learning Program.
 
OverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateOverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateKashif Ali
 
Research insights - state of network security
Research insights - state of network securityResearch insights - state of network security
Research insights - state of network securityMiguel Mello
 
Information Security Governance #2A
Information Security Governance #2A Information Security Governance #2A
Information Security Governance #2A Marius FAILLOT DEVARRE
 
I018115768
I018115768I018115768
I018115768IOSR Journals
 
820 1961-1-pb
820 1961-1-pb820 1961-1-pb
820 1961-1-pbMohammed Mahfouz Alhassan
 
Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)Cisco Service Provider Mobility
 

More Related Content

What's hot

Information Security : Is it an Art or a Science
Information Security : Is it an Art or a ScienceInformation Security : Is it an Art or a Science
Information Security : Is it an Art or a SciencePankaj Rane
 
Information Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesInformation Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesJack Nichelson
 
Cyber security: challenges for society- literature review
Cyber security: challenges for society- literature reviewCyber security: challenges for society- literature review
Cyber security: challenges for society- literature reviewIOSR Journals
 
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdfControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdfsulu98
 
Electronic Healthcare Record Security and Management in Healthcare Organizations
Electronic Healthcare Record Security and Management in Healthcare OrganizationsElectronic Healthcare Record Security and Management in Healthcare Organizations
Electronic Healthcare Record Security and Management in Healthcare Organizationsijtsrd
 
Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Janghyuck Choi
 
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...IJNSA Journal
 
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School FDMagazine
 
Why uem-is-the-key-to-enterprise-it-security
Why uem-is-the-key-to-enterprise-it-securityWhy uem-is-the-key-to-enterprise-it-security
Why uem-is-the-key-to-enterprise-it-securityCincoC
 
Iso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIskcon Ahmedabad
 
Information Security Management System: Emerging Issues and Prospect
Information Security Management System: Emerging Issues and ProspectInformation Security Management System: Emerging Issues and Prospect
Information Security Management System: Emerging Issues and ProspectIOSR Journals
 
OverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateOverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateKashif Ali
 
Research insights - state of network security
Research insights - state of network securityResearch insights - state of network security
Research insights - state of network securityMiguel Mello
 

What's hot (20)

Pdf7
Pdf7Pdf7
Pdf7
 
Information Security : Is it an Art or a Science
Information Security : Is it an Art or a ScienceInformation Security : Is it an Art or a Science
Information Security : Is it an Art or a Science
 
Information Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesInformation Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your Vulnerabilities
 
Cyber security: challenges for society- literature review
Cyber security: challenges for society- literature reviewCyber security: challenges for society- literature review
Cyber security: challenges for society- literature review
 
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdfControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
ControlsforProtectingCriticalInformationInfrastructurefromCyberattacks (1).pdf
 
Electronic Healthcare Record Security and Management in Healthcare Organizations
Electronic Healthcare Record Security and Management in Healthcare OrganizationsElectronic Healthcare Record Security and Management in Healthcare Organizations
Electronic Healthcare Record Security and Management in Healthcare Organizations
 
Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016
 
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT C...
 
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
FDseminar IT Risk - Yuri Bobbert - Antwerp Management School
 
Forensics
ForensicsForensics
Forensics
 
Why uem-is-the-key-to-enterprise-it-security
Why uem-is-the-key-to-enterprise-it-securityWhy uem-is-the-key-to-enterprise-it-security
Why uem-is-the-key-to-enterprise-it-security
 
E1804012536
E1804012536E1804012536
E1804012536
 
Iso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consulting
 
Information Security Management System: Emerging Issues and Prospect
Information Security Management System: Emerging Issues and ProspectInformation Security Management System: Emerging Issues and Prospect
Information Security Management System: Emerging Issues and Prospect
 
Iidss 2017 sarwono sutikno arwin sumari (cps in defense)
Iidss 2017 sarwono sutikno arwin sumari (cps in defense)Iidss 2017 sarwono sutikno arwin sumari (cps in defense)
Iidss 2017 sarwono sutikno arwin sumari (cps in defense)
 
Information Security - I.T Project Management
Information Security - I.T Project ManagementInformation Security - I.T Project Management
Information Security - I.T Project Management
 
OverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrateOverseeCyberSecurityAsHackersSeekToInfiltrate
OverseeCyberSecurityAsHackersSeekToInfiltrate
 
Research insights - state of network security
Research insights - state of network securityResearch insights - state of network security
Research insights - state of network security
 
Information Security Governance #2A
Information Security Governance #2A Information Security Governance #2A
Information Security Governance #2A
 
I018115768
I018115768I018115768
I018115768
 

Similar to WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX

An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...
An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...
An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...IRJET Journal
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security madunix
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
 
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - GuidelinesPedro Espinosa
 
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...Finni Rice
 
Implementing IT Security Controls
Implementing IT Security ControlsImplementing IT Security Controls
Implementing IT Security ControlsThomas Jones
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFLaurie Mosca-Cocca
 
DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...
DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...
DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...IRJET Journal
 
DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...
DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...
DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...IRJET Journal
 
1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx
1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx
1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docxvickeryr87
 
The Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfThe Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfMax Secure Ltd
 
ISSC481_Term_Paper_John_Intindolo
ISSC481_Term_Paper_John_IntindoloISSC481_Term_Paper_John_Intindolo
ISSC481_Term_Paper_John_IntindoloJohn Intindolo
 
Isaca global journal - choosing the most appropriate data security solution ...
Isaca global journal - choosing the most appropriate data security solution ...Isaca global journal - choosing the most appropriate data security solution ...
Isaca global journal - choosing the most appropriate data security solution ...Ulf Mattsson
 
BYOD SCOPE: A Study of Corporate Policies in Pakistan
BYOD SCOPE: A Study of Corporate Policies in PakistanBYOD SCOPE: A Study of Corporate Policies in Pakistan
BYOD SCOPE: A Study of Corporate Policies in PakistanShuja Ahmad
 
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxResearch Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxaudeleypearl
 

Similar to WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX (20)

820 1961-1-pb
820 1961-1-pb820 1961-1-pb
820 1961-1-pb
 
Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)
 
An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...
An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...
An Effective Cybersecurity Awareness Training Model: First Defense of an Orga...
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
 
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - Guidelines
 
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
A Critical Analysis Of Information Security -A Case Study Of Cognizant Techno...
 
Implementing IT Security Controls
Implementing IT Security ControlsImplementing IT Security Controls
Implementing IT Security Controls
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
 
DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...
DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...
DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...
 
DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...
DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...
DIFFERENCES OF CLOUD-BASED SERVICES AND THEIR SAFETY RENEWAL IN THE HEALTH CA...
 
1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx
1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx
1Running Header ORGANIZATIONAL SECURITY 4ORGANIZATIONAL SEC.docx
 
The Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdfThe Role of Technology in Modern Security Services Trends and Innovations.pdf
The Role of Technology in Modern Security Services Trends and Innovations.pdf
 
ISSC481_Term_Paper_John_Intindolo
ISSC481_Term_Paper_John_IntindoloISSC481_Term_Paper_John_Intindolo
ISSC481_Term_Paper_John_Intindolo
 
Isaca global journal - choosing the most appropriate data security solution ...
Isaca global journal - choosing the most appropriate data security solution ...Isaca global journal - choosing the most appropriate data security solution ...
Isaca global journal - choosing the most appropriate data security solution ...
 
Code of practice_for_consumer_io_t_security_october_2018
Code of practice_for_consumer_io_t_security_october_2018Code of practice_for_consumer_io_t_security_october_2018
Code of practice_for_consumer_io_t_security_october_2018
 
BYOD SCOPE: A Study of Corporate Policies in Pakistan
BYOD SCOPE: A Study of Corporate Policies in PakistanBYOD SCOPE: A Study of Corporate Policies in Pakistan
BYOD SCOPE: A Study of Corporate Policies in Pakistan
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacy
 
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docxResearch Paper TopicITS835 – Enterprise Risk Managemen.docx
Research Paper TopicITS835 – Enterprise Risk Managemen.docx
 

Recently uploaded

Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.eptoze12
 
8251 universal synchronous asynchronous receiver transmitter
8251 universal synchronous asynchronous receiver transmitter8251 universal synchronous asynchronous receiver transmitter
8251 universal synchronous asynchronous receiver transmitterShivangiSharma879191
 
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)Dr SOUNDIRARAJ N
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEroselinkalist12
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptSAURABHKUMAR892774
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)dollysharma2066
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxk795866
 
An introduction to Semiconductor and its types.pptx
An introduction to Semiconductor and its types.pptxAn introduction to Semiconductor and its types.pptx
An introduction to Semiconductor and its types.pptxPurva Nikam
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidNikhilNagaraju
 
Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...121011101441
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...VICTOR MAESTRE RAMIREZ
 
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsyncWhy does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsyncssuser2ae721
 

Recently uploaded (20)

Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.Oxy acetylene welding presentation note.
Oxy acetylene welding presentation note.
 
Design and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdfDesign and analysis of solar grass cutter.pdf
Design and analysis of solar grass cutter.pdf
 
8251 universal synchronous asynchronous receiver transmitter
8251 universal synchronous asynchronous receiver transmitter8251 universal synchronous asynchronous receiver transmitter
8251 universal synchronous asynchronous receiver transmitter
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
UNIT III ANALOG ELECTRONICS (BASIC ELECTRONICS)
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.ppt
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
Call Us ≽ 8377877756 ≼ Call Girls In Shastri Nagar (Delhi)
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptx
 
An introduction to Semiconductor and its types.pptx
An introduction to Semiconductor and its types.pptxAn introduction to Semiconductor and its types.pptx
An introduction to Semiconductor and its types.pptx
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
 
Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...Instrumentation, measurement and control of bio process parameters ( Temperat...
Instrumentation, measurement and control of bio process parameters ( Temperat...
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
 
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsyncWhy does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
Why does (not) Kafka need fsync: Eliminating tail latency spikes caused by fsync
 

WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX

  • 1. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 DOI : 10.5121/ijnsa.2010.2311 158 WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX Reza Amirpoor 1 and Ajay Kumar 2 and Satish R. Deavne 3 1 Research Student, IMED, Department of Computer Management, Bharati Vidyapeeth University, Pune, INDIA, 411008, Tel No. : +91 9890307927 reza_amirpoor@yahoo.com 2 Director, JSPM’s JAYAWANT Institute of Computer Applications, Tathawade, Pune, INDIA, 411033 ajay19_61@rediffmail.com 3 Principal, Dr. D. Y. Patil Ramrao Adik Institute of Technology, Nerul, Navi Mumbai, INDIA satish@rait.ac.in ABSTRACT Nowadays, use of wireless technology in organizations is a regular act, and we can see this technology erupted in all possible different areas. Related to employing wireless technology those organizations need to apply properly security level, depend on security policy which already defined. If security system applied but not required, or security system required but not provided, leads to improper security system. In this paper we have shown the way to evaluate the data significant and their appropriate security level. Here a model to evaluate the cost of data on security point of view by consideration of some parameters like sensitivity, volume, life, frequency, etc…, this research makes organizations to predict and implement or understand the cost involved for security of their data by measuring the data value. We used questionnaire and survey methodologies to collect the data; and then used SPSS and SAS program to calculate and design a model. In this way regression and BOOTSTARP help us to find accurate result. . KEYWORDS Data Value, Security Policy, Wireless 1. INTRODUCTION Wireless technologies are increasingly popular around the world, many organizations applied to wireless networks at part of own networks, in recent years, , price of wireless production has been reduced and we can prepare device of wireless network cheaper than wire device.. With respect of this cost and easily to install and also user friendly, organizations looking for wireless networks. Despite we will take reap of benefits in this way, but security is becoming main challenge. Wireless heritance is more vulnerable than wire technology. With this security concern, we implement security policy related to our organization to cover all angle of breach architecture, and answer to all questions which will come later about security. The goal of this paper is to make the reader aware of the weakness in current wireless security models and to lay a framework for a reliable wireless security policy for all organizations by any value of the data on security view. To that end, this paper will examine the data and identify the effective wireless security policies. As the number of employees, applications and systems increases, the management of the organization’s information becomes much more
  • 2. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 159 difficult and consequently vulnerabilities potentially increase. To determine secure use of hardware and software, as well as, facilitating and encouraging secure employee behaviour, organizations make use of information security policies. An information security policy is a combination of principles, regulations, methodologies, techniques and tools [1] established to protect the organization from threats. These policies also help organizations to identify its information assets and define the corporate attitude to these information assets [2]. 2. LITERATURE SURVEY The security of business transactions and personal data is not simply dependent upon the security of the network. From a survey of small-medium enterprises in Hong Kong, Chung and Tang (1999) [3], conclude security management is an important success factor for the adoption of information systems in small-medium enterprises. So as new customer-based information systems are designed, developed, procured and deployed the privacy related security issues of the information system needs careful consideration. With the increasing use of the Internet and mobile technologies by smaller organizations, enabling them to be more flexible and diverse in their operations, the threats are broadening. Effective security management is therefore, essential for all organizations in this increasingly interoperable world in order to ensure that the information remains confidential, available and retains integrity. Table 1 summarizes level of adoption of security management policies by small businesses. The levels of planning and policy definition are low in comparison to larger organizations. Only 41 per cent of small businesses have written a security policy that will protect customer privacy [4] in comparison to 76 per cent of large organizations [5]. The reasons for this difference relates to expertise, resources, and an understanding of the risk.[6] Our policy throughout was to ensure privacy of data by ensuring the system and organizations were secure from accidental, deliberate and opportunistic attack. The security policy was based on the international information security standard for best practice (ISO17799). Table 1 Policies and Procedures Currently in Place [3] Document % of respondents Data recovery procedures 47 Computer use and misuse policy 43 Information security policy 41 Information security procedures 33 Business continuity plan 24 Data destruction procedures 21 Organizations need to understand the real risks and build security management policies on them; evaluate technological solutions and external hosting decisions on the total cost of ownership; build systems with defence in depth, where the first line of defence is users who are aware of the issues; and to minimize the chance of unauthorized access by defaulting to a policy of least privilege access and monitoring the network to maintain confidence to ensure the security policy working.
  • 3. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 160 3. SECURITY POLICY Protection of assets is critical part of each organization. Wireless vulnerable can give anxious to organization about the data. Despite benefit of wireless is always an enthusiasm to remain in organizations. Changes in technological solutions should be based upon a security policy. Without a policy, security practices will be undertaken without any clear strategy, purpose or common understanding. So important is this area of management that there is now an international standard (IS0 17799) that states the principal tenants of information security management policies, such as ensuring that the policy is aligned to business objectives. A. Why Policy? Security policies help organizations to define important assets and specify the appropriate steps to be taken to safeguard those assets. Organizations can benefit from the conveniences of wireless but it’s risky from a security standpoint not to have a policy in place to help, to guide the users in the appropriate implementation and use of the technology [7]. A well-written wireless security policy will provide a reference document that will answer users’ questions about wireless security and is a document that can be referenced if conflicts arise during the implementation or daily use of the technology. It will provide a centralized location for security guidance and allows for centralized updates as the technology and risks associated with its use evolve. Additionally, the policy should standardize the security practices of the user base. For example, the policy may state that no wireless devices may be taken into areas designated for classified information. This will make it easier for the security department to advertise this rule to users by referencing its inclusion in the policy document, which all users are required to read [8]. In any case, poor security architecture can create conflicts and tensions by unnaturally restricting the user’s options. Inferior security components can hinder application growth, and applications might be forced into choosing between business feature support and security. Well- designed applications can catch and address many of these issues successfully at the architecture review. The major purpose of the security policy is to select the appropriate security solutions to face those threat events while ensuring that the cost of protecting the infrastructure does not exceed the benefit it provides. In business jargon, the rules of the security policy should guarantee a return on investment 4. ADJUST SECURITY POLICY IN ORGANIZATION BY THE DATA VALUE One expert commented on the budget "One day my boss asked me 'are we protected?', I told him if you have a house and you want to protect it you will need money to do so… So the level of security or the protection you will get depends on how much money you will spend. According to the budget, we plan for information security”. The budget needs to be adequate: "Without enough money, we can’t have security in the organization; money will bring software, hardware, and consultants". Without a proper budget, organizations won’t be equipped with sufficient resources to ensure information security.
  • 4. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 161 If security system applied but not required, or security system required but not provided, leads to improper security system. In first case we wasted our resource and it make trouble in opposed goal in system architecture. The goals of performance and portability are in conflict with security architecture goal. We will lose that goal by increasing and adding more security system in our organization, and this is force and pressure in total system architecture. In Second case, if we denied implementing properly security system in organization, it means we push our assets to vulnerable field. So we can’t protect the data from malicious attack. Table 2 shows the relation between appropriate security level and data value. First column is security policy levels, start from minimum security to maximum security, in second column we use a model to find the data value which start from minimum value to maximum value. Any level of data value model can compare to same level of security level or one level up, it means any organization can calculate of own the data value and then can find security policy level of those data. Security policy model can use from ITSEC or other standards, but we recommend to use of ITSEC standard. The ITSEC addressed an expanded view of confidentiality, integrity and availability with the aim of more explicitly addressing both military and commercial requirements [9]. Table 2 also can help to prediction of security level need for the organization. By calculating the value cost of data for next few years and you can take security level for those years. The data value is derived from our model are calculated by a questionnaire, which collected from network administrator of organizations. This questionnaire is useful to put in our model to find data value of security view of the organization’s data. In fact data value model is observation of network administrator on the organization’s data. Through this observation we can find data value. Table 2 Relation between Security Levels and Data Value Model By finding the relation between data value and security policy, our goal be accessible to define the best security policy level for our organization. 5. MODEL OF DATA VALUE POINT OF SECURITY VIEW Implementation of security architecture in system should be balanced by the data value of that organization. Before applying security in system, one must know about the data value in system. The data in any organization have cost and value. Some data is less value and some of them can’t take value or price. Some data are looked by hackers and malicious people, to access by different mention. The data is affected by some parameters; we can show this by formula: • DATA value from security point of view = F(X,Y...) (1) Security policy levels Data value Model S1 D1 S2 D2 … … Sm Dn
  • 5. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 162 Which F() is a function included some parameters; these parameters has been effected on the data value; and caused to change value and price of the data. The value of data can calculated by linear function, however, this function (1) should cover whole area atmosphere on data value. These parameters are shown as below (2): • Sensitivity of data • Volume of data • Life of data • Multiple places of users • Frequency of use • Update frequency of data • Wireless data All of the seven parameters are affecting on data to get value, but by different coefficient; The data can weight by these parameters, definitely may be more parameter can find and added to this collection, here we have considered only seven parameters to describe the model; these parameters are varying from organization to organization and system to system; it can be high, it can be low or in middle range accordingly we have to apply the security level for cost effectiveness and proper security implementation. The final model (3) can calculate data value for Table 3 , minimum be 0 and maximum be 8400, which 0 is equal to D level of security level policy (minimum security required) and 8400 is equal to A level of security policy (maximum security required) for the organization. We should divide and category range of (0 … 8400) to all security level policy, to draw properly relate between data value and security policy. This model given by: • DATA value from security point of view = α +β1 S+ β2 V + β3 L + β4 M+ β5 U+ β6 F + β7 W+ ε (3) • α = Intercept cost of Data • S = Sensitivity of Data • V = Volume of Data • L = Life time of Data • M = Multiple places users • U = Updated Frequency of Data • F = Frequency of Data used • W = Wireless Data • ε = Hidden parameter cost Which β1... β7 are coefficients on parameters. By regression calculation and SPSS software, we have derived those coefficients. A. Methodology and Empirical Evidence Our research is aimed at all companies, which used wireless technology for communication; the interview was arranged and conducted with all of the participants at the convenience of the interviewee and took place in the interviewees’ offices. Confidentiality of the data was guaranteed. All participants requested that anonymity also be guaranteed.
  • 6. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 163 Thirty six organizations selected in six different areas to collect the data; these six areas cover all variation of organizations which have data by different value. These are as below: • Educations • Research places • Business • Medical • Industry • Citizen Service All of them used wireless technology as basic part of own networks. We collected the data value of 36 organizations through questionnaire and survey; network administrator in all organizations responsible for those questions, through these questionnaire we tried to collect effective of parameters on value of data on security view by administrators of organizations, and take their observation on the data value. Table 3 shows the variation of data value collected by questionnaires on different area which already defined. Depend on inherently of area these data value should be changed. Despite security level required also is changed. In Table 3, we can see maximum security level required is on the business row and also in education level. In these two categories we should apply maximum security policy level. Maximum data value which we collected is 6400 in bank category, and minimum value is 790 in industry category. Table 3 Tabulation of Data Value Range in Different Area of Wireless Users Range of value Min. Value Max. Value Education 1530 4960 Research 3075 3720 Medical 2460 2720 Citizen Service 1080 2910 Industry 790 2720 Business 6240 6400 Each parameter through questionnaire designed 1200 score and maximum value on each organization is 8400 (7 * 1200). B. Analyze of Data Figure 1 shows the variation of value of different parameters on the data value, each parameter has specific effect on the data value. Sensitivity and life of data on organizations are important parameter which can increase the value of data on security view. Update frequency of data is less effect on the data value from security point of view. In some area as citizen service don’t need more security level, because no one of the specifics is high and average of all seven parameter (2) is in half down of Table 2. In this case, we can apply minimum or like this to security organization. Business area included bank is in high level of security, and consequently must apply maximum security level on this organization. Figure 2 shows the three parameter cover 45 per cent of total value of data. These parameters are wireless data, sensitivity of data and multi places of data.
  • 7. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 164 Figure 1 Different parameter by different coefficient on total data value A common specific on these three is all of them use various users, and consider by hackers. Figure 2 Percentage of different parameter In questionnaire designed different way and different question to take value of each parameter; our mentioned is to define common coefficient for each parameter for only one formula, and finally we can apply this formula to every organization. We used SPSS and SAS to find coefficient, SPSS used to make components of our parameters, result be as below: Component 1= (freq *.852) + (update-freq *.886) + (life* .604). (4) Component 2= (volume * .858) + (multi-places * .750). Component 3= (wireless * .920) + (sensitivity * .716).
  • 8. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 165 Three parameters of them (frequency of use, update frequency of data and life of data) make a component and volume of data and multi places of users are another component and the last wireless data and sensitivity of data are a component. Each component is elaborate included parameters in the same level, and they can be in same range of effectiveness. We have written a program for SAS application to use a bootstrap methodology for help us in this way, bootstrap used 100 000 resample of this 36 observation. Bootstrap helps us to find accurate result. By this methodology we have got the coefficients of all parameters. A program for SAS to compute a coefficients and variants through BOOTSTRAP methodology is written; and apply to inference coefficient of our components. By 100 000 resampling model and 36 observation finally we got result of our model. This model given by: Formula (3) will be completed by: -3334 + F (I, S, V, L, M, U, F, W); And final model be: = -3334 + 8.29 F + 8.62 U+ 5.88 L + 20.97 V + 18.33 M+ 11.71 W + 9.11 S; (5) Formula (5) is a common formula to take value of data on security view on every organization, and through this result and use Table 2, we can adjust our security policy on organizations. Now we can use this model to find accurate data value of security point on our observations; the result shown in Table 4. Maximum score is for business group and minimum came in industry and citizen service groups. Table 4 Tabulation of Data Value Range in Different Area of Wireless Users Used Formula (5) Range of value Min. Value Max. Value Education 2538 3971 Research 2516 3586 Medical 1168 2759 Citizen Service 728 4070 Industry 106 4021 Business 4606 4958 But as in above table we can see in some industry area also have high data value; and depend on organization and data value we can apply for security level, and through Table 2 and adjust between security levels and data value we can find level of security in our organization and we can apply or modify on that level. 6. CONCLUSION AND FUTURE AREAS OF RESEARCH With the myriad of security issues facing wireless technology there is a need for strong and effective wireless security policies. Fortunately, while there are many wireless security policy templates available, this paper has shown how to select the best security policy for own organization, and discussed the weakness and strong in select properly security policy and proposed a framework for a reliable wireless security policy for all organizations by any level of data value. Near 45 per cent of data value from security point of view is included of Wireless, Multi places users and Sensitivity of organization’s data. Any organizations use out of these three specific of data should use top half of security level model for own organization.
  • 9. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 166 In this paper, we have developed a model to estimate a data value point of security view on organization. This model allow the systems to find the best security model for own organizations. Applying this model to system security design will improve system security performance and decrease the overheads in nearly every security related area. This model to evaluate the cost of data on security point of view by consideration of some parameters like sensitivity, volume, life, frequency, etc…, this research makes organizations to predict and implement or understand the cost involved for security of their data by measuring the data value. Because this is the first time we try to model the data value, there are some important works that we can calculate the data value for different area by different security policy in the future. It helps to define and implement appropriate security policy for all organizations. Also we can suggest new parameter which can be effect on the data value on security view, and redesign our model. REFERENCES [1]. Tryfonas, T., Kiountouzis, E. and Poulymenakou A, Embedding Security Practices in Contemporary Information Systems Development Approaches. Information Management & Computer Security, Vol. 9, No. 4, (2001) 183-197. [2]. Canavan, S., An Information Security Policy Development Guide for Large Companies. SANS Institute, 2003. [3]. Chung, C-W and Tang, Computer Based Information Systems (CBIS) adoption in small businesses: Hong Kong experience and success factors, Journal of Global Information Technology Management, M-ML (1999), 2(2) 5-22. [4]. Gupta, A. and Hammond, Information Systems Security Issues and Decisions for Small Businesses: An Empirical Examination ,Information Management &Computer Security, R. ( 2005), 13(4) 297-310. [5]. Fulford, H. and Doherty, The Application of Information Security Policies in Large UK-based Organizations: An Exploratory Investigation, Information Management & Computer Security, N. F. (2003) , 11(3) 106-114. [6]. Ian Allison, Privacy through Security: Policy and Practice in a Small-Medium Enterprise, The Robert Gordon University, UK. [7]. MICHAEL MANLEY, CHERI MCENTEE, ANTHONY MOLET, AND JOON S. PARK. A FRAMEWORK OF AN EFFECTIVE WIRELESS SECURITY POLICY FOR SENSITIVE ORGANIZATIONS. IN PROCEEDINGS OF THE 6TH IEEE INFORMATION ASSURANCE WORKSHOP (IAW), IEEE COMPUTER SOCIETY WEST POINT, NEW YORK, JUNE 15-17, (2005)150–157. [8]. Jay Ramachandran, Designing Security Architecture Solutions, WILE, 2006. [9]. An Oracle White Paper, Computer Security Criteria: Security Evaluations and Assessment, July 2001.
  • 10. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010 167 Authors Reza Amirpoor received the B.E. degree from Sharif University of Technology in 1996 and MBA (IT) degrees, from Symbiosis International Univ. in 2006. He is Ph.D. student in Bharati vidyapeeth Univ. in PUNE since 2007. His research interest includes Computer Networks, wireless systems and security systems. Dr. Ajay Kumar has completed M.Sc. Engg. in Computer Science and Ph.D. He is having 21 years of teaching and research experience. Presently he is working as Director, JSPM’s JAYAWANT Institute of Computer Applications, Pune-India, He has published four books in Information Technology. He has also published more than 35 papers in National / International Conferences and Journals. His area of research is Computer Networks, mobile computing, wireless systems, security systems and Software engineering. Dr. SATISH R. DEVANE has completed M.E. Electronics, from Dr. B.A. M University, Aurangabad and Ph.D. in Information Technology from IIT Bombay 2006. Presently he is working as Principal, Dr. D. Y. Patil Ramrao Adik Institute of Technology, Nerul, Navi Mumbai -India, He has published one book in Computer programming. He has also published more than 20 papers in National / International Conferences and Journals. He has Life Membership in IEEE, ISTE, CSI, IETE, ISACA, Security Technology Forum of CSI. His area of research is E-Commerce, Computer Organization, Network Communication, Web Technology, Smartcard, System Analysis and Design, Operating System, Network Security, Software Engineering.